Mail Thread Index
- 3com NBX VOIP NetSet Denial of Service Attack,
Michael Scheidell
- [ GLSA 200404-21 ] Multiple Vulnerabilities in Samba,
Joshua J. Berry
- [RHSA-2004:182-01] Updated httpd packages fix mod_ssl security issue,
bugzilla
- MDKSA-2004:040 - Updated libpng packages fix vulnerability,
Mandrake Linux Security Team
- cqure.net.20040430.citrixmetaframe,
Patrik Karlsson
- [SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities,
Martin Schulze
- [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png),
OpenPKG
- TSLSA-2004-0025 - multi,
Trustix Security Advisor
- A technical description of the SSL PCT vulnerability (CVE-2003-0719),
Juliano Rizzo
- [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd),
OpenPKG
- SECURITY.NNOV: Sambar security quest,
3APA3A
- SquirrelMail Cross Scripting Attacks....,
Alvin Alex
- [SECURITY] [DSA 498-1] New libpng packages fix denial of service,
Martin Schulze
- [RHSA-2004:177-01] An updated X-Chat package fixes vulnerability in Socks-5 proxy,
bugzilla
- Cross Site Scripting in Moodle < 1.3,
Bartek Nowotarski
- MDKSA-2004:039 - Updated mc packages fix vulnerabilities,
Mandrake Linux Security Team
- HP Web Jetadmin,
John Morris
- TSLSA-2004-0024 - rsync,
Trustix Security Advisor
- [RHSA-2004:179-01] An updated LHA package fixes security vulnerabilities,
bugzilla
- Dameware Mini Remote Control Version 4.2 Weak Key Agreement Scheme,
ax09001h
- IE Certificate Stealing (Phising) bug,
E.Kellinis
- [RHSA-2004:163-01] Updated OpenOffice packages fix security vulnerability in neon,
bugzilla
- [RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities,
bugzilla
- Multi stage attacks on networks?,
Sudhakar-bugtraq Govindavajhala
- RE: After Ms patches last Wed ...,
David Hayden
- Re: SMC Routers have remote administration enabled by default,
Martin Nedbal
- [RHSA-2004:181-01] Updated libpng packages fix crash,
bugzilla
- Re: http://www.smashguard.org,
Pavel Machek
- [RHSA-2004:175-01] Updated utempter package fixes vulnerability,
bugzilla
- [product-security@apple.com: APPLE-SA-2004-04-30 QuickTime 6.5.1],
David Ahmad
- MDKSA-2004:041 - Updated ProFTPD packages fix vulnerability,
Mandrake Linux Security Team
- Props 0.6.1 XSS and Remote File Viewing Vulnerability,
Manuel Lopez
- LNSA-#2004-0013: Multiple Vulnerabilities in Samba,
Vincenzo Ciaglia
- LNSA-#2004-0014: X-Chat vulnerability in Socks-5 proxy,
Vincenzo Ciaglia
- Will the Sasser worm become the next Blaster?,
kers0r
- New LSASS-based worm finally here (Sasser),
Ben Ryan
- [SECURITY] [DSA 500-1] New flim packages fix insecure temporary file creation,
Matt Zimmerman
- W32/Sasser a and b SNORT Sigs,
Martin Overton
- [SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug,
Matt Zimmerman
- PaX Linux Kernel 2.6 Patches DoS Advisory,
chris
- EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow,
Marc Maiffret
- Crystal Reports Vulnerabilities,
Imperva Application Defense Center
- [waraxe-2004-SA#026 - Multiple vulnerabilities in Coppermine Photo Gallery for PhpNuke],
Janek Vind
- X-Chat[v1.8.0-v2.0.8]: socks-5 remote buffer overflow exploit.,
Vade 79
- Serv-U LIST -l Parameter Buffer Overflow,
Aviram Jenik
- Multible Vulnerabilites in Aldos Webserver,
oliver
- Vulnerability in YaBB forum (Perl version without SQL),
Dmitry Shurupov
- [slackware-security] sysklogd update (SSA:2004-124-02),
Slackware Security Team
- [slackware-security] libpng update (SSA:2004-124-04),
Slackware Security Team
- [slackware-security] xine-lib update (SSA:2004-124-03),
Slackware Security Team
- [slackware-security] rsync update (SSA:2004-124-01),
Slackware Security Team
- [product-security@apple.com: APPLE-SA-2004-05-03 Security Update 2004-05-03],
David Ahmad
- @stake: AppleFileServer Remote Command Execution,
@stake Advisories
- Sasser worm and Embedded Support Partner (ESP) port 5554/tcp,
SGI Security Coordinator
- SUSE Security Announcement: kernel (SuSE-SA:2004:010),
Roman Drahtmueller
- remote root exec vulnerability in omail,
Thijs Dalhuijsen
- Vulnerabilities In PHPX 3.26 And Earlier,
JeiAr
- SMF SIZE Tag Script Injection Vulnerability,
Cheng Peng Su
- UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : apache multiple vulnerabilities, upgraded to apache-1.3.29,
please_reply_to_security
- Re: (HOAX) Dameware Mini Remote Control Version 4.2 ? Weak Key Agreement Scheme,
DameWare Support
- [slackware-security] lha update in bin package (SSA:2004-125-01),
Slackware Security Team
- Corsaire Security Advisory - Verity Ultraseek path disclosure issue,
advisories
- Fuse Talk Vunerabilities,
Stuart Jamieson
- [OpenPKG-SA-2004.019] OpenPKG Security Advisory (kolab),
OpenPKG
- Titan FTP Server Aborted LIST DoS,
Aviram Jenik
- [waraxe-2004-SA#027 - Once again - critical vulnerabilities in PhpNuke 6.x - 7.2],
Janek Vind
- FreeBSD Security Advisory FreeBSD-SA-04:09.kadmind,
FreeBSD Security Advisories
- IRIX Networking Security Updates,
SGI Security Coordinator
- FreeBSD Security Advisory FreeBSD-SA-04:08.heimdal,
FreeBSD Security Advisories
- Multiple vulnerabilities in P4DB,
Jon McClintock
- [AppSecInc Security Alert] Microsoft Active Server Pages Cookie Retrieval Issue,
Aaron C. Newman (Application Security, Inc.)
- Advisory: Heimdal kadmind version4 remote heap overflow,
Evgeny Demidov
- [0xbadc0ded #03] DeleGate (SSL-filter) <= 8.9.2,
Joel Eriksson
- SUSE Security Announcement: Live CD 9.1 (SuSE-SA:2004:011),
Roman Drahtmueller
- Will a smart worm be made in the near future?,
Taeho Oh
- Security issue with Trend OfficeScan Corporate Edition,
Matt
- Windows IPSec Vulnerabilty,
Steffen Pfendtner
- [SECURITY] [DSA 501-1] New exim packages fix buffer overflows,
Martin Schulze
- Remote DoS IE Memory Access Violation,
E.Kellinis
- Eudora file URL buffer overflow,
Paul Szabo
- [CLA-2004:840] Conectiva Security Announcement - lha,
Conectiva Updates
- Fwd: [Re: cvs commit: src/sys/vm vm_map.c],
Jacques A. Vidrine
- Streaming Video and Audio,
security lists
- [OpenPKG-SA-2004.020] OpenPKG Security Advisory (ssmtp),
OpenPKG
- FW: [security bulletin] SSRT4717 Management Agents for HP-UX Remote DoS,
Boren, Rich (SSRT)
- [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability,
Jesse Keating
- [waraxe-2004-SA#028 - Multiple vulnerabilities in NukeJokes module for PhpNuke],
Janek Vind
- [ GLSA 200405-01 ] Multiple format string vulnerabilities in neon 0.24.4 and earlier,
Kurt Lieber
- PaX DoS proof-of-concept,
Michel Blomgren
- a litle bypass with IE,
Nuno Costa
- Monit 4.1 remote shell exploit (HTTP),
Michel Blomgren
- [ GLSA 200405-02 ] Multiple vulnerabilities in LHa,
Thierry Carrez
- RE: An undetectable Online Bank Vulnerability?,
M Peterson
- Arbitrary code inclusion in phpShop,
Calum Power
- OUTLOOK 2003: OuchLook,
http-equiv@xxxxxxxxxx
- Emule 0.42e Remote Denial Of Service Exploit,
Rafel Ivgi, The-Insider
- [Ulf Harnhammar]: LHA Advisory + Patch,
David Ahmad
- msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh,
Rafel Ivgi, The-Insider
- DEEP SEA PHISHING: Internet Explorer / Outlook Express,
http-equiv@xxxxxxxxxx
- Somebody exploiting (badly designed) yahoo service?,
Aleksandar Milivojevic
- PING: Outlook 2003 Spam,
http-equiv@xxxxxxxxxx
- MDKSA-2004:042 - Updated rsync packages fixes potential to write outside of directory tree.,
Mandrake Linux Security Team
- [SECURITY] [DSA 502-1] New exim-tls packages fix buffer overflows,
Martin Schulze
- MDKSA-2004:043 - Updated apache2 packages fixes a denial of service vulnerability in mod_ssl,
Mandrake Linux Security Team
- Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP,
Florian Weimer
- Linux Kernel sctp_setsockopt() Integer Overflow,
Shaun Colley
- [ GLSA 200405-04 ] OpenOffice.org vulnerability when using DAV servers,
Thierry Carrez
- [ GLSA 200405-03 ] ClamAV VirusEvent parameter vulnerability,
Thierry Carrez
- Hiding URLs from Outlook and other mail clients,
Carl
- Advisory 04/2004: Net(Free)BSD Systrace local root vulnerabilitiy,
Stefan Esser
- OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : X sessions which are not started by scologin cannot use the X authorization protocol,
please_reply_to_security
- [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache),
OpenPKG
- MS04-015 - Windows Help Center - Dvdupgrade,
morning_wood
- surfboard1.1.6 local exploit.,
Anonymous
- NetBSD Security Advisory 2004-007: Systrace systrace_exit() local root,
NetBSD Security-Officer
- EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow,
Marc Maiffret
- EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption,
Marc Maiffret
- EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service,
Marc Maiffret
- EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow,
Marc Maiffret
- Showhelp() local CHM file execution,
roozbeh afrasiabi
- [SECURITY] [DSA 503-1] New mah-jong packages fix denial of service,
Martin Schulze
- [slackware-security] apache (SSA:2004-133-01),
Slackware Security Team
- [ GLSA 200405-05 ] Utempter symlink vulnerability,
Kurt Lieber
- Opera Telnet URI Handler Vulnerability also applies to other browsers,
Jannes
- SYM04-008, Symantec Client Firewall Remote Access and Denial of Service Issues,
Sym Security
- [security bulletin] SSRT4722 rev.0 HP-UX Mozilla denial of service,
Boren, Rich (SSRT)
- POA: Outlook Expresss 6.00,
http-equiv@xxxxxxxxxx
- IE URL Issue Being Used In Phishing In the Wild [USBank],
Drew Copley
- Still Vulnerable in MSIE,
Greg Kujawa
- [security bulletin] SSRT4721 rev.0 HP-UX dtlogin unauthorized privileged access, DoS,
Boren, Rich (SSRT)
- SUSE Security Announcement: mc (SuSE-SA:2004:012),
Thomas Biege
- TSLSA-2004-0027 - apache,
Trustix Security Advisor
- DOE updated cybersecurity //no code or 0day sploits// just info,
System Administrator
- Curious fileutils/coreutils behaviour.,
David Malone
- Vulnerability Scanning on Windows 2003 localhost will crash RPC,
farking
- [security bulletin] SSRT3613 rev.0 HP-UX B6848AB GTK+ Support Libraries - elevated privileges,
Boren, Rich (SSRT)
- Symantec Multiple Firewall DNS Response Denial-of-Service Exploit (PoC),
houseofdabus HOD
- TSLSA-2004-0029 - kernel,
Trustix Security Advisor
- [ GLSA 200405-07 ] Exim verify=header_syntax buffer overflow,
Thierry Carrez
- [ GLSA 200405-06 ] libpng denial of service vulnerability,
Thierry Carrez
- Denial of Service Vulnerability in IEEE 802.11 Wireless Devices,
albatross
- lha buffer overflow(s) again,
lw
- more simple and flexible WinBlox(GET CONTROL OF WINNT SYSTEM),
Liu Die Yu
- CiSCO IOS 12.* source code stolen,
Alexander Antipo
- NetChat HTTP Server Stack Overflow,
dbd
- WebCT: Cross Site Scripting Vulnerability,
spiffomatic 64
- Wget race condition vulnerability,
Vázquez
- [slackware-security] mc (SSA:2004-136-01),
Slackware Security Team
- Multiple TTT-C XSS vulnerabilities,
Kaloyan Georgiev
- KDE Security Advisory: URI Handler Vulnerabilities,
Waldo Bastian
- Safari remote arbitrary code execution,
kang
- RE: Remote Buffer Overflow in MailEnable HTTPMail,
MailEnable Sales
- Microsoft Internet Explorer ImageMap URL Spoof Vulnerability,
Kurczaba Associates advisories
- oscommerce 2.2 file_manager.php file browsing,
Rene
- [waraxe-2004-SA#029 - Possible remote file inclusion in PhpNuke 6.x - 7.3],
Janek Vind
- ROCKET SCIENCE: Outllook 2003,
http-equiv@xxxxxxxxxx
- Desktop.ini flaw results in executing folders,
roozbeh afrasiabi
- Buffer Overflow in ActivePerl ?,
Oliver@xxxxxxxxxx
- MDKSA-2004:044 - Updated libuser packages fix vulnerability,
Mandrake Linux Security Team
- [waraxe-2004-SA#030 - Multiple vulnerabilities in PhpNuke 6.x - 7.3],
Janek Vind
- MDKSA-2004:045 - Updated passwd packages fix vulnerabilities,
Mandrake Linux Security Team
- MDKSA-2004:046 - Updated apache packages fix a number of vulnerabilities,
Mandrake Linux Security Team
- Advisory 05/2004: phpMyFAQ local file inclusion vulnerability,
Stefan Esser
- Zen Cart login.php SQL Injection Vulnerability,
Oliver Minack
- [slackware-security] kdelibs (SSA:2004-238-01),
Slackware Security Team
- [SECURITY] [DSA 504-1] New heimdal packages fix potential buffer overflow,
Martin Schulze
- IRIX 6.5.24 rpc.mountd infinte loop,
SGI Security Coordinator
- Overflow@OmniHTTPd,
Han_B
- Vapid Labs Security Advisory for PrimeBase Database 4.2 (update),
Larry W. Cashdollar
- Unknown IE bug with css-styles,
henkie_is_leet
- [ GLSA 200405-08 ] Pound format string vulnerability,
Thierry Carrez
- MDKSA-2004:047 - Updated kdelibs packages fix URI handling vulnerabilities,
Mandrake Linux Security Team
- [FLSA-2004:1546] Updated utempter resolves security vulnerability -- Reissue: updated 8.0 version numbers,
Jesse Keating
- [ GLSA 200405-09 ] ProFTPD Access Control List bypass vulnerability,
Kurt Lieber
- Advisory 07/2004: CVS remote vulnerability,
Stefan Esser
- FreeBSD Security Advisory FreeBSD-SA-04:10.cvs,
FreeBSD Security Advisories
- [SECURITY] [DSA 506-1] New neon packages fix buffer overflow,
Martin Schulze
- Advisory 06/2004: libneon date parsing vulnerability,
Stefan Esser
- [SECURITY] [DSA 505-1] New cvs packages fix remote exploit,
Martin Schulze
- A new Sanctum paper: "Blind XPath Injection",
Amit Klein
- [SECURITY] [DSA 507-1] New cadaver packages fix buffer overflow,
Martin Schulze
- Advisory 08/2004: Subversion remote vulnerability,
Stefan Esser
- SUSE Security Announcement: cvs (SuSE-SA:2004:013),
Sebastian Krahmer
- Idea for proactive worm protection,
Peter Surda
- Non-logged Brute Force Attack Vulnerability for Fantastico-Created Databases on cPanel Based Hosts,
Michael Curtis
- [ GLSA 200405-10 ] Icecast denial of service vulnerability,
Thierry Carrez
- Reporting a Security Vulnerability in a Microsoft Product,
Microsoft Security Response Center
- MDKSA-2004:048 - Updated cvs packages fix remotely exploitable vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:049 - Updated libneon packages fix heap variable overflow issues,
Mandrake Linux Security Team
- [ GLSA 200405-11 ] KDE URI Handler Vulnerabilities,
Thierry Carrez
- [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion),
OpenPKG
- [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon),
OpenPKG
- [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs),
OpenPKG
- SGI ProPack 3: Kernel Update #1 - Security and other fixes,
SGI Security Coordinator
- [slackware-security] cvs (SSA:2004-140-01),
Slackware Security Team
- SGI ProPack v2.4: Kernel Update #4 - Security and other fixes,
SGI Security Coordinator
- [security bulletin] SSRT4696 rev. 0 HP ProCurve Routing Switches TCP Denial of Service (DoS),
Boren, Rich (SSRT)
- [ GLSA 200405-12 ] CVS heap overflow vulnerability,
Thierry Carrez
- [ GLSA 200405-14 ] Buffer overflow in Subversion,
Joshua J. Berry
- [ GLSA 200405-13 ] neon heap-based buffer overflow,
Thierry Carrez
- [ GLSA 200405-15 ] cadaver heap-based buffer overflow,
Thierry Carrez
- Auditor security collection released - a swiss army knife for security assessments.,
Max
- Question About Ethics and Full Disclosure,
Tom
- Internet explorer .clsid vulnerability,
roozbeh afrasiabi
- e107 web portal Referers HTTP Injection,
Chinchilla
- [SNS Advisory No.72] Symantec Norton AntiVirus 2004 ActiveX Control Vulnerability,
snsadv
- [OpenPKG-SA-2004.025] OpenPKG Security Advisory (rsync),
OpenPKG
- MDKSA-2004:046-1 - apache-mod_perl packages are now available,
Mandrake Linux Security Team
- Eudora 6.1.1 attachment spoof, LaunchProtect,
Paul Szabo
- [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail,
Rajiv Aaron Manglani
- Stupid Phishing Tricks,
http-equiv@xxxxxxxxxx
- Exploit codes for CVS Vulnerability and snort rules from ISC,
K-OTiK Security
- BNBT BitTorrent Tracker Denial Of Service,
badpack3t
- Liferay Cross Site Scripting Flaw,
Giri, Sandeep
- MDKSA-2004:050 - Updated kernel packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- Allegro RomPager/2.10 DoS exploit,
Seth Alan Woolley
- e107 web portal user.php XSS (Cross Site Scripting),
Chris Norton
- cPanel mod_phpsuexec Vulnerability,
Rob Brown
- Netgear RP114 URL filter fails if URL is too long,
Marc Ruef
- [SECURITY] [DSA 508-1] New xpcd packages fix buffer overflow,
Matt Zimmerman
- [ GLSA 200405-18 ] Buffer Overflow in Firebird,
Thierry Carrez
- [ GLSA 200405-19 ] Opera telnet URI handler file creation/truncation vulnerability,
Kurt Lieber
- SSH URI handler remote arbitrary code execution,
kang
- [CLA-2004:841] Conectiva Security Announcement - libneon,
Conectiva Updates
- ERRATA: [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail,
Kurt Lieber
- [CLA-2004:842] Conectiva Security Announcement - mailman,
Conectiva Updates
- [ GLSA 200405-20 ] Insecure Temporary File Creation In MySQL,
Thierry Carrez
- [security bulletin] SSRT4749 HP-UX Java Runtime Environment (JRE) remote DoS,
Boren, Rich (SSRT)
- FreeBSD Security Advisory FreeBSD-SA-04:11.msync,
FreeBSD Security Advisories
- SUSE Security Announcement: kdelibs (SuSE-SA:2004:014),
Sebastian Krahmer
- [security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access,
Boren, Rich (SSRT)
- IEBUG: Archives of Internet Explorer,
Liu Die Yu
- [ GLSA 200405-21 ] Midnight Commander: Multiple vulnerabilities,
Kurt Lieber
- [Full-Disclosure] iDEFENSE Security Advisory 05.26.04: 3Com OfficeConnect Remote 812 ADSL Router Telnet Protocol Denial of Service Vulnerability,
idlabs-advisories
- IRIX libcpr vulnerability,
SGI Security Coordinator
- [ GLSA 200405-22 ] Apache 1.3: Multiple vulnerabilities,
Kurt Lieber
- [security bulletin]SSRT4724 HP integrated Lights Out (iLO) Denial of Service (DoS) using port zero,
Boren, Rich (SSRT)
- Orenosv HTTP/FTP Server Denial Of Service,
badpack3t
- [CLA-2004:843] Conectiva Security Announcement - kde,
Conectiva Updates
- SGI Advanced Linux Environment 3 Security Update #1,
SGI Security Coordinator
- DoS in MiniShare 1.3.2,
Donato Ferrante
- The Dangers of Cross-Site-Scripting: Rogers Hi-Speed Internet Network [Canada],
http-equiv@xxxxxxxxxx
- Re: Exchange pop3 remote exploit,
Tal Schaeffer
- Sun-Java-App-Server PE 8.0 path disclosure,
Marc Schoenefeld
- MDKSA-2004:051 - Updated mailman packages fix password retrieval vulnerability,
Mandrake Linux Security Team
- WildTangent Web Driver Long FileName Stack Overflow,
NGSSoftware Insight Security Research
- MDKSA-2004:052 - Updated kolab-server package fixes world readable file vulnerability,
Mandrake Linux Security Team
- [PHP] include() bypassing filter with php://input,
Himeur Nourredine
- [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache),
OpenPKG
- [ GLSA 200405-23 ] Heimdal: Kerberos 4 buffer overflow in kadmin,
Kurt Lieber
- [ GLSA 200405-24 ] MPlayer, xine-lib: vulnerabilities in RTSP stream handling,
Thierry Carrez
- SGI Advanced Linux Environment security update #20,
SGI Security Coordinator
- SGI Advanced Linux Environment 3 Security Update #2,
SGI Security Coordinator
- JPortal SQL Injects,
Maciek Wierciski
- Mollensoft ftp Server ver 3.6 Buffer overflow,
Chintan Trivedi
- EnderUNIX Security Anouncement (Isoqlog and Spamguard),
Murat Balaban
- LDU (land down under) xss vulnerability,
tim de gier
- [waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615],
Janek Vind
- [SECURITY] [DSA 509-1] New gatos packages fix privilege escalation,
Matt Zimmerman
- [SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability,
Matt Zimmerman
- [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability,
idlabs-advisories
Mail converted by MHonArc 2.6.8