Mail Index
- RES: A technique to mitigate cookie-stealing XSS attacks
- Re: Yahoo Messenger: Invisible User Detect
- RE: Motorola Cable Modem DOS
- Re: When scrubbing secrets in memory doesn't work
- Re: A technique to mitigate cookie-stealing XSS attacks
- Re: A technique to mitigate cookie-stealing XSS attacks
- Re: How to execute programs with parameters in IE - Sandblad advisory #10
- Re: How to execute programs with parameters in IE - Sandblad advisory #10
- Re: A technique to mitigate cookie-stealing XSS attacks
- Re: RES: A technique to mitigate cookie-stealing XSS attacks
- Re: A technique to mitigate cookie-stealing XSS attacks
- iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server
- iDEFENSE Security Advisory 11.08.02b: Non-Explicit Path Vulnerability in QNX Neutrino RTOS
- Re: Bypassing website filter in SonicWall
- MDKSA-2002:076 - perl-MailTools update
- From: Mandrake Linux Security Team
- MDKSA-2002:075 - nss_ldap update
- From: Mandrake Linux Security Team
- Re: Accesspoints disclose wep keys, password and mac filter (fwd)
- Re: A technique to mitigate cookie-stealing XSS attacks
- RE: A technique to mitigate cookie-stealing XSS attacks
- LiteServe Directory Index Cross-Site Scripting
- Re: Accesspoints disclose wep keys, password and mac filter (fwd)
- Re: PHP-Nuke SQL Injection Vulnerability
- From: Predrag Damnjanovic
- Re: Accesspoints disclose wep keys, password and mac filter (fwd)
- Re: [VulnWatch] Netscreen SSH1 CRC32 Compensation Denial of service
- Re: Help Please
- [SECURITY] [DSA 188-1] New Apache-SSL packages fix several vulnerabilities
- When scrubbing secrets in memory doesn't work
- Re: Accesspoints disclose wep keys, password and mac filter (fwd)
- Re: Accesspoints disclose wep keys, password and mac filter (fwd)
- NetBSD Security Advisory 2002-024: IPFilter FTP proxy
- From: NetBSD Security Officer
- Oracle iSQL*Plus buffer Overflow..
- RE: A technique to mitigate cookie-stealing XSS attacks
- From: NESTING, DAVID M (SBCSI)
- Re: Motorola Cable Modem DOS
- Potential Denial of Service Vulnerability in IRIX RPC-based libc
- From: SGI Security Coordinator
- Re: When scrubbing secrets in memory doesn't work
- [Security Announce] Re: MDKSA-2002:076 - perl-MailTools update
- Re: Remote pine Denial of Service
- Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810
- Finding Vendor Security Contacts
- Zeus Admin Server v4.1r2 index.fcgi XSS bug
- XSS in Postnuke Rogue release (0.72)
- From: Muhammad Faisal Rauf Danka
- Re: A technique to mitigate cookie-stealing XSS attacks
- Technical information about unpatched MS Java vulnerabilities
- Securing OWA on public computers.
- RhinoSoft Serv-U FTP Anonymous Remote DoS Vulnerability
- From: [secondmotion]-Matt Thompson
- Re: How to execute programs with parameters in IE - Sandblad advisory #10
- [SECURITY] [DSA 192-1] New html2ps packages fix arbitrary code execution
- GLSA: kgpg
- Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection
- Re: How to execute programs with parameters in IE - Sandblad advisory #10
- Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer
- benchmark tool for HTTP pages.
- Buffer Overflow in iSMTP Gateway
- NOVL-2002-2963651 - iManager (eMFrame) Buffer Overflow
- Re: Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810
- RE: A technique to mitigate cookie-stealing XSS attacks
- RE: Motorola Cable Modem DOS
- [SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page
- Timing the Application of Security Patches for Optimal Uptime
- iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa
- Re: SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041)
- RE: How to execute programs with parameters in IE - Sandblad advisory #10
- [SECURITY] [DSA 193-1] New klisa packages fix buffer overflow
- [RHSA-2002:213-06] New PHP packages fix vulnerability in mail function
- Re: A technique to mitigate cookie-stealing XSS attacks
- Multiple vulnerabilities in Tiny HTTPd
- xoops Quizz Module IMG bug
- Security Update: [CSSA-2002-044.0] Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks
- Re: A technique to mitigate cookie-stealing XSS attacks
- [SecurityOffice] Hyperion Ftp Server v2.8.1 Directory Traversal Vulnerability
- KDE Security Advisory: resLISa / LISa Vulnerabilities
- WebChat for XOOPS RC3 SQL INJECTION
- GLSA: apache
- Remote Buffer Overflow vulnerability in Light HTTPd
- NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2
- RE: A technique to mitigate cookie-stealing XSS attacks
- KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability
- [SECURITY] [DSA 194-1] New masqmail packages fix buffer overflows
- SuSE Security Announcement: KDE lanbrowser vulnerability (SuSE-SA:2002:042)
- RE: A technique to mitigate cookie-stealing XSS attacks
- RE: When scrubbing secrets in memory doesn't work
- NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1
- ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd)
- EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities
- Fresh hole in W3Mail (fwd)
- [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8]
- APBoard - post threads to protected forums and possibility to hijack forum-password
- [SecurityOffice] INweb Mail Server v2.01 Denial of Service Vulnerability
- Security Update: [CSSA-2002-042.0] Linux: libpng progressive image loading vulnerabilities and other buffer overflows
- Exploit code for IP Smart Spoofing
- SuSE Security Announcement: SuSE-SA:2002:043 (traceroute-nanog/nkitb)
- IRIX lpd daemon vulnerabilities via sendmail and dns
- From: SGI Security Coordinator
- i386 Linux kernel DoS
- FreeBSD Security Advisory FreeBSD-SA-02:40.kadmind
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 195-1] New Apache-Perl packages fix several vulnerabilities
- RE: Motorola Cable Modem DOS
- RE: A technique to mitigate cookie-stealing XSS attacks
- Gnujsp and Domino R5.0.10
- Eudora 5.2 attachment spoof
- KeyFocus KF Web Server File Disclosure Vulnerability
- From: mattmurphy@xxxxxxxxx
- Re: Linksys security contact
- Bind 8 bug experience
- The Unix Auditor's Practical Handbook
- Apache Security Vulnerabilities on IRIX
- From: SGI Security Coordinator
- Re: A technique to mitigate cookie-stealing XSS attacks
- FreeBSD Security Advisory FreeBSD-SA-02:42.resolv
- From: FreeBSD Security Advisories
- Re: When scrubbing secrets in memory doesn't work
- IceWarp 3.4.5 XSS *AGAIN*
- Well known flaw in web cart software remains wide open
- [ESA-20021114-029] BIND buffer overflow, DoS attacks.
- From: EnGarde Secure Linux
- arp spoofing defence
- RE: A technique to mitigate cookie-stealing XSS attacks
- Default SNMP community in Surecom Broadband Router
- From: Andrei Mikhailovsky
- Re: Bind 8 bug experience
- Re: Bind 8 bug experience
- GLSA: kdelibs
- FreeBSD Security Advisory FreeBSD-SA-02:43.bind
- From: FreeBSD Security Advisories
- Remote Buffer Overflow vulnerability in Lib HTTPd.
- RE: A technique to mitigate cookie-stealing XSS attacks
- RE: Opera 7 vulnerabilities
- Re: Bind 8 bug experience
- IISPop remote DOS
- Perception LiteServe HTTP CGI Disclosure Vulnerability
- From: mattmurphy@xxxxxxxxx
- Code Injection in phpBB Advanced Quick Reply Mod
- RE: Exploit code for IP Smart Spoofing
- RE: i386 Linux kernel DoS
- Re: i386 Linux kernel DoS
- Security Update: [CSSA-2002-045.0] Linux: python insecure temporary files in os._execvpe
- Latest libpcap & tcpdump sources from tcpdump.org contain a trojan
- Opera 7 vulnerabilities
- FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh
- From: FreeBSD Security Advisories
- Security Update: [CSSA-2002-SCO.42] UnixWare 7.1.1 Open UNIX 8.0.0 : in.talkd format string vulnerabilities
- RE: Exploit code for IP Smart Spoofing
- Buffalo AP Denial of Service
- From: Andrei Mikhailovsky
- RE: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 andBIND8 (fwd)
- Better security through shame
- [CLA-2002:547] Conectiva Linux Security Announcement - syslog-ng
- GLSA: kdenetwork
- [CLA-2002:546] Conectiva Linux Security Announcement - bind
- [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)
- [SECURITY] [DSA-196-1] New BIND packages fix several vulnerabilities
- FreeBSD Security Advisory FreeBSD-SA-02:43.bind [REVISED]
- From: FreeBSD Security Advisories
- Security Update: [CSSA-2002-046.0] Linux: buffer overflows and other security issues in squid
- FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh [REVISED]
- From: FreeBSD Security Advisories
- Remote Buffer Overflow vulnerability in Zeroo HTTP Server.
- Security Update: [CSSA-2002-047.0] Linux: KDE SSL and XSS vulnerabilities
- [RHSA-2002:262-07] New kernel fixes local denial of service issue
- NBActiveX Sure ActiveX Big Vulnerability
- From: Webmaster, Lorenzo Hernandez Garcia-Hierro
- [SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure
- Re: Bind 8 bug experience
- From: Paul Theodoropoulos
- bind 8 info update regarding ISS
- patch for named buffer overflow now available (fwd)
- Re: When scrubbing secrets in memory doesn't work
- XOOPS WebChat module - patch UPDATE
- iPlanet WebServer, remote root compromise
- [SECURITY] [DSA 198-1] New nullmailer packages fix local denial of service
- Re: LOM: Multiple vulnerabilities in Macromedia Flash ActiveX
- Paketto Keiretsu 1.0
- TSLSA-2002-0077 - kernel
- From: Trustix Secure Linux Advisor
- RE: When scrubbing secrets in memory doesn't work
- Unofficial statement re: tcpdump and libpcap
- Re: When scrubbing secrets in memory doesn't work
- [SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting
- Re: ZDnet forum: IE formatting local drive
- [CLA-2002:549] Conectiva Linux Security Announcement - dhcpcd
- Re: When scrubbing secrets in memory doesn't work
- Update to LOM's advisory
- Re: GNU GCC: Optimizer Removes Code Necessary for Security
- RE: Exploit code for IP Smart Spoofing
- Re: (MSIE) when parent gives his son bad things ;) --"dialogArguments " again
- Multiple incorrect permissions in QNX.
- (MSIE) when parent gives his son bad things ;) --"dialogArguments " again
- Linksys router vulnerability
- TFTPD32 Directory Traversal Vulnerability
- MailEnable POP3 Server remote shutdown !:/ -newest ~ (and previous) bufferoverflow-
- Re: When scrubbing secrets in memory doesn't work
- RE: AIM 5.1.3036 buffer overflow
- XSS bug in phpBB
- TFTPD32 Buffer Overflow Vulnerability (Long filename)
- Update: iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability
- Updated ypserv packages fix memory leak
- From: Mandrake Linux Security Team
- Security Update: [CSSA-2002-048.0] Linux: wwwoffled remote access vulnerability
- Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability
- MDKSA-2002:079 - Updated kdelibs packages fix remote command execution vulnerabilites
- From: Mandrake Linux Security Team
- Clipboard in QNX Photon
- Zeroo Folder Traversal Vulnerability
- From: mattmurphy@xxxxxxxxx
- Re: [Full-Disclosure] Security Update: [CSSA-2002-050.0] Linux: tcpdump denial-of-service in print-bgp.c
- iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File
- MDKSA-2002:080 - Updated kdenetwork packages fix remote command execution vulnerabilites
- From: Mandrake Linux Security Team
- [OpenBSD] [syslogd] false src-IP when logging to remote syslogd
- SuSE Security Announcement: samba (SuSE-SA:2002:045)
- GLSA: php
- GLSA: samba
- XSS bug in vBulletin
- Security Update: [CSSA-2002-052.0] Linux: sendmail smrsh bypass vulnerabilities
- Open WebMail 1.71 "background" magic info
- From: FreeBSDbr Bugtraq DataBase
- Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site
- GLSA: courier
- Sun Security Bulletin #00220
- ClearCase DoS vulnerabilty
- [RHSA-2002:266-05] New samba packages available to fix potential security vulnerability
- [ESA-20021122-030] local kernel vulnerabilities
- From: EnGarde Secure Linux
- [ESA-20021122-031] php upgrade, security fixes
- From: EnGarde Secure Linux
- GLSA: gtetrinet
- Cisco Security Advisory: Cisco PIX Multiple Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- RE: (MSIE) -"dialogArguments" (extended)
- Allied Telesyn switches & routers vulnerability
- UPDATE: Linksys router vulnerability (add'l models affected)
- iDEFENSE Security Advisory 11.19.02a: Denial of Service Vulnerability in Linksys Cable/DSL Routers
- CERT Advisory CA-2002-32 Backdoor in Alcatel OmniSwitch AOS (fwd)
- Re: Alert: Microsoft Security Bulletin - MS02-066
- iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability
- [LSD] Java and JVM security vulnerabilities
- From: Last Stage of Delirium
- acFreeProxy Cross-Site Scripting Vulnerability/Possible DoS
- acFTP Authentication Issue
- Multiple phpNuke Modules Vulnerable to Cross-Site Scripting
- ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd)
- Web Server Creator - Web Portal 0.1 (PHP)
- Predictable TCP Initial Sequence Numbers
- From: NetScreen Security Response Team
- LibHTTPD Vulnerability and fix
- RE: MS02-066 - fixes, gaps and incorrect statements
- Immobilier 1 (PHP)
- BadBlue XSS/Information Disclosure Vulnerabilities
- 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation
- From: NetScreen Security Response Team
- CAIS-ALERT: Vulnerability in the sending requests control of BIND
- [RHSA-2002:264-05] New kernel 2.2 packages fix local denial of service issue
- Potential H.323 Denial of Service
- From: NetScreen Security Response Team
- Netscape Problems.
- Oracle TNS SEH Exploit
- Linksys not fixed
- Netscape 4 Java buffer overflow
- Re: Netscape Problems.
- XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier
- SuSE Security Announcement: pine (SuSE-SA:2002:046)
- [Sec-Tec Advisory] Local scripting vulnerability in phpBB
- vBulletin XSS Injection Vulnerability
- Remote Heap malloc/free & multiple Overflow vulnerability in WSMP3.
- TSLSA-2002-0080 - samba
- From: Trustix Secure Linux Advisor
- [CLA-2002:550] Conectiva Linux Security Announcement - samba
- SFAD02-002: Calisto Internet Talker Remote DOS
- File reading vulnerable in PHP and MySQL (Local Exploit)
- [Security bulletin] SSRT2266 HP Tru64 UNIX IGMP Potential (DoS) Security Vulnerability (fwd)
- AIM Bug
- Remote POST Buffer Overflow vulnerability in Pserv.
- FreeNews & News Evolution (PHP)
- Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C.
- MDKSA-2002:082 - Updated python packages fix local arbitrary code execution vulnerability
- From: Mandrake Linux Security Team
- MDKSA-2002:081 - Updated samba packages fix potential root compromise
- From: Mandrake Linux Security Team
- Re: ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd)
- Cracking OpenVMS passwords with John the Ripper
- [security bulletin] SSRT2385 OSIS V5.4 LDAP Module for System Authentication Potential Security Vulnerability (fwd)
- [security bulletin] SSRT2301 - HP Tru64 UNIX uudecode Potential Security Vulnerability (fwd)
- Re: Solaris priocntl exploit
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND
- [ESA-20021127-032] 'pine' version upgrade, security fixes.
- From: EnGarde Secure Linux
- Solaris priocntl exploit
- Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software
- Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND
- Remote Multiple Buffer Overflow(s) vulnerability in Libcgi-tuxbr.
- Re: d_path() truncating excessive long path name vulnerability
- Re: File reading vulnerable in PHP and MySQL (Local Exploit)
- Kerberos login sniffer and cracker for Windows 2000/XP
- On vulnerabilities in open and closed source products
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND
- RE: Cracking OpenVMS passwords with John the Ripper
- Re: Netscape Problems.
- TracerouteNG - never ending story
- Re: Solaris priocntl exploit
- MDKSA-2002:083 - Updated sendmail packages fix smrsh insecurities
- From: Mandrake Linux Security Team
- Re: d_path() truncating excessive long path name vulnerability
- Security Patch for PortailPHP 0.99
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND
- Exploit for traceroute-nanog overflow
- User downgraded from Administrator to User retains the ability to list other user's running tasks
- re: Solaris priocntl exploit
- Moby NetSuite POST Denial of Service Vulnerability
- [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba)
- bogofilter contrib/bogopass temp file vulnerability
- [ElectronicSouls] - BOOZT CGI Exploit
- RE: User downgraded from Administrator to User retains the ability to list other user's running tasks
- RE: User downgraded from Administrator to User retains the ability to list other user's running tasks
- Thatware (PHP)
- Multiple pServ Remote Buffer Overflow Vulnerabilities
- Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND
- Cross-site Scripting Vulnerability in YaBB 1 Gold - SP1!
- [SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND
- GLSA: pine
- Potential Vuln in McAfee VirusScan 451
- Re: [Full-Disclosure] Netscape Problems.
- Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability
- Advisory: Lawson Financials RDBMS Insecurity
- Advisory: Webster HTTP Server
- Re: Solaris priocntl exploit
- RE: Exploit for traceroute-nanog overflow
- pre-login buffer overflow in Cyrus IMAP server
- [RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability
- possible virus break in german exchange option of Inoculate IT 6.0
- RE: Kerberos login sniffer and cracker for Windows 2000/XP
- ShopFactory shopping cart price manipulation
- From: Richard van den Berg
- Cyrus Sieve / libSieve buffer overflow
- [VU#317417] Denial of Service condition in vxworks ftpd/3com nbx
- From: Michael S. Scheidell
- Bypassing Integrity Protection Driver (time vulnerability)
- CORE-20021005: Vulnerability Report For Linksys Devices
- MDKSA-2002:085 - Updated WindowMaker packages fix buffer overflow vulnerability
- From: Mandrake Linux Security Team
- [SNS Advisory No.59] Buffalo Wireless LAN Access Point Denial of Service Vulnerability (was Re: Buffalo AP Denial of Service)
- Local Netfilter / IPTables IP Queue PID Wrap Flaw
- Poisonous Style for Dialog window turns the zone off.
- Zeroo Webserver remote directory traversal exploit
- [SECURITY] [DSA 202-1] New IM packages fix insecure temporary file creation
- Re: Local Netfilter / IPTables IP Queue PID Wrap Flaw
- SquirrelMail v1.2.9 XSS bugs
- MDKSA-2002:084 - Updated pine packages fix buffer overflow vulnerability
- From: Mandrake Linux Security Team
- Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service
- From: Muhammad Faisal Rauf Danka
- Local root vulnerability found in exim 4.x (and 3.x)
- SAP database local root via symlink
- [SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution
- [CLA-2002:551] Conectiva Linux Security Announcement - pine
- Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv
- [RHSA-2002:220-40] Updated KDE packages fix security issues
- [RHSA-2002:254-05] Updated Webalizer packages fix vulnerability
- Windows XP Disclosure of Registered AP Information
- Buffer Overflow Vulnerability in X Font Server on IRIX
- From: SGI Security Coordinator
- Multiple Vulnerabilities in BIND Name Service Daemon on IRIX
- From: SGI Security Coordinator
- Sygate Personal Firewall can be shut down without a need to supply a password - although one is required
- Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow
- Re: SquirrelMail v1.2.9 XSS bugs
- [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability]
- Re: [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability]
- Sygate Personal Firewall can be shut down without a need to suppl y
- RE: Sygate Personal Firewall can be shut down without a need to supply
- Re: Local root vulnerability found in exim 4.x (and 3.x)
- Re: Local root vulnerability found in exim 4.x (and 3.x)
- [SECURITY] [DSA 204-1] New kdlibs packages fix arbitrary program execution
- BIND Name Server DNS Spoofing Vulnerability on IRIX
- From: SGI Security Coordinator
- Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6
- Cross-site Scripting Vulnerability in phpBB 2.0.3
- Notes on MS02-068, extensive downplaying of severity
- Multiple vulnerabilities in akfingerd
- Re: Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service
- Cobalt RaQ4 Remote root exploit
- Re: TracerouteNG - never ending story
- Samba Security Vulnerability on IRIX
- From: SGI Security Coordinator
- Apache/Tomcat Denial Of Service And Information Leakage Vulnerability
- RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required
- Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench
- SuSE Security Announcement: OpenLDAP2 (SuSE-SA:2002:047)
- [SECURITY] [DSA 202-2] New IM packages correct hidden architecture dependency
- WebReflex Directory Traversal Vulnerability
- From: luca.ercoli@xxxxxxxxx
- [SECURITY] [DSA 192-2] New html2ps packages correct fix against arbitrary code execution
- APBoard-Bug
- Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow
- XSS and Path Disclosure in UPB
- Re: Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 - and 3.7 Build 1190
- From: Dr. Peter Bieringer
- SECURITY.NNOV: more Ikonboard 3.1.1 crossite scriptings
- [SecurityOffice] Enceladus Server Suite v3.9 Buffer Overflow Vulnerability
- Cyrus SASL library buffer overflows
- Security Update: [CSSA-2002-SCO.43] UnixWare 7.1.1 Open UNIX 8.0.0 : closed file descriptor race vulnerability
- [RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability
- [RHSA-2002:229-10] Updated wget packages fix directory traversal bug
- [RHSA-2002:246-18] Updated Canna packages fix vulnerabilities
- Unchecked buffer in PC-cillin
- From: advisories@xxxxxxxxxxx
- Remote multiple vulnerability in apt-www-proxy.
- Re: Cyrus SASL library buffer overflows
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS
- TFTP32 DOS
- MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability
- From: Mandrake Linux Security Team
- RE: Sygate Personal Firewall can be shut down without a need to s upply a password - although one is required
- KunaniFTP-Server v.1.0.10 allows dictionary traversal
- From: Zero-X www.lobnan.de Team
- [SECURITY] [DSA-206-1] tcpdump BGP decoding error
- Re: XSS and Path Disclosure in UPB
- [SECURITY] [DSA-205-1] gtetrinet buffer overflows
- Directory traversing bug in 'myServer' webserver.
- Directory Traversal Vulnerabilities in FTP Clients
- Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Security Update: [CSSA-2002-058.0] Linux: buffer overflow in nss_ldap DNS SRV
- Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug
- Remote multiple vulnerability in apt-www-proxy.
- [SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution
- Denial of Service vulnerability in VisNetic Website
- Re: KunaniFTP-Server v.1.0.10 allows dictionary traversal
- proftpd <=1.2.7rc3 DoS
- From: Rob klein Gunnewiek
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS
- From: Rob klein Gunnewiek
- Input Validation Error in vbulletin 2.2.x
- MTPSR1-120 Firewall Proxy configuration software
- Security Update: [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate checks on user-specified output files
- Enceladus Server Suite traversal directory vulnerability
- From: luca.ercoli@xxxxxxxxx
- CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers (fwd)
- From: Muhammad Faisal Rauf Danka
- Advisory 04/2002: Multiple MySQL vulnerabilities
- [RHSA-2002:222-21] Updated apache, httpd, and mod_ssl packages available
- PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability
- Multiple Mambo Site Server sec-weaknesses
- [SECURITY] [DSA 208-1] New Perl packages correct Safe handling
- VisNetic WebSite XSS vulnerability through HTTP referer header
- Re: Directory Traversal Vulnerabilities in FTP Clients
- MDKSA-2002:086 - Updated wget packages fix directory traversal vulnerability
- From: Mandrake Linux Security Team
- [SECURITY] [DSA-209-1] two wget problems
- Password Hole Found In Webshots
- XSS flaw found at "https://www.e-gold.com"
- Adelphia Powerlink service vulnerable to man in the middle attacks by cable modem users.
- iDefense Security Advisory
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS
- [SECURITY] [DSA-210-1] lynx CRLF injection
- Re: Password Hole Found In Webshots
- [SECURITY] [DSA 211-1] New mICQ packages fix denial of service
- Eserv remote denial of service
- Advisory Title: iASP Remote Console Applet Allows Remote
- Anyone can read all XOOPS private messages
- [ESA-20021213-033] Several MySQL vulnerabilities.
- From: EnGarde Secure Linux
- Advisory 05/2002: Another Fetchmail Remote Vulnerability
- RE: iDefense Security Advisory
- Directory Traversal Vulnerability in FTP Client on IRIX
- From: SGI Security Coordinator
- [CLA-2002:552] Conectiva Linux Security Announcement - wget
- FW: SQL Injection Solved
- MyPHPLinks (PHP) : SQL Injection
- GLSA: mysql
- GLSA: fetchmail
- GLSA: squirrelmail
- GLSA: mysql
- Password Disclosure in Cryptainer
- Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD
- [OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl)
- PHP-Nuke code execution and XSS vulnerabilities
- [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)
- GLSA: exim
- [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql)
- PHP-Nuke 6.0 : Path Disclosure & Cross Site Scripting
- R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors
- From: Rapid 7 Security Advisories
- RE: Cross-site scripting vulnerability in CF 5.0
- Cross-site scripting vulnerability in CF 5.0
- Re: Cross-site scripting vulnerability in CF 5.0
- zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A)
- From: NGSSoftware Insight Security Research
- PFinger 0.7.8 format string vulnerability (#NISR16122002B)
- From: NGSSoftware Insight Security Research
- RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B)
- [CLA-2002:554] Conectiva Linux Security Announcement - fetchmail
- [CLA-2002:553] Conectiva Linux Security Announcement - kernel 2.4
- Security Patchs for PHP Products
- Captaris (Infinite) WebMail XSS
- Macromedia Shockwave Flash Malformed Header Overflow #2
- [CLA-2002:555] Conectiva Linux Security Announcement - MySQL
- [SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities
- [RHSA-2002:228-11] Updated Net-SNMP packages fix security and other bugs
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)
- [RHSA-2002:293-09] Updated Fetchmail packages fix security vulnerability
- Re: [VulnWatch] Password Disclosure in Cryptainer
- Re: adelphia vulnerability within subnets
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)
- [OpenPKG-SA-2002.016] OpenPKG Security Advisory (fetchmail)
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)
- Re: Directory traversal vulnerabilities in several archivers processing .tar
- export LD_LIBRARY_PATH in /etc/profile.d/* files
- Fwd: CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations
- From: Muhammad Faisal Rauf Danka
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)
- Directory traversal vulnerabilities in several archivers processing .tar
- From: Florian Schafferhans
- RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
- Re: export LD_LIBRARY_PATH in /etc/profile.d/* files
- Missing admin sql password in Okena StormWatch
- gfxboot allows boot password circumvention, SuSE 8.1 GRUB
- [securitydigest.org]: Changes for December 2002
- From: Curator at Security Digest Archives
- MDKSA-2002:087 - Updated MySQL packages fix multiple vulnerabilities
- From: Mandrake Linux Security Team
- MDKSA-2002:068-1 - Updated apache packages fix multiple vulnerabilities
- From: Mandrake Linux Security Team
- RE: Directory traversal vulnerabilities in several archivers processing .tar
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)
- Re: export LD_LIBRARY_PATH in /etc/profile.d/* files
- Historic blackhat archives exposed
- Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd)
- Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd)
- RE: Missing admin sql password in Okena StormWatch
- [SECURITY] [DSA 213-1] New libpng packages fix buffer overflow
- [CLA-2002:556] Conectiva Linux Security Announcement - openldap
- WAnewsletter (PHP)
- Openwebmail 1.71 remote root compromise
- Multiple vulnerability in Enceladus Server
- Re: Cisco IOS EIGRP Network DoS
- Re: Directory traversal vulnerabilities in several archivers processing .tar
- TSLSA-2002-0086 - mysql
- From: Trustix Secure Linux Advisor
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd)
- TSLSA-2002-0089 - wget
- From: Trustix Secure Linux Advisor
- TSLSA-2002-0085 - lynx-ssl
- From: Trustix Secure Linux Advisor
- TSLSA-2002-0087 - perl
- From: Trustix Secure Linux Advisor
- TSLSA-2002-0084 - tcpdump
- From: Trustix Secure Linux Advisor
- TSLSA-2002-0083 - kernel
- From: Trustix Secure Linux Advisor
- Cisco IOS EIGRP Network DoS
- [Fix] Openwebmail 1.71 remote root compromise
- iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)
- Web server vulnerability in Axis Network Cameras, Video Servers and DVRs
- From: Axis Product Security
- [RAZOR] Problems with mkstemp()
- RE: Directory traversal vulnerabilities in several archivers processing .tar
- GLSA: perl
- GLSA: canna
- [SecurityOffice] Polycom Video Conference System Management Server Authentication Bypass Vulnerability
- SuSE Security Announcement: cyrus-imapd (SuSE-SA:2002:048)
- SPGpartenaires (PHP)
- nCipher Advisory #6: Access control defects in PKCS#11 keys
- GLSA: wget
- PHP-Nuke mail CRLF Injection vulnerabilities
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd)
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd)
- [SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows
- Re: XSS and PHP include bug in W-Agora
Mail converted by MHonArc
This mailing list archive is a service of Copilotco.