Mail Thread Index
- Clients broadcast buffer overflow in Red Faction <= 1.20,
Luigi Auriemma
- YabbSE (3 on 1),
backspace
- [SECURITY] [DSA 452-1] New libapache-mod-python packages fix denial of service,
Matt Zimmerman
- mremap(2) full details available,
Paul Starzetz
- Motorola T720 cell phone DoS vulnerability.,
Shaun Colley
- Re: New phpBB ViewTopic.php Cross Site Scripting Vulnerability,
t4c [Founder of GHCIF]
- The Cult of a Cardinal Number,
Phantasmal Phantasmagoria
- SonicWall VPN/Firewall Appliance - DoS, ARP Flood, Network mapping vulnerability,
xeno
- Format String vuln in Inktomi Search4.0,
Blurred Vision
- [SECURITY] [DSA 454-1] New Linux 2.2.22 packages fix local root exploit (alpha),
Martin Schulze
- OpenLinux: Integer overflow may allow local users to cause a denial of service or possibly execute arbitrary code,
please_reply_to_security
- [FLSA-2004:1284] Updated kernel resolves security vulnerabilities,
Jesse Keating
- 03-02-04 XSS Bug in NetScreen-SA 5000 Series of SSL VPN appliance,
Lachniet, Mark
- New Internet Explorer Cross Zone/Site Scripting Vulnerability,
Cheng Peng Su
- directory traversal in GWeb 0.6,
Donato Ferrante
- The non-apreciated world of full-disclosure,
Davide Del Vecchio
- Spider Sales shopping cart software multiple security vulnerabilities,
S-Quadra Security Research
- OpenLinux: rsync heap based overflow,
please_reply_to_security
- Wftpd stat Command Remote Vulnerability Exploit,
security team 0seen
- OpenLinux: screen buffer overflow,
please_reply_to_security
- OpenLinux: Gnupg (gpg) severe bug could compromise almost all ElGamal keys,
please_reply_to_security
- Coreutils 'dir' integer overflow vulnerability.,
Shaun Colley
- RE: SonicWall Firewall DoS, ARP Flood, Network Mapping,
Robert C. Auch
- SGI Advanced Linux Environment security update #13,
SGI Security Coordinator
- Cisco Security Advisory: Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability,
Cisco Systems Product Security Incident Response Team
- Re: Multiple issues with Mac OS X AFP client,
Marukka
- Nokia 3410 cell phones software flaw,
David Arranz
- MDKSA-2004:018 - Updated libxml2 packages fix vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:017 - Updated pwlib packages fix vulnerability,
Mandrake Linux Security Team
- A new white paper by Sanctum: "Divide and Conquer - HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics",
Amit Klein
- [SECURITY] [DSA 455-1] New libxml packages fix arbitrary code execution,
Martin Schulze
- OpenLinux: cups denial of service vulnerability,
please_reply_to_security
- Serv-U Real Target and Search ASM Code Tool for Overflow Exploit.,
lion
- SHOUTcast v1.9.2 remote connect back exploit,
0seen security team
- Abobe Reader 5.1 XFDF Buffer Overflow Vulnerability,
NGSSoftware Insight Security Research
- LNSA-#2004-0004: libxml2 buffer overflow,
Vincenzo Ciaglia
- GNU Anubis buffer overflows and format string bugs,
Ulf Härnhammar
- SLMail Pro Supervisor Report Center Buffer Overflow (#NISR05022004a),
NGSSoftware Insight Security Research
- IEEE Security & Privacy CFP,
Sharif Torpis
- NetScreen Advisory 58412: XSS Bug in NetScreen-SA SSL VPN,
NetScreen Security Response Team
- SLWebMail Multiple Buffer Overflow Vulnerabilities (#NISR05022004b),
NGSSoftware Insight Security Research
- [FLSA-2004:1256] Updated util-linux resolves security vulnerability,
Jesse Keating
- Invision Power Board 1.3 Final Path Disclosure Vulnerability,
Shaun Colley
- Desert Rats vs. Afrika Korps (Haegemonia bug),
Luigi Auriemma
- VirtuaNews Admin Panel 1.0.3 Pro Cross Site Scripting Vulnerabillity,
Rafel Ivgi, The-Insider
- [OpenPKG-SA-2004.003] OpenPKG Security Advisory (libxml),
OpenPKG
- Infosecdaily.net: Expanding our blogging community.,
Ejovi Nuwere
- Invision Power Board v1.3 Final Cross Site Scripting Vulnerabillity,
Rafel Ivgi, The-Insider
- Re: A new Sanctum white paper: "Divide and Conquer - HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics",
Jeremiah Grossman
- Norton Antivirus 2002 fails to scan files with special character(s) properly.,
Bipin Gautam.
- O-088: Sun passwd(1) Command Vulnerability,
Cy Schubert
- Re: Norton Antivirus 2002 fails to scan files with ... [2'nd... UPDATED],
Bipin Gautam.
- [SECURITY] [DSA 456-1] New Linux 2.2.19 packages fix local root exploit (arm),
Martin Schulze
- TSLSA-2004-0009 - nfs-utils,
Trustix Security Advisor
- TSLSA-2004-0010 - libxml2,
Trustix Security Advisor
- Safari javascript array overflow,
kang
- Symlink Vulnerability in GNU automake <1.8.3,
Stefan Nordhausen
- [OpenPKG-SA-2004.004] OpenPKG Security Advisory (libtool),
OpenPKG
- directory traversal in PWebServer 0.3.3,
Donato Ferrante
- [ GLSA 200403-02 ] Linux kernel do_mremap local privilege escalation vulnerability,
Tim Yamin
- [ GLSA 200403-01 ] Libxml2 URI Parsing Buffer Overflow Vulnerabilities,
Tim Yamin
- Z***ING EMAILS !,
http-equiv@xxxxxxxxxx
- Antivir for Freebsd doesn't work on 5.X,
George Swentek
- RE: "Divide and Conquer" - cross site response header tampering, cookie manipulation, and session fixation,
Amit Klein
- Re: Invision Power Board v1.3 Final Cross Site Scripting Vulnerabillity,
JeiAr
- [OpenPKG-SA-2004.005] OpenPKG Security Advisory (mutt),
OpenPKG
- IBM DB2 Remote Command Execution Privilege Upgrade (#NISR09032004),
NGSSoftware Insight Security Research
- [SECURITY] [DSA 457-1] New wu-ftpd packages fix multiple vulnerabilities,
Matt Zimmerman
- Invision Power Board v1.3 Final Cross Site Scripting 2 - Addon,
Rafel Ivgi, The-Insider
- Establishing contact with Nullsoft,
Peter Winter-Smith
- Ghost users in Chat Anywhere 2.72,
Luigi Auriemma
- Outlook mailto: URL argument injection vulnerability,
Jouko Pynnonen
- [SECURITY] [DSA 458-1] New python2.2 packages fix buffer overflow,
Matt Zimmerman
- MDKSA-2004:021 - Updated mozilla packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- Format string bug in EpicGames Unreal engine,
Luigi Auriemma
- MDKSA-2004:022 - Updated kdelibs packages fix cookie theft vulnerability,
Mandrake Linux Security Team
- MDKSA-2004:019 - Updated python packages fix buffer overflow vulnerability,
Mandrake Linux Security Team
- [RHSA-2004:075-01] Updated kdelibs packages resolve cookie security issue,
bugzilla
- [RHSA-2004:102-01] Updated gdk-pixbuf packages fix denial of service vulnerability,
bugzilla
- MDKSA-2004:020 - Updated gdk-pixbuf packages fix BMP-handling vulnerability,
Mandrake Linux Security Team
- With regards to the Adobe Acrobat Reader advisory (#NISR03022004),
NGSSoftware Insight Security Research
- GNU Anubis 3.6.2 remote root exploit,
Claes M Nyberg
- Re: LAN SUITE Web Mail 602Pro Multiple Vulnerabilities,
Brandon Sturgeon
- DoS in wMCam server 2.1.348,
Donato Ferrante
- Re: HP printers and currency anti-copying measures,
Dan Harkless
- [SECURITY] [DSA 459-1] New kdelibs, kdelibs-crypto packages fix cookie traversal bug,
Matt Zimmerman
- [SECURITY] [DSA 460-1] New sysstat packages fix insecure temporary file creation,
Matt Zimmerman
- [RHSA-2004:093-01] Updated sysstat packages fix security vulnerabilities,
bugzilla
- Unreal engine updates and Battle Mages advisory,
Luigi Auriemma
- Cpanel 8.*.* have a problem ?,
Arab VieruZ
- XSS in MyProxy 20030629,
Donato Ferrante
- Multiple Vulnerabilities in PWS 0.2.2,
Donato Ferrante
- [SECURITY] [DSA 461-1] New calife packages fix buffer overflow,
Matt Zimmerman
- Re: Outlook mailto: URL argument injection vulnerability MS04-009 (Now CRITICAL) !,
K-OTiK Security
- Re: Norton AntiVirus 2002 fails to scan files with ... [2'nd... UPDATED] Message-ID: 20040306040833.28300,
Sym Security
- Announcing full functional adore-ng rootkit for 2.6 Kernel,
stealth
- Multiple vulnerabilities in Hushmail.com,
Calum Power
- cPanel Secuirty Advisory CPANEL-2004:01-01,
J. Nick Koston
- [OpenPKG-SA-2004.006] OpenPKG Security Advisory (uudeview),
OpenPKG
- Metamail 'extcompose' script Symlink Vulnerability,
Shaun Colley
- Cpanel Request Lets Authenticated Users Conduct Cross-Site Scripting Attacks,
Fable
- MS Security Response is a bunch of half-witted morons,
Nick FitzGerald
- Dogpatch Software CFWebstore 5.0 shopping cart software multiple security vulnerabilities,
S-Quadra Security Research
- PLAXO: is that a cure or a disease?,
http-equiv@xxxxxxxxxx
- Cpanel 9.1.0 have a problem ?,
Arab VieruZ
- SGI Advanced Linux Environment security update #14,
SGI Security Coordinator
- [SECURITY] [DSA 463-1] New samba packages fix privilege escalation in smbmnt,
Matt Zimmerman
- phpBB 2.0.6d && Earlier Security Issues,
JeiAr
- Multiple Vendor SOAP server array DoS,
Amit Klein
- Rosiello Security's exploit for MDaemon,
Angelo Rosiello
- Opera Array Allocation Managment Exploit,
d3thStaR
- [SCAN Associates Sdn Bhd Security Advisory] phpBB 2.0.6 and below sql injection,
pokley
- ws_ftp overflow,
john layman
- Multiple Immunity Advisories,
Dave Aitel
- YaBB/YaBBse Cross Site Scripting Vulnerability,
Cheng Peng Su
- VocalTec Gateway 8 Reverse Directory Transversal + Authorization Bypass,
Rafel Ivgi, The-Insider
- [waraxe-2004-SA#007 - XSS and SQL injection bugs in 4nguestbook module for PhpNuke],
Janek Vind
- [waraxe-2004-SA#005 - XSS in Php-Nuke 7.1.0 - part 2],
Janek Vind
- [waraxe-2004-SA#006 - Multiple vulnerabilities in 4nalbum module for PhpNuke],
Janek Vind
- Follow-up: Major hack attack on the U.S. Senate,
eric
- Phorum 5.0.3 Beta && Earlier XSS Issues,
JeiAr
- [SECURITY] [DSA 464-1] New gdk-pixbuf packages fix denial of service,
Martin Schulze
- JelSoft vBulletin Multiple XSS Vulnerabilities,
JeiAr
- new security alert #66 issued in Oracle web cache,
Pete Finnigan
- Crafty Game Stack Overflow & Exploit,
Angelo Rosiello
- Fw: Bilbao Method Exposed,
FraMe
- ModSecurity 1.7.4 for Apache 2.x remote off-by-one overflow,
S-Quadra Security Research
- Mambo Open Source Multiple Vulnerabilities,
JeiAr
- PHPX 2.x - 3.2.4,
gdayworld
- New OpenSSL releases fix denial of service attacks [17 March 2004],
Mark J Cox
- Cisco Security Advisory: Cisco OpenSSL Implementation Vulnerability,
Cisco Systems Product Security Incident Response Team
- SUSE Security Announcement: openssl (SuSE-SA:2004:007),
Thomas Biege
- MDKSA-2004:023 - Updated openssl packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- [ESA-20040317-003] 'openssl' Denial of Service vulnerabilities.,
EnGarde Secure Linux
- FreeBSD Security Advisory FreeBSD-SA-04:05.openssl,
FreeBSD Security Advisories
- [SECURITY] [DSA 465-1] New openssl packages fix multiple vulnerabilities,
Matt Zimmerman
- [RHSA-2004:121-01] Updated OpenSSL packages fix vulnerabilities,
bugzilla
- Vcard 2.8 uninstall script problem,
saudi linux
- [RHSA-2004:112-01] Updated Mozilla packages fix security issues,
bugzilla
- [SECURITY] [DSA 466-1] New Linux 2.2.10 packages fix local root exploit (powerpc/apus),
Martin Schulze
- RE: [RHSA-2004:112-01] Updated Mozilla packages fix security issu es,
John . Airey
- [OpenPKG-SA-2004.007] OpenPKG Security Advisory (openssl),
OpenPKG
- ptl-2004-02: RealNetworks Helix Server 9 Administration Server Buffer Overflow,
Pentest Security Alerts
- [waraxe-2004-SA#010 - Multiple vulnerabilities in Error Manager v2.1 for PhpNuke],
Janek Vind
- HOTMAIL / PASSPORT: phishing expedition,
http-equiv@xxxxxxxxxx
- TSLSA-2004-0011 - sysstat,
Trustix Security Advisor
- Chrome 1.2.0.0 server crash,
Luigi Auriemma
- TSLSA-2004-0012 - openssl,
Trustix Security Advisor
- mac osx- admin service buffer overflow,
programming_rocks1
- EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability,
Marc Maiffret
- Norton Internet Security Remote Command Execution (#NISR19042004b),
NGSSoftware Insight Security Research
- Norton AntiSpam Remote Buffer Overrun (#NISR19042004a),
NGSSoftware Insight Security Research
- Eudora 6.0.3 attachment spoof, LaunchProtect,
Paul Szabo
- Winamp 5.02 Long Filename Buffer Overflow Vulnerability,
Tobias Welter
- Internet Explorer Causing Explorer.exe - Null Pointer Crash,
Rafel Ivgi, The-Insider
- Samba 'smbprint' script tmpfile vulnerability.,
Shaun Colley
- [ANNOUNCE] Apache HTTP Server 2.0.49 Released (fwd),
je
- [Full-Disclosure] iDEFENSE Security Advisory 03.19.04: Borland Interbase admin.ib Administrative Access Vulnerability,
idlabs-advisories
- XP SP2 is out,
Gadi Evron
- Ref: NGSSoftware Advisories NISR19042004a and NISR19042004b,
Sym Security
- Any dissasemblies of the Witty worm yet?,
Nicholas Weaver
- Concerning The Recent Invision power Board Issues,
GulfTech Security
- Apache mod_disk_cache stores client authentication credentials on disk,
Andreas Steinmetz
- The witty worm,
Gadi Evron
- phpBB profile.php Cross Site Scripting Vulnerability,
Cheng Peng Su
- xine-check/xine-bugreport symlink vulnerability.,
Shaun Colley
- DSL Modem Ericsson HM220dp Exploit,
Roberto Dapino
- Mod_Survey security advisory: Script injection bug,
Joel Palmius
- Phpbb 2.0.7a And Earlier Secuity Issues,
JeiAr
- Invision Gallery SQL Injection Vulnerabilities,
JeiAr
- Invision Power Top Site List SQL Injection Vulnerability,
JeiAr
- directory traversal in xweb 1.0,
Donato Ferrante
- Vulnerabilities in Member Management System 2.1,
Manuel Lopez
- Vulnerabilities in News Manager Lite 2.5 & News Manager Lite administration,
Manuel Lopez
- [waraxe-2004-SA#011 - Multiple vulnerabilities in MS Analysis v2.0 module for PhpNuke],
Janek Vind
- Remotely Exploitable Cross-Site Scripting in Hotmail and Yahoo (GM#005-MC),
GreyMagic Software
- Sarca rainbow tables on-line cracking service,
Inode
- [waraxe-2004-SA#009 - Non-critical Sql injection and XSS bug in PhpBB 2.0.6c],
Janek Vind
- Open the WS_FTP Server backdoor to SYSTEM,
Hugh Mann
- ALLO ALLO WS_FTP Server,
Hugh Mann
- More Cpanel Vuls (cross site scripting),
Fable
- [waraxe-2004-SA#008 - easy way to get superadmin rights in PhpNuke 6.x-7.1.0],
Janek Vind
- How to crash a harddisk - the Ipswitch WS_FTP Server way,
Hugh Mann
- Think of the buffers! Won't somebody think of the buffers?!,
Hugh Mann
- Server freeze in The Rage 1.01,
Luigi Auriemma
- Advisory 03/2004: Multiple (13) Ethereal remote overflows,
Stefan Esser
- Immunity Advisory: dtlogin remote root,
Dave Aitel
- Immunity Advisory: Solaris local kernel root,
Dave Aitel
- R7-0018: OpenBSD isakmpd payload handling denial-of-service vulnerabilities,
advisory
- TrendMacro Interscan Viruswall Directory Traversal,
Tri Huynh
- [SECURITY] [DSA 467-1] New ecartis packages fix several vulnerabilities,
Matt Zimmerman
- HP Web JetAdmin vulnerabilities.,
wirepair
- Buffer overflow in PicoPhone 1.63,
Luigi Auriemma
- Broadcast client buffer-overflow in Terminator 3 1.0,
Luigi Auriemma
- Dameware Passes Weak File Encryption Key in the Clear,
ax09001h
- Dark Age of Camelot login client vulnerability to man in the middle attack,
Todd Chapman
- Check Point SmartDashboard Buffer Overflow,
Andreas Constantinides (MegaHz)
- [SECURITY] [DSA 468-1] New emil packages fix multiple vulnerabilities,
Matt Zimmerman
- mysqlbug tmpfile/symlink vulnerability.,
Shaun Colley
- New Adventures In Phishing,
Jim Halfpenny
- GLSA200403-04 Multiple security vulnerabilities in Apache 2,
Aida Escriva-Sammer
- Remote crash in Etherlords I 1.07 and II 1.03,
Luigi Auriemma
- UPDATED: MS Word - password protection vulnerabilty,
Andrew Barkley
- eSignal v7 remote buffer overflow (exploit),
Vizzy
- OpenLinux: mutt remote buffer overflow,
please_reply_to_security
- SGI Advanced Linux Environment security update #15,
SGI Security Coordinator
- SGI Advanced Linux Environment security update #16,
SGI Security Coordinator
- NetSupport School Pro: Password Encryption Weaknesses,
spiffomatic 64
- OpenLinux: mc Updated packages resolve local buffer overflow vulnerability,
please_reply_to_security
- [waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta],
Janek Vind
- Tomcat 5.0.14: remote DoS,
WU Fei Liang
- [waraxe-2004-SA#013 - Critical sql injection bug in PhpBB 2.0.8 and in older versions],
Janek Vind
- Blogger XSS Vulnerability,
Ferruh Mavituna
- MS Outlook/Outlook Express Preview Pane Security Issue,
Jeff Uslan
- RE: MS Word - password protection vulnerabilty,
C Ryll
- LNSA-#2004-0006: bug workaround for Apache 2.0.48,
Vincenzo Ciaglia
- phpBB2 2.0.8 privmsg.php SQL injection patch (critical).,
Shaun Colley
- Nstxd vulnerability,
laurent oudot
- Re: [waraxe-2004-SA#013 - Critical sql injection bug in PhpBB 2.0.8 and in older versions],
JeiAr
- bblog 0.7.2 cross site scripting,
penfold
- freshmeat.net: XSS Attack due to improper comment filtering.,
Steve Kemp
- Strange traffic - Outgoing TCP 3127/3198 (Not mydoom) New worm?,
Steve Browning
- Another ISS BlackIce & RealSecure Update ?,
K-OTiK Security
- New worm?,
Karousel
- systrace silently patches full local bypass vulnerability on Linux,
spender
- Ethereal(v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit,
Eye on Security India
- iss_pam1.dll remote exploits,
Sam
- [ GLSA 200403-05 ] Linux kernel do_mremap local privilege escalation vulnerability,
Tim Yamin
- PhotoPost PHP Pro Multiple Vulnerabilities,
JeiAr
- FreeBSD Security Advisory FreeBSD-SA-04:06.ipv6,
FreeBSD Security Advisories
- A-CART Pro & A-CART 2.0 Input Validation Holes,
Manuel Lopez
- [ GLSA 200403-05 ] UUDeview MIME Buffer Overflow,
Tim Yamin
- [ GLSA 200403-08 ] oftpd DoS vulnerability,
Kurt Lieber
- WebCT Campus Edition 4.1 - Cross site scripting using CSS @import,
Simon Boulet
- LNSA-#2004-0007: Multiple security problems in Ethereal,
Vincenzo Ciaglia
- vuln,
"ShelzZ"
- [SECURITY] [DSA 469-1] New libpam-pgsql packages fix SQL injection,
Martin Schulze
- new internet explorer exploit (was new worm),
Jelmer
- phpBB 2.0.8 Exploit,
JeiAr
- Multiple Vulnerabilities in Cloisterblog web blog/journal,
Dotho
- [RHSA-2004:134-01] Updated squid package fixes security vulnerability,
bugzilla
- [ GLSA 200403-06 ] Multiple remote buffer overflow vulnerabilities in Courier,
Kurt Lieber
- [ GLSA 200403-09 ] Buffer overflow in Midnight Commander,
Kurt Lieber
- [ GLSA 200403-07 ] Multiple remote overflows and vulnerabilities in Ethereal,
Kurt Lieber
- IE ms-its: and mk:@MSITStore: vulnerability,
roozbeh afrasiabi
- security enforcement - new monitor for winnt,
Liu Die Yu
- Exensive cPanel Cross Site Scripting,
sullo
- clamd - NEVER use "%f" in your "VirusEvent",
Rene
- Heap overflow in MPlayer,
blexim
- TSLSA-2004-0015 - tcpdump,
Trustix Security Advisor
- TSLSA-2004-0017 - apache,
Trustix Security Advisor
- NetSky.q Virus. Looking for more detailed information on how the DOS will be performed.,
Paul
- R7-0017: TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities,
advisory
- Linbit linbox Multiple Vulnerabilities,
Martin Eiszner
- MPlayer Security Advisory #002 - HTTP parsing vulnerability,
Gabucino
- Problem with customized login pages for Oracle SSO,
advisories
- phpkit suffers (reale stupid) XSS vuln.,
Yanosz
- White Paper - Web Application Worms: Myth or Reality?,
Imperva Application Defense Center
Mail converted by MHonArc 2.6.8