Mail Thread Index
- MDKSA-2004:137-1 - Updated libxpm4 packages correct issues with previous update,
Mandrake Linux Security Team
- Re: Privilege escalation flaw in MDaemon 7.2.,
kf_lists
- CuteFTP 6.0 Professional Remote Buffer Overflow Vulnerability,
Hongzhen Zhou
- Endless loops in the http-server and pna-proxy modules of Jana server 2.4.4,
Luigi Auriemma
- Disclosure of file system information in Mozilla Firefox and Opera Browser:,
Giovanni Delvecchio
- Re: Winamp - Buffer Overflow In IN_CDDA.dll,
Black Dot
- SUSE Security Announcement: various kernel problems (SUSE-SA:2004:042),
Marcus Meissner
- Invision Power Board 'Allow auto login' setting override,
Hillel Himovich
- Re: Pi3Web/2.0.0 File-Disclosure/Path Disclosure vuln,
Holger Zimmermann
- [CLA-2004:904] Conectiva Security Announcement - cyrus-imapd,
Conectiva Updates
- Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003.,
Reed Arvin
- [SECURITY] [DSA 603-1] New openssl packages fix insecure temporary file creation,
Martin Schulze
- [USN-36-1] NFS statd vulnerability,
Martin Pitt
- [USN-35-1] imagemagick vulnerabilities,
Martin Pitt
- [USN-33-1] libgd vulnerabilities,
Martin Pitt
- [ GLSA 200411-37 ] Open DC Hub: Remote code execution,
Luke Macken
- [CLA-2004:902] Conectiva Security Announcement - abiword,
Conectiva Updates
- [USN-34-1] OpenSSH information leakage,
Martin Pitt
- [KA Advisory 0411291] IPCop Cross Site Scripting Vulnerability in "proxylog.dat",
Kurczaba Associates advisories
- Cisco Security Advisory: Cisco CNS Network Registrar Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Blog Torrent preview 0.8 - arbitary file download,
Steve Kemp
- [USN-37-1] cyrus21-imapd vulnerability,
Martin Pitt
- Multiple vulnerabilities in Kreed 1.05,
Luigi Auriemma
- Official IFRAME patch - make sure it installs correctly,
Berend-Jan Wever
- rssh and scponly arbitrary command execution,
Jason Wies
- Remote Mercury32 Imap exploit,
JohnH
- [CLA-2004:905] Conectiva Security Announcement - squirrelmail,
Conectiva Updates
- FreeBSD Security Advisory FreeBSD-SA-04:17.procfs,
FreeBSD Security Advisories
- Advanced Guestbook,
Emile van Elen
- [SECURITY] [DSA 604-1] New hpsockd packages fix denial of service,
Martin Schulze
- [ GLSA 200412-01 ] rssh, scponly: Unrestricted command execution,
Thierry Carrez
- Opera 7.54 vulnerabilities again (still unfixed),
Marc Schoenefeld
- Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ],
Brett Moore
- Hosting Controller,
mouse small
- [SECURITY] [DSA 605-1] New viewcvs packages fix information leak,
Martin Schulze
- Multiple vulnerabilities in w3who ISAPI DLL,
Nicolas Gregoire
- [ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library,
Luke Macken
- DoS leading to crash of client in Remote Execute 2.30,
headpimp
- Web Application Security Consortium 'Guest Articles' Call for Papers,
robert
- Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux),
madsys
- Local root exploit on Mac OS X with Adobe Version Cue,
fintler
- MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service,
Evgeny Demidov
- [ GLSA 200412-05 ] mirrorselect: Insecure temporary file creation,
Luke Macken
- Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2,
Luigi Auriemma
- MDKSA-2004:142 - Updated gzip packages fix temporary file vulnerability,
Mandrake Linux Security Team
- Multiple Vulnerabilities in paFileDB 3.1,
Ahmad Muammar
- Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0,
John Bissell
- MD5 To Be Considered Harmful Someday,
Dan Kaminsky
- Bypass personal firewall application protection . Again.,
offtopic
- Cleartext SMB passwords in Novell Desktop Linux using KDE,
Mike DeMaria
- Online Script Decoder,
GreyMagic Security
- 7a69Adv#16 - Konqueror FTP command injection,
Albert Puigsech Galicia
- zone transfers, a spammer's dream?,
Lode Vermeiren
- MDKSA-2004:143 - Updated ImageMagick packages fix vulnerability,
Mandrake Linux Security Team
- Re: [Advisory] Mozilla Products Remote Crash Vulnerability,
Berend-Jan Wever
- IE6 Vulnerability - Local File Detection,
ViPeR
- MDKSA-2004:147 - Updated openssl packages fix temporary file vulnerability,
Mandrake Linux Security Team
- [ GLSA 200412-04 ] Perl: Insecure temporary file creation,
Luke Macken
- MDKSA-2004:146 - Updated nfs-utils packages fix remote DoS vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:144 - Updated lvm1 packages fix temporary file vulnerability,
Mandrake Linux Security Team
- [ GLSA 200412-03 ] imlib: Buffer overflows in image decoding,
Thierry Carrez
- [SECURITY] [DSA 606-1] New nfs-utils packages fix denial of service,
Martin Schulze
- Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6,
http-equiv@xxxxxxxxxx
- 7a69Adv#15 - Internet Explorer FTP command injection,
Albert Puigsech Galicia
- TSLSA-2004-0064 - nfs-utils,
Trustix Security Advisor
- KDE Security Advisory: plain text password exposure,
Dirk Mueller
- KDE Security Advisory: kfax libtiff vulnerabilities,
Dirk Mueller
- F-Secure Policy Manager - physical path disclosure,
oliver
- wget: Arbitrary file overwriting/appending/creating and other vulnerabilities,
Jan Minar
- CodeCon CFP deadline nearing,
Len Sassaman
- In-game buffer-overflow in the Gamespy cd-key validation SDK,
Luigi Auriemma
- [SECURITY] [DSA 607-1] New libxpm packages fix several vulnerabilities,
Martin Schulze
- HOW TO BREAK XP SP2 POPUP BLOCKER: kick it in the nut !,
http-equiv@xxxxxxxxxx
- Local off-by-one in mtr versions 0.55 to 0.65 clamav-milter version 0.80j on mailhost.freebsd.lublin.pl,
venglin
- SugarSales Multiple Vulnerabilities,
Daniel Fabian
- Citadel/UX <= v6.27 Remote Format String Vulnerability,
CoKi
- Gadu-Gadu several vulnerabilities,
Jaroslaw Sajko
- Multiple vulnerabilities in phpMyAdmin,
Nicolas Gregoire
- MS IE User's Authentication Details (userid/password) Sharing Issue,
Debasis Mohanty
- KDE Security Advisory: Konqueror Window Injection Vulnerability,
Waldo Bastian
- iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability,
customer service mailbox
- [ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien,
Giovanni Delvecchio
- Winamp 5.07 (latest version) Remote Crash + other stupid shizle,
b0f www.b0f.net
- Socket unreacheable in the Lithtech engine (new protocol),
Luigi Auriemma
- [ GLSA 200412-07 ] file: Arbitrary code execution,
Matthias Geerdsen
- NetWare Screensaver Authentication Bypass From The Local Console,
Adam Gray
- [ GLSA 200412-06 ] PHProjekt: setup.php vulnerability,
Thierry Carrez
- Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory,
Secure Network Operations, Inc.
- What's "may have exploitable buffer overflows" mean in tcpdump?,
Dragos Ruiu
- Linux kernel IGMP vulnerabilities,
Paul Starzetz
- Re: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory,
secure
- Linux kernel scm_send local DoS,
Paul Starzetz
- Re: [Full-Disclosure] [HV-LOW] Symantec LiveUpdate issues may cause DoS,
Dan Margolis
- phpBB Attachment Mod Directory Traversal HTTP POST Injection,
Paul Laudanski
- [ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictions,
Giovanni Delvecchio
- iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerability,
customer service mailbox
- MDKSA-2004:148 - Updated iproute2 packages fix temporary file vulnerability,
Mandrake Linux Security Team
- [SECURITY] [DSA 609-1] New atari800 packages fix local root exploit,
Martin Schulze
- ASP Calendar Vulnerability <www.ashiyane.com>,
ali reza AcTiOnSpIdEr
- [CAN-2004-1022] Insecure Credential Storage on Kerio Software,
Secure Computer Group
- RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability,
Hongzhen Zhou
- Possible local root vulnerability in Roxio Toast on Mac OS X,
fintler
- STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability,
advisory
- [SECURITY] [DSA 608-1] New zgv packages fix arbitrary code execution,
Martin Schulze
- [CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio Software,
Secure Computer Group
- MDKSA-2004:149 - Updated postgresql packages fix temporary file vulnerability,
Mandrake Linux Security Team
- [ GLSA 200412-08 ] nfs-utils: Multiple remote vulnerabilities,
Luke Macken
- iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerability,
customer service mailbox
- [Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory,
Secure Network Operations, Inc.
- ASP-rider is vulnerable to sql injection attack,
shervin khaleghjou
- [USN-38-1] Linux kernel vulnerabilities,
Martin Pitt
- iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerability,
customer service mailbox
- HyperTerminal - Buffer Overflow In .ht File,
Brett Moore
- Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ],
GulfTech Security
- Asante FM2008 10/100 Ethernet switch backdoor login,
Joe Philipps
- Hotmail Cross-Site Scripting Vulnerability #1,
Rafel Ivgi
- Hotmail Cross Site Scripting Vulnerability #2,
Rafel Ivgi
- Yahoo! Mail Cross-Site Scripting Vulnerability,
Rafel Ivgi
- *nix data wipe tools,
Thomas C. Greene
- 3cdaemon tftp server DOS vulnerability,
Wang Ning
- Re: rpcl_icmpdos.c,
x90c
- [ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmap,
Thierry Carrez
- MSIE DHTML Edit Control Cross Site Scripting Vulnerability,
Paul
- [OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim),
OpenPKG
- STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability,
advisory
- Security Advisory for CVS Slash,
Jamie McCarthy
- [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines,
Thierry Carrez
- Advisory 01/2004: Multiple vulnerabilities in PHP 4/5,
Stefan Esser
- iwebnegar is vulnerable to all kind of sql injections,
shervin khaleghjou
- Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default Passwords,
Cisco Systems Product Security Incident Response Team
- STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki,
advisory
- CSS in phpBB 1.4.4,
SandI]
- Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly Detector,
Cisco Systems Product Security Incident Response Team
- php unserialize,
Martin Eiszner
- MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerability,
Mandrake Linux Security Team
- [SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9,
Gerald Carter
- STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard,
advisory
- iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability,
customer service mailbox
- STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod,
advisory
- [MaxPatrol] SQL-injection in Ikonboard 3.1.x,
Alexander Anisimov
- STG Security Advisory: [SSA-20041215-19] Vulnerability of uploading files with multiple extensions in MediaWiki,
advisory
- Multiple XSS Vulnerabilities in Wordpress 1.2.1,
Thomas Waldegger
- DJB's students release 44 *nix software vulnerability advisories,
Thor Larholm
- Re: DJB's students release 44 *nix software vulnerability advisories,
Crispin Cowan
- Re: DJB's students release 44 *nix software vulnerability advisories,
cees-bart
- Re: DJB's students release 44 *nix software vulnerability advisories,
security curmudgeon
- <Possible follow-ups>
- Re: DJB's students release 44 *nix software vulnerability advisories,
D. J. Bernstein
- Re: DJB's students release 44 *nix software vulnerability advisories,
Jonathan T Rockway
- RE: DJB's students release 44 *nix software vulnerability advisories,
Devin Ganger
- Re: DJB's students release 44 *nix software vulnerability advisories,
Steven M. Christey
- Re: DJB's students release 44 *nix software vulnerability advisories,
Steven M. Christey
- RE: DJB's students release 44 *nix software vulnerability advisories,
Manning, Robert (Mission Systems)
- RE: DJB's students release 44 *nix software vulnerability advisories,
Palmer, Paul (ISSAtlanta)
- PHP Input Validation Vulnerabilities,
Daniel Fabian
- iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow Vulnerability,
iDEFENSE Security Advisory
- iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability,
iDEFENSE Security Advisory
- iDEFENSE Security Advisory 12.16.04: MPlayer Remote RTSP HeapOverflow Vulnerability,
iDEFENSE Security Advisory
- [USN-39-1] Linux amd64 kernel vulnerability,
Martin Pitt
- [USN-40-1] PHP vulnerabilities,
Martin Pitt
- iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability,
iDEFENSE Security Advisory
- iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability,
iDEFENSE Security Advisory
- Hotmail Cross-Site Scripting Vulnerability #2,
Rafel Ivgi, The-Insider
- Discussion: Microsoft(R) PowerPoint Action Settings feature allows invocation of default browser pointed at arbitrary URL.,
Monte Ratzlaff
- [OpenPKG-SA-2004.053] OpenPKG Security Advisory (php),
OpenPKG
- [ GLSA 200412-11 ] Cscope: Insecure creation of temporary files,
Luke Macken
- [SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities,
chewkeong
- Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernel,
Katrina Tsipenyuk
- [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba),
OpenPKG
- Gadu-Gadu, another two bugs,
Jaroslaw Sajko
- NetBSD Security Advisory 2004-010: Insufficient argument validation in compat code,
NetBSD Security-Officer
- [ GLSA 200412-12 ] Adobe Acrobat Reader: Buffer overflow vulnerability,
Luke Macken
- phphpbb2 + php version < 4.3.10 unserialize() memory dump sql password from config.php exploit,
bad boy
- 4 Vulnerabilities in GamePort,
amoXi Devilkin
- NetBSD kernel local vulnerabilities,
Evgeny Demidov
- [OpenPKG-SA-2004.056] OpenPKG Security Advisory (cvstrac),
OpenPKG
- Internet Explorer Code Execution Bypass Vulnerability,
aikon none
- [SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation,
Martin Schulze
- Bug in Crypt::ECB perl module,
Bennett R. Samowich
- [ GLSA 200412-13 ] Samba: Integer overflow,
Sune Kloppenborg Jeppesen
- Multiple Vulnerabilities In Kayako eSupport v2.x,
GulfTech Security
- MS Windows Media Player 9 Vulns (2),
Arman Nayyeri
- MDKSA-2004:151 - Updated php packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- Re: Patch available for multiple critical flaws in Oracle,
Marc Bejarano
- [USN-41-1] Samba vulnerability,
Martin Pitt
- [SECURITY] [DSA 611-1] New htget packages fix arbitrary code execution,
Martin Schulze
- Security Bulletin SSRT4687 rev.0 HP-UX newgrp(1) local privilege elevation,
Boren, Rich (SSRT)
- AIX 5.1/5.2/5.3 local root exploits,
cees-bart
- [ GLSA 200412-14 ] PHP: Multiple vulnerabilities,
Thierry Carrez
- PHP shmop.c module permits write of arbitrary memory.,
Stefano Di Paola
- TSLSA-2004-0068 - kernel,
Trustix Security Advisor
- [ GLSA 200412-15 ] Ethereal: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- Crystal FTP Pro Client Buffer Overflow,
Luca Ercoli
- TSLSA-2004-0066 - multi,
Trustix Security Advisor
- Windows Explorer TGA Crash,
Bill
- KDE Security Advisory: Konqueror Java Vulnerability,
Waldo Bastian
- UPDATE: [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities,
Luke Macken
- Exploit for Ultrix 4.5 dxterm,
Kristoffer Brånemyr
- [ GLSA 200412-16 ] kdelibs, kdebase: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- Internet Explorer Help ActiveX Control Local Zone Security Restriction Bypass Vulnerability (updated),
Paul
- [ GLSA 200412-17 ] kfax: Multiple overflows in the included TIFF library,
Sune Kloppenborg Jeppesen
- [ GLSA 200412-20 ] NASM: Buffer overflow vulnerability,
Luke Macken
- [ GLSA 200412-18 ] abcm2ps: Buffer overflow vulnerability,
Luke Macken
- [USN-42-1] Xine library vulnerabilities,
Martin Pitt
- [Full-Disclosure] [ GLSA 200412-19 ] phpMyAdmin: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- [ GLSA 200412-21 ] MPlayer: Multiple overflows,
Thierry Carrez
- Gadu-Gadu Remote DoS (all versions),
Maciej Soltysiak
- MDKSA-2004:153 - Updated aspell packages fix vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:152 - Updated ethereal packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- [SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution,
Martin Schulze
- Updated: TSLSA-2004-0068 - kernel,
Trustix Security Advisor
- [USN-43-1] groff utility vulnerabilities,
Martin Pitt
- MITKRB5-SA-2004-004: heap overflow in libkadm5srv,
Tom Yu
- TSLSA-2004-0069 - kerberos5,
Trustix Security Advisor
- [SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code execution,
Martin Schulze
- Re: AIX 5.1/5.2/5.3 local root exploits (diag issue),
Shiva Persaud
- Xprobe 0.2.1 Released,
bugtraq
- phpBB Worm,
Shannon Lee
- SUSE Security Announcement: various kernel problems (SUSE-SA:2004:044),
Marcus Meissner
- iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability,
customer service mailbox
- iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler Negative Read Length Heap Overflow Vulnerability,
customer service mailbox
- iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerability,
customer service mailbox
- iDEFENSE Security Advisory 12.21.04: libtiff Directory Entry Count Integer Overflow Vulnerability,
customer service mailbox
- iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability,
customer service mailbox
- iDEFENSE Security Advisory 12.21.04: Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability,
customer service mailbox
- Re: Wordpress 1.2.2 is still vulnerable,
Thomas Waldegger
- WebWorm using PHPBB vulnerability in the wild!,
Niki Denev
- Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue),
Shiva Persaud
- [SECURITY] [DSA 613-1] New ethereal packages fix denial of service,
Martin Schulze
- Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer.,
Berend-Jan Wever
- SUSE Security Announcement: samba (SUSE-SA:2004:045),
Sebastian Krahmer
- [SECURITY] [DSA 615-1] New debmake package fixes insecure temporary directories,
Martin Schulze
- Local versus remote security holes,
D. J. Bernstein
- MDKSA-2004:154 - Updated kdelibs packages fix multiple vulnerability,
Mandrake Linux Security Team
- Sybase ASE 12.5.2 vulnerabilities,
NGSSoftware Insight Security Research
- malware effecting broadband users in Israel,
Gadi Evron
- Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability,
Marc Schoenefeld
- MDKSA-2004:156 - Updated krb5 packages fix buffer overflow vulnerability,
Mandrake Linux Security Team
- Permission problem in Skype BETA for linux,
Peter Conrad
- PHP v4.3.x exploit for Windows.,
The Warlock
- Realone2.0 "pnxr3260.dll" Lets Remote Users IE Browser Crash,
Wei Li
- [ GLSA 200412-23 ] Zwiki: XSS vulnerability,
Luke Macken
- possible local exploit via sendmail with procmail on solaris,
Michael Barnes
- Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il>,
amit sides
- MDKSA-2004:155 - Updated logcheck packages fix temporary file vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:157 - Updated mplayer packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- Security Advisory for ALL forum services with client-set images,
James Bandara
- 2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability,
zib zib
- SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2004:046),
Marcus Meissner
- Oracle Trigger Abuse (#NISR2122004I),
NGSSoftware Insight Security Research
- Oracle clear text passwords (#NISR2122004D),
NGSSoftware Insight Security Research
- Oracle ISQLPlus file access vulnerability (#NISR2122004E),
NGSSoftware Insight Security Research
- Oracle Character Conversion Bugs (#NISR2122004G),
NGSSoftware Insight Security Research
- Oracle extproc buffer overflow (#NISR23122004A),
NGSSoftware Insight Security Research
- Oracle extproc directory traversal (#NISR23122004B),
NGSSoftware Insight Security Research
- IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L),
NGSSoftware Insight Security Research
- Oracle extproc local command execution (#NISR23122004C),
NGSSoftware Insight Security Research
- Oracle TNS Listener DoS (#NISR2122004F),
NGSSoftware Insight Security Research
- Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H),
NGSSoftware Insight Security Research
- Oracle wrapped procedure overflow (#NISR2122004J),
NGSSoftware Insight Security Research
- [OpenPKG-SA-2004.055] OpenPKG Security Advisory (gettext),
OpenPKG
- IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J),
NGSSoftware Insight Security Research
- [SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code execution,
Martin Schulze
- Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability,
flashsky fangxing
- Microsoft Windows LoadImage API Integer Buffer overflow,
flashsky fangxing
- SHOUTcast remote format string vulnerability,
Damian Put
- Crystal FTP Pro 2.8 PoC,
cybertronic
- [USN-47-1] Linux kernel vulnerabilities,
Martin Pitt
- Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier,
GulfTech Security
- Re: stick with "anonymous" or "authenticated" when describing,
Steven M. Christey
- Inexcusable weakness in Kmail / GnuPG,
Thomas C. Greene
- [USN-48-1] xpdf, tetex-bin vulnerabilities,
Martin Pitt
- [USN-49-1] debmake vulnerability,
Martin Pitt
- [USN-51-1] teTeX auxiliary script vulnerability,
Martin Pitt
- [USN-52-1] vim vulnerability,
Martin Pitt
- [ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increase,
Boren, Rich (SSRT)
- [Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflow,
Boren, Rich (SSRT)
- Microsoft Windows winhlp32.exe Heap Overflow Vulnerability,
flashsky fangxing
- [Security Bulletin] SSRT4876 rev.0 HP Tru64 UNIX SWS (Apache) Secure Web Server Remote,
Boren, Rich (SSRT)
- WPkontakt message parsing error,
Jaroslaw Sajko
- Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation,
flashsky fangxing
- [Security Bulletin] SSRT4883 rev.3 HP-UX ftp and ftpd remote unauthorized access,
Boren, Rich (SSRT)
- [USN-50-1] CUPS vulnerabilities,
Martin Pitt
- [Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS),
Boren, Rich (SSRT)
- raptor's xmas pack 2004,
Marco Ivaldi
- [SECURITY] [DSA 618-1] New imlib packages fix arbitrary code execution,
Martin Schulze
- [SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code execution,
Martin Schulze
- STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard,
advisory
- XSS in yacy 0.31,
Donato Ferrante
- Final Call for Papers & Workshops - BCS Asia 2005,
Anthony.zboralski
- CleanCache v2.19: False Sense of Security,
WBG Links
- New Santy-Worm attacks *all* PHP-skripts,
Juergen Schmidt
- PHPBB worm in action,
Colin Keith
- Re: New Santy-Worm attacks *all* PHP-skripts ( Santy.c ? ),
K-OTiK Security
- New Winhlp32.exe vuln,
bad_son
- Microsoft Internet Explorer SP2 Fully Automated Remote Compromise,
Paul
- Multiple Vulnerabilities in Moodle,
Bartek Nowotarski
- MDKSA-2004:158 - Updated samba packages fix integer overflow vulnerabilities,
Mandrake Linux Security Team
- possible error in latest NGS realplayer advisory,
Marc Bejarano
- Multiple WHM Autopilot Vulnerabilities,
GulfTech Security
- Did a 16-bit counter overflow shut down Comair?,
Richard M. Smith
- Remote code execution with parameters withoutu ser interaction, even with XP SP2,
ShredderSub7 SecExpert
- [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included,
Hat-Squad Security Team
- Netcat v1.11 For Windows , New fixed version,
Hat-Squad Security Team
- XSA-2004-7: stack overflow in AIFF demultiplexer,
Michael Roitzsch
- KDE Security Advisory: kpdf Buffer Overflow Vulnerability,
Dirk Mueller
- Re: Microsoft Windows LoadImage API IntegerBuffer overflow,
Berend-Jan Wever
- php-Calendar File Include Vulnerability [ Command Exec ],
GulfTech Security
- QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004],
Julio Cesar Fort
- Sanity Worm Concepts,
Andy Fewtrell
- [CLA-2004:909] Conectiva Security Announcement - netpbm,
Conectiva Updates
- [ GLSA 200412-25 ] CUPS: Multiple vulnerabilities,
Thierry Carrez
- [ GLSA 200412-26 ] ViewCVS: Information leak and XSS vulnerabilities,
Thierry Carrez
- [ GLSA 200412-24 ] Xpdf, GPdf: New integer overflows,
Thierry Carrez
- Heap overflow in Mozilla Browser <= 1.7.3 NNTP code.,
Maurycy Prodeus
- [SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities,
Martin Schulze
- MDKSA-2004:160 - Updated kdelibs packages fix konqueror email vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:161 - Updated xpdf packages fix buffer overflow vulnerability,
Mandrake Linux Security Team
- KorWeblog php injection Vulnerability,
Min-sung Choi
- NetCat V 1.11 Multiple Bugs,
CorryL
- [SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution,
Martin Schulze
- MDKSA-2004:164 - Updated cups packages fix buffer overflow vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:159 - Updated glibc packages fix temporary file vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:165 - Updated koffice packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- Re: Strange Java Loader (not so strange - Trojan.ByteVerify),
K-OTiK Security
- MDKSA-2004:162 - Updated gpdf packages fix buffer overflow vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:166 - Updated tetex packages fix multiple vulnerabilities,
Mandrake Linux Security Team
Mail converted by MHonArc 2.6.8