Mail Index

• Thread Index

• Re: Local Denial Of Service Attack Against Apple MacOS X, MacOS X Server, and Darwin.
  • From: "William A. Carrel" <william.a@carrel.org>
• MDKSA-2003:095-1 - Updated proftpd packages fix remote root vulnerability
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• Announcing Userland Exec
  • From: the grugq <grugq@hcunix.net>
• Re: multiple payload handling flaws in isakmpd, again
  • From: Thomas Walpuski <thomas@thinknerd.de>
• multiple payload handling flaws in isakmpd, again
  • From: Thomas Walpuski <thomas@thinknerd.de>
• Re: Gallery v1.3.3 Cross Site Scripting Vulnerabillity
  • From: Matt Zimmerman <mdz@debian.org>
• Possible XSS vuln in VCard4J
  • From: "Just1n T1mberlake" <hotpackets@hellokitty.com>
• Re: Switch Off Multiple Vulnerabilities
  • From: "Peter Winter-Smith" <peter4020@hotmail.com>
• Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV
  • From: "http-equiv@excite.com" <1@malware.com>
• DoS in GoodTech Telnet Server 4.0.103
  • From: "Donato Ferrante" <fdonato@autistici.org>
• include() vuln in EasyDynamicPages v.2.0
  • From: Vietnamese Security Group <security@security.com.vn>
• Microsoft Word Protection Bypass
  • From: Thorsten Delbrouck-Konetzko <Thorsten.Delbrouck@guardeonic.com>
• xsok local games exploit
  • From: "c0wboy@0x333" <c0wboy@tiscali.it>
• Switch Off Multiple Vulnerabilities
  • From: "Peter Winter-Smith" <peter4020@hotmail.com>
• RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV
  • From: <tlarholm@pivx.com>
• PostNuke Issues (0.726 && Possibly Older)
  • From: JeiAr <security@gulftech.org>
• Webcam Watchdog Stack Overflow Vulnerability
  • From: "Peter Winter-Smith" <peter4020@hotmail.com>
• xsok local games exploit (2)
  • From: "c0wboy@0x333" <c0wboy@tiscali.it>
• Announcing adore-ng 0.31
  • From: Stealth <stealth@team-teso.net>
• newsPHP v216 patch
  • From: "Dariusz 'Officerrr' Kolasinski" <officerrr@poligon.com.pl>
• [CLA-2004:799] Conectiva Security Announcement - kernel
  • From: Conectiva Updates <secure@conectiva.com.br>
• [SECURITY] [DSA 407-1] New ethereal packages fix several vulnerabilities
  • From: joey@infodrom.org (Martin Schulze)
• [ESA-20040105-001] 'kernel' bug and security fixes.
  • From: EnGarde Secure Linux <security@guardiandigital.com>
• TSLSA-2004-01 - kernel
  • From: Trustix Security Advisor <tsl@trustix.org>
• Linux kernel mremap vulnerability
  • From: Paul Starzetz <ihaquer@isec.pl>
• [SECURITY] [DSA 408-1] New screen packages fix group utmp exploit
  • From: joey@infodrom.org (Martin Schulze)
• HotNews arbitary file inclusion
  • From: "Dariusz 'Officerrr' Kolasinski" <officerrr@poligon.com.pl>
• [RHSA-2003:417-01] Updated kernel resolves security vulnerability
  • From: bugzilla@redhat.com
• Re: Linux kernel mremap vulnerability
  • From: Paul Starzetz <ihaquer@isec.pl>
• [SECURITY] [DSA 406-1] New lftp packages fix arbitrary code execution
  • From: joey@infodrom.org (Martin Schulze)
• [SCSA-025] Invision Power Board SQL Injection Vulnerability
  • From: advisory@security-corporation.com
• SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:001)
  • From: thomas@suse.de (Thomas Biege)
• vBulletin Forum 2.3.xx calendar.php SQL Injection
  • From: "Qianwei Hu" <a1476854@hotmail.com>
• Linux kernel do_mremap() proof-of-concept exploit code
  • From: Christophe Devine <devine@iie.cnam.fr>
• Multiple Vulnerabilities in Phorum 3.4.5
  • From: "Calum Power" <enune@fribble.net>
• [SECURITY] [DSA 409-1] New bind packages fix denial of service
  • From: Matt Zimmerman <mdz@debian.org>
• Immunix Secured OS 7.3 kernel update
  • From: Immunix Security Team <security@immunix.com>
• [SECURITY] [DSA 412-1] New nd packages fix buffer overflows
  • From: Matt Zimmerman <mdz@debian.org>
• [SECURITY] [DSA 410-1] New libnids packages fix buffer overflow
  • From: Matt Zimmerman <mdz@debian.org>
• [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability
  • From: Matt Zimmerman <mdz@debian.org>
• [CLA-2004:800] Conectiva Security Announcement - lftp
  • From: Conectiva Updates <secure@conectiva.com.br>
• Re: Linux kernel do_mremap() proof-of-concept exploit code
  • From: Alexandre Hautequest <hquest@ondacorp.com.br>
• RE: Microsoft Word Protection Bypass
  • From: "Jerry Shenk" <jshenk@decommunications.com>
• Linux mremap bug correction
  • From: Paul Starzetz <ihaquer@isec.pl>
• Re: Linux kernel do_mremap() proof-of-concept exploit code
  • From: Bruno Lustosa <bruno@lustosa.net>
• Vuln in PHPGEDVIEW 2.61 Multi-Problem
  • From: Vietnamese Security Group <security@security.com.vn>
• [SECURITY] [DSA 413-1] New Linux 2.4.18 packages fix locate root exploit
  • From: joey@infodrom.org (Martin Schulze)
• FirstClass Client 7.1: Command Execution via Email Web Link
  • From: Richard Maudsley <r_i_c_h@btopenworld.com>
• Lotus Notes Domino 6.0.2 (linux) faulty default permissions
  • From: Rene <l0om@excluded.org>
• RE: Linux kernel do_mremap() proof-of-concept exploit code
  • From: <tlarholm@pivx.com>
• Re: Linux kernel do_mremap() proof-of-concept exploit code
  • From: "Angelo Dell'Aera" <buffer@antifork.org>
• [SECURITY] [DSA 415-1] New zebra packages fix denial of service
  • From: Matt Zimmerman <mdz@debian.org>
• Re: Microsoft Word Protection Bypass
  • From: Thorsten Delbrouck-Konetzko <Thorsten.Delbrouck@guardeonic.com>
• RealNetworks fails to address Cross-Site Scripting in RealOne Player
  • From: Arman Nayyeri <arman-n@Phreaker.net>
• [SECURITY] [DSA 417-1] New Linux 2.4.18 packages fix local root exploit (powerpc+alpha)
  • From: joey@infodrom.org (Martin Schulze)
• ZyXEL10 OF ZyWALL Series Router Cross Site Scripting Vulnerabillity
  • From: "Rafel Ivgi" <theinsider@012.net.il>
• [SECURITY] [DSA 414-1] New jabber packages fix denial of service
  • From: Matt Zimmerman <mdz@debian.org>
• [slackware-security] Kernel security update (SSA:2004-006-01)
  • From: Slackware Security Team <security@slackware.com>
• [SECURITY] [DSA 416-1] New fsp packages fix buffer overflow, directory traversal
  • From: Matt Zimmerman <mdz@debian.org>
• EDIMAX AR-6004 Full Rate ADSL Router Cross Site Scripting Vulnerabillity
  • From: "Rafel Ivgi" <theinsider@012.net.il>
• SnapStream PVS LITE Cross Site Scripting Vulnerabillity
  • From: "Rafel Ivgi" <theinsider@012.net.il>
• Re: Linux kernel do_mremap() proof-of-concept exploit code
  • From: D Lambrou <dlambrou@crazylinux.net>
• [RHSA-2004:001-01] Updated Ethereal packages fix security issues
  • From: bugzilla@redhat.com
• RE: Microsoft Word Protection Bypass
  • From: "Eric Lawrence" <ericlaw@bayden.com>
• [CLA-2004:801] Conectiva Security Announcement - ethereal
  • From: Conectiva Updates <secure@conectiva.com.br>
• Cisco Security Advisory: Cisco Personal Assistant User Password Bypass Vulnerability
  • From: Cisco Systems Product Security Incident Response Team <psirt@cisco.com>
• Yahoo Instant Messenger Long Filename Downloading Buffer Overflow
  • From: "Tri Huynh" <trihuynh@zeeup.com>
• [SECURITY] [DSA 418-1] New vbox3 packages fix privilege leak
  • From: Matt Zimmerman <mdz@debian.org>
• [SECURITY] INN: Buffer overflow in control message handling
  • From: Russ Allbery <rra@isc.org>
• [OpenPKG-SA-2004.001] OpenPKG Security Advisory (inn)
  • From: OpenPKG <openpkg@openpkg.org>
• Re: Microsoft Word Protection Bypass
  • From: Vladimir Katalov <vkatalov@elcomsoft.com>
• SGI Advanced Linux Environment security update #8
  • From: SGI Security Coordinator <agent99@sgi.com>
• MDKSA-2004:001 - Updated kernel packages fix local root vulnerability
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• Openssl proof of concept code?
  • From: "Lachniet, Mark" <mlachniet@sequoianet.com>
• [SECURITY] [DSA 417-2] New Linux 2.4.18 packages fix local root exploit (alpha)
  • From: joey@infodrom.org (Martin Schulze)
• [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)
  • From: Slackware Security Team <security@slackware.com>
• [SECURITY] [DSA 419-1] New phpgroupware packages fix unintended PHP execution and SQL injection
  • From: joey@infodrom.org (Martin Schulze)
• Windows FTP Server Format String Vulnerability
  • From: "Peter Winter-Smith" <peter4020@hotmail.com>
• bzip2 bombs still causes problems in antivirus-software
  • From: "Dr. Peter Bieringer" <pbieringer@aerasec.de>
• [RHSA-2004:003-01] Updated CVS packages fix minor security issue
  • From: bugzilla@redhat.com
• [SECURITY] [DSA 420-1] New jitterbug packages fix arbitrary command execution
  • From: joey@infodrom.org (Martin Schulze)
• DameWare Mini Remote Control < v3.73 remote exploit by kralor]
  • From: Iván Rodriguez Almuiña <kralor@coromputer.net>
• Abuse report email for CitiBank/CitiCards?
  • From: "winstrel" <winstrel@ewall.org>
• SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM
  • From: KF <dotslash@snosoft.com>
• PHP Manpage lookup directory transversal / file disclosing
  • From: Cabezon Aurélien <aurelien.cabezon@isecurelabs.com>
• Directory Traversal in Accipiter Direct Server 6.0
  • From: "Bassett, Mark" <mbassett@omaha.com>
• Remote Code Execution in ezContents
  • From: "Zero_X www.lobnan.de Team" <zero-x@linuxmail.org>
• [Fwd: [TH-research] OT: Israeli Post Office break-in]
  • From: Gadi Evron <ge@egotistical.reprehensible.net>
• Re: SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM
  • From: Sym Security <symsecurity@symantec.com>
• FW: Abuse report email for CitiBank/CitiCards?
  • From: "Sullivan, Barbra A" <barbra.a.sullivan@citigroup.com>
• [SECURITY] [DSA 421-1] New mod-auth-shadow packages fix password expiration checking
  • From: Matt Zimmerman <mdz@debian.org>
• SmoothWall Project Security Advisory SWP-2004:001
  • From: William Anderson <neuro@smoothwall.org>
• Re: FW: Abuse report email for CitiBank/CitiCards?
  • From: Nicholas Weaver <nweaver@CS.berkeley.edu>
• Re: Abuse report email for CitiBank/CitiCards?
  • From: Nicholas Weaver <nweaver@CS.berkeley.edu>
• More phpGedView Vulnerabilities
  • From: JeiAr <security@gulftech.org>
• Cisco Security Advisory: Vulnerabilities in H.323 Message Processing
  • From: Cisco Systems Product Security Incident Response Team <psirt@cisco.com>
• [SECURITY] [DSA-422-1] multiple CVS improvements
  • From: Wichert Akkerman <wichert@wiggy.net>
• RE: [Fwd: [TH-research] OT: Israeli Post Office break-in]
  • From: John.Airey@rnib.org.uk
• RE: Abuse report email for CitiBank/CitiCards?
  • From: Lance James <lance.james@bakbone.com>
• How to track a Phisher... Re: FW: Abuse report email for CitiBank/CitiCards?
  • From: Nicholas Weaver <nweaver@CS.berkeley.edu>
• Re: FW: Abuse report email for CitiBank/CitiCards?
  • From: "Jim Gonzalez" <gonzj@dslinmaryland.com>
• exploit for HD Soft Windows FTP Server 1.6
  • From: mandrag@mandragore.solidshells.com
• MDKSA-2004:002 - Updated ethereal packages fix vulnerabilities
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• symlink vul for Antivir / Linux Version 2.0.9-9 (maybe lower)
  • From: Rene <l0om@excluded.org>
• SuSE linux 9.0 YaST config Skribt [exploit]
  • From: Rene <l0om@excluded.org>
• unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
  • From: Thomas Walpuski <thomas@thinknerd.org>
• Snort-inline
  • From: Federico Petronio <fpetronio@petrus.agro.uba.ar>
• Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
  • From: itojun@kame.net
• nCipher Advisory #8: payShield library may verify bad requests
  • From: nCipher Support <technotifications@us.ncipher.com>
• [RHSA-2004:007-01] Updated tcpdump packages fix various vulnerabilities
  • From: bugzilla@redhat.com
• an article on the Israeli Post Office break-in
  • From: Gadi Evron <ge@linuxbox.org>
• CERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities
  • From: CERT Advisory <cert-advisory@cert.org>
• KDE Security Advisory: VCF file information reader vulnerability
  • From: Dirk Mueller <mueller@kde.org>
• Multiple vulnerabilities in WWW Fileshare Pro <= 2.42
  • From: Luigi Auriemma <aluigi@altervista.org>
• FishCart Integer Overflow / Rounding Error
  • From: Michael Brennen <mbrennen@fni.com>
• Network Associates Product Security Contact
  • From: Matt Moore <matt.moore@pentest.co.uk>
• SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
  • From: krahmer@suse.de (Sebastian Krahmer)
• PhpDig 1.6.x: remote command execution
  • From: "FraMe" <frame@hispalab.com>
• [RHSA-2004:006-01] Updated kdepim packages resolve security vulnerability
  • From: bugzilla@redhat.com
• Linux kernel mremap() bug update
  • From: Paul Starzetz <ihaquer@isec.pl>
• [SECURITY] [DSA 423-1] New Linux 2.4.17 packages fix several problems (ia64)
  • From: joey@infodrom.org (Martin Schulze)
• RapidCache Multiple Vulnerabilities
  • From: "Peter Winter-Smith" <peter4020@hotmail.com>
• [slackware-security] kdepim security update (SSA:2004-014-01)
  • From: Slackware Security Team <security@slackware.com>
• January 15 is Personal Firewall Day, help the cause
  • From: <tlarholm@pivx.com>
• SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:003)
  • From: thomas@suse.de (Thomas Biege)
• MDKSA-2004:003 - Updated kdepim packages fix vulnerability
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• [slackware-security] INN security update (SSA:2004-014-02)
  • From: Slackware Security Team <security@slackware.com>
• OpenSSL ASN.1 parsing bugs PoC / brute forcer
  • From: "Bram Matthys (Syzop)" <syzop@vulnscan.org>
• Re: Security bug in Xerox Document Centre
  • From: "K.Schleede" <USA.DSSC.Doc.Feedback@xerox.com>
• The Bat! 2.01 memory corruption
  • From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
• [OpenCA Advisory] Vulnerability in signature verification
  • From: Michael Bell <michael.bell@cms.hu-berlin.de>
• [OpenPKG-SA-2004.002] OpenPKG Security Advisory (tcpdump)
  • From: OpenPKG <openpkg@openpkg.org>
• Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
  • From: itojun@kame.net
• Xtreme ASP Photo Gallery
  • From: <posidron@tripbit.org>
• Multiple MetaDot Vulnerabilities [ All Versions ]
  • From: JeiAr <security@gulftech.org>
• phpShop Vulnerabilities
  • From: JeiAr <security@gulftech.org>
• [SECURITY] [DSA 424-1] New mc packages fix buffer overflow
  • From: Matt Zimmerman <mdz@debian.org>
• HP printers and currency anti-copying measures
  • From: "Richard M. Smith" <rms@computerbytesman.com>
• SRT2004-01-17-0425 - Ultr@VNC local SYSTEM access.
  • From: KF <dotslash@snosoft.com>
• Happy belated Personal Firewall day - SRT2004-01-17-0628 - Agnitum Optpost firewall allows Local SYSTEM access
  • From: KF <dotslash@snosoft.com>
• Denial of service in Getware's built-in webserver (Webcam Live and Photohost)
  • From: Luigi Auriemma <aluigi@altervista.org>
• Lame crash in qmail-smtpd and memory overwrite according to gdb, yet still qmail much better than windows
  • From: Serafino Sorrenti <ml@ssorrenti.com>
• Bagle worm status + more blocking information
  • From: Gadi Evron <ge@egotistical.reprehensible.net>
• New release of Patchfinder2 (windows rootkit detector)
  • From: Joanna Rutkowska <joanna@mailsnare.net>
• new outbreak warning - Bagle
  • From: Gadi Evron <ge@egotistical.reprehensible.net>
• Resources consumption in Goahead webserver <= 2.1.8
  • From: Luigi Auriemma <aluigi@altervista.org>
• Mambo OS v4.5/v4.6: remote command execution
  • From: "FraMe" <frame@hispalab.com>
• Networker 6.0 - possible symlink attack
  • From: Rene <l0om@excluded.org>
• [ESA-20040119-002] 'tcpdump' multiple vulnerabilities.
  • From: EnGarde Secure Linux <security@guardiandigital.com>
• Re: Get admin rights using Doro (pdf creator)
  • From: <the_sz@gmx.co.uk>
• [SECURITY] [DSA 426-1] New netpbm-free packages fix insecure temporary file creation
  • From: Matt Zimmerman <mdz@debian.org>
• [SECURITY] [DSA 427-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel)
  • From: joey@infodrom.org (Martin Schulze)
• Directories management bypassing in Goahead webserver <= 2.1.8
  • From: Luigi Auriemma <aluigi@altervista.org>
• Proof-Of-Concept Denial-Of-Service Pointbase 4.6 Java SQL-DB
  • From: Marc Schoenefeld <schonef@uni-muenster.de>
• Pablo Sofware Solutions FTP server can detect if a file exists outside the FTP root directory
  • From: scrap <webmaster@securiteinfo.com>
• Yabb SE SQL Injection
  • From: "backspace" <backspace_2k@terra.es>
• RE: Bagle worm status + more blocking information
  • From: David Brodbeck <DavidB@mail.interclean.com>
• Re: HP printers and currency anti-copying measures
  • From: Andre Oppermann <oppermann@pipeline.ch>
• RE: HP printers and currency anti-copying measures
  • From: "Larry Seltzer" <larry@larryseltzer.com>
• What is the point here?
  • From: "Alun Jones" <alun@texis.com>
• Re: a method for bypassing cookie restrictions in web browsers
  • From: Dave McKinney <dm@securityfocus.com>
• [SECURITY] [DSA 425-1] New tcpdump packages fix multiple vulnerabilities
  • From: Matt Zimmerman <mdz@debian.org>
• More info on blocking the Bagle worm
  • From: Gadi Evron <ge@linuxbox.org>
• RE: What is the point here?
  • From: "Andrew Hintz ( Drew )" <drew@overt.org>
• RE: What is the point here?
  • From: "ken kousky" <kkousky@ip3inc.com>
• RE: What is the point here?
  • From: "PM Systems - Rick Woehler" <RWoehler@PMSysCorp.com>
• Re: What is the point here?
  • From: Systems Administrator <sysadmin@sunet.com.au>
• a method for bypassing cookie restrictions in web browsers
  • From: Michal Zalewski <lcamtuf@ghettot.org>
• RE: ISA Server 2000 - Vulnerability in H.323 Filter Can Cause Rem ote Code Execution (816458)
  • From: Alan Monaghan <AlanM@Gardnerweb.com>
• RE: HP printers and currency anti-copying measures
  • From: "Kevin E. Casey" <kcasey@nanoweb.com>
• NETCam webserver Directory traversal bug
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Re: What is the point here?
  • From: Adam Shostack <adam@homeport.org>
• [SuSE 9.0] possible symlink attacks in some scripts
  • From: Rene <l0om@excluded.org>
• Re: HP printers and currency anti-copying measures
  • From: "mightye[removethis]" <"mightye[removethis]"@mightye.org>
• Re: a method for bypassing cookie restrictions in web browsers
  • From: Michal Zalewski <lcamtuf@ghettot.org>
• [CLA-2004:810] Conectiva Security Announcement - kdepim
  • From: Conectiva Updates <secure@conectiva.com.br>
• [CLA-2004:808] Conectiva Security Announcement - cvs
  • From: Conectiva Updates <secure@conectiva.com.br>
• Re: What is the point here?
  • From: Damian Menscher <menscher@uiuc.edu>
• [CLA-2004:809] Conectiva Security Announcement - screen
  • From: Conectiva Updates <secure@conectiva.com.br>
• Re: What is the point here?
  • From: Mariusz Woloszyn <emsi@ipartners.pl>
• Re: Lame crash in qmail-smtpd and memory overwrite according to gdb, yet still qmail much better than windows
  • From: Scott Gifford <sgifford@suspectclass.com>
• vBulletin Security Vulnerability
  • From: <gcf@hush.com>
• [SECURITY] [DSA 428-1] New slocate packages fix buffer overflow
  • From: Matt Zimmerman <mdz@debian.org>
• 2Wire-Gateway Cross Site Scripting and Directory Transversal bug in SSL Form
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• WebTrends Reporting Center Path Disclosure vulnerability
  • From: "Oliver Karow" <Oliver.Karow@gmx.de>
• OwnServer 1.0 Directory Transversal Vulnerability
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Internet Explorer - Multiple Vulnerabilities
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• [SCSA-026] DUWARE Products Admin Access and Arbitrary File Upload Vulnerability
  • From: advisory@security-corporation.com
• RE: vBulletin Security Vulnerability
  • From: "Ferruh Mavituna" <ferruh@mavituna.com>
• Mephistoles Httpd 0.6.0final XSS
  • From: "Donato Ferrante" <fdonato@autistici.org>
• TSLSA-2004-0005 - slocate
  • From: Trustix Security Advisor <tsl@trustix.org>
• Cisco Security Advisory: Voice Product Vulnerabilities on IBM Servers
  • From: Cisco Systems Product Security Incident Response Team <psirt@cisco.com>
• Re: [Full-Disclosure] RE: Internet Explorer - Multiple Vulnerabilities
  • From: "Berend-Jan Wever" <SkyLined@edup.tudelft.nl>
• Re: What is the point here?
  • From: Jason Coombs <jasonc@science.org>
• Re: HP printers and currency anti-copying measures
  • From: Sami Haahtinen <ressu@ressukka.net>
• [RHSA-2004:034-01] Updated mc packages resolve buffer overflow vulnerability
  • From: bugzilla@redhat.com
• Re: HP printers and currency anti-copying measures
  • From: Sasha <nospam@mail.com>
• WebcamXP v1.06.945 Cross Site Scripting Vulnerabillity
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• [Fwd: [TH-research] Bagle remote uninstall]
  • From: Gadi Evron <ge@egotistical.reprehensible.net>
• Honeyd Security Advisory 2004-001: Remote Detection Via Simple Probe Packet
  • From: Niels Provos <provos@citi.umich.edu>
• RE: Internet Explorer - Multiple Vulnerabilities
  • From: "Thor Larholm" <thor@pivx.com>
• [ GLSA 200401-02 ] Honeyd remote detection vulnerability via a probe packet
  • From: Tim Yamin <plasmaroo@gentoo.org>
• Hijacking Apache 2 via mod_perl
  • From: Steve Grubb <linux_4ever@yahoo.com>
• Paper announcement: Is finding security holes a good idea?
  • From: Eric Rescorla <ekr@rtfm.com>
• Re: Paper announcement: Is finding security holes a good idea?
  • From: Oliver Friedrichs <oliver_friedrichs@symantec.com>
• Re: Paper announcement: Is finding security holes a good idea?
  • From: "Kurt Seifried" <bt@seifried.org>
• RE: Paper announcement: Is finding security holes a good idea?
  • From: "Daniel Whelan" <daniel.whelan@kickapoocheese.com>
• yet another new phising scam
  • From: Gadi Evron <ge@linuxbox.org>
• Re: Paper announcement: Is finding security holes a good idea?
  • From: Benjamin Franz <snowhare@nihongo.org>
• Re: [SuSE 9.0] possible symlink attacks in some scripts
  • From: Thomas Biege <thomas@suse.de>
• Re: Hijacking Apache 2 via mod_perl
  • From: Ben Laurie <ben@algroup.co.uk>
• TBE - the banner engine server-side script execution vulnerability
  • From: "Ed J. Aivazian" <stealth@arminco.com>
• Re: Hijacking Apache 2 via mod_perl
  • From: lupe@lupe-christoph.de (Lupe Christoph)
• Need for Speed Hot pursuit 2 <= 242 client's buffer overflow
  • From: Luigi Auriemma <aluigi@altervista.org>
• AV products vulnerability [Fwd: [TH-research] Upx hack tool]
  • From: Gadi Evron <ge@linuxbox.org>
• Re: HP printers and currency anti-copying measures
  • From: Darren Reed <avalon@caligula.anu.edu.au>
• Major hack attack on the U.S. Senate
  • From: "Richard M. Smith" <rms@computerbytesman.com>
• NetBus Pro Web Server Direcory Listing And Remote File Upload
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Re: Paper announcement: Is finding security holes a good idea?
  • From: "Christopher E. Cramer" <chris.cramer@duke.edu>
• Re: Hijacking Apache 2 via mod_perl
  • From: Ben Laurie <ben@algroup.co.uk>
• GeoHttpServer Authentification Bypass Vulnerability & D.O.S (Denial Of Service)
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• vulnerabilities of postscript printers
  • From: Bob Kryger <bobk@panix.com>
• FREESCO public http server - Cross Site Scripting Vulnerabillity
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Re: Paper announcement: Is finding security holes a good idea?
  • From: Robert Lemos <rob.lemos@cnet.com>
• Re[2]: Hijacking Apache 2 via mod_perl
  • From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
• Re: Re[2]: Hijacking Apache 2 via mod_perl
  • From: Steve G <linux_4ever@yahoo.com>
• Re: Hijacking Apache 2 via mod_perl
  • From: Steve G <linux_4ever@yahoo.com>
• Re: Hijacking Apache 2 via mod_perl
  • From: André Malo <nd@perlig.de>
• NetWare-Enterprise-Web-Server/5.1/6.0 Multiple Vulnerabilities
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Re: vulnerabilities of postscript printers
  • From: Darren Reed <avalon@caligula.anu.edu.au>
• Multiple Vulnerabilities in Phorum 3.4.5
  • From: Fredrik Björk <Fredrik.Bjork.List@varbergenergi.se>
• Re: Major hack attack on the U.S. Senate
  • From: ~Kevin Davis³ <computerguy@cfl.rr.com>
• QuadComm Q-Shop ASP Shopping Cart Software multiple security vulnerabilities
  • From: S-Quadra Security Research <research@s-quadra.com>
• Re: Major hack attack on the U.S. Senate
  • From: "Brian C. Lane" <bcl@brianlane.com>
• Finjan SurfinGate Vulnerability
  • From: David Byrne <davidribyrne@yahoo.com>
• Re: vulnerabilities of postscript printers
  • From: der Mouse <mouse@Rodents.Montreal.QC.CA>
• Re: Hijacking Apache 2 via mod_perl
  • From: jon schatz <jon@divisionbyzero.com>
• Tiny Server 1.1 (1.0.5) Multiple Vulnerabilities
  • From: "Donato Ferrante" <fdonato@autistici.org>
• Oracle HTTP Server Cross Site Scripting Vulnerabillity
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Re: vulnerabilities of postscript printers
  • From: Jim Knoble <jmknoble@pobox.com>
• Re: vulnerabilities of postscript printers
  • From: der Mouse <mouse@Rodents.Montreal.QC.CA>
• Re: vulnerabilities of postscript printers
  • From: Darren Reed <avalon@caligula.anu.edu.au>
• Re: Major hack attack on the U.S. Senate
  • From: Daniel.Capo@tco.net.br
• MDKSA-2004:005 - Updated jabber packages fix DoS vulnerability
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• Re: Major hack attack on the U.S. Senate
  • From: Kirk Spencer <kspencer@ngrl.org>
• Re: vulnerabilities of postscript printers
  • From: Nate Eldredge <nge@cs.hmc.edu>
• Re: vulnerabilities of postscript printers
  • From: Glynn Clements <glynn.clements@virgin.net>
• Re: vulnerabilities of postscript printers
  • From: Michael Zimmermann <zim@vegaa.de>
• MDKSA-2004:004 - Updated slocate packages fix vulnerability
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• Re: vulnerabilities of postscript printers
  • From: Michael Zimmermann <zim@vegaa.de>
• Re: vulnerabilities of postscript printers
  • From: Elizabeth Zwicky <zwicky@greatcircle.com>
• Re: vulnerabilities of postscript printers
  • From: "Thomas M. Payerle" <payerle@physics.umd.edu>
• Re: Major hack attack on the U.S. Senate
  • From: rsh@idirect.com
• Re: Hijacking Apache 2 via mod_perl
  • From: Matthew Wakeling <mnw21-bugtraq@jumpleads.com>
• [SST]ServU MDTM command remote buffero verflow adv
  • From: "icbm" <icbm@0x557.net>
• Re: vulnerabilities of postscript printers
  • From: Michael Zimmermann <zim@vegaa.de>
• Re: Major hack attack on the U.S. Senate
  • From: Kevin Reardon <Kevin.Reardon@oracle.com>
• RE: Major hack attack on the U.S. Senate
  • From: "B. Kinney" <bkinney@fatcow.com>
• Re: vulnerabilities of postscript printers
  • From: der Mouse <mouse@Rodents.Montreal.QC.CA>
• Resources consumption in Reptile webserver daily version
  • From: "Donato Ferrante" <fdonato@autistici.org>
• Re: vulnerabilities of postscript printers
  • From: der Mouse <mouse@Rodents.Montreal.QC.CA>
• Re: vulnerabilities of postscript printers
  • From: Stephen Samuel <samuel@bcgreen.com>
• BWS v1.0b3 Directory Transversal Vulnerability
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Re: Major hack attack on the U.S. Senate
  • From: Dinesh Nair <dinesh@alphaque.com>
• Re: [work] Re: Major hack attack on the U.S. Senate
  • From: opticfiber <opticfiber@topsight.net>
• Re: Major hack attack on the U.S. Senate
  • From: ed@the7thbeer.com
• Re: [work] Re: Major hack attack on the U.S. Senate
  • From: "Jonathan A. Zdziarski" <jonathan@nuclearelephant.com>
• Re: vulnerabilities of postscript printers
  • From: Bob Beck <beck@bofh.cns.ualberta.ca>
• Inrtra Forum Cross Site Scripting Vulnerabillity
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• RE: Major hack attack on the U.S. Senate
  • From: bugtraq@anastrophe.com
• Re: vulnerabilities of postscript printers
  • From: Theo de Raadt <deraadt@cvs.openbsd.org>
• NextPlace.com E-Commerce ASP Engine
  • From: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>
• Self-Executing FOLDERS: Windows XP Explorer Part V
  • From: "http-equiv@excite.com" <1@malware.com>
• Directory traversal and XSS in BremsServer 1.2.4
  • From: "Donato Ferrante" <fdonato@autistici.org>
• Re: Major hack attack on the U.S. Senate
  • From: Crispin Cowan <crispin@immunix.com>
• Advisory 01/2004: 12 x Gaim remote overflows
  • From: Stefan Esser <s.esser@e-matters.de>
• [RHSA-2004:032-01] Updated Gaim packages fix various vulnerabiliies
  • From: bugzilla@redhat.com
• Serv-U ftp 4.2 site chmod long_file_name exploit
  • From: "Qianwei Hu" <a1476854@hotmail.com>
• Re: QuadComm Q-Shop ASP Shopping Cart Software multiple security vulnerabilities
  • From: S-Quadra Security Research <research@s-quadra.com>
• Re: Self-Executing FOLDERS: Windows XP Explorer Part V
  • From: "mightye[removethis]" <"mightye[removethis]"@mightye.org>
• RE: Self-Executing FOLDERS: Windows XP Explorer Part V
  • From: "Thor Larholm" <thor@pivx.com>
• Re: Windows XP Explorer Executes Arbitrary Code in Folders
  • From: Stuart Moore <smoore.bugtraq@securityglobal.net>
• ProxyNow! 2.x Multiple Overflow Vulnerabilities
  • From: "Peter Winter-Smith" <peter4020@hotmail.com>
• MDKSA-2004:006 - Updated gaim packages fix multiple vulnerabilities
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• RE: Finjan SurfinGate Vulnerability
  • From: "Menashe Eliezer" <menashe@finjan.com>
• Chaosreader: Trace TCP/UDP from snoop/tcpdump logs
  • From: Brendan Gregg <brendan.gregg@tpg.com.au>
• Re: symlink vul for Antivir / Linux Version 2.0.9-9 (maybe lower)
  • From: AntiVir Support <support@antivir.de>
• Re: Self-Executing FOLDERS: Windows XP Explorer Part V
  • From: Jelmer <jkuperus@planet.nl>
• [ GLSA 200401-03 ] Apache mod_python Denial of Service vulnerability
  • From: Tim Yamin <plasmaroo@gentoo.org>
• Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code
  • From: <lowhalo@hush.com>
• MDKSA-2004:007 - Updated mc packages fix buffer overflow vulnerability
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• Re: Self-Executing FOLDERS: Windows XP Explorer Part V
  • From: Liu Die Yu <liudieyuinchina@yahoo.com.cn>
• Elevated scanning: TCP port 135 (RPC) AND 445 (Domain Services)
  • From: Nicholas Weaver <nweaver@CS.berkeley.edu>
• [slackware-security] GAIM security update (SSA:2004-026-01)
  • From: Slackware Security Team <security@slackware.com>
• MDKSA-2004:008 - Updated tcpdump packages fix several vulnerabilities
  • From: Mandrake Linux Security Team <security@linux-mandrake.com>
• New MiMail variant is DDoS'ing SCO.com
  • From: <tlarholm@pivx.com>
• [FLSA-2004:1187] Updated screen resolves security vulnerability
  • From: Jesse Keating <jkeating@j2solutions.net>
• [HUC] Serv-U FTPD 3.x/4.x "SITE CHMOD" Command remote exploit V1.0
  • From: "lion" <lion@cnhonker.net>
• GOOROO CROSSING: File Spoofing Internet Explorer 6
  • From: "http-equiv@excite.com" <1@malware.com>
• [SECURITY] [DSA 429-1] New gnupg packages fix cryptographic weakness in ElGamal signing keys
  • From: Matt Zimmerman <mdz@debian.org>
• CERT Advisory CA-2004-02 Email-borne Viruses
  • From: CERT Advisory <cert-advisory@cert.org>
• SRT2004-01-18-0747 - IBM Informix IDS 9.4 contains multiple vulnerabilities
  • From: KF <dotslash@snosoft.com>
• Re: vulnerabilities of postscript printers
  • From: Ian Farquhar - Network Security Group <Ian.Farquhar@Sun.COM>
• GAIM Patch update
  • From: Stefan Esser <s.esser@e-matters.de>
• [ GLSA 200401-04 ] GAIM 0.75 Remote overflows
  • From: Tim Yamin <plasmaroo@gentoo.org>
• RE: GOOROO CROSSING: File Spoofing Internet Explorer 6
  • From: <tlarholm@pivx.com>
• information and reverse engineering bits of the Mydoom worm
  • From: Gadi Evron <ge@egotistical.reprehensible.net>
• RE: GOOROO CROSSING: File Spoofing Internet Explorer 6
  • From: "Oliver Lavery" <olavery@pivx.com>
• Remote exploit in Gallery 1.3.1, 1.3.2, 1.3.3, 1.4 and 1.4.1
  • From: "Bharat Mediratta" <bharat@menalto.com>
• [SECURITY] [DSA 430-1] New trr19 packages fix local games exploit
  • From: joey@infodrom.org (Martin Schulze)
• Changes to CERT Advisories [INFO#04.20510]
  • From: CERT Advisory <cert-advisory@cert.org>
• Re: New MiMail variant is DDoS'ing SCO.com
  • From: Bob Toxen <bob@verysecurelinux.com>
• RFC: virus handling
  • From: Thomas Zehetbauer <thomasz@hostmaster.org>
• phpBB privmsg.php XSS vulnerability patch.
  • From: Shaun Colley <shaunige@yahoo.co.uk>
• SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM
  • From: KF <dotslash@snosoft.com>
• BRS WebWeaver Webserver Cross Site Scripting Vulnerability
  • From: Oliver Karow <oliver.karow@gmx.de>
• Oracle toplink mapping workbench password algorithm
  • From: Pete Finnigan <plsql@petefinnigan.com>
• Denial Of Service in SurfNOW 2.2
  • From: "Donato Ferrante" <fdonato@autistici.org>
• ZH2004-01SA (security advisory): Web Blog 1.1 Remote arbitrary files retrieving
  • From: ZetaLabs <zetalabs@zone-h.org>
• SGI Advanced Linux Environment security update #9
  • From: SGI Security Coordinator <agent99@sgi.com>
• ----------========== OPEN3S-2003-08-08-eng-informix-onshowaudit ==========----------
  • From: pask@open3s.com
• MacOS X TruBlueEnvironment Buffer Overflow
  • From: "@stake Advisories" <advisories@atstake.com>
• ZH2004-02SA (security advisory): PJ CGI Neo review (NeoBoard review) Remote arbitrary file retrieving
  • From: ZetaLabs <zetalabs@zone-h.org>
• Security Announcement: untrusted ELF library path in some cvsup binary RPMs
  • From: Matthias Andree <matthias.andree@gmx.de>
• ----------========== OPEN3S-2003-08-08-eng-informix-ontape ==========----------
  • From: pask@open3s.com
• ----------========== OPEN3S-2003-08-08-eng-informix-onedcu ==========----------
  • From: pask@open3s.com
• SUSE Security Announcement: gaim (SuSE-SA:2004:004)
  • From: thomas@suse.de (Thomas Biege)
• new WIN virus?
  • From: "Atom 'Smasher'" <atom@suspicious.org>
• [FLSA-2004:1207] Updated cvs resolves security vulnerability
  • From: Jesse Keating <jkeating@j2solutions.net>
• Cisco Security Advisory: Buffer Overrun in Microsoft Windows 2000 Workstation Service (MS03-049)
  • From: Cisco Systems Product Security Incident Response Team <psirt@cisco.com>
• userland binary vulnerabilities on IRIX
  • From: SGI Security Coordinator <agent99@sgi.com>
• Serv-U exploit
  • From: "Berend-Jan Wever" <SkyLined@edup.tudelft.nl>
• FreeBSD Security Advisory FreeBSD-SA-04:01.mksnap_ffs
  • From: FreeBSD Security Advisories <security-advisories@freebsd.org>