Bugtraq: by thread

Bugtraq: by thread

439 messages starting Jan 28 99 and ending Jan 31 00
Date index | Thread index | Author index

ZBServer 1.50-r1x exploit (WinNT) |Zan (Jan 28)
Re: strace can lie Pavel Machek (Dec 28)
- <Possible follow-ups>
- Re: strace can lie Pavel Machek (Jan 01)
Re: vibackup.sh Todd C. Miller (Dec 31)
- <Possible follow-ups>
- Re: vibackup.sh Kris Kennaway (Jan 05)
DNS spoofing/registering/etc Kurt Seifried (Dec 31)
blat.c Loneguard (Jan 01)
Happy New Year from BUGTRAQ and Security Focus Elias Levy (Jan 01)
HP's Security Bulletins Digest (fwd) Justin Tripp (Jan 01)
Re: majordomo local exploit John Archie (Jan 02)
- <Possible follow-ups>
- Re: majordomo local exploit Olaf Kirch (Jan 03)
- Re: majordomo local exploit Dale Clark (Jan 03)
- Re: majordomo local exploit Chan Wilson (Jan 07)
Re: More info on MS99-061 (IIS escape character vulnerability) Joakim Karlmark (Jan 02)
HPUX Aserver revisited. Justin Tripp (Jan 02)
- Re: HPUX Aserver revisited. Chuck Lawrence (Jan 03)
Y2K bug in Shadow IDS Alfred Huger (Jan 02)
Re: Y2K bug in Shadow IDS (fwd) Alfred Huger (Jan 02)
Hotmail security hole - injecting JavaScript using <IMG LOWSRC="javascript:...."> Georgi Guninski (Jan 03)
- Re: Hotmail security hole - injecting JavaScript using <IMG LOWSRC="javascript:...."> Norbert Luckhardt (Jan 04)
FW: Patch issued for AltaVista Search Engine Directory TraversalVuln erability AVsearch (Jan 03)
compartment Marc Heuse (Jan 03)
Symlinks and Cryogenic Sleep Olaf Kirch (Jan 03)
- Re: Symlinks and Cryogenic Sleep Mark A. Heilpern (Jan 03)
  - Re: Symlinks and Cryogenic Sleep Casper Dik (Jan 04)
  - Re: Symlinks and Cryogenic Sleep Olaf Kirch (Jan 04)
  - Re: Symlinks and Cryogenic Sleep Henrik Nordstrom (Jan 04)
- First Telecom E-conso service totally insecure Thomas Quinot (Jan 03)
- Re: Symlinks and Cryogenic Sleep Goetz Babin-Ebell (Jan 04)
  - Re: Symlinks and Cryogenic Sleep pedward () WEBCOM COM (Jan 04)
  - Re: Symlinks and Cryogenic Sleep Christos Zoulas (Jan 04)
  - Re: Symlinks and Cryogenic Sleep Mikael Olsson (Jan 05)
  - Re: Symlinks and Cryogenic Sleep Marc Heuse (Jan 05)
- Re: Symlinks and Cryogenic Sleep Wietse Venema (Jan 04)
- Re: Symlinks and Cryogenic Sleep Pavel Machek (Jan 04)
- Security problem with Solstice Backup/Legato Networker recover command Chris Siebenmann (Jan 04)
- Local / Remote D.o.S Attack in IMail IMONITOR Server for WinNT Version 5.08 Ussr Labs (Jan 05)
- Re: Symlinks and Cryogenic Sleep Pavel Kankovsky (Jan 05)
- [RHSA-2000:002] New lpr packages available Bill Nottingham (Jan 07)
- <Possible follow-ups>
- Re: Symlinks and Cryogenic Sleep der Mouse (Jan 04)
- Re: Symlinks and Cryogenic Sleep Marc Heuse (Jan 04)
- Re: Symlinks and Cryogenic Sleep John Cochran (Jan 04)
- Re: Symlinks and Cryogenic Sleep Antonomasia (Jan 04)
- Re: Symlinks and Cryogenic Sleep Antonomasia (Jan 05)
PHP3 safe_mode and popen() Kristian Koehntopp (Jan 03)
- FWD: Redhat advisory Alfred Huger (Jan 04)
  - Re: FWD: Redhat advisory (RPM --upgrade/-U vs. --freshen/-F) Peter W (Jan 05)
- Re: PHP3 safe_mode and popen() David TILLOY (Jan 04)
  - Re: PHP3 safe_mode and popen() Thomas Köhler (Jan 05)
  - CuteFTP saved password 'encryption' weakness Nick FitzGerald (Jan 05)
    - Re: CuteFTP saved password 'encryption' weakness Brian Kifiak (Jan 05)
  - Handspring Visor Network HotSync Security Hole Jay C Austad (Jan 06)
    - Re: Handspring Visor Network HotSync Security Hole Jim Frost (Jan 06)
    - Re: Handspring Visor Network HotSync Security Hole Chris Adams (Jan 08)
    - Re: Handspring Visor Network HotSync Security Hole Jason Spence (Jan 07)
  - Re: PHP3 safe_mode and popen() Kristian Koehntopp (Jan 06)
- [rootshell] Security Bulletin #27 Kit Knox (Jan 04)
Subscription bomb tracing - feature request. Alan Brown (Jan 04)
- Re: Subscription bomb tracing - feature request. M. Dodge Mumford (Jan 05)
- Re: Subscription bomb tracing - feature request. Brian Mueller (Jan 05)
- Sun Security Bulletin #00193 (fwd) Jay D. Dyson (Jan 06)
Re: Hotmail security hole - injecting JavaScript using <IMG LOWSR C="javascript:...."> Microsoft Product Security Response Team (Jan 04)
Another search.cgi vulnerability k0ad k1d (Jan 04)
Re: Hotmail security hole - injecting JavaScript using <IMG Kevin Hecht (Jan 04)
- Re: Hotmail security hole - injecting JavaScript using <IMG Henrik Nordstrom (Jan 05)
  - Re: Hotmail security hole - injecting JavaScript using <IMG Metal Hurlant (Jan 05)
    - Re: Hotmail security hole - injecting JavaScript using <IMG Ajax (Jan 06)
    - Re: Hotmail security hole - injecting JavaScript using <IMG Andrew Pimlott (Jan 08)
    - Re: Hotmail security hole - injecting JavaScript using <IMG Eivind Eklund (Jan 08)
    - IIS still revealing paths for web directories Vanja Hrustic (Jan 10)
    - Re: IIS still revealing paths for web directories Vladimir Dubrovin (Jan 12)
    - Re: IIS still revealing paths for web directories Chris Tobkin (Jan 12)
    - Altavista Free Internet Security Plex Inphiniti (Jan 15)
    - Re: Altavista Free Internet Security Bill (Jan 17)
    - Trusted process on an untrusted machine? Mike Frantzen (Jan 18)
    - Re: Trusted process on an untrusted machine? Pavel Machek (Jan 19)
    - Re: Trusted process on an untrusted machine? Mike Frantzen (Jan 19)
    - Re: Trusted process on an untrusted machine? Pavel Machek (Jan 20)
    - Re: Trusted process on an untrusted machine? Tim Newsham (Jan 19)
    - Re: Trusted process on an untrusted machine? Anonymous Anonymous (Jan 20)
    - Re: Trusted process on an untrusted machine? Crispin Cowan (Jan 20)
    - Crafted Packets Handling by Firewalls - FW-1 case Ofir Arkin (Jan 20)
    - Rh 6.1 initial root password encryption Ken Barber (Jan 20)
    - Re: Rh 6.1 initial root password encryption Fabian Kroenner (Jan 22)
    - Re: Crafted Packets Handling by Firewalls - FW-1 case Darren Reed (Jan 21)
    - Microsoft Security Bulletin (MS00-005) Microsoft Product Security (Jan 18)
    - Re: Microsoft Security Bulletin (MS00-005) bugtraq () NS DOOMSDAY COM (Jan 19)
    - Re: Microsoft Security Bulletin (MS00-005) Matt Davis (Jan 19)
    - Re: Microsoft Security Bulletin (MS00-005) Tabor J. Wells (Jan 19)
    - Unixware ppptalk what's your style? (Jan 19)
    - Re: Unixware ppptalk Andrew Malcolm (Jan 21)
    - Re: IIS still revealing paths for web directories Henrik Nordstrom (Jan 15)
    - Re: IIS still revealing paths for web directories Antonio Ropero (Jan 15)
    - Re: IIS still revealing paths for web directories Chris Tobkin (Jan 18)
    - SRS Addendum Matt Conover (Jan 12)
    - Re: IIS still revealing paths for web directories Georgi Guninski (Jan 13)
    - Re: IIS still revealing paths for web directories Scott Buchanan (Jan 13)
    - Re: IIS still revealing paths for web directories Taneli Huuskonen (Jan 15)
    - Fwd: Crash identified in Notes, Domino, and MTA with Date Conversio ns Xander Teunissen (Jan 14)
    - Re: IIS still revealing paths for web directories Norbert Luckhardt (Jan 15)
    - usual iploggers miss some variable stealth scans vecna (Jan 17)
    - Re: usual iploggers miss some variable stealth scans Simple Nomad (Jan 18)
    - AW: usual iploggers miss some variable stealth scans Tobi (Jan 18)
    - AW: usual iploggers miss some variable stealth scans Tobi (Jan 19)
    - Warning: VCasel security hole. bob mare (Jan 18)
    - Re: usual iploggers miss some variable stealth scans Alec Kosky (Jan 18)
    - Re: usual iploggers miss some variable stealth scans Andrea Gho (Jan 20)
    - Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x root (Jan 21)
    - *BSD procfs vulnerability FEAR Advisories (Jan 21)
    - Re: *BSD procfs vulnerability Theo de Raadt (Jan 24)
    - stream.c/raped.c tests (just for stats) Vanja Hrustic (Jan 21)
    - Microsoft Security Bulletin (MS00-004) Microsoft Product Security (Jan 21)
    - Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Vanja Hrustic (Jan 22)
    - Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Markus Hofmann (Jan 22)
    - Administrivia Elias Levy (Jan 18)
    - Info on some security holes reported against SCO Unixware. Aaron Sigel (Jan 13)
    - ssh-proxy, a new approach to firewall software Magosanyi Arpad (Jan 13)
    - Re: Hotmail security hole - injecting JavaScript using <IMG Ajax (Jan 11)
    - Serious Bug in Corel Linux.(Local root exploit) tascon () ENETE GUI UVA ES (Jan 12)
    - secure-programs howto Signal 11 (Jan 09)
    - strace can lie ... but LTT might be handy Karim Yaghmour (Jan 09)
    - 2nd attempt: AIX techlibss follows links Klaus.Kusche () OOE GV AT (Jan 10)
    - NIS2k Bacano (Jan 11)
    - Password issue in Axent ESM 5.0.1 Console Todd (Jan 13)
    - Re: Password issue in Axent ESM 5.0.1 Console Scott Blake (Jan 14)
    - Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP) Server for WinNT Version 1.9x Ussr Labs (Jan 13)
    - Re: NIS2k Brad Griffin (Jan 13)
    - Misleading sense of security in Netscape Craig Ruefenacht (Jan 13)
    - Re: Misleading sense of security in Netscape Jefferson Ogata (Jan 18)
    - New MySQL Available Scott (Jan 13)
    - BindView Security Advisory: Local Promotion Vulnerability in Windows NT 4 BindView Security Advisory (Jan 13)
    - Microsoft Security Bulletin (MS00-003) Microsoft Product Security (Jan 13)
    - ICQ Buffer Overflow Exploit drew copley (Jan 11)
    - Re: ICQ Buffer Overflow Exploit Dennis W. Mattison (Little Wolf) (Jan 13)
    - Re: ICQ Buffer Overflow Exploit Michael DeSimone (Jan 13)
    - Re: ICQ Buffer Overflow Exploit Tom Schumm (Jan 14)
    - Re: ICQ Buffer Overflow Exploit Simon Steed (Jan 13)
    - Anyone can take over virtually any domain on the net... Thomas Reinke (Jan 12)
    - Re: Anyone can take over virtually any domain on the net... Jon Lewis (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Jeffrey Paul (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Chris Adams (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Shafik Yaghmour (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Nick Lamb (Jan 15)
    - Re: Anyone can take over virtually any domain on the net... Kurt Seifried (Jan 13)
    - Blinding BIND to a moving domain D. J. Bernstein (Jan 12)
    - Re: Blinding BIND to a moving domain Ken Gourlay (Jan 12)
    - CyberCash MCK 3.2.0.4: Large /tmp hole Sheldon Young (Jan 12)
    - Administrivia: ORBS Elias Levy (Jan 12)
    - WebSitePro/2.3.18 is revealing Webdirectories Lark Lizerman (Jan 13)
    - Re: Hotmail security hole - injecting JavaScript using <IMG Grahame Bowland (Jan 06)
  - Yet another Hotmail security hole - injecting JavaScript in IE using "@import url(javascript:...)" Georgi Guninski (Jan 06)
  - Security Bulletins Digest Aleph One (Jan 06)
- Re: Hotmail security hole - injecting JavaScript using <IMG Metal Hurlant (Jan 05)
  - Re: Hotmail security hole - injecting JavaScript using <IMG Dustin Miller (Jan 05)
- <Possible follow-ups>
- Re: Hotmail security hole - injecting JavaScript using <IMG Edwin Gonzalez (Jan 04)
- Re: Hotmail security hole - injecting JavaScript using <IMG ck () RIB DE (Jan 07)
SHADOW and Y2K Problems Bill Ralph (Jan 04)
Flaw in 3c59x.c or in Kernel? Sonny Parlin (Jan 04)
- Re: Flaw in 3c59x.c or in Kernel? Bill Paul (Jan 04)
  - Re: Flaw in 3c59x.c or in Kernel? danny (Jan 05)
  - userhelper/PAM exploit Derek Callaway (Jan 05)
  - Re: Flaw in 3c59x.c or in Kernel? Raymond Dijkxhoorn (Jan 05)
- Re: Flaw in 3c59x.c or in Kernel? Raymond Dijkxhoorn (Jan 05)
- Re: Flaw in 3c59x.c or in Kernel? David Malone (Jan 05)
  - Re: Flaw in 3c59x.c or in Kernel? Sonny Parlin (Jan 05)
    - Re: Flaw in 3c59x.c or in Kernel? Jonathan Poole (Jan 05)
  - Re: Flaw in 3c59x.c or in Kernel? Pug Bainter (Jan 05)
- <Possible follow-ups>
- FW: Flaw in 3c59x.c or in Kernel? William R. Lorenz (Jan 05)
Yet another Hotmail security hole - injecting JavaScript in IE using <IMG DYNRC="javascript:...."> Georgi Guninski (Jan 04)
- Re: Yet another Hotmail security hole - injecting JavaScript in Nick FitzGerald (Jan 05)
Re: irix-soundplayer.sh pda () ING PUC CL (Jan 04)
- Re: irix-soundplayer.sh Dale Southard (Jan 04)
- Re: irix-soundplayer.sh Darren Reed (Jan 05)
- L0pht Advisory: RH Linux 6.0/6.1, PAM and userhelper Dildog (Jan 05)
  - Re: L0pht Advisory: RH Linux 6.0/6.1, PAM and userhelper cogNiTioN (Jan 05)
    - Re: L0pht Advisory: RH Linux 6.0/6.1, PAM and userhelper gwynp () ARTWARE QC CA (Jan 05)
    - IE 5 security vulnerablity - circumventing Cross-frame security policy and accessing the DOM of "old" documents. Georgi Guninski (Jan 07)
Fw: [CERT Advisory CA-2000-01] Guy Cohen (Jan 04)
The WebTV Email Exploit Dale E. Chulhan (Jan 04)
- <Possible follow-ups>
- Re: The WebTV Email Exploit Thompson, Zach, CPG (Jan 07)
Re: irix-soundplayer.sh... NOT Irix 6.4 pda () ING PUC CL (Jan 04)
[petrilli () digicool com: [Zope] SECURITY ALERT] George Lewis (Jan 04)
Re: Hotmail security hole - injecting JavaScript using <IMGLOWSRC="javascript:...."> Philip Stoev (Jan 04)
Microsoft Security Bulletin (MS00-001) Microsoft Product Security (Jan 05)
New Allaire Security Zone Bulletins and KB Article Aleph One (Jan 05)
SECURITY ALERT - WAR FTP DAEMON ALL VERSIONS Jarle Aase (Jan 05)
- "SANS Flash Alert For Solaris" Chok Poh (Jan 05)
- Re: SECURITY ALERT - WAR FTP DAEMON ALL VERSIONS Sir Dystic (Jan 06)
- Stack Sheild 0.7 and SFP Overwrites vendicator () USA NET (Jan 08)
- Re: SECURITY ALERT - WAR FTP DAEMON ALL VERSIONS Jarle Aase (Jan 08)
- L0pht Advisory: LPD, RH 4.x,5.x,6.x Dildog (Jan 08)
- Buffer overflow with WinAmp 2.10 Transfer Interrupted (Jan 09)
- Yet another Hotmail security hole - injecting JavaScript using "jAvascript:" Georgi Guninski (Jan 10)
JS problem in NS4.5 - known? Nick Phillips (Jan 05)
- Re: JS problem in NS4.5 - known? Crispin Cowan (Jan 06)
Re: Yet another Hotmail security hole - injecting JavaScript in Justin King (Jan 05)
[Hackerslab bug_paper] Solaris chkperm buffer overflow ±čżëÁŘ KimYongJun (99Áąľ÷) (Jan 05)
- Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow Darren Reed (Jan 06)
- <Possible follow-ups>
- Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow Brock Tellier (Jan 06)
  - Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow Theodor Ragnar Gislason (Jan 07)
  - Altavista followup rudi carell (Jan 09)
Re: Netscape Communicator 4.7 exploit [NT/win2k]. Thompson, Zach, CPG (Jan 06)
Re: Announcement: Solaris loadable kernel module backdoor der Mouse (Jan 06)
Phorum 3.0.7 exploits and IDS signatures Max Vision (Jan 07)
Stack Shield 0.7 beta vendicator () USA NET (Jan 07)
PalmCrack - The password testing tool for the Palm Computing Platform swlodin () IQUEST NET (Jan 07)
Re: Altavista followup Roelandts, Guy (Jan 11)
Serious bug in MySQL password handling. Viktor Fougstedt (Jan 11)
Re: L0pht Advisory: LPD, RH 4.x,5.x,6.x Oliver Friedrichs (Jan 11)
PowerScripts PlusMail Vulnerablity YT Cracker (Jan 11)
SRS (Secure Remote Streaming): a secure Unix syslog Matt Conover (Jan 12)
Re: Analysis of "stacheldraht" Dave Dittrich (Jan 12)
IE 5.0 vs. XML-files David Komanek (Jan 12)
Multiple WebMail Vendor Vulnerabilities CDI (Jan 12)
- Re: Multiple WebMail Vendor Vulnerabilities Peter W (Jan 12)
Re: IIS still revealing paths for web directories Jonah Kowall (Jan 12)
- <Possible follow-ups>
- SV: IIS still revealing paths for web directories Kristoffer Ustad (Jan 13)
- Re: IIS still revealing paths for web directories Eric.Stevens () AVENTIS COM (Jan 13)
  - Re: IIS still revealing paths for web directories Vanja Hrustic (Jan 15)
- Re: IIS still revealing paths for web directories Rob Systhine (Jan 15)
- Re: IIS still revealing paths for web directories Frank Knobbe at Home (Jan 16)
  - Re: IIS still revealing paths for web directories Niklas Schiffler (Jan 18)
- IIS still revealing paths for web directories Michael Howard (Jan 18)
- Re: IIS still revealing paths for web directories Brock Tellier (Jan 18)
  - Re: IIS still revealing paths for web directories Kevin Matthew (Jan 19)
- Re: IIS still revealing paths for web directories Michael Howard (Jan 20)
Re: XML in IE 5.0 Mike Brown (Jan 13)
- Re: XML in IE 5.0 Mikael Olsson (Jan 13)
  - Re: XML in IE 5.0 Mike Brown (Jan 14)
- <Possible follow-ups>
- Re: XML in IE 5.0 Ryan Russell (Jan 15)
  - Re: XML in IE 5.0 Brian Behlendorf (Jan 17)
    - Re: XML in IE 5.0 David LeBlanc (Jan 19)
    - Re: XML in IE 5.0 Jesper M. Johansson (Jan 19)
  - Re: XML in IE 5.0 Darren Reed (Jan 17)
    - Re: XML in IE 5.0 Jesper M. Johansson (Jan 19)
    - SubSeven 2.1a (trojan) Andrew Griffiths (Jan 19)
    - Re: XML in IE 5.0 David LeBlanc (Jan 20)
    - Some discussion in http-wg ... FW: webmail vulnerabilities: a new pragma token? Eric D. Williams (Jan 19)
  - SyGate 3.11 Port 7323 / Remote Admin hole jalerta () nestworks com (Jan 29)
  - [LoWNOISE] Rightfax web client 5.2 ET LoWNOISE (Jan 30)
- Re: XML in IE 5.0 Meilicke, Scott (Jan 18)
mSQL and not MySQL exploit Tonu Samuel (Jan 13)
Re: procmail / Sendmail - five bugs Gregory Neil Shapiro (Jan 13)
Re: Anyone can take over virtually any domain on the net... Janos Zsako (Jan 13)
- <Possible follow-ups>
- Re: Anyone can take over virtually any domain on the net... Russ Johnson (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Ryan Russell (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Haight, Kristofer (Jan 13)
  - Re: Anyone can take over virtually any domain on the net... Max Vision (Jan 15)
- Re: Anyone can take over virtually any domain on the net... BUGTRAQ () ROZZ COM (Jan 14)
  - Re: Anyone can take over virtually any domain on the net... Bryan Fullerton (Jan 15)
  - Re: Anyone can take over virtually any domain on the net... Homer Wilson Smith (Jan 15)
  - [support_feedback () us-support external hp com: Security Bulletins Digest] Patrick Oonk (Jan 17)
  - Security hole in mail2web web-based emailservice Patrick Oonk (Jan 17)
  - Re: Anyone can take over virtually any domain on the net... Brian Mueller (Jan 17)
- Re: Anyone can take over virtually any domain on the net... root (Jan 15)
Re: CyberCash MCK 3.2.0.4: Large /tmp hole (fwd) Dave G. (Jan 13)
Re: WebSitePro/2.3.18 is revealing Webdirectories Chris (Jan 13)
- Re: WebSitePro/2.3.18 is revealing Webdirectories Lark Lizerman (Jan 14)
MS IIS 5.0 Access Violation on handling URL String Lark Lizerman (Jan 14)
- Re: MS IIS 5.0 Access Violation on handling URL String Anthony Benjamin (Jan 15)
  - Re: MS IIS 5.0 Access Violation on handling URL String Imran Ghory (Jan 18)
- Re: MS IIS 5.0 Access Violation on handling URL String David Litchfield (Jan 15)
  - Re: MS IIS 5.0 Access Violation on handling URL String Lark Lizerman (Jan 16)
- Yahoo Pager/Messanger Buffer Overflow Jaynus Jaynus (Jan 17)
- <Possible follow-ups>
- Re: MS IIS 5.0 Access Violation on handling URL String Michael Howard (Jan 18)
- Re: MS IIS 5.0 Access Violation on handling URL String Michael Howard (Jan 18)
Re: WebSitePro/2.3.18 + 2.4.9 is revealing Webdirectories Lark Lizerman (Jan 14)
- Re: HOTMAIL is revealing Webdirectories Gushterul (Jan 15)
- Announce: BOF on Distributed DoS, San Jose 1/18/00 David Kennedy CISSP (Jan 16)
Re: Password issue in Axent ESM 5.0.1 Console Harold Toomey (Jan 15)
- <Possible follow-ups>
- Re: Password Issue in Axent ESM 5.0.1 Console Todd Hathaway (Jan 16)
Re: Misleading sense of security in Netscape Steven M. Bellovin (Jan 15)
Re: Anyone can take over virtually any domain... Brian Mueller (Jan 15)
Re: ICQ Buffer Overflow Exploit Thomas Maschutznig (Jan 15)
- <Possible follow-ups>
- Re: ICQ Buffer Overflow Exploit x-x-x-x-x-x-x-x-x (Jan 18)
- Re: ICQ Buffer Overflow Exploit Bryce Walter (Jan 18)
  - Re: ICQ Buffer Overflow Exploit Jeremy Johnson (Jan 19)
  - Re: ICQ Buffer Overflow Exploit Nick Summy (Jan 19)
  - Re: ICQ Buffer Overflow Exploit Dylan Griffiths (Jan 20)
  - explanation and code for stream.c issues Tim Yardley (Jan 21)
    - Re: explanation and code for stream.c issues Tim Yardley (Jan 21)
    - Re: explanation and code for stream.c issues Tim Yardley (Jan 21)
    - Re: explanation and code for stream.c issues Erik Fichtner (Jan 21)
    - Re: explanation and code for stream.c issues Brett Glass (Jan 21)
    - S/Key & OPIE Database Vulnerability harikiri (Jan 22)
    - Re: S/Key & OPIE Database Vulnerability David Maxwell (Jan 24)
    - S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 24)
    - Re: S/Key & OPIE Database Vulnerability Evil Pete (Jan 25)
    - Re: S/Key & OPIE Database Vulnerability Mudge (Jan 25)
    - Re: S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 25)
    - Re: S/Key & OPIE Database Vulnerability Mudge (Jan 25)
    - Stream.c needs more clarification Vanja Hrustic (Jan 25)
    - Re: S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 25)
    - Re: S/Key & OPIE Database Vulnerability Mudge (Jan 25)
    - Re: S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 26)
    - Future of s/key (Re: S/Key & OPIE Database Vulnerability) Frasnelli, Dan (Jan 27)
    - Re: S/Key & OPIE Database Vulnerability Eivind Eklund (Jan 27)
    - Re: S/Key & OPIE Database Vulnerability Jordan Ritter (Jan 27)
    - Re: S/Key & OPIE Database Vulnerability Jordan Ritter (Jan 28)
    - "Strip Script Tags" in FW-1 can be circumvented Arne Vidstrom (Jan 29)
    - Re: S/Key & OPIE Database Vulnerability Brandon Palmer (Jan 27)
    - Re: S/Key & OPIE Database Vulnerability Eivind Eklund (Jan 28)
    - Multicast from hell John Watkins (Jan 27)
    - Cobalt RaQ2 - a user of mine changed my admin password.. Chuck Pitre - Technical Support (Jan 28)
    - Re: Cobalt RaQ2 - and QUBE2 Nir Simionovich (Rin Solo) (Jan 29)
    - Tempfile vulnerabilities foo (Jan 30)
    - [FreeBSD Security Advisory: FreeBSD-SA-00:02.procfs] Patrick Oonk (Jan 28)
    - Re: Multicast from hell Omachonu Ogali (Jan 28)
    - FTPPro has weird features - Fwd: Important matter for your abuse department Cedric Amand (Jan 28)
    - New SCO patches... Aaron Sigel (Jan 27)
    - Qpopper security bug Zhodiac (Jan 26)
    - Re: S/Key & OPIE Database Vulnerability Dug Song (Jan 27)
    - Microsoft Security Bulletin (MS00-006) Microsoft Product Security (Jan 27)
    - Alert: MS IIS 4 / IS 2 (Cerberus Security Advisory CISADV000126) Mnemonix (Jan 27)
    - Re: Alert: MS IIS 4 / IS 2 (Cerberus Security Advisory CISADV000126) Fredrik Widlund (Jan 30)
    - Re: explanation and code for stream.c issues Nathan Ollerenshaw (Jan 22)
TB2 Pro sending NT passwords cleartext David Masten (Jan 16)
- Nortel Contivity Vulnerability foo (Jan 18)
  - Re: Nortel Contivity Vulnerability Bill Fumerola (Jan 18)
- Re: TB2 Pro sending NT passwords cleartext William J Husler (Jan 18)
Re: problem with SNMPc John Comeau (Jan 18)
- <Possible follow-ups>
- Re: problem with SNMPc Marc Cozzi (Jan 18)
  - Re: problem with SNMPc Stefan Schneider (Jan 19)
Re: Altavista Free Internet Security Firstname Lastname (Jan 18)
Updated PalmCrack 1.1 Distribution Noncon Inc (Jan 18)
Re: tcpdump under RedHat 6.1 John Comeau (Jan 18)
- Re: tcpdump under RedHat 6.1 Francois Morris (Jan 19)
  - Re: tcpdump under RedHat 6.1 Ken Lyon (Jan 22)
More Interscan Viruswall stuff john lampe (Jan 18)
Re: usual iploggers miss some variable stealth scans David LeBlanc (Jan 18)
- <Possible follow-ups>
- Re: usual iploggers miss some variable stealth scans Hank Leininger (Jan 18)
- Re: usual iploggers miss some variable stealth scans Oliver Friedrichs (Jan 19)
  - Re: usual iploggers miss some variable stealth scans Ralf Laue (Jan 21)
  - Re: usual iploggers miss some variable stealth scans antirez (Jan 22)
    - Re: usual iploggers miss some variable stealth scans Theo de Raadt (Jan 24)
    - Security Bulletins Digest Aleph One (Jan 24)
    - majordomo 1.94.5 does not fix all vulnerabilities Brock Sides (Jan 24)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Chan Wilson (Jan 25)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Dave Barr (Jan 25)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Olaf Kirch (Jan 25)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Martin Mares (Jan 25)
stream.c - new FreeBSD exploit? The Tree of Life (Jan 18)
- Re: stream.c - new FreeBSD exploit? Bill Fumerola (Jan 20)
  - Re: stream.c - new FreeBSD exploit? Adam Lynch (Jan 21)
- Re: stream.c - new FreeBSD exploit? Darren Reed (Jan 21)
  - Re: stream.c - new FreeBSD exploit? Frank (sysadmin) (Jan 22)
- <Possible follow-ups>
- Re: stream.c - new FreeBSD exploit? Haight, Kristofer (Jan 21)
- Re: stream.c - new FreeBSD exploit? Guy Cohen (Jan 23)
Re: Microsoft Security Bulletin (MS00-005) Pauli Ojanpera (Jan 19)
- <Possible follow-ups>
- Re: Microsoft Security Bulletin (MS00-005) Brock Tellier (Jan 19)
- Re: Microsoft Security Bulletin (MS00-005) Microsoft Product Security Response Team (Jan 21)
FW: FreeBSD Security Advisory: FreeBSD-SA-00:01.make FreeBSD Security Officer (Jan 19)
Graphiciizing su for NT WAS: RE: XML in IE 5.0 SanMillan, Todd (Jan 19)
- (no subject) Morris, Joseph L. (Jan 21)
- Re: Graphiciizing su for NT WAS: RE: XML in IE 5.0 Jesper M. Johansson (Jan 21)
Security Issues with HIGHSPEEDWEB.NET leased servers Brian Mueller (Jan 20)
- Re: Security Issues with HIGHSPEEDWEB.NET leased servers Pedro Hugo (Jan 20)
- Nortel Contivity Vulnerability: typo foo (Jan 21)
  - Re: Nortel Contivity Vulnerability: typo John Duksta (Jan 25)
    - Re: Nortel Contivity Vulnerability: typo Ray Beaulieu (Jan 26)
- <Possible follow-ups>
- Re: Security Issues with HIGHSPEEDWEB.NET leased servers Brian Mueller (Jan 21)
connlogd update Alec Kosky (Jan 20)
Worldsecure/Mail 4.3 vulnerability Andreas Küchler (Jan 20)
- <Possible follow-ups>
- Re: Worldsecure/Mail 4.3 vulnerability salme () US IBM COM (Jan 20)
Re: Some discussion in http-wg ... FW: webmail vulnerabilities: a new pragma token? Ryan Russell (Jan 20)
Microsoft Security Bulletin (MS00-002) Microsoft Product Security (Jan 20)
FW: Security Vulnerability with SMS 2.0 Remote Control Brandon Eisenmann (Jan 20)
- <Possible follow-ups>
- Re: FW: Security Vulnerability with SMS 2.0 Remote Control Maniac . (Jan 21)
AusCERT Advisory AA-2000.01 Majordomo open() call Vulnerability Christopher P. Lindsey (Jan 21)
Quick remedy for stream.c Brett Glass (Jan 21)
- Re: Quick remedy for stream.c Frasnelli, Dan (Jan 21)
- Re: Quick remedy for stream.c bella (Jan 21)
- RDISK registry enumeration file vulnerability in Windows NT 4.0 Terminal Server Edition Arne Vidstrom (Jan 21)
  - Re: RDISK registry enumeration file vulnerability in Windows NT 4.0 Terminal Server Edition Andy Polyakov (Jan 24)
Re: Crafted Packets Handling by Firewalls - FW-1 case IAKOVLEV () FR IBM COM (Jan 21)
Microimages X Server for Win - Vulnerability Mike Wilson (Jan 21)
- Re: Microimages X Server for Win - Vulnerability Nathanael Lierly (Jan 21)
Re: Info on some security holes reported against SCO Unixware. Brock Tellier (Jan 21)
- Re: Info on some security holes reported against SCO Unixware. Aaron Sigel (Jan 21)
Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Scott, Richard (Jan 21)
- <Possible follow-ups>
- Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Jonah Kowall (Jan 21)
stream.c Dino Amato (Jan 21)
- <Possible follow-ups>
- Fw: stream.c Dino Amato (Jan 21)
NIS security advisory : password method downgrade Stefan Laudat (Jan 21)
- Re: NIS security advisory : password method downgrade Thorsten Kukuk (Jan 24)
- VMware 1.1.2 Symlink Vulnerability harikiri (Jan 24)
  - Re: VMware 1.1.2 Symlink Vulnerability Oinos (Jan 25)
- <Possible follow-ups>
- Re: NIS security advisory : password method downgrade Darren Moffat - Solaris Sustaining Engineering (Jan 24)
Windows 2000 Run As... Feature David Terrell (Jan 21)
- Re: Windows 2000 Run As... Feature Seth R Arnold (Jan 23)
- Re: Windows 2000 Run As... Feature Steven Kastl (Jan 24)
- Re: Windows 2000 Run As... Feature Jesper M. Johansson (Jan 24)
  - Re: Windows 2000 Run As... Feature David LeBlanc (Jan 25)
    - Re: Windows 2000 Run As... Feature Ben Russell (Jan 26)
    - Re: Windows 2000 Run As... Feature Steve Wolfe (Jan 26)
    - Re: Windows 2000 Run As... Feature Kenn Humborg (Jan 27)
    - SAS behavior in Windows NT - RE: Windows 2000 Run As... Feature jdglaser (Jan 26)
    - Re: SAS behavior in Windows NT - RE: Windows 2000 Run As... Feature Jesper M. Johansson (Jan 26)
    - Re: SAS behavior in Windows NT - RE: Windows 2000 Run As... Feature Peter Berendi (Jan 27)
    - Re: SAS behavior in Windows NT - RE: Windows 2000 Run As... Feature David LeBlanc (Jan 26)
- <Possible follow-ups>
- Re: Windows 2000 Run As... Feature jdglaser (Jan 24)
  - Re: Windows 2000 Run As... Feature Camillo Särs (Jan 25)
  - multicasts from hell Tim Yardley (Jan 25)
  - Re: Windows 2000 Run As... Feature David LeBlanc (Jan 25)
- Re: Windows 2000 Run As... Feature jdglaser (Jan 25)
Fwd: Re: Fwd: Re: explanation and code for stream.c issues Tim Yardley (Jan 22)
- <Possible follow-ups>
- Re: explanation and code for stream.c issues Giorgos Keramidas (Jan 22)
- Re: explanation and code for stream.c issues Vladimir Dubrovin (Jan 22)
- Re: explanation and code for stream.c issues Don Lewis (Jan 22)
  - Re: explanation and code for stream.c issues Vladimir Dubrovin (Jan 22)
    - Re: explanation and code for stream.c issues Don Lewis (Jan 22)
Solaris 7 and solaris 8 file permissions Steve Dispensa (Jan 22)
- Re: Solaris 7 and solaris 8 file permissions Jonathan [no, I don't write for /.] Katz (Jan 23)
- Re: Solaris 7 and solaris 8 file permissions Casper Dik (Jan 24)
- <Possible follow-ups>
- Re: Solaris 7 and solaris 8 file permissions Darren Moffat - Solaris Sustaining Engineering (Jan 24)
RFPoison is not a trojan, and the source will prove it .rain.forest.puppy. (Jan 22)
remote root qmail-pop with vpopmail advisory and exploit with patch what's your style? (Jan 23)
The 200 trusted .com servers D. J. Bernstein (Jan 23)
Re: vpopmail/vchkpw remote root exploit D. J. Bernstein (Jan 23)
Re: remote root qmail-pop with vpopmail advisory and exploit with patch (fwd) iv0 (Jan 24)
- <Possible follow-ups>
- Re: remote root qmail-pop with vpopmail advisory and exploit with patch (fwd) iv0 (Jan 24)
Re: VMware 1.1.2 Symlink Vulnerability (not) Peter W (Jan 25)
New Security Paradigms Workshop 2000: Call For Papers Crispin Cowan (Jan 25)
Lotus Notes Local Replicated Database Problem Matt Storey (Jan 25)
- <Possible follow-ups>
- Re: Lotus Notes Local Replicated Database Problem bram () E-WARENESS BE (Jan 26)
Re: SAS behavior in Windows NT - RE: Windows 2000 Run As... Feature jdglaser (Jan 27)
- Re: SAS behavior in Windows NT - RE: Windows 2000 Run As... Feature Ron Parker (Jan 27)
- ANNOUNCE: CIS 5.0.0 Mnemonix (Jan 27)
Re: Future of s/key (Re: S/Key & OPIE Database Vulnerability) der Mouse (Jan 27)
- rzsz emails usage stats without user consent Kris Kennaway (Jan 30)
- Re: Future of s/key (Re: S/Key & OPIE Database Vulnerability) Greg A. Woods (Jan 30)
- RedHat 6.1 /and others/ PAM Michal Zalewski (Jan 30)
- Disable Parent Paths Robert Zachary (Jan 31)
FW: Undocumented back door NHCTC (Jan 28)
Re: Alert: MS IIS 4 / IS 2 (Cerberus Security Advisory CISADV000126) Mnemonix (Jan 28)
Bypass Virus Checking Neil Bortnak (Jan 31)
Re: Alert: MS IIS 4 / IS 2 (Cerberus Security Advisory CISADV0001 26) Cave, Glynis (Jan 31)
[ Cobalt ] Security Advisory -- 01.31.2000 Jeff Bilicki (Jan 31)
New Allaire Security Zone Bulletin Aleph One (Jan 31)

Previous period

Next period