Bugtraq: by thread

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: by thread

455 messages starting Jan 13 99 and ending Aug 02 00
Date index | Thread index | Author index

Re: Snort 1.6 and nmap 2.54beta1 Galileo (May 14)
gdm exploit abraxas () SEKURE DE (May 27)
Re : PATCH : cdrecord. yoann () MANDRAKESOFT COM (May 30)
Java Internet Shop Vulnerability Viktor Christiansen - CEO & PRESIDENT SECURITY POINT (May 31)
Re: Mandrake 7.0: /usr/bin/cdrecord gid=80 (strike #2) Jeff Garzik (May 31)
- Re: Mandrake 7.0: /usr/bin/cdrecord gid=80 (strike #2) noir (May 30)
- <Possible follow-ups>
- Re: Mandrake 7.0: /usr/bin/cdrecord gid=80 (strike #2) sector x (Jun 10)
  - Re: Mandrake 7.0: /usr/bin/cdrecord gid=80 (strike #2) Alfred Perlstein (Jun 10)
Re: KDE Vuln Olaf Kirch (May 31)
DST2K0006: Denial of Service Possibility in Imate WebMail Server v2.5 Security Team (Jun 01)
DST2K0007: Buffer Overrun in ITHouse Mail Server v1.04 Security Team (Jun 01)
Re: IBM HTTP SERVER / APACHE typo () INFERNO TUSCULUM EDU (Jun 01)
- <Possible follow-ups>
- Re: IBM HTTP SERVER / APACHE H D Moore (Jun 01)
  - Re: IBM HTTP SERVER / APACHE Luke Harless (Jun 01)
  - Security Administration comes to LISA 2000 Cat Okita (Jun 01)
  - Remote DoS attack in RealServer: USSR-2000043 David Cotter (Jun 01)
  - ipx storm Jacek Lipkowski (Jun 02)
  - Microsoft Security Bulletin (MS00-032) Microsoft Product Security (Jun 02)
  - Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability Ussr Labs (Aug 02)
    - Piranha password file frostman () SECUREACCESS INTRANETS COM (Jun 02)
    - Re: Piranha password file arkth (Jun 08)
    - Re: Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability Alfred Perlstein (Jun 02)
    - New Allaire Security Zone Bulletins Aleph One (Jun 08)
- Re: IBM HTTP SERVER / APACHE . Hecix (Jun 02)
- Re: IBM HTTP SERVER / APACHE Marc Slemko (Jun 03)
Re: wget-1.5.3, chmod+symlinks Hrvoje Niksic (Jun 01)
more majordomo brokeness - "exploit" Morpheus (Jun 01)
Re: Jolt2 crashes tcpdump Earl T. Carter (Jun 01)
Hardware Exploit - Gets network Down netsec [davidv] (Jun 01)
Re: An Analysis of the TACACS+ Protocol and its Implementations Juan M. Courcoul (Jun 01)
- Re: An Analysis of the TACACS+ Protocol and its Implementations Eccentric (Jun 01)
  - HP Security vulnerability in the man command Jason Axley (Jun 02)
    - MDMA Advisory #5: Reading of CGI Scripts under Savant Webserver Drew (Jun 05)
    - Re: HP Security vulnerability in the man command Theo de Raadt (Jun 05)
    - Re: HP Security vulnerability in the man command Philipp Buehler (Jun 06)
    - Password Generation during RH Linux 6.x Installation William R. Lorenz (Jun 07)
    - Re: Password Generation during RH Linux 6.x Installation Fabian Kroenner (Jun 08)
    - Re: HP Security vulnerability in the man command V. T. Mueller (Jun 07)
  - Re: An Analysis of the TACACS+ Protocol and its Implementations Dylan (Jun 02)
  - Microsoft Security Bulletin (MS00-037) Microsoft Product Security (Jun 02)
- Re: An Analysis of the TACACS+ Protocol and its Implementations Fyodor (Jun 01)
DST2K0008: Buffer Overrun in Sambar Server 4.3 Security Team (Jun 01)
Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- [rootshell.com] Xterm DoS Attack Kit Knox (Jun 01)
  - Re: [rootshell.com] Xterm DoS Attack Michael Jennings (Jun 01)
  - Re: [rootshell.com] Xterm DoS Attack Walt (Jun 01)
    - Re: [rootshell.com] Xterm DoS Attack Soeren Staun-Pedersen (Jun 02)
    - Insecure encryption in PassWD v1.2 Daniel Roethlisberger (Jun 03)
    - Re: [rootshell.com] Xterm DoS Attack Wakko Ellington Warner-Warner III (Jun 04)
    - Linux-Mandrake Xlockmore security update Chmouel Boudjnah (Jun 04)
    - Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
  - Re: [rootshell.com] Xterm DoS Attack Darren Reed (Jun 02)
    - Re: [rootshell.com] Xterm DoS Attack gavina () CSIS GVSU EDU (Jun 02)
    - [Debian] Majordomo will be removed Aleph One (Jun 03)
  - /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Paulo Ribeiro (Jun 02)
    - Re: /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Christopher Schulte (Jun 04)
  - [Gael Duval <gduval () mandrakesoft com>] [Security Announce] cdrecord Chmouel Boudjnah (Jun 03)
- Remote DoS attack in Real Networks Real Server (Strike #2) Vulnerability Ussr Labs (Aug 01)
  - Re: Remote DoS attack in Real Networks Real Server (Strike #2)Vulnerability Jeff Long (Jun 02)
    - [JOLT2] Remote Denial of Service against Be/OS. visi0n (Jun 01)
    - Re: Remote DoS attack in Real Networks Real Server (Strike #2)Vulnerability Jeff Long (Jun 02)
Netwin's Dmail package Eric Andry (Jun 01)
- Re: Netwin's Dmail package noir (Jun 01)
  - Re: Netwin's Dmail package Zac Cogswell (Jun 04)
Re: DSMTP DoS Eric Andry (Jun 01)
[rootshell.com] Windows Media Encoder DoS (MSBD) Kit Knox (Jun 01)
RELEASED: LibnetNT by eEye Digital Security Marc (Jun 01)
New DDoS methods Stefan Laudat (Jun 01)
Re: Remote DoS attack in Real Networks Real Server (Strike #2) vulnerability Ryan Russell (Jun 01)
- Re: Remote DoS attack in Real Networks Real Server (Strike #2) vulnerability Christopher Schulte (Jun 02)
- bind running as root in Mandrake 7.0 Nicolas MONNET (Jun 03)
  - Re: bind running as root in Mandrake 7.0 Brock Sides (Jun 03)
  - Re: bind running as root in Mandrake 7.0 White Vampire (Jun 03)
  - Re: bind running as root in Mandrake 7.0 Andrew L . Davis (Jun 04)
    - Re: bind running as root in Mandrake 7.0 Elias Levy (Jun 08)
    - Circumventing Outlook Security Update File Download Security With IFRAMEs cassius () HUSHMAIL COM (Jun 09)
    - Re: bind running as root in Mandrake 7.0 Nathan Neulinger (Jun 11)
    - Remote DoS for Mercur 3.2 |[TDP]| (Jun 13)
    - Vulnerability in Solaris ufsrestore Job de Haas (Jun 14)
- <Possible follow-ups>
- Re: Remote DoS attack in Real Networks Real Server (Strike #2) Vulnerability Christopher Schulte (Jun 02)
Re: Corel Linux Default Install suid () SUID KG (Jun 01)
Re: XFree86 server overflow Trevor Johnson (Jun 04)
buffer overflow in netscape linux freak (Jun 04)
Re: Microsoft BackOffice component: adredir.asp Microsoft Security Response Center (Jun 04)
- Re: Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
- Linux-Mandrake bind update. Chmouel Boudjnah (Jun 04)
- Why You Should Upgrade To NT4 SP4 or NT5 Luke Kenneth Casson Leighton (Jun 04)
- <Possible follow-ups>
- Re: Microsoft BackOffice component: adredir.asp Russ (Jun 04)
Re: [rootshell.com] Xterm DoS Attack Hans, Sebastian (Jun 04)
- Security Update: serious bug in setuid() Technical Support (Jun 08)
- Security Bulletins Digest Aleph One (Jun 08)
- Internet Security Systems Security Advisory: Buffer Overflow in i-drive Filo (tm) software Aleph One (Jun 08)
- Re: [rootshell.com] Xterm DoS Attack Elias Levy (Jun 08)
- <Possible follow-ups>
- Re: [rootshell.com] Xterm DoS Attack Simon Tatham (Jun 06)
  - Re: [rootshell.com] Xterm DoS Attack Michael Jennings (Jun 08)
anonymous SMB service DoS on nt5 (and TCP DoS on nt4) (fwd) Luke Kenneth Casson Leighton (Jun 04)
anonymous SMBwriteX DoS Luke Kenneth Casson Leighton (Jun 04)
NT admin password change algorithms expose user plaintext passwords Luke Kenneth Casson Leighton (Jun 04)
Re: MICROSOFT SECURITY FLAW? http-equiv () excite com (Jun 04)
Re: ipx storm Frank Berzau (Jun 05)
Shinex vs. IIS CLI Extensions dev-null () NO-ID COM (Jun 05)
- <Possible follow-ups>
- Re: Shinex vs. IIS CLI Extensions Microsoft Security Response Center (Jun 08)
Re: Linux-Mandrake Xlockmore security update Alan J Rosenthal (Jun 05)
Microsoft Outlook (Express) bug.. Matthew J. Brown (Jun 05)
- <Possible follow-ups>
- Re: Microsoft Outlook (Express) bug.. Elias Levy (Jun 09)
  - Re: Microsoft Outlook (Express) bug.. Frederik Lindberg (Jun 11)
FW-1 IP Fragmentation Vulnerability Lance Spitzner (Jun 05)
- Re: FW-1 IP Fragmentation Vulnerability Chris Brenton (Jun 06)
  - Re: FW-1 IP Fragmentation Vulnerability Thomas Willert (Jun 29)
- Re: FW-1 IP Fragmentation Vulnerability Darren Reed (Jun 06)
- Caldera Security Advisory CSSA-2000-015: suid root KDE applications Caldera Systems Security (Jun 06)
- Shiva Access Manager 5.0.0 Plaintext LDAP root password. Blaise St. Laurent (Jun 06)
- MDMA Advisory #6: EServ Logging Heap Overflow Vulnerability Drew (Jun 06)
ALERT: Bypassing Warnings For Invalid SSL Certificates In Internet Explorer Mitja Kolsek (Jun 05)
Microsoft Security Bulletin (MS00-039) Microsoft Product Security (Jun 05)
ALERT: [MS00-039] IE PATCH SSL Certificate Validation Vulnerabilities in Microsoft Internet Explorer Devon Null (Jun 06)
IE 5 Cross-frame security vulnerability using IFRAME and WebBrowser control Georgi Guninski (Jun 06)
innd 2.2.2 remote buffer overflow Michal Zalewski (Jun 06)
- <Possible follow-ups>
- Re: innd 2.2.2 remote buffer overflow Russ Allbery (Jun 06)
  - Re: innd 2.2.2 remote buffer overflow Michal Zalewski (Jun 05)
- Re: innd 2.2.2 remote buffer overflow Russ Allbery (Jun 06)
- Re: innd 2.2.2 remote buffer overflow Forrest J. Cavalier III (Jun 06)
Administrivia: Request for Contacts Elias Levy (Jun 06)
BRU Vulnerability root (Jun 06)
- Re: BRU Vulnerability Gavrie Philipson (Jun 07)
  - Re: BRU Vulnerability Jeremy Rauch (Jun 08)
    - Re: BRU Vulnerability Theo Van Dinter (Jun 11)
    - Re: BRU Vulnerability terry white (Jun 11)
    - Exploit to the overflow in restore Ronald Huizer [Crew] (Jun 14)
    - Remote DoS attack in Networks Associates PGP Certificate Server Version 2.5 Vulnerability Ussr Labs (Jun 14)
    - BEA WebLogic JSP showcode vulnerability stuart.mcclure () FOUNDSTONE COM (Jun 11)
  - Microsoft Security Bulletin (MS00-040) Microsoft Product Security (Jun 08)
  - Mission statement for LKAP(Linux Kernel Auditing Project) Bryan Paxton (Jun 08)
Conectiva Linux security announcement - inn Sergio Bruder (Jun 06)
[ Hackerslab bug_paper ] HP-UX SNMP daemon vulnerability loveyou () DOGFOOT HACKERSLAB ORG (Jun 06)
- <Possible follow-ups>
- Re: [ Hackerslab bug_paper ] HP-UX SNMP daemon vulnerability Chris Calabrese (Jun 08)
- Re: [ Hackerslab bug_paper ] HP-UX SNMP daemon vulnerability Chris Calabrese (Jun 08)
New Allaire ColdFusion DoS stuart.mcclure () FOUNDSTONE COM (Jun 06)
Yet another heap overflow in wu-ftpd and so on... Michal Zalewski (Jun 07)
- Re: Yet another heap overflow in wu-ftpd and so on... portal (Jun 08)
- Mailstudio2000 CGI Vulnerabilities [S0ftPj.4] fusys () ITAPAC NET (Jun 09)
  - Re: Mailstudio2000 CGI Vulnerabilities [S0ftPj.4] Vanja Hrustic (Jun 10)
    - Re: Mailstudio2000 CGI Vulnerabilities [S0ftPj.4] Fyodor (Jun 10)
  - Update to DST2K0011: DoS & BufferOverrun in CMail v2.4.7 WebMail Security Team (Jun 10)
- Security Update: flaws in the SSL transaction handling of Netscape Technical Support (Jun 09)
Conectiva Linux Security Announcement - gdm Sergio Bruder (Jun 07)
Proposal for protection from windows rootkit drivers IPD (Jun 07)
Conectiva Linux Security Announcement - cdrecord Sergio Bruder (Jun 07)
SessionWall-3 Paper + (links to) code Codex (Jun 07)
(no subject) Technical Support (Jun 07)
Local root vulnerability in most used Linux kernels Gerrie (Jun 07)
local root on linux 2.2.15 Peter van Dijk (Jun 07)
- Mcafee Alerting DOS vulnerability Harry Schmilllson (Jun 07)
- Re: local root on linux 2.2.15 Wojciech Purczynski (Jun 08)
  - Re: local root on linux 2.2.15 Tomasz Grabowski (Jun 08)
  - Re: local root on linux 2.2.15 Philip Guenther (Jun 08)
    - Re: local root on linux 2.2.15 Wojciech Purczynski (Jun 12)
    - Re: local root on linux 2.2.15 Jeff Dafoe (Jun 14)
    - Re: local root on linux 2.2.15 Wojciech Purczynski (Jun 14)
    - MS-040 'proof of concept' code Renaud Deraison (Jun 13)
- Re: local root on linux 2.2.15 Rogier Wolff (Jun 08)
- <Possible follow-ups>
- Re: local root on linux 2.2.15 Tollef Fog Heen (Jun 11)
  - Re: local root on linux 2.2.15 Peter da Silva (Jun 15)
    - Re: local root on linux 2.2.15 Firstname Lastname (Jun 15)
    - Re: local root on linux 2.2.15 Robert Watson (Jun 18)
    - Net Tools PKI server exploits Jim Stickley (Jun 19)
    - XFree86: libICE DoS Chris Evans (Jun 19)
    - XFree86: Various nasty libX11 holes Chris Evans (Jun 19)
    - XFree86: xdm flaw; present in kdm Chris Evans (Jun 19)
    - XFree86: xdm xdmcp code in wdm also Brian Russo (Jun 20)
    - Re: XFree86: xdm xdmcp code in wdm also Jerome ALET (Jun 20)
    - Problems with "kon2" package Chris Evans (Jun 19)
    - [TL-Security-Announce] Linux Kernel TLSA2000013-1 Roger Luethi (Jun 19)
    - Re: [TL-Security-Announce] Linux Kernel TLSA2000013-1 Gregory Neil Shapiro (Jun 28)
    - CERT Advisory CA-2000-12 Roman Drahtmueller (Jun 19)
    - Re: local root on linux 2.2.15 Joseph Gooch (Jun 15)
    - Conectiva Linux Security Announcement - ZOPE Sergio Bruder (Jun 16)
- Re: local root on linux 2.2.15 der Mouse (Jun 14)
- Re: local root on linux 2.2.15 Ben Pfaff (Jun 15)
- Re: local root on linux 2.2.15 Tollef Fog Heen (Jun 15)
FreeBSD Security Advisory: FreeBSD-SA-00:22.apsfilter FreeBSD Security Advisories (Jun 07)
FreeBSD Security Advisory: FreeBSD-SA-00:21.ssh [REVISED] FreeBSD Security Advisories (Jun 07)
Sendmail Workaround for Linux Capabilities Bug Sendmail Security (Jun 07)
Sendmail local root exploit on linux 2.2.x Florian Heinz (Jun 08)
- Snort 1.6 and nmap 2.54beta1 Galileo (May 12)
  - Re: Snort 1.6 and nmap 2.54beta1 Simple Nomad (Jun 14)
  - Security Advisory: REMOTE ROOT VULNERABILITY IN GSSFTP DAEMON Tom Yu (Jun 14)
  - Security Advisory: local ROOT exploit in BRU Technical Support (Jun 14)
  - Re: Snort 1.6 and nmap 2.54beta1 Martin Roesch (Jun 14)
- Re: Sendmail local root exploit on linux 2.2.x Mark K. Pettit (Jun 08)
- Reporting Security Issues to Microsoft Microsoft Security Response Center (Jun 08)
- Re: Sendmail local root exploit on linux 2.2.x Christophe GRENIER (Jun 08)
- arprelay: a tool to edit TCP connections in a LAN Felix von Leitner (Jun 09)
- Re: Sendmail local root exploit on linux 2.2.x Alan Iwi (Jun 12)
- Splitvt exploit syzop (Jun 14)
  - Re: Splitvt exploit Joey Hess (Jun 14)
    - Re: Splitvt exploit Andrey Savochkin (Jun 16)
    - Re: Splitvt exploit Joey Hess (Jun 16)
    - NAI WebShield SMTP does not scan base64 encoding chris.paget () ANALYSYS COM (Jun 20)
  - Re: Splitvt exploit Kris Kennaway (Jun 15)
  - Re-release of IIS 5.0 Patch for MS00-031 Microsoft Product Security (Jun 16)
  - Infosec.20000617.panda.a Ian Vitek (Jun 17)
- Reliable Software Technologies releases new e-mail virus protection software Tim Hollebeek (Jun 14)
- Microsoft Security Bulletin (MS00-041) Microsoft Product Security (Jun 14)
DST2K0010: DoS & Path Revealing Vulnerability in Ceilidh v2.60a Ollie Whitehouse (Jun 08)
Potential DoS Attack on RSA's ACE/Server JJ Gray (Jun 08)
DST2K0011: DoS & BufferOverrun in CMail v2.4.7 WebMail Security Team (Jun 08)
DST2K0012: BufferOverrun in HP Openview Network Node Manager v6.1 Security Team (Jun 08)
the Linux Capabilities bug Roger Espel Llima (Jun 08)
Sendmail 8.10.2, Linux 2.4.0 - capabilities Valdis Kletnieks (Jun 08)
- Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities Kyle Sparger (Jun 08)
  - Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities xdr (Jun 09)
  - format bugs, in addition to the wuftpd bug Lamagra Argamal (Jun 24)
    - Re: format bugs, in addition to the wuftpd bug H D Moore (Jun 26)
    - iMesh 1.02 vulnerability Blue Panda (Jun 29)
    - Re: format bugs, in addition to the wuftpd bug Jason Axley (Jun 29)
    - Concerning the LDAP Enabled Netscape FTP Server Alfred Huger (Jun 27)
  - Glftpd privpath bugs... +fix Raymond Dijkxhoorn (Jun 26)
    - Re: Glftpd privpath bugs... +fix Scott (Jun 27)
- CONECTIVA LINUX SECURITY ANNOUNCEMENT - kernel Sergio Bruder (Jun 08)
- Sendmail & procmail local root exploits on Linux kernel up to 2.2.16pre5 Wojciech Purczynski (Jun 08)
- OpenSSH's UseLogin option allows remote access with root privilege. Markus Friedl (Jun 09)
  - Re: OpenSSH's UseLogin option allows remote access with root privilege. Bernhard Rosenkraenzer (Jun 10)
    - Re: OpenSSH's UseLogin option allows remote access with root privilege. Phil Stracchino (Jun 10)
    - IBM WebSphere JSP showcode vulnerability stuart.mcclure () FOUNDSTONE COM (Jun 11)
    - Re: OpenSSH's UseLogin option allows remote access with root privilege. Markus Friedl (Jun 12)
    - Using IP Filter to protect FW-1 4.0 (fwd) Darren Reed (Jun 12)
    - FreeBSD Security Advisory: FreeBSD-SA-00:25.alpha-dev-random FreeBSD Security Advisories (Jun 12)
    - RFPolicy for vulnerability disclosure rain forest puppy (Jun 12)
    - CGI: Selena Sol's WebBanner ( Random Banner Generator ) Vulnerability Johannes Westerink (Jun 12)
    - SmartFTP Daemon v0.2 Beta Build 9 - Remote Exploit Moritz Jodeit (Jun 13)
    - Ethics ?? : Re: local root on linux 2.2.15 Gerrie (Jun 10)
  - CONECTIVA LINUX SECURITY ANNOUNCEMENT - OPENSSH Andreas Hasenack (Jun 10)
- Trustix Security Advisory Oystein Viggen (Jun 09)
- Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC Tom Yu (Jun 09)
  - Remote DOS in linux rpc.lockd mmurray () FSCINTERNET COM (Jun 08)
  - Re: Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC Mike Friedman (Jun 09)
- <Possible follow-ups>
- Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities Antonio Galea (Jun 15)
  - Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities Lionel Cons (Jun 16)
  - Call For Participation - Raid 2000 Herve Debar (Jun 16)
  - Veritas Volume Manager 3.0.x hole Dixie Flatline (Jun 16)
    - Re: Veritas Volume Manager 3.0.x hole Louis-Philippe Reid (Jun 16)
    - Perl Crypt::CBC concern Darryl Miles (Jun 17)
    - Re: Veritas Volume Manager 3.0.x hole Doug Hughes (Jun 18)
  - Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities Solar Designer (Jun 17)
Re: HP-UX SNMP daemon vulnerability HP S/W Security Team (Jun 08)
[suse-security-announce] SuSE Security Announcement: pop (fwd) Daniel T. Chen (Jun 09)
Microsoft Outlook Malicious URL Vulnerability cassius () HUSHMAIL COM (Jun 09)
Re: Microsoft ODBC & Access Advisory... Chris Knipe (Jun 09)
Security Holes Found in URLConnection of MRJ and IE of Mac OS (was Re: Reappearance of an old IE security bug) TAKAGI, Hiromitsu (Jun 09)
p0f - passive os fingerprinting tool Michal Zalewski (Jun 09)
ACC/Ericsson Tigris Accounting Failure John Edwards (Jun 12)
Innd 2.2.2 remote news user/group exploit Wojciech Purczynski (Jun 13)
xfs + gdm allow DoS of console Mike Leonhard (Jun 13)
- <Possible follow-ups>
- Re: xfs + gdm allow DoS of console Martin K. Petersen (Jun 15)
Microsoft Access Trojan VBA: The overlooked "macro virus" Johnny (Jun 13)
- Re: Microsoft Access Trojan VBA: The overlooked "macro virus" W. Craig Trader (Jun 14)
- Remote DoS attack in AnalogX SimpleServer WWW Version 1.05 Vulnerability Ussr Labs (Jun 15)
Re: Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability - Mac OS X affected Charles M. Hannum (Jun 13)
Re: bind running as root in Mandrake 7.0 stanislav shalunov (Jun 14)
Vulnerabilities in Norton Antivirus for Exchange Jim Rosenberg (Jun 14)
- Re: Vulnerabilities in Norton Antivirus for Exchange Chris Timmons (Jun 15)
- DoS for web by failing reverse DNS? Derrick J Brashear (Jun 15)
- <Possible follow-ups>
- FW: Vulnerabilities in Norton Antivirus for Exchange Mike Giordano (Jun 21)
- Re: Vulnerabilities in Norton Antivirus for Exchange Prosser, Mike (Jun 28)
Re: Splitvt exploit Thomas Biege (Jun 15)
- Re: Splitvt exploit Joey Hess (Jun 15)
- <Possible follow-ups>
- Re: Fwd: Re: Splitvt exploit Thomas Biege (Jun 19)
Microsoft Security Bulletin (MS00-035) Microsoft Product Security (Jun 15)
[Brian () digicool com: [Zope] Zope security alert and 2.1.7 update [*important*]] George Lewis (Jun 15)
PHP 3.0.14 Disclosure via POST requests H D Moore (Jun 15)
- Re: PHP 3.0.14 Disclosure via POST requests Lars Hecking (Jun 15)
  - Re: PHP 3.0.14 Disclosure via POST requests Scott (Jun 16)
Multiples Remotes DoS Attacks in Dragon Server v1.00 and v2.00 Vulnerability Ussr Labs (Jun 15)
Remote DoS Attack in Small HTTP Server ver. 1.212 Vulnerability Ussr Labs (Jun 15)
Proposal for standardizing a set of security guidelines for web applications Dan (Jun 16)
Re: DoS for web by failing reverse DNS? Derrick J Brashear (Jun 16)
Re: CGI: Selena Sol's WebBanner ( Random Banner Generator ) Vulnerability Ron Parker (Jun 16)
- Re: CGI: Selena Sol's WebBanner ( Random Banner Generator ) Vulnerability Gunther Birznieks (Jun 20)
DST2K0018: Multiple BufferOverruns in WebBBS HTTP Server v1.15 Security Team (Jun 20)
Bug in gpm Tomasz Grabowski (Jun 20)
CUPS DoS Bugs Jeff Licquia (Jun 20)
Re: NAI WebShield SMTP does not scan base64 encoding Fronck, Destry (Jun 20)
- Re: NAI WebShield SMTP does not scan base64 encoding chris.paget () ANALYSYS COM (Jun 20)
- BlackICE by Network ICE Corp vulnerability against Back Orifice 1.2 Juancho Forlanda (Jun 20)
  - BEA WebLogic /file/ showcode vulnerability stuart.mcclure () FOUNDSTONE COM (Jun 20)
  - Re: BlackICE by Network ICE Corp vulnerability against Back Orifice 1.2 Mike DeMaria (Jun 21)
- <Possible follow-ups>
- Re: NAI WebShield SMTP does not scan base64 encoding Sato, Ken (Jun 20)
  - Microsoft Security Bulletin MS00-038 Update Microsoft Product Security (Jun 20)
  - rh 6.2 - gid compromises, etc Michal Zalewski (Jun 21)
    - Immunix OS 6.2 (StackGuarded Red Hat 6.2) Crispin Cowan (Jun 21)
    - Warning regarding new kernel RPMs Joseph V Moss (Jun 21)
    - Re: Warning regarding new kernel RPMs Dave Walter (Jun 22)
    - Re: rh 6.2 - gid compromises, etc [+ MORE!!!] Stan Bubrouski (Jun 21)
    - Re: rh 6.2 - gid compromises, etc [+ MORE!!!] Wietse Venema (Jun 23)
    - Re: rh 6.2 - gid compromises, etc Stan Bubrouski (Jun 22)
    - Allaire Security Bulletin (ASB00-15)- Workaround available for vu lnerabilities exposed by JRun 2.3.x code sample Jesse Noller (Jun 22)
    - [RHSA-2000:038-01] Zope update bugzilla () REDHAT COM (Jun 22)
    - FreeBSD Security Advisory: FreeBSD-SA-00:23.ip-options FreeBSD Security Advisories (Jun 22)
    - Re: FreeBSD Security Advisory: FreeBSD-SA-00:23.ip-options yeti (Jan 13)
    - Re: rh 6.2 - gid compromises, etc Stan Bubrouski (Jun 22)
    - [SECURITY] New Debian wu-ftpd packages released Daniel Jacobowitz (Jun 23)
    - Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Joey Maier (Jun 29)
    - Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Jim Knoble (Jun 29)
    - Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Andrea Costantino (Jun 29)
    - Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Kenn Humborg (Jun 29)
    - Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Philip Rowlands (Jun 29)
    - Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Helmethead (Jun 29)
    - Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Hugo.van.der.Kooij () CAIW NL (Jun 29)
    - CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD Security (Jun 23)
    - Security Update: wu-ftpd vulnerability Technical Support (Jun 23)
  - Re: NAI WebShield SMTP does not scan base64 encoding Andre Albsmeier (Jun 21)
    - Bruce 1.0 EA3: Networked Host-Vulnerability Scanner for Solaris & Linux Keith A. Watson (Jun 21)
    - NetBSD Security Advisory 2000-007 security-officer () NETBSD ORG (Jun 21)
    - Re: NAI WebShield SMTP does not scan base64 encoding Elias Levy (Jun 22)
    - Security Bulletins Digest patrick () PINE NL (Jun 22)
    - Re: NAI WebShield SMTP does not scan base64 encoding chris.paget () ANALYSYS COM (Jun 22)
    - Free mail scanning tool (was Re: NAI WebShield SMTP does not scan base64 encoding) David F. Skoll (Jun 22)
  - NetWin dMailWeb Denial of Service Chris Wolfe (Jun 21)
  - [RHSA-2000:037-01] New Linux kernel fixes security bug bugzilla () REDHAT COM (Jun 21)
Re: Veritas Volume Manager 3.0.x hole Charles Seeger (Jun 20)
IRIX WorkShop cvconnect(1M) Vulnerability SGI Security Coordinator (Jun 20)
Internet Security Systems Security Advisory: Insecure call of external program in AIX cdmount Aleph One (Jun 20)
Netscape FTP Server - "Professional" as hell :> Michal Zalewski (Jun 21)
- easy DoS of LDAP services in case of naive programming bert hubert (Jun 21)
- WuFTPD: Providing *remote* root since at least1994 tf8 (Jun 22)
- <Possible follow-ups>
- Re: Netscape FTP Server - "Professional" as hell :> Luis Pinto (Jun 22)
  - Re: Netscape FTP Server - "Professional" as hell :> Michal Zalewski (Jun 24)
Predictability Problems in IRIX Cron and Compilers jose nazario (Jun 21)
Re: rh 6.2 - gid compromises, etc Russ Allbery (Jun 21)
Re: WuFTPD: Providing *remote* root since at least1994 Bernhard Rosenkraenzer (Jun 22)
- Re: WuFTPD: Providing *remote* root since at least1994 Daniel Jacobowitz (Jun 22)
  - Re: WuFTPD: Providing *remote* root since at least1994 Marcus Meissner (Jun 23)
  - Why pine must never be sgid Stan Bubrouski (Jun 23)
  - sawmill5.0.21 old path bug & weak hash algorithm Cashdollar, Larry (Jun 26)
  - Re: WuFTPD: Providing *remote* root since at least1994 Tomasz Grabowski (Jun 27)
    - Re: WuFTPD: Providing *remote* root since at least1994 Bernhard Rosenkraenzer (Jun 27)
    - Re: WuFTPD: Providing *remote* root since at least1994 Gregory A Lundberg (Jun 27)
- ftpd: the advisory version Lamagra Argamal (Jun 23)
  - Re: ftpd: the advisory version Bernd Luevelsmeyer (Jun 25)
    - Re: ftpd: the advisory version Sebastian (Jun 26)
    - [RHSA-2000:037-05] New Linux kernel fixes security bug bugzilla () REDHAT COM (Jun 26)
  - LeafChat Denial of Service Andrew Lewis (Jun 25)
  - Netscape Enterprise Server for NetWare Virtual Directory Vulnerab ility Peter Grundl (Jun 26)
- <Possible follow-ups>
- Re: WuFTPD: Providing *remote* root since at least1994 Peter Pentchev (Jun 23)
- Re: WuFTPD: Providing *remote* root since at least1994 der Mouse (Jun 25)
  - Re: WuFTPD: Providing *remote* root since at least1994 Mikael Olsson (Jun 26)
    - Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 27)
  - Re: WuFTPD: Providing *remote* root since at least1994 Carson Gaspar (Jun 27)
    - Re: WuFTPD: Providing *remote* root since at least1994 Casper Dik (Jun 29)
    - Re: WuFTPD: Providing *remote* root since at least1994 Eric Hines (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 der Mouse (Jun 26)
  - Re: WuFTPD: Providing *remote* root since at least1994 Henrik Nordstrom (Jun 27)
    - Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 28)
    - Re: WuFTPD: Providing *remote* root since at least1994 Valentin Nechayev (Jun 29)
    - Re: WuFTPD: Providing *remote* root since at least1994 Kenn Humborg (Jun 29)
    - Re: WuFTPD: Providing *remote* root since at least1994 Hudin Lucian (Jun 29)
    - Multiple vulnerabilities in Sybergen Secure Desktop anders.ingeborn () INFOSEC SE (Jun 30)
    - SecureXpert Advisory [SX-20000620-2] SecureXpert DIRECT Sender (Jun 30)
  - Re: WuFTPD: Providing *remote* root since at least1994 Bernd Luevelsmeyer (Jun 28)
- Re: WuFTPD: Providing *remote* root since at least1994 Lars Mathiesen (Jun 28)
- Re: WuFTPD: Providing *remote* root since at least1994 Robert Bihlmeyer (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Ben Pfaff (Jun 29)
  - Update to Integrity Protection Driver Available IPD (Jun 29)
  - Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 29)
  - Buggy ARP handling in Windoze Paul Starzetz (Jun 29)
    - Re: Buggy ARP handling in Windoze Jurjen Oskam (Jun 29)
    - Re: Buggy ARP handling in Windoze Steven Alexander (Jun 29)
    - vpopmail-3.4.11 problems H D Moore (Jun 29)
    - CONECTIVA LINUX SECURITY ANNOUNCEMENT - dump Conectiva Security (Jun 30)
WUFTPD 2.6.0 remote root exploit Przemyslaw Frasunek (Jun 22)
RHL 6.2 xconq package - overflows yield gid games Stan Bubrouski (Jun 22)
- <Possible follow-ups>
- Re: RHL 6.2 xconq package - overflows yield gid games Mark Tinberg (Jun 27)
  - Re: RHL 6.2 xconq package - overflows yield gid games Kris Kennaway (Jun 27)
Re: [Stan Bubrouski <satan () FASTDIAL NET>: Re: rh 6.2 - gid compromises, etc [+ MORE!!!]] Frank da Cruz (Jun 23)
- Re: [Stan Bubrouski <satan () FASTDIAL NET>: Re: rh 6.2 - gidcompromises, etc [+ MORE!!!]] Satan (Jun 23)
[Security Announce] Various Mandrake 7.1 security updates. Gael Duval (Jun 23)
Re: [Stan Bubrouski <satan () FASTDIAL NET>: Re: rh 6.2 - gidcompromises, etc [+ MORE!!!]] Frank da Cruz (Jun 23)
- Possible root exploit in ISC DHCP client. Ted Lemon (Jun 24)
  - Re: Possible root exploit in ISC DHCP client. Security (Jun 28)
- Re: [Stan Bubrouski <satan () FASTDIAL NET>: Re: rh 6.2 - gidcompromises, etc [+ MORE!!!]] Mitchell Blank Jr (Jun 24)
- <Possible follow-ups>
- Re: [Stan Bubrouski <satan () FASTDIAL NET>: Re: rh 6.2 - gidcompromises, etc [+ MORE!!!]] Frank da Cruz (Jun 24)
  - Re: [Stan Bubrouski <satan () FASTDIAL NET>: Re: rh 6.2 - gidcompromises, etc [+ MORE!!!]] Stan Bubrouski (Jun 24)
  - Proxy+ Telnet Gateway Problems Andrew Lewis (Jun 26)
    - BOA Webserver local path problem Ian Shaughnessy (Jun 27)
[RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed bugzilla () REDHAT COM (Jun 23)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed Przemyslaw Frasunek (Jun 24)
[Security Announce] kernel update Gael Duval (Jun 23)
OS fingerprinting method to distinguish between Windows boxes and the rest of the world Ofir Arkin (Jun 23)
CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD (re-release) Security (Jun 23)
- Re: CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD (re-release) Przemyslaw Frasunek (Jun 24)
NetWin dMailWeb Unrestricted Mail Relay Chris Wolfe (Jun 23)
Re: ftpd: the advisory version Lamagra Argamal (Jun 24)
- Re: ftpd: the advisory version Jim Knoble (Jun 26)
  - Re: ftpd: the advisory version Olaf Kirch (Jun 27)
    - Re: ftpd: the advisory version Mike Eldridge (Jun 29)
- Linux capability bounding set weakness Patrick Reynolds (Jun 26)
  - Re: Linux capability bounding set weakness Paul Wouters (Jun 27)
  - Re: Linux capability bounding set weakness Matthew Kirkwood (Jun 27)
  - Improved ARP sniffer Paul Starzetz (Jun 27)
- [suse-security-announce] SuSE Security Announcement: kernel-2.2.x (fwd) Daniel T. Chen (Jun 27)
- <Possible follow-ups>
- Re: ftpd: the advisory version Steven M. Bellovin (Jun 26)
- Re: ftpd: the advisory version Dan Harkless (Jun 27)
  - Re: ftpd: the advisory version Teodor Cimpoesu (Jun 28)
  - Re: ftpd: the advisory version Sebastian (Jun 28)
    - Re: ftpd: the advisory version Kasatenko Ivan Alex. (Jun 29)
    - Re: ftpd: the advisory version Barney Wolff (Jun 29)
    - Re: ftpd: the advisory version Sebastian (Jun 29)
    - (forw) Re: Netscape ftp Server (fwd) Elias Levy (Jun 29)
  - Re: ftpd: the advisory version Juergen P. Meier (Jun 30)
  - SecureXpert Advisory [SX-20000620-1] SecureXpert DIRECT Sender (Jun 30)
  - SecureXpert Advisory [SX-20000620-3] SecureXpert DIRECT Sender (Jun 30)
- Re: ftpd: the advisory version Roger Espel Llima (Jun 28)
- Re: ftpd: the advisory version Kragen Sitaker (Jun 28)
Force Feeding http-equiv () excite com (Jun 24)
- Re: Force Feeding David LeBlanc (Jun 24)
  - Re: Force Feeding Dimitry Andric (Jun 26)
  - Re: Force Feeding Philip Stoev (Jun 28)
    - Re: Force Feeding David LeBlanc (Jun 28)
- Re: Force Feeding Weld Pond (Jun 25)
  - Re: Force Feeding M. Burnett (Jun 26)
  - Re: Force Feeding Phonix (Jun 27)
  - [suse-security-announce] SuSE Security Announcement: wuftpd-2.6 (fwd) Daniel T. Chen (Jun 27)
  - DoS in FirstClass Internet Services 5.770 Adam Prime (Jun 27)
  - [slackware-security] wu-ftpd remote exploit patched Christopher Kager (Jun 28)
  - [SECURITY] New verion of dhcp released debian-security-announce () LISTS DEBIAN ORG (Jun 28)
  - Security Bulletins Digest patrick () PINE NL (Jun 28)
  - Bypassing Warnings For Invalid SSL Certificates, Part Two Frank Knobbe (Jun 28)
- NT DNS Server leaks administrator account name in SOA record Roy Hills (Jun 26)
  - Re: NT DNS Server leaks administrator account name in SOA record Mikael Olsson (Jun 26)
  - Re: NT DNS Server leaks administrator account name in SOA record Chris Knipe (Jun 27)
Re: possible root exploit in ISC DHCP client. Todd T. Fries (Jun 25)
Netscape ftp Server (fwd) Alfred Huger (Jun 25)
W2k undocumented registry setting fully disables Windows File Protection (fwd) Al Huger - Mail Account (Jun 26)
Problems with FTGate Andrew Lewis (Jun 26)
- Re: Problems with FTGate Jeremy C. Reed (Jun 27)
  - Re: Problems with FTGate Glynn Clements (Jun 28)
[SPSadvisory #37]WinProxy 2.0.0/2.0.1 DoS and Exploitable Buffer Overflow Nobuo Miwa (Jun 26)
IE 5 and Excel 2000, PowerPoint 2000 vulnerability - executing programs Georgi Guninski (Jun 27)
IE 5 and Access 2000 vulnerability - executing programs Georgi Guninski (Jun 27)
- <Possible follow-ups>
- Re: IE 5 and Access 2000 vulnerability - executing programs Paul Rogers (Jun 28)
- FW: IE 5 and Access 2000 vulnerability - executing programs Jesper M. Johansson (Jun 28)
Re: sawmill5.0.21 path bug Cashdollar, Larry (Jun 27)
Re: format bugs, in addition to the wuftpd bug Chris Evans (Jun 27)
Re: IE 5 and Excel 2000, PowerPoint 2000 vulnerability - executin g programs Paul Rogers (Jun 28)
Re: Bypassing Warnings For Invalid SSL Certificates, Part Two -- Correction Frank Knobbe (Jun 28)
Re: BOA Webserver local path problem Ian Shaughnessy (Jun 28)
Re: ftp the real advisory something :) Lamagra Argamal (Jun 29)
Re: Buggy ARP handling in Windoze Paul Starzetz (Jun 29)
Microsoft Security Bulletin (MS00-042) Microsoft Product Security (Jun 29)
Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Wolfgang Hamburg (Jun 30)
Re: [slackware-security] wu-ftpd remote exploit patched jim (Jun 30)
FW: Microsoft Internet Explorer 5.01 and Access 2000 VBA Code Exe cuti on Vulnerability Walton, Keith (Jun 30)
- <Possible follow-ups>
- Re: Microsoft Internet Explorer 5.01 and Access 2000 VBA Code Exe cuti on Vulnerability Walton, Keith (Jun 30)

Previous period

Next period