Mail Index

• Thread Index

• 3com NBX VOIP NetSet Denial of Service Attack
  • From: Michael Scheidell
• [ GLSA 200404-21 ] Multiple Vulnerabilities in Samba
  • From: Joshua J. Berry
• [RHSA-2004:182-01] Updated httpd packages fix mod_ssl security issue
  • From: bugzilla
• MDKSA-2004:040 - Updated libpng packages fix vulnerability
  • From: Mandrake Linux Security Team
• cqure.net.20040430.citrixmetaframe
  • From: Patrik Karlsson
• [SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities
  • From: Martin Schulze
• [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png)
  • From: OpenPKG
• TSLSA-2004-0025 - multi
  • From: Trustix Security Advisor
• A technical description of the SSL PCT vulnerability (CVE-2003-0719)
  • From: Juliano Rizzo
• [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd)
  • From: OpenPKG
• SECURITY.NNOV: Sambar security quest
  • From: 3APA3A
• SquirrelMail Cross Scripting Attacks....
  • From: Alvin Alex
• [SECURITY] [DSA 498-1] New libpng packages fix denial of service
  • From: Martin Schulze
• [RHSA-2004:177-01] An updated X-Chat package fixes vulnerability in Socks-5 proxy
  • From: bugzilla
• Cross Site Scripting in Moodle < 1.3
  • From: Bartek Nowotarski
• MDKSA-2004:039 - Updated mc packages fix vulnerabilities
  • From: Mandrake Linux Security Team
• HP Web Jetadmin
  • From: John Morris
• TSLSA-2004-0024 - rsync
  • From: Trustix Security Advisor
• [RHSA-2004:179-01] An updated LHA package fixes security vulnerabilities
  • From: bugzilla
• Dameware Mini Remote Control Version 4.2 Weak Key Agreement Scheme
  • From: ax09001h
• Re: SquirrelMail Cross Scripting Attacks....
  • From: Jonathan Angliss
• IE Certificate Stealing (Phising) bug
  • From: E.Kellinis
• [RHSA-2004:163-01] Updated OpenOffice packages fix security vulnerability in neon
  • From: bugzilla
• [RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities
  • From: bugzilla
• Multi stage attacks on networks?
  • From: Sudhakar-bugtraq Govindavajhala
• RE: After Ms patches last Wed ...
  • From: David Hayden
• Re: SMC Routers have remote administration enabled by default
  • From: Martin Nedbal
• [RHSA-2004:181-01] Updated libpng packages fix crash
  • From: bugzilla
• Re: http://www.smashguard.org
  • From: Crispin Cowan
• Re: Multi stage attacks on networks?
  • From: Bill Nash
• Re: http://www.smashguard.org
  • From: Pavel Machek
• RE: Multi stage attacks on networks?
  • From: Shaun Bertrand
• [RHSA-2004:175-01] Updated utempter package fixes vulnerability
  • From: bugzilla
• [product-security@apple.com: APPLE-SA-2004-04-30 QuickTime 6.5.1]
  • From: David Ahmad
• Re: http://www.smashguard.org
  • From: Pavel Machek
• MDKSA-2004:041 - Updated ProFTPD packages fix vulnerability
  • From: Mandrake Linux Security Team
• Re: http://www.smashguard.org
  • From: Theo de Raadt
• Re: http://www.smashguard.org
  • From: Nicholas Weaver
• Re: http://www.smashguard.org
  • From: Coleman Kane
• Re: http://www.smashguard.org
  • From: Theo de Raadt
• Props 0.6.1 XSS and Remote File Viewing Vulnerability
  • From: Manuel Lopez
• RE: IE Certificate Stealing (Phising) bug
  • From: Michael Wojcik
• LNSA-#2004-0013: Multiple Vulnerabilities in Samba
  • From: Vincenzo Ciaglia
• LNSA-#2004-0014: X-Chat vulnerability in Socks-5 proxy
  • From: Vincenzo Ciaglia
• Will the Sasser worm become the next Blaster?
  • From: kers0r
• New LSASS-based worm finally here (Sasser)
  • From: Ben Ryan
• Re: Will the Sasser worm become the next Blaster?
  • From: Gadi Evron
• [SECURITY] [DSA 500-1] New flim packages fix insecure temporary file creation
  • From: Matt Zimmerman
• W32/Sasser a and b SNORT Sigs
  • From: Martin Overton
• [SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug
  • From: Matt Zimmerman
• PaX Linux Kernel 2.6 Patches DoS Advisory
  • From: chris
• EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow
  • From: Marc Maiffret
• Re: Will the Sasser worm become the next Blaster?
  • From: Damian Menscher
• Crystal Reports Vulnerabilities
  • From: Imperva Application Defense Center
• RE: After Ms patches last Wed ...
  • From: InfoSec
• [waraxe-2004-SA#026 - Multiple vulnerabilities in Coppermine Photo Gallery for PhpNuke]
  • From: Janek Vind
• X-Chat[v1.8.0-v2.0.8]: socks-5 remote buffer overflow exploit.
  • From: Vade 79
• Re: New LSASS-based worm finally here (Sasser)
  • From: Javier Fernandez-Sanguino
• Serv-U LIST -l Parameter Buffer Overflow
  • From: Aviram Jenik
• Multible Vulnerabilites in Aldos Webserver
  • From: oliver
• Vulnerability in YaBB forum (Perl version without SQL)
  • From: Dmitry Shurupov
• Re: After Ms patches last Wed ...
  • From: James Riden
• [slackware-security] sysklogd update (SSA:2004-124-02)
  • From: Slackware Security Team
• [slackware-security] libpng update (SSA:2004-124-04)
  • From: Slackware Security Team
• [slackware-security] xine-lib update (SSA:2004-124-03)
  • From: Slackware Security Team
• [slackware-security] rsync update (SSA:2004-124-01)
  • From: Slackware Security Team
• RE: Will the Sasser worm become the next Blaster?
  • From: Pullum, Stephen
• Re: After Ms patches last Wed ...
  • From: Nicholas Weaver
• RE: New LSASS-based worm finally here (Sasser)
  • From: Marc Maiffret
• [product-security@apple.com: APPLE-SA-2004-05-03 Security Update 2004-05-03]
  • From: David Ahmad
• Re: [Full-Disclosure] Re: New LSASS-based worm finally here (Sasser)
  • From: Javier Fernandez-Sanguino
• RE: After Ms patches last Wed ...
  • From: Nick FitzGerald
• @stake: AppleFileServer Remote Command Execution
  • From: @stake Advisories
• Sasser worm and Embedded Support Partner (ESP) port 5554/tcp
  • From: SGI Security Coordinator
• Re: [Full-Disclosure] Re: New LSASS-based worm finally here (Sasser)
  • From: Jason
• SUSE Security Announcement: kernel (SuSE-SA:2004:010)
  • From: Roman Drahtmueller
• RE: Crystal Reports Vulnerabilities
  • From: Imperva Application Defense Center
• remote root exec vulnerability in omail
  • From: Thijs Dalhuijsen
• Vulnerabilities In PHPX 3.26 And Earlier
  • From: JeiAr
• Re: Crystal Reports Vulnerabilities
  • From: Michael Ray
• SMF SIZE Tag Script Injection Vulnerability
  • From: Cheng Peng Su
• UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : apache multiple vulnerabilities, upgraded to apache-1.3.29
  • From: please_reply_to_security
• Re: (HOAX) Dameware Mini Remote Control Version 4.2 ? Weak Key Agreement Scheme
  • From: DameWare Support
• [slackware-security] lha update in bin package (SSA:2004-125-01)
  • From: Slackware Security Team
• Corsaire Security Advisory - Verity Ultraseek path disclosure issue
  • From: advisories
• Fuse Talk Vunerabilities
  • From: Stuart Jamieson
• [OpenPKG-SA-2004.019] OpenPKG Security Advisory (kolab)
  • From: OpenPKG
• Titan FTP Server Aborted LIST DoS
  • From: Aviram Jenik
• [waraxe-2004-SA#027 - Once again - critical vulnerabilities in PhpNuke 6.x - 7.2]
  • From: Janek Vind
• FreeBSD Security Advisory FreeBSD-SA-04:09.kadmind
  • From: FreeBSD Security Advisories
• IRIX Networking Security Updates
  • From: SGI Security Coordinator
• FreeBSD Security Advisory FreeBSD-SA-04:08.heimdal
  • From: FreeBSD Security Advisories
• Multiple vulnerabilities in P4DB
  • From: Jon McClintock
• [AppSecInc Security Alert] Microsoft Active Server Pages Cookie Retrieval Issue
  • From: Aaron C. Newman (Application Security, Inc.)
• Advisory: Heimdal kadmind version4 remote heap overflow
  • From: Evgeny Demidov
• [0xbadc0ded #03] DeleGate (SSL-filter) <= 8.9.2
  • From: Joel Eriksson
• SUSE Security Announcement: Live CD 9.1 (SuSE-SA:2004:011)
  • From: Roman Drahtmueller
• Will a smart worm be made in the near future?
  • From: Taeho Oh
• Security issue with Trend OfficeScan Corporate Edition
  • From: Matt
• Windows IPSec Vulnerabilty
  • From: Steffen Pfendtner
• [SECURITY] [DSA 501-1] New exim packages fix buffer overflows
  • From: Martin Schulze
• Remote DoS IE Memory Access Violation
  • From: E.Kellinis
• Re: Titan FTP Server Aborted LIST DoS
  • From: Gene Ken
• Eudora file URL buffer overflow
  • From: Paul Szabo
• Re: Will a smart worm be made in the near future?
  • From: Jose Nazario
• [CLA-2004:840] Conectiva Security Announcement - lha
  • From: Conectiva Updates
• Re: Titan FTP Server Aborted LIST DoS
  • From: Noam Rathaus
• Fwd: [Re: cvs commit: src/sys/vm vm_map.c]
  • From: Jacques A. Vidrine
• Streaming Video and Audio
  • From: security lists
• [OpenPKG-SA-2004.020] OpenPKG Security Advisory (ssmtp)
  • From: OpenPKG
• FW: [security bulletin] SSRT4717 Management Agents for HP-UX Remote DoS
  • From: Boren, Rich (SSRT)
• [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability
  • From: Jesse Keating
• Status bar exploit hides spoofed URLs Eudora, possibly other e-mail clients
  • From: Brett Glass
• [waraxe-2004-SA#028 - Multiple vulnerabilities in NukeJokes module for PhpNuke]
  • From: Janek Vind
• [ GLSA 200405-01 ] Multiple format string vulnerabilities in neon 0.24.4 and earlier
  • From: Kurt Lieber
• PaX DoS proof-of-concept
  • From: Michel Blomgren
• a litle bypass with IE
  • From: Nuno Costa
• Monit 4.1 remote shell exploit (HTTP)
  • From: Michel Blomgren
• [ GLSA 200405-02 ] Multiple vulnerabilities in LHa
  • From: Thierry Carrez
• RE: An undetectable Online Bank Vulnerability?
  • From: M Peterson
• Arbitrary code inclusion in phpShop
  • From: Calum Power
• OUTLOOK 2003: OuchLook
  • From: http-equiv@xxxxxxxxxx
• Emule 0.42e Remote Denial Of Service Exploit
  • From: Rafel Ivgi, The-Insider
• Re: a litle bypass with IE
  • From: Neil Briscoe
• [Ulf Harnhammar]: LHA Advisory + Patch
  • From: David Ahmad
• msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh
  • From: Rafel Ivgi, The-Insider
• RE: a litle bypass with IE
  • From: Eric Norbut
• DEEP SEA PHISHING: Internet Explorer / Outlook Express
  • From: http-equiv@xxxxxxxxxx
• Somebody exploiting (badly designed) yahoo service?
  • From: Aleksandar Milivojevic
• PING: Outlook 2003 Spam
  • From: http-equiv@xxxxxxxxxx
• RE: a litle bypass with IE
  • From: Thor Larholm
• MDKSA-2004:042 - Updated rsync packages fixes potential to write outside of directory tree.
  • From: Mandrake Linux Security Team
• [SECURITY] [DSA 502-1] New exim-tls packages fix buffer overflows
  • From: Martin Schulze
• Re: Somebody exploiting (badly designed) yahoo service?
  • From: Charles Mansmann
• Re: a litle bypass with IE
  • From: Emilio Casbas
• MDKSA-2004:043 - Updated apache2 packages fixes a denial of service vulnerability in mod_ssl
  • From: Mandrake Linux Security Team
• Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP
  • From: Florian Weimer
• Linux Kernel sctp_setsockopt() Integer Overflow
  • From: Shaun Colley
• [ GLSA 200405-04 ] OpenOffice.org vulnerability when using DAV servers
  • From: Thierry Carrez
• [ GLSA 200405-03 ] ClamAV VirusEvent parameter vulnerability
  • From: Thierry Carrez
• Hiding URLs from Outlook and other mail clients
  • From: Carl
• Advisory 04/2004: Net(Free)BSD Systrace local root vulnerabilitiy
  • From: Stefan Esser
• OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : X sessions which are not started by scologin cannot use the X authorization protocol
  • From: please_reply_to_security
• Re: [Full-Disclosure] Linux Kernel sctp_setsockopt() Integer Overflow
  • From: Tom Rini
• Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP
  • From: Bob Beck
• [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache)
  • From: OpenPKG
• Re: msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh
  • From: Gao Rui
• Re: Somebody exploiting (badly designed) yahoo service?
  • From: Nick FitzGerald
• MS04-015 - Windows Help Center - Dvdupgrade
  • From: morning_wood
• surfboard1.1.6 local exploit.
  • From: Anonymous
• NetBSD Security Advisory 2004-007: Systrace systrace_exit() local root
  • From: NetBSD Security-Officer
• EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow
  • From: Marc Maiffret
• EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption
  • From: Marc Maiffret
• EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service
  • From: Marc Maiffret
• EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow
  • From: Marc Maiffret
• Showhelp() local CHM file execution
  • From: roozbeh afrasiabi
• [SECURITY] [DSA 503-1] New mah-jong packages fix denial of service
  • From: Martin Schulze
• [slackware-security] apache (SSA:2004-133-01)
  • From: Slackware Security Team
• Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP
  • From: Darren Reed
• Re: surfboard1.1.6 local exploit.
  • From: Meredydd
• [ GLSA 200405-05 ] Utempter symlink vulnerability
  • From: Kurt Lieber
• Opera Telnet URI Handler Vulnerability also applies to other browsers
  • From: Jannes
• SYM04-008, Symantec Client Firewall Remote Access and Denial of Service Issues
  • From: Sym Security
• [security bulletin] SSRT4722 rev.0 HP-UX Mozilla denial of service
  • From: Boren, Rich (SSRT)
• POA: Outlook Expresss 6.00
  • From: http-equiv@xxxxxxxxxx
• IE URL Issue Being Used In Phishing In the Wild [USBank]
  • From: Drew Copley
• Re: Showhelp() local CHM file execution
  • From: roozbeh afrasiabi
• Still Vulnerable in MSIE
  • From: Greg Kujawa
• [security bulletin] SSRT4721 rev.0 HP-UX dtlogin unauthorized privileged access, DoS
  • From: Boren, Rich (SSRT)
• SUSE Security Announcement: mc (SuSE-SA:2004:012)
  • From: Thomas Biege
• TSLSA-2004-0027 - apache
  • From: Trustix Security Advisor
• DOE updated cybersecurity //no code or 0day sploits// just info
  • From: System Administrator
• Curious fileutils/coreutils behaviour.
  • From: David Malone
• Vulnerability Scanning on Windows 2003 localhost will crash RPC
  • From: farking
• [security bulletin] SSRT3613 rev.0 HP-UX B6848AB GTK+ Support Libraries - elevated privileges
  • From: Boren, Rich (SSRT)
• RE: Vulnerability Scanning on Windows 2003 localhost will crash RPC
  • From: Drew Copley
• Symantec Multiple Firewall DNS Response Denial-of-Service Exploit (PoC)
  • From: houseofdabus HOD
• TSLSA-2004-0029 - kernel
  • From: Trustix Security Advisor
• RE: IE URL Issue Being Used In Phishing In the Wild [USBank]
  • From: Drew Copley
• RE: Curious fileutils/coreutils behaviour.
  • From: Michael Wojcik
• Re: IE URL Issue Being Used In Phishing In the Wild [USBank]
  • From: Todd C. Campbell
• Re: Curious fileutils/coreutils behaviour.
  • From: Nicolas Rachinsky
• [ GLSA 200405-07 ] Exim verify=header_syntax buffer overflow
  • From: Thierry Carrez
• Re: Curious fileutils/coreutils behaviour.
  • From: David Malone
• [ GLSA 200405-06 ] libpng denial of service vulnerability
  • From: Thierry Carrez
• RE: Still Vulnerable in MSIE
  • From: Thor Larholm
• Denial of Service Vulnerability in IEEE 802.11 Wireless Devices
  • From: albatross
• lha buffer overflow(s) again
  • From: lw
• more simple and flexible WinBlox(GET CONTROL OF WINNT SYSTEM)
  • From: Liu Die Yu
• Re: Curious fileutils/coreutils behaviour.
  • From: Michael Shigorin
• Re: Curious fileutils/coreutils behaviour.
  • From: Luciano Miguel Ferreira Rocha
• Re: IE URL Issue Being Used In Phishing In the Wild [USBank]
  • From: Nick FitzGerald
• Re: Curious fileutils/coreutils behaviour.
  • From: Martin
• CiSCO IOS 12.* source code stolen
  • From: Alexander Antipo
• Re: Linux Kernel sctp_setsockopt() Integer Overflow
  • From: Michael Tokarev
• Re: Denial of Service Vulnerability in IEEE 802.11 Wireless Devices
  • From: Casper Dik
• Re[2]: Denial of Service Vulnerability in IEEE 802.11 Wireless Devices
  • From: Jason Ostrom
• NetChat HTTP Server Stack Overflow
  • From: dbd
• WebCT: Cross Site Scripting Vulnerability
  • From: spiffomatic 64
• Wget race condition vulnerability
  • From: Vázquez
• [slackware-security] mc (SSA:2004-136-01)
  • From: Slackware Security Team
• Multiple TTT-C XSS vulnerabilities
  • From: Kaloyan Georgiev
• KDE Security Advisory: URI Handler Vulnerabilities
  • From: Waldo Bastian
• Safari remote arbitrary code execution
  • From: kang
• RE: Remote Buffer Overflow in MailEnable HTTPMail
  • From: MailEnable Sales
• Re: Denial of Service Vulnerability in IEEE 802.11 Wireless Devices
  • From: Niels Bakker
• Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
  • From: Kurczaba Associates advisories
• oscommerce 2.2 file_manager.php file browsing
  • From: Rene
• RE: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
  • From: Drew Copley
• [waraxe-2004-SA#029 - Possible remote file inclusion in PhpNuke 6.x - 7.3]
  • From: Janek Vind
• ROCKET SCIENCE: Outllook 2003
  • From: http-equiv@xxxxxxxxxx
• RE: Still Vulnerable in MSIE
  • From: Drew Copley
• Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
  • From: thegeekmeister
• Desktop.ini flaw results in executing folders
  • From: roozbeh afrasiabi
• Re: Safari remote arbitrary code execution
  • From: Adam Shostack
• Buffer Overflow in ActivePerl ?
  • From: Oliver@xxxxxxxxxx
• MDKSA-2004:044 - Updated libuser packages fix vulnerability
  • From: Mandrake Linux Security Team
• [waraxe-2004-SA#030 - Multiple vulnerabilities in PhpNuke 6.x - 7.3]
  • From: Janek Vind
• MDKSA-2004:045 - Updated passwd packages fix vulnerabilities
  • From: Mandrake Linux Security Team
• MDKSA-2004:046 - Updated apache packages fix a number of vulnerabilities
  • From: Mandrake Linux Security Team
• Advisory 05/2004: phpMyFAQ local file inclusion vulnerability
  • From: Stefan Esser
• Zen Cart login.php SQL Injection Vulnerability
  • From: Oliver Minack
• [slackware-security] kdelibs (SSA:2004-238-01)
  • From: Slackware Security Team
• [SECURITY] [DSA 504-1] New heimdal packages fix potential buffer overflow
  • From: Martin Schulze
• Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
  • From: Jan Kluka
• Re: Buffer Overflow in ActivePerl ?
  • From: rich . sf
• RE: [Full-Disclosure] Re: Buffer Overflow in ActivePerl ?
  • From: Bill Royds
• IRIX 6.5.24 rpc.mountd infinte loop
  • From: SGI Security Coordinator
• Re: Buffer Overflow in ActivePerl?
  • From: Axel Beckert
• Overflow@OmniHTTPd
  • From: Han_B
• Vapid Labs Security Advisory for PrimeBase Database 4.2 (update)
  • From: Larry W. Cashdollar
• Unknown IE bug with css-styles
  • From: henkie_is_leet
• Re: Buffer Overflow in ActivePerl ?
  • From: Nick FitzGerald
• [ GLSA 200405-08 ] Pound format string vulnerability
  • From: Thierry Carrez
• Re: Buffer Overflow in ActivePerl ?
  • From: noderat
• MDKSA-2004:047 - Updated kdelibs packages fix URI handling vulnerabilities
  • From: Mandrake Linux Security Team
• Re: Unknown IE bug with css-styles
  • From: Paolo Mattiangeli
• Re: Buffer Overflow in ActivePerl ?
  • From: Josh Tolley
• RE: Buffer Overflow in ActivePerl ?
  • From: Drew Copley
• [FLSA-2004:1546] Updated utempter resolves security vulnerability -- Reissue: updated 8.0 version numbers
  • From: Jesse Keating
• [ GLSA 200405-09 ] ProFTPD Access Control List bypass vulnerability
  • From: Kurt Lieber
• Advisory 07/2004: CVS remote vulnerability
  • From: Stefan Esser
• FreeBSD Security Advisory FreeBSD-SA-04:10.cvs
  • From: FreeBSD Security Advisories
• [SECURITY] [DSA 506-1] New neon packages fix buffer overflow
  • From: Martin Schulze
• Advisory 06/2004: libneon date parsing vulnerability
  • From: Stefan Esser
• [SECURITY] [DSA 505-1] New cvs packages fix remote exploit
  • From: Martin Schulze
• A new Sanctum paper: "Blind XPath Injection"
  • From: Amit Klein
• [SECURITY] [DSA 507-1] New cadaver packages fix buffer overflow
  • From: Martin Schulze
• Advisory 08/2004: Subversion remote vulnerability
  • From: Stefan Esser
• SUSE Security Announcement: cvs (SuSE-SA:2004:013)
  • From: Sebastian Krahmer
• Idea for proactive worm protection
  • From: Peter Surda
• Non-logged Brute Force Attack Vulnerability for Fantastico-Created Databases on cPanel Based Hosts
  • From: Michael Curtis
• Re: Buffer Overflow in ActivePerl ?
  • From: David Cantrell
• [ GLSA 200405-10 ] Icecast denial of service vulnerability
  • From: Thierry Carrez
• Re: Buffer Overflow in ActivePerl ?
  • From: David Ahmad
• Reporting a Security Vulnerability in a Microsoft Product
  • From: Microsoft Security Response Center
• MDKSA-2004:048 - Updated cvs packages fix remotely exploitable vulnerability
  • From: Mandrake Linux Security Team
• MDKSA-2004:049 - Updated libneon packages fix heap variable overflow issues
  • From: Mandrake Linux Security Team
• [ GLSA 200405-11 ] KDE URI Handler Vulnerabilities
  • From: Thierry Carrez
• [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion)
  • From: OpenPKG
• [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)
  • From: OpenPKG
• [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs)
  • From: OpenPKG
• SGI ProPack 3: Kernel Update #1 - Security and other fixes
  • From: SGI Security Coordinator
• [slackware-security] cvs (SSA:2004-140-01)
  • From: Slackware Security Team
• SGI ProPack v2.4: Kernel Update #4 - Security and other fixes
  • From: SGI Security Coordinator
• [security bulletin] SSRT4696 rev. 0 HP ProCurve Routing Switches TCP Denial of Service (DoS)
  • From: Boren, Rich (SSRT)
• [ GLSA 200405-12 ] CVS heap overflow vulnerability
  • From: Thierry Carrez
• [ GLSA 200405-14 ] Buffer overflow in Subversion
  • From: Joshua J. Berry
• [ GLSA 200405-13 ] neon heap-based buffer overflow
  • From: Thierry Carrez
• [ GLSA 200405-15 ] cadaver heap-based buffer overflow
  • From: Thierry Carrez
• Auditor security collection released - a swiss army knife for security assessments.
  • From: Max
• Question About Ethics and Full Disclosure
  • From: Tom
• Internet explorer .clsid vulnerability
  • From: roozbeh afrasiabi
• RE: Question About Ethics and Full Disclosure
  • From: Drew Copley
• RE: Question About Ethics and Full Disclosure
  • From: Kevin E. Casey
• Re: Question About Ethics and Full Disclosure
  • From: T.J.
• Re: Question About Ethics and Full Disclosure
  • From: Michal Zalewski
• Re: Non-logged Brute Force Attack Vulnerability forFantastico-Created Databases on cPanel Based Hosts
  • From: Michael Curtis
• e107 web portal Referers HTTP Injection
  • From: Chinchilla
• [SNS Advisory No.72] Symantec Norton AntiVirus 2004 ActiveX Control Vulnerability
  • From: snsadv
• [OpenPKG-SA-2004.025] OpenPKG Security Advisory (rsync)
  • From: OpenPKG
• MDKSA-2004:046-1 - apache-mod_perl packages are now available
  • From: Mandrake Linux Security Team
• Eudora 6.1.1 attachment spoof, LaunchProtect
  • From: Paul Szabo
• RE: Internet explorer .clsid vulnerability
  • From: Thor Larholm
• [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail
  • From: Rajiv Aaron Manglani
• Stupid Phishing Tricks
  • From: http-equiv@xxxxxxxxxx
• Re: Non-logged Brute Force Attack Vulnerability for Fantastico-Created Databases on cPanel Based Hosts
  • From: Kenneth Peiruza
• Exploit codes for CVS Vulnerability and snort rules from ISC
  • From: K-OTiK Security
• BNBT BitTorrent Tracker Denial Of Service
  • From: badpack3t
• Re: Internet explorer .clsid vulnerability
  • From: roozbeh afrasiabi
• Liferay Cross Site Scripting Flaw
  • From: Giri, Sandeep
• MDKSA-2004:050 - Updated kernel packages fix multiple vulnerabilities
  • From: Mandrake Linux Security Team
• Allegro RomPager/2.10 DoS exploit
  • From: Seth Alan Woolley
• e107 web portal user.php XSS (Cross Site Scripting)
  • From: Chris Norton
• cPanel mod_phpsuexec Vulnerability
  • From: Rob Brown
• Netgear RP114 URL filter fails if URL is too long
  • From: Marc Ruef
• [SECURITY] [DSA 508-1] New xpcd packages fix buffer overflow
  • From: Matt Zimmerman
• [ GLSA 200405-18 ] Buffer Overflow in Firebird
  • From: Thierry Carrez
• [ GLSA 200405-19 ] Opera telnet URI handler file creation/truncation vulnerability
  • From: Kurt Lieber
• SSH URI handler remote arbitrary code execution
  • From: kang
• [CLA-2004:841] Conectiva Security Announcement - libneon
  • From: Conectiva Updates
• ERRATA: [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail
  • From: Kurt Lieber
• [CLA-2004:842] Conectiva Security Announcement - mailman
  • From: Conectiva Updates
• [ GLSA 200405-20 ] Insecure Temporary File Creation In MySQL
  • From: Thierry Carrez
• [security bulletin] SSRT4749 HP-UX Java Runtime Environment (JRE) remote DoS
  • From: Boren, Rich (SSRT)
• FreeBSD Security Advisory FreeBSD-SA-04:11.msync
  • From: FreeBSD Security Advisories
• SUSE Security Announcement: kdelibs (SuSE-SA:2004:014)
  • From: Sebastian Krahmer
• [security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access
  • From: Boren, Rich (SSRT)
• IEBUG: Archives of Internet Explorer
  • From: Liu Die Yu
• [ GLSA 200405-21 ] Midnight Commander: Multiple vulnerabilities
  • From: Kurt Lieber
• [Full-Disclosure] iDEFENSE Security Advisory 05.26.04: 3Com OfficeConnect Remote 812 ADSL Router Telnet Protocol Denial of Service Vulnerability
  • From: idlabs-advisories
• IRIX libcpr vulnerability
  • From: SGI Security Coordinator
• [ GLSA 200405-22 ] Apache 1.3: Multiple vulnerabilities
  • From: Kurt Lieber
• [security bulletin]SSRT4724 HP integrated Lights Out (iLO) Denial of Service (DoS) using port zero
  • From: Boren, Rich (SSRT)
• Orenosv HTTP/FTP Server Denial Of Service
  • From: badpack3t
• Re: IRIX libcpr vulnerability
  • From: Jan Schaumann
• [CLA-2004:843] Conectiva Security Announcement - kde
  • From: Conectiva Updates
• Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird
  • From: b0f www.b0f.net
• SGI Advanced Linux Environment 3 Security Update #1
  • From: SGI Security Coordinator
• DoS in MiniShare 1.3.2
  • From: Donato Ferrante
• The Dangers of Cross-Site-Scripting: Rogers Hi-Speed Internet Network [Canada]
  • From: http-equiv@xxxxxxxxxx
• Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
  • From: sandrijeski
• Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird
  • From: KF (lists)
• Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird
  • From: KF (lists)
• Re: Exchange pop3 remote exploit
  • From: Tal Schaeffer
• Sun-Java-App-Server PE 8.0 path disclosure
  • From: Marc Schoenefeld
• MDKSA-2004:051 - Updated mailman packages fix password retrieval vulnerability
  • From: Mandrake Linux Security Team
• WildTangent Web Driver Long FileName Stack Overflow
  • From: NGSSoftware Insight Security Research
• MDKSA-2004:052 - Updated kolab-server package fixes world readable file vulnerability
  • From: Mandrake Linux Security Team
• [PHP] include() bypassing filter with php://input
  • From: Himeur Nourredine
• [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)
  • From: OpenPKG
• Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
  • From: http-equiv@xxxxxxxxxx
• [ GLSA 200405-23 ] Heimdal: Kerberos 4 buffer overflow in kadmin
  • From: Kurt Lieber
• Re: [PHP] include() bypassing filter with php://input
  • From: Keary Suska
• Re: Linux Kernel sctp_setsockopt() Integer Overflow
  • From: Michael Tokarev
• Re: [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability
  • From: Seth Alan Woolley
• [ GLSA 200405-24 ] MPlayer, xine-lib: vulnerabilities in RTSP stream handling
  • From: Thierry Carrez
• SGI Advanced Linux Environment security update #20
  • From: SGI Security Coordinator
• SGI Advanced Linux Environment 3 Security Update #2
  • From: SGI Security Coordinator
• JPortal SQL Injects
  • From: Maciek Wierciski
• Re: [PHP] include() bypassing filter with php://input
  • From: clez
• Re: WildTangent Web Driver Long FileName Stack Overflow
  • From: Cesar
• Mollensoft ftp Server ver 3.6 Buffer overflow
  • From: Chintan Trivedi
• EnderUNIX Security Anouncement (Isoqlog and Spamguard)
  • From: Murat Balaban
• LDU (land down under) xss vulnerability
  • From: tim de gier
• [waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615]
  • From: Janek Vind
• [SECURITY] [DSA 509-1] New gatos packages fix privilege escalation
  • From: Matt Zimmerman
• [SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability
  • From: Matt Zimmerman
• [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability
  • From: idlabs-advisories