Bugtraq: by thread

Cisco Security Advisory: Cisco Content Service Switch 11000 Series Web Management Vulnerability Cisco Systems Product Security Incident Response Team (May 31 2001)
RE: TWIG SQL query bugs Jeff Dafoe (May 31 2001)
[SNS Advisory No.28]InterScan VirusWall for NT remote configuration snsadv_at_lac.co.jp (May 31 2001)
RE: Yahoo/Hotmail scripting vulnerability, worm propagation Microsoft Security Response Center (May 31 2001)
Re: TWIG SQL query bugs Steve Stavropoulos (May 31 2001)
- Re: TWIG SQL query bugs kj (May 31 2001)
  - Re: TWIG SQL query bugs Gunther Birznieks (Jun 02 2001)
    - Re: TWIG SQL query bugs kj (Jun 02 2001)
    - Re: TWIG SQL query bugs Ben Gollmer (Jun 05 2001)
Re: Vulnerability in Oracle E-Business Suite Release 11i Applications Desktop Integrator Oracle Security Alerts (May 31 2001)
TSLSA-2001-0009 - GnuPG Trustix Secure Linux Advisor (Jun 01 2001)
- The GnuPG format string bug (was: TSLSA-2001-0009 - GnuPG) Werner Koch (Jun 01 2001)
Acme.Server v1.7 of 13nov96 Directory Browsing Adnan Rahman (May 31 2001)
Security Update: [CSSA-2001-019.0] Webmin root account leak Caldera Support Information (Jun 01 2001)
IPC@Chip - Fixes Siberian (Jun 01 2001)
Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Michael Brennen (Jun 02 2001)
- Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Roman Drahtmueller (Jun 05 2001)
  - Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Renaud Deraison (Jun 05 2001)
  - Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Florian Weimer (Jun 05 2001)
    - Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) KF (Jun 05 2001)
  - Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) William D. Colburn (aka Schlake) (Jun 05 2001)
man/man-db MANPATH bugs exploit Luki R . (Jun 03 2001)
- Re: man/man-db MANPATH bugs exploit Colin Watson (Jun 04 2001)
SSH allows deletion of other users files... zen-parse_at_gmx.net (Jun 04 2001)
- Re: SSH allows deletion of other users files... Jason DiCioccio (Jun 04 2001)
  - Re: SSH allows deletion of other users files... Dan Astoorian (Jun 04 2001)
  - Re: SSH allows deletion of other users files... Jerry Connolly (Jun 05 2001)
  - Re: SSH allows deletion of other users files... Markus Friedl (Jun 04 2001)
  - Re: SSH allows deletion of other users files... aleph1_at_securityfocus.com (Jun 05 2001)
- Re: SSH allows deletion of other users files... David F. Skoll (Jun 04 2001)
  - Re: SSH allows deletion of other users files... sarnold_at_wirex.com (Jun 04 2001)
    - Re: SSH allows deletion of other users files... Markus Friedl (Jun 04 2001)
    - Re: SSH / X11 auth: needless complexity -> security problems? Peter W (Jun 05 2001)
      - Re: SSH / X11 auth: needless complexity -> security problems? Markus Friedl (Jun 06 2001)
      - Re: SSH / X11 auth: needless complexity -> security problems? Theo de Raadt (Jun 08 2001)
      - Re: SSH / X11 auth: needless complexity -> security problems? Dale Southard (Jun 07 2001)
      - Re: SSH / X11 auth: needless complexity -> security problems? Casper Dik (Jun 08 2001)
- nosymfollow Re: SSH allows deletion of other users files... Jan Grant (Jun 06 2001)
Re: Nortan Antivirus 2000 Poproxy.exe problem Sym Security (Jun 04 2001)
Webtrends HTTP Server %20 bug Auriemma Luigi (Jun 03 2001)
- Re: Webtrends HTTP Server %20 bug Michael Grice (Jun 04 2001)
- Re: Webtrends HTTP Server %20 bug H D Moore (Jun 04 2001)
  - RE: Webtrends HTTP Server %20 bug Eric Hacker (Jun 06 2001)
    - RE: Webtrends HTTP Server %20 bug Glynn Clements (Jun 07 2001)
      - Re: Webtrends HTTP Server %20 bug (UTF-8) Peter W (Jun 08 2001)
      - Re: Webtrends HTTP Server %20 bug (UTF-8) zsn (Jun 10 2001)
SuSE Security Announcement: gpg/GnuPG (SuSE-SA:2001:020) Roman Drahtmueller (Jun 03 2001)
O'Reilly WebBoard 4.10.30 JavaScript code execution problem Helmuth Antholzer (Jun 02 2001)
fpf module and packet fragmentation:local/remote DoS. XR Agent (Jun 02 2001)
- Re: fpf module and packet fragmentation:local/remote DoS. Joachim Blaabjerg (Jan 10 1999)
Locally exploitable races in OpenBSD VFS Alexander Viro (Jun 02 2001)
$HOME buffer overflow in SunOS 5.8 x86 Georgi Guninski (Jun 04 2001)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Juergen P. Meier (Jun 05 2001)
  - Re: $HOME buffer overflow in SunOS 5.8 x86 Gunnar Wolf (Jun 05 2001)
    - Re: $HOME buffer overflow in SunOS 5.8 x86 Tohru Watanabe (Jun 05 2001)
    - Re: $HOME buffer overflow in SunOS 5.8 x86 Patrick Finch (Jun 05 2001)
    - Re: $HOME buffer overflow in SunOS 5.8 x86 Kris Kennaway (Jun 06 2001)
- Re: $HOME buffer overflow in SunOS 5.8 x86 SChoe (Jun 05 2001)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Nicolas Dubee (Jun 05 2001)
yet another sym link followers potozky_at_hushmail.com (Jun 04 2001)
Fatal flaw in BestCrypt <= v0.7 (Linux) Joel Eriksson (Jun 04 2001)
OpenSSH_2.5.2p2 RH7.0 <- version info zen-parse_at_gmx.net (Jun 05 2001)
SECURITY.NNOV: Netscape 4.7x Messanger user information retrival 3APA3A (Jun 05 2001)
- Re: SECURITY.NNOV: Netscape 4.7x Messanger user information retrival Mads Peter Bach (Jun 05 2001)
- Re: SECURITY.NNOV: Netscape 4.7x Messanger user information retrival Thomas Corriher (Jun 06 2001)
  - Re[2]: SECURITY.NNOV: Netscape 4.7x Messanger user information retrival 3APA3A (Jun 08 2001)
SECURITY.NNOV: Outlook Express address book spoofing 3APA3A (Jun 05 2001)
- Re: SECURITY.NNOV: Outlook Express address book spoofing Dan Kaminsky (Jun 05 2001)
  - Re: SECURITY.NNOV: Outlook Express address book spoofing Peter W (Jun 05 2001)
    - Re: SECURITY.NNOV: Outlook Express address book spoofing Dan Kaminsky (Jun 06 2001)
      - Re: SECURITY.NNOV: Outlook Express address book spoofing Kee Hinckley (Jun 07 2001)
- RE: SECURITY.NNOV: Outlook Express address book spoofing Otto.Dandenell_at_iconmedialab.com.sg (Jun 07 2001)
  - RE: SECURITY.NNOV: Outlook Express address book spoofing David F. Skoll (Jun 08 2001)
- RE: SECURITY.NNOV: Outlook Express address book spoofing Matt Priestley (Jun 11 2001)
PassWD2000 v2.x Weak Encryption Vulnerability Daniel Roethlisberger (Jun 04 2001)
Re: Mail delivery privileges David Wagner (Jun 03 2001)
[RHSA-2001:075-04] Updated xinetd package available for Red Hat Linux 7 and 7.1 bugzilla_at_redhat.com (Jun 05 2001)
[RHSA-2001:074-03] Updated ispell packages available for Red Hat Linux 5.2 and 6.2 bugzilla_at_redhat.com (Jun 05 2001)
Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 06 2001)
- Re: Announcing RSX - non exec stack/heap module Crispin Cowan (Jun 06 2001)
  - Re: Announcing RSX - non exec stack/heap module Thomas Dullien (Jun 07 2001)
    - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 07 2001)
  - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 07 2001)
    - Re: Announcing RSX - non exec stack/heap module Crispin Cowan (Jun 07 2001)
      - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 12 2001)
      - Re: Announcing RSX - non exec stack/heap module Crispin Cowan (Jun 12 2001)
      - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 13 2001)
- Re: Announcing RSX - non exec stack/heap module zen-parse_at_gmx.net (Jun 13 2001)
lil' exim format bug Megyer Laszlo (Jun 06 2001)
- Re: lil' exim format bug Peter Radcliffe (Jun 06 2001)
- Re: lil' exim format bug Foldi Tamas (Jun 12 2001)
  - Re: lil' exim format bug Peter Radcliffe (Jun 12 2001)
  - Re: lil' exim format bug Robert van der Meulen (Jun 12 2001)
  - Re: lil' exim format bug Tabor J. Wells (Jun 12 2001)
Buffer Overflow in TIAtunnel-0.9alpha2 qitest1 (Jun 06 2001)
[synnergy] - Sudo Vudo Michel Kaempf (Jun 06 2001)
- Re: [synnergy] - Sudo Vudo Trond Eivind Glomsr�d (Jun 06 2001)
Microsoft Security Bulletin MS01-030 Microsoft Product Security (Jun 06 2001)
- Re: Microsoft Security Bulletin MS01-030 Paul L Schmehl (Jun 08 2001)
- RE: Microsoft Security Bulletin MS01-030 Toma Vailikit (Jun 11 2001)
  - RE: Microsoft Security Bulletin MS01-030 Paul L Schmehl (Jun 11 2001)
- RE: Microsoft Security Bulletin MS01-030 Calanan, Michael (Jun 12 2001)
- RE: Microsoft Security Bulletin MS01-030 John Hanks (Jun 12 2001)
  - RE: Microsoft Security Bulletin MS01-030 Paul L Schmehl (Jun 13 2001)
  - Re: Microsoft Security Bulletin MS01-030 Michael Bryan (Jun 13 2001)
- RE: Microsoft Security Bulletin MS01-030 Michael B. Morell (Jun 14 2001)
SpearHead Security NetGAP SpearHead Customer Support (Jun 07 2001)
advisory for Pragma Interaccess neme-dhc_at_hushmail.com (Jun 06 2001)
security bug Internet Explorer 5 Stefaan Deman (Jun 06 2001)
- RE: security bug Internet Explorer 5 Stefaan Deman (Jun 08 2001)
- Re: security bug Internet Explorer 5 Victor A. Rodriguez (Jun 07 2001)
- Re: security bug Internet Explorer 5 Exploit & Vulnerability Alerting Service (Jun 08 2001)
[CLA-2001:399] Conectiva Linux Security Announcement - gnupg secure_at_conectiva.com.br (Jun 07 2001)
[RHSA-2001:073-04] Updated GnuPG packages available bugzilla_at_redhat.com (Jun 07 2001)
su-wrapper 1.1.1 Local root exploit. dex (Jun 06 2001)
Microsoft Security Bulletin MS01-031 Microsoft Product Security (Jun 07 2001)
HP Openview NNM6.1 ovactiond bin exploit Milo van der Zee (Jun 07 2001)
- Re: HP Openview NNM6.1 ovactiond bin exploit Milo van der Zee (Jun 11 2001)
potential buffer overflow in xinetd-2.1.8.9pre11-1 zen-parse_at_gmx.net (Jun 08 2001)
[SNS Advisory No.29] Trend Micro Virus Control System(VCS) Unauthenticated CGI Usage Vulnerability snsadv_at_lac.co.jp (Jun 07 2001)
cgisecurity.com Advisory #5 zeno (Jun 07 2001)
XFree86-xfs-4.0.1-1 DoS Jaros�aw Zachwieja (Jun 06 2001)
- Re:XFree86-xfs-4.0.1-1 DoS Mathias Dybvik (Jun 10 2001)
- Re:XFree86-xfs-4.0.1-1 DoS Mathias Dybvik (Jun 10 2001)
Microsoft Windows 2000 Telnet server vulnerability Michal Zalewski (Jun 08 2001)
RE: SECURITY.NNOV: Netscape 4.7x Messanger user information retrival Andrew Gerweck (Jun 07 2001)
- RE: SECURITY.NNOV: Netscape 4.7x Messanger user information retrival Greg A. Woods (Jun 09 2001)
- RE: SECURITY.NNOV: Netscape 4.7x Messanger user information retrival Thomas Corriher (Jun 10 2001)
Network Solutions Crypt-PW Authentication-Scheme vulnerability Peter Ajamian (Jun 08 2001)
- Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability aleph1_at_securityfocus.com (Jun 08 2001)
  - Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Tyler Walden (Jun 08 2001)
    - Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Barney Wolff (Jun 10 2001)
- Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Chris Adams (Jun 08 2001)
- Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Len Sassaman (Jun 08 2001)
- Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Peter W (Jun 08 2001)
  - Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Peter Ajamian (Jun 08 2001)
- Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability jkohl (Jun 08 2001)
- Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Peter van Dijk (Jun 08 2001)
  - Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability Wichert Akkerman (Jun 10 2001)
HPUX / 800 models / Old-styled exploit for cue e-chang_at_spacemail.com (Jun 08 2001)
[CSSA-2001-020.0] Format bug in gnupg Caldera Support Information (Jun 08 2001)
Security Update: [CSSA-2001-021.0] Volution 1.0 security update Caldera Support Information (Jun 08 2001)
WatchGuard SMTP Proxy issue Dante Mercurio (Jun 08 2001)
- RE: WatchGuard SMTP Proxy issue Steve Fallin (Jun 28 2001)
Microsoft Security Bulletin MS01-030 (version 2.0) Microsoft Product Security (Jun 08 2001)
[SECURITY] [DSA-058-1] exim printf format attack Wichert Akkerman (Jun 09 2001)
Broker FTP Server 5.9.5.0 Buffer Overflow / DoS / Directory Traversal ByteRage (Jun 10 2001)
IDS's, host: headers, and .printer ISAPI overflow as an example Marc Maiffret (Jun 10 2001)
- Re: IDS's, host: headers, and .printer ISAPI overflow as an example Riley Hassell (Jun 11 2001)
Mac OS X - Apache & Case Insensitive Filesystems Stefan Arentz (Jun 10 2001)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 10 2001)
  - Re: Mac OS X - Apache & Case Insensitive Filesystems Kee Hinckley (Jun 11 2001)
  - Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 11 2001)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Scott Gifford (Jun 11 2001)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Peter Bierman (Jun 14 2001)
Win2k Permissions bug (fwd) Alfred Huger (Jun 09 2001)
- RE: Win2k Permissions bug (fwd) David LeBlanc (Jun 10 2001)
  - RE: Win2k Permissions bug (fwd) Jesper M. Johansson (Jun 13 2001)
man 1.5h10 + man 1.5i-4 exploits zen-parse_at_gmx.net (Jun 11 2001)
Unixware 7.1.1 rtpm Aycan Irican (Jun 10 2001)
[PkC] TIAtunnel 0.9alpha3 released recidjvo (Jun 11 2001)
gmx.net rudi carell (Jun 11 2001)
- Re: gmx.net Thomas Roeder (Jun 12 2001)
[PkC] Advisory #005: Default Slackware 7.1 installation /etc/shells perms bug recidjvo (Jun 11 2001)
- Re: [PkC] Advisory #005: Default Slackware 7.1 installation /etc/shells perms bug Brian J. Kifiak (Jun 11 2001)
- Re: [PkC] Advisory #005: Default Slackware 7.1 installation /etc/shells perms bug Jeffrey W. Baker (Jun 11 2001)
- Re: [PkC] Advisory #005: Default Slackware 7.1 installation /etc/shells perms bug recidjvo (Jun 12 2001)
MDKSA-2001:054 - imap update Linux Mandrake Security Team (Jun 11 2001)
MDKSA-2001:055 - xinetd update Linux Mandrake Security Team (Jun 11 2001)
NBase-Xyplex Security Contact aleph1_at_securityfocus.com (Jun 11 2001)
[SECURITY] [DSA-059-1] man-db symlink attack Wichert Akkerman (Jun 12 2001)
security bulletins digest IT Resource Center (Jun 12 2001)
Re: your mail Aycan Irican (Jun 12 2001)
[SNS Advisory No.30] Trend Micro InterScan VirusWall for Windows NT 3.51 reconfiguration without authentication SNS Advisory (Jun 12 2001)
rsh bufferoverflow on AIX 4.2 ox (Jun 11 2001)
"at" is vulnerable on Solaris 7 and 8 Hank Wang (Jun 11 2001)
re: Advisory #5 Corrections. zeno (Jun 11 2001)
FW: Mac OS X - Apache & Case Insensitive hostmaster_at_qpp.co.uk (Jun 11 2001)
Re: (forw) rsh bufferoverflow on AIX 4.2 Troy Bollinger (Jun 12 2001)
bug Deja User (Jun 12 2001)
[RHSA-2001:077-05] LPRng fails to drop supplemental group membership bugzilla_at_redhat.com (Jun 12 2001)
xinetd update -- Immunix OS 7.0 security_at_wirex.com (Jun 12 2001)
[SNS Advisory No.31] Trend Micro InterScan VirusWall for Windows NT 3.51 FtpSaveC*P.dll Buffer Overflow Vulnerability SNS Advisory (Jun 12 2001)
Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit Matt Watchinski (Jun 13 2001)
- Re: Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit Stephen Cope (Jun 14 2001)
iXsecurity.tool.briiis.3.02 ian.vitek_at_ixsecurity.com (Jun 13 2001)
Anonymized ? Not yet. Alexander K. Yezhov (Jun 13 2001)
Rumpus FTP DoS vol. 2 Jass Seljamaa (Jun 12 2001)
Remote buffer overflow in MDBMS. teleh0r - (Jun 12 2001)
RE: Win2k Permissions bug Harmer, Michael (Jun 12 2001)
MDKSA-2001:056 - tcpdump update Linux Mandrake Security Team (Jun 13 2001)
[CLA-2001:402] Conectiva Linux Security Announcement - exim secure_at_conectiva.com.br (Jun 13 2001)
ScreamingMedia SITEWare arbitrary file retrieval vulnerability Foundstone Labs (Jun 13 2001)
ScreamingMedia SITEWare source code disclosure vulnerability Foundstone Labs (Jun 13 2001)
OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 14 2001)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14 2001)
  - Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 14 2001)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15 2001)
  - Re: OpenBSD 2.9,2.8 local root compromise Rick Updegrove (Jun 15 2001)
  - Re: OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 15 2001)
  - Re: OpenBSD 2.9,2.8 local root compromise dmuz (Jun 15 2001)
    - Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15 2001)
  - Re: OpenBSD 2.9,2.8 local root compromise Tony Lambiris (Jun 15 2001)
    - Re: OpenBSD 2.9,2.8 local root compromise Peter van Dijk (Jun 16 2001)
  - Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15 2001)
- Re: OpenBSD 2.9,2.8 local root compromise jon (Jun 14 2001)
- RE: OpenBSD 2.9,2.8 local root compromise Brian McKinney (Jun 14 2001)
Buffer overflow in BestCrypt for Linux Carl Livitt (Aug 09 2001)
- MacOSX 10.0.X Permissions uncorrectly set kangoo (Jun 25 2001)
  - Re: MacOSX 10.0.X Permissions uncorrectly set Valdis.Kletnieks_at_vt.edu (Jun 26 2001)
  - Re: MacOSX 10.0.X Permissions uncorrectly set Joerg Maximus Lentsch (Jun 26 2001)
  - Re: MacOSX 10.0.X Permissions uncorrectly set Bryan Blackburn (Jun 26 2001)
  - Re: MacOSX 10.0.X Permissions uncorrectly set Andrew Wellington (Jun 27 2001)
  - Re: MacOSX 10.0.X Permissions uncorrectly set J�rg Preu� (Jun 28 2001)
    - Re: MacOSX 10.0.X Permissions uncorrectly set Toby DiPasquale (Jun 28 2001)
    - Re: MacOSX 10.0.X Permissions uncorrectly set Etaoin Shrdlu (Jun 28 2001)
  - Re: MacOSX 10.0.X Permissions uncorrectly set Guillaume Rischard (Jun 28 2001)
    - Re: MacOSX 10.0.X Permissions uncorrectly set Frank Meurer (Jun 28 2001)
      - Re: MacOSX 10.0.X Permissions uncorrectly set patpro (Jun 29 2001)
  - Re: MacOSX 10.0.X Permissions uncorrectly set Peter Tonoli (Jun 29 2001)
Cisco Security Advisory: Cisco 6400 NRP2 Telnet Vulnerability Cisco Systems Product Security Incident Response Team (Jun 14 2001)
The Dangers of Allowing Users to Post Images John Percival (Jun 13 2001)
- Re: The Dangers of Allowing Users to Post Images Sverre H. Huseby (Jun 14 2001)
  - Re: The Dangers of Allowing Users to Post Images Tim Nowaczyk (Jun 15 2001)
    - Re: The Dangers of Allowing Users to Post Images Henrik Nordstrom (Jun 16 2001)
      - Re: The Dangers of Allowing Users to Post Images peterw_at_usa.net (Jun 18 2001)
      - Re: The Dangers of Allowing Users to Post Images Henrik Nordstrom (Jun 19 2001)
      - Re: never-ending Referer arguments (The Dangers of Allowing Users to Post Images) Peter W (Jun 19 2001)
      - Re: [BUGTRAQ] Re: never-ending Referer arguments (The Dangers of Allowing Users to Post Images) CDI (Jun 19 2001)
      - Re: The Dangers of Allowing Users to Post Images John Percival (Jun 19 2001)
      - Re: The Dangers of Allowing Users to Post Images Michal Szokolo (Jun 23 2001)
      - Re: The Dangers of Allowing Users to Post Images Travis Siegel (Jun 24 2001)
      - Re: The Dangers of Allowing Users to Post Images Jeffrey W. Baker (Jun 22 2001)
      - Re: The Dangers of Allowing Users to Post Images Sverre H. Huseby (Jun 19 2001)
      - Re: The Dangers of Allowing Users to Post Images Henrik Nordstrom (Jun 19 2001)
    - Re: The Dangers of Allowing Users to Post Images Brett Lymn (Jun 17 2001)
- RE: The Dangers of Allowing Users to Post Images Richard M. Smith (Jun 14 2001)
  - Re: The Dangers of Allowing Users to Post Images Marc Slemko (Jun 15 2001)
  - Re[2]: The Dangers of Allowing Users to Post Images Alexander K. Yezhov (Jun 15 2001)
- Re: The Dangers of Allowing Users to Post Images Ben Gollmer (Jun 14 2001)
- Re: The Dangers of Allowing Users to Post Images David Dreezer (Jun 14 2001)
- Re: The Dangers of Allowing Users to Post Images Chris Lambert (Jun 14 2001)
  - Re: The Dangers of Allowing Users to Post Images Ryan Kennedy (Jun 15 2001)
- Re: The Dangers of Allowing Users to Post Images Chris Lambert (Jun 14 2001)
- Cross-Site Request Forgeries (Re: The Dangers of Allowing Users to Post Images) Peter W (Jun 14 2001)
  - Re: Cross-Site Request Forgeries (Re: The Dangers of Allowing Users to Post Images) Chris Lambert (Jun 14 2001)
    - Re: Cross-Site Request Forgeries (Re: The Dangers of Allowing Users to Post Images) Peter W (Jun 15 2001)
- Re: The Dangers of Allowing Users to Post Images Chris Lambert (Jun 14 2001)
  - Re: The Dangers of Allowing Users to Post Images Peter W (Jun 15 2001)
- Re: The Dangers of Allowing Users to Post Images Chris Lambert (Jun 14 2001)
- Re: The Dangers of Allowing Users to Post Images Jason Brooke (Jun 16 2001)
- Re: The Dangers of Allowing Users to Post Images Dmitry Yu. Bolkhovityanov (Jun 16 2001)
personal web server directory traversal vulnerability patch David Raitzer (Jun 13 2001)
- Re: personal web server directory traversal vulnerability patch Gary Flynn (Jun 14 2001)
- RE: personal web server directory traversal vulnerability patch Dinos Pastos (Jun 14 2001)
- Re: personal web server directory traversal vulnerability patch Gary Flynn (Jun 16 2001)
Re: Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit Ben Laurie (Jun 14 2001)
Anonymized ? Not yet. - Part II Alexander K. Yezhov (Jun 14 2001)
- Re: Anonymized joshua_at_safeweb.com (Jun 23 2001)
fetchmail update -- Immunix OS 6.2, 7.0-beta, 7.0 Immunix Security Team (Jun 14 2001)
sysklogd update -- Immunix OS 6.2, 7.0-beta, 7.0 Immunix Security Team (Jun 14 2001)
TSLSA-2001-0010 - Apache Trustix Secure Linux Advisor (Jun 15 2001)
Windows 2k SP2 breaks security fix should reapply Colby Rice (Jun 13 2001)
- Re: Windows 2k SP2 breaks security fix should reapply Eric (Jun 15 2001)
- RE: Windows 2k SP2 breaks security fix should reapply Russ (Jun 15 2001)
- Re: Windows 2k SP2 breaks security fix should reapply Rick Updegrove (Jun 15 2001)
- RE: Windows 2k SP2 breaks security fix should reapply Chase Stone (Jun 18 2001)
Re: The Dangers of Allowing Users to Post Images (fwd) Shafik Yaghmour (Jun 15 2001)
- Re: The Dangers of Allowing Users to Post Images (fwd) Lincoln Yeoh (Jun 15 2001)
Rxvt vulnerability Samuel Dralet (Jun 15 2001)
- Re: Rxvt vulnerability Simon Richter (Jun 16 2001)
- Re: Rxvt vulnerability Wichert Akkerman (Jun 16 2001)
  - Re: Rxvt vulnerability Syzop (Jun 17 2001)
[SECURITY] [DSA-060-1] fetchmail buffer overflow Wichert Akkerman (Jun 16 2001)
patch for exec+ptrace security hole available (fwd) Vagner Sacramento (Jun 16 2001)
[SECURITY] [DSA-061-1] multiple gnupg problems Wichert Akkerman (Jun 16 2001)
[SECURITY] [DSA-062-1] rxvt buffer overflow Wichert Akkerman (Jun 16 2001)
Buffer Overflow in GazTek HTTP Daemon v1.4 (ghttpd) qitest1 (Jun 17 2001)
[SECURITY] [DSA-063-1] two xinetd problems Wichert Akkerman (Jun 17 2001)
Cisco TFTPD 1.1 Vulerablity Siberian (Jun 18 2001)
- Re: Cisco TFTPD 1.1 Vulerablity Jim Duncan (Jun 18 2001)
Multiple Vulnerabilities In AMLServer SNS Research (Jun 18 2001)
udirectory from Microburst Technologies remote command execution Deja User (Jun 18 2001)
- Re: udirectory from Microburst Technologies remote command execution Pavel Kankovsky (Jun 19 2001)
pmpost - another nice symlink follower Paul Starzetz (Jun 18 2001)
- Re: pmpost - another nice symlink follower Jan-Frode Myklebust (Jun 19 2001)
  - Re: pmpost - another nice symlink follower Damian Menscher (Jun 19 2001)
- Re: pmpost - another nice symlink follower Keith Owens (Jun 19 2001)
- Re: pmpost - another nice symlink follower Lynton Clamp (Jun 19 2001)
- Re: pmpost - another nice symlink follower Roman Drahtmueller (Jun 18 2001)
- Re: pmpost - another nice symlink follower Dale Southard (Jun 19 2001)
DCShop vulnerability Peter Helms (Jun 18 2001)
- Re: DCShop vulnerability David Choi (Jun 18 2001)
SCO Tarantella Remote file read via ttawebtop.cgi KF (Jun 18 2001)
- Re: SCO Tarantella Remote file read via ttawebtop.cgi Mike McEwen (Jun 19 2001)
MDKSA-2001:046-2 - kdelibs update Linux Mandrake Security Team (Jun 18 2001)
All versions of Microsoft Internet Information Services, Remote buffer overflow (SYSTEM Level Access) Marc Maiffret (Jun 18 2001)
[Fwd: Re: Cross-Site Request Forgeries (Re: The Dangers of Allowing Users to Post Images)] Peter W (Jun 17 2001)
- Re: [Fwd: Re: Cross-Site Request Forgeries (Re: The Dangers of Allowing Users to Post Images)] Lincoln Yeoh (Jun 18 2001)
  - Re: [Fwd: Re: Cross-Site Request Forgeries (Re: The Dangers ofAllowing Users to Post Images)] Mark Tinberg (Jun 19 2001)
SurgeFTP vulnerabilities SDL Office (Jun 19 2001)
- Re: SurgeFTP vulnerabilities Alun Jones (Jun 25 2001)
  - RE: SurgeFTP vulnerabilities David LeBlanc (Jun 25 2001)
- Re: SurgeFTP vulnerabilities Ewen McNeill (Jun 25 2001)
[CLA-2001:403] Conectiva Linux Security Announcement - fetchmail secure_at_conectiva.com.br (Jun 19 2001)
[RHSA-2001:078-05] Format string bug fixed bugzilla_at_redhat.com (Jun 19 2001)
- RE: [RHSA-2001:078-05] Format string bug fixed Mayers, Philip J (Jun 20 2001)
  - RE: [RHSA-2001:078-05] Format string bug fixed storage_at_iewebs.com (Jun 20 2001)
    - RE: [RHSA-2001:078-05] Format string bug fixed helmut g. katzgraber (Jun 22 2001)
      - Re: [RHSA-2001:078-05] Format string bug fixed Petri Kaukasoina (Jun 25 2001)
[CLA-2001:404] Conectiva Linux Security Announcement - xinetd secure_at_conectiva.com.br (Jun 19 2001)
Remote Buffer Overflow Vulnerability in Solaris Print Protocol Daemon David Foster (Jun 19 2001)
Solaris /opt/SUNWssp/bin/cb_reset Vulnerability Pablo Sor (Jun 20 2001)
ISS Security Advisory: Multiple Vendor 802.11b Access Point SNMP authentication flaw ISS XForce (Jun 20 2001)
ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11 b Access Points ISS XForce (Jun 20 2001)
- Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Matthew Potter (Jun 20 2001)
  - Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Brandon S. Allbery KF8NH (Jun 22 2001)
    - Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points hendy_at_team-teso.net (Jun 29 2001)
  - Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Matthew R. Potter (Jun 22 2001)
MDKSA-2001:057 - proftpd Linux Mandrake Security Team (Jun 20 2001)
MDKSA-2001:058 - ispell update Linux Mandrake Security Team (Jun 20 2001)
MDKSA-2001:059 - webmin update Linux Mandrake Security Team (Jun 20 2001)
MDKSA-2001:060 - rxvt Linux Mandrake Security Team (Jun 20 2001)
[ANNOUNCE] SGI Performance Co-Pilot 2.2.1-3 now available Mark Goodwin (Jun 20 2001)
[SNS Advisory No.32] w3m malformed MIME header Buffer Overflow Vulnerability snsadv_at_lac.co.jp (Jun 20 2001)
- Re: [SNS Advisory No.32] w3m malformed MIME header Buffer Overflow Vulnerability Jim Knoble (Jun 21 2001)
  - Re: [SNS Advisory No.32] w3m malformed MIME header Buffer Overflow Vulnerability Helmut Springer (Jun 22 2001)
  - Re: [SNS Advisory No.32] w3m malformed MIME header Buffer Overflow Vulnerability Robert van der Meulen (Jun 21 2001)
SECURITY.NNOV: KAV (AVP) for sendmail format string vulnerability 3APA3A (Jun 21 2001)
TrendMicro InterScan WebManager Version 1.2 RegGo.dll Buffer Overflow Vulnerability snsadv_at_lac.co.jp (Jun 21 2001)
LPRng + tetex tmpfile race - uid lp exploit zen-parse_at_gmx.net (Jun 21 2001)
security bulletins digest IT Resource Center (Jun 21 2001)
NERF Advisory #2 - 1C:Arcadia multiple vulnerablilities. ViperSV (Jun 21 2001)
Cerberus FTP Server 1.x Remote DoS attack Vulnerability Cartel Informatique Security Research Labs (Jun 21 2001)
A-FTP Anonymous FTP Server Remote DoS attack Vulnerability Cartel Informatique Security Research Labs (Jun 21 2001)
suid scotty (ntping) overflow (fwd) Larry W. Cashdollar (Jun 21 2001)
- Re: suid scotty (ntping) overflow (fwd) Kris Kennaway (Jun 21 2001)
Solaris /opt/SUNWvts/bin/ptexec Vulnerability Pablo Sor (Jun 21 2001)
TLSA2001028 gnupg-1.0.6-1 TurboLinux Security Team (Jun 21 2001)
[ESA-20010620-01]: fetchmail-ssl buffer overflow EnGarde Secure Linux (Jun 21 2001)
[ESA-20010620-02] apache directory listing vulnerability EnGarde Secure Linux (Jun 21 2001)
ispell update -- Immunix OS 6.2 Immunix Security Team (Jun 21 2001)
bugtraq submission David Madison (Jun 21 2001)
[VIGILANTE-2001001] ASP source code retrieved with Unicode extens ion Hack Kampbj�rn (Jun 22 2001)
crypto flaw in secure mail standards Don Davis (Jun 22 2001)
- Re: crypto flaw in secure mail standards Gregory Steuck (Jun 22 2001)
- Re: crypto flaw in secure mail standards David Howe (Jun 22 2001)
- Re: crypto flaw in secure mail standards Florian Weimer (Jun 23 2001)
- Re: crypto flaw in secure mail standards David Howe (Jun 23 2001)
  - Re: crypto flaw in secure mail standards Jim Halfpenny (Jun 25 2001)
- Re: crypto flaw in secure mail standards Riad S. Wahby (Jun 23 2001)
  - Re: crypto flaw in secure mail standards Tollef Fog Heen (Jun 27 2001)
eXtremail Remote Format String ('s) mu-b (Jun 22 2001)
cfingerd local vulnerability (possibly root) Steven Van Acker (Jun 21 2001)
Recent OpenBSD 2.8/2.9 Exploit - stephanie patched kernels unaffected James Babiak (Jun 21 2001)
Symlinks symlinks...this time KTVision Paul Starzetz (Jun 22 2001)
pam session Christian Kraemer (Jun 18 2001)
- Re: pam session Pawel Krawczyk (Jun 23 2001)
- Re: pam session Greg Woods (Jun 23 2001)
- Re: pam session Jim Breton (Jun 23 2001)
IBM ERS: Vulnerability in AIX diagrpt Keith Stevenson (Jun 22 2001)
Fwd: Microsoft Word macro vulnerability advisory MS01-034 Steven McLeod (Jun 22 2001)
SurfControl Internet Monitoring/Blocking ndesai01_at_tampabay.rr.com (Jun 18 2001)
- Re: SurfControl Internet Monitoring/Blocking Mike Ciavarella (Jun 25 2001)
Caldera Systems security advisory: libcurses, atcronsh, rtpm Andrew Sharpe (Jun 22 2001)
[RHSA-2001:084-03] Kernel: FTP iptables vulnerability in 2.4 kernel and general bug fixes bugzilla_at_redhat.com (Jun 22 2001)
Security Update: [CSSA-2001-022.0] buffer overflow in fetchmail Support Info (Jun 22 2001)
[RHSA-2001:071-05] New updated XFree86 packages available bugzilla_at_redhat.com (Jun 22 2001)
smbd remote file creation vulnerability Michal Zalewski (Jun 23 2001)
- Re: smbd remote file creation vulnerability maniac_at_localhost.sk (Jun 24 2001)
  - Re: smbd remote file creation vulnerability Pavol Luptak (Jun 25 2001)
    - Re: smbd remote file creation vulnerability Jarno Huuskonen (Jun 25 2001)
      - Re: smbd remote file creation vulnerability Pavol Luptak (Jun 26 2001)
      - Re: smbd remote file creation vulnerability Simple Nomad (Jun 26 2001)
      - Re: smbd remote file creation vulnerability Olaf Kirch (Jun 28 2001)
      - Re: smbd remote file creation vulnerability Simple Nomad (Jun 28 2001)
    - Re: smbd remote file creation vulnerability Tomek Lipski (Jun 25 2001)
    - Re: smbd remote file creation vulnerability Wichert Akkerman (Jun 26 2001)
      - Re: smbd remote file creation vulnerability Michal Zalewski (Jun 27 2001)
      - Re: smbd remote file creation vulnerability Steve Beattie (Jun 27 2001)
      - Re: smbd remote file creation vulnerability Phil Stracchino (Jun 27 2001)
    - Re: smbd remote file creation vulnerability Joachim Blaabjerg (Jun 26 2001)
      - Re: smbd remote file creation vulnerability Michal Zalewski (Jun 27 2001)
      - Re: smbd remote file creation vulnerability sarnold_at_wirex.com (Jun 27 2001)
- Re: smbd remote file creation vulnerability Fatal Connect (Jun 24 2001)
  - Re: smbd remote file creation vulnerability Joseph Nicholas Yarbrough (Jun 26 2001)
[CLA-2001:405] Conectiva Linux Security Announcement - samba secure_at_conectiva.com.br (Jun 23 2001)
[SECURITY] [DSA-065-1] samba remote file append/creation problem Wichert Akkerman (Jun 23 2001)
crypto flaw in secure mail standards Don Davis (Jun 22 2001)
- Re: crypto flaw in secure mail standards Richard Atterer (Jun 28 2001)
  - Re: crypto flaw in secure mail standards Robert Bihlmeyer (Jun 29 2001)
issues with RFC2553 IPv6 API Jun-ichiro itojun Hagino (Jun 23 2001)
Fw: Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit SDL Office (Jun 24 2001)
- Re: Fw: Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit rain forest puppy (Jun 28 2001)
NSFOCUS SA2001-03 : Microsoft FrontPage 2000 Server Extensions Buffer Overflow Vulnerability Nsfocus Security Team (Jun 25 2001)
Perception LiteServe MS-DOS filename vulnerability Wizdumb (Jun 25 2001)
RH 7.0 Crontab exploit - apparently fixed zen-parse_at_gmx.net (Jun 25 2001)
Issues with Windows 2000 Encrypting File System and Disk Wipe Software Security Advice (Jun 25 2001)
Solaris 8 libsldap buffer overflow Jouko Pynnonen (Jun 26 2001)
[RHSA-2001:086-06] New Samba packages available for Red Hat Linux 5.2, 6.2, 7 and 7.1 bugzilla_at_redhat.com (Jun 26 2001)
Formmail.pl Exploit - Anti-Spam and security fix available kanda samy (Jun 25 2001)
Advisory gollum (Jun 26 2001)
Security Update: [CSSA-2001-022.1] buffer overflow in fetchmail Support Info (Jun 26 2001)
Security Update: [CSSA-2001-024.0] OpenLinux: samba remote root problem Support Info (Jun 26 2001)
Re: Security_APARs (fwd) uid0_at_catastrophe.net (Jun 26 2001)
- Re: Security_APARs (fwd) Valdis.Kletnieks_at_vt.edu (Jun 26 2001)
Security Update: [CSSA-2001-018.1] OpenLinux: samba /tmp problems Support Info (Jun 27 2001)
samba update -- Immunix OS 6.2, 7.0-beta, 7.0 Immunix Security Team (Jun 26 2001)
Security Update: [CSSA-2001-SCO.2] UnixWare - su buffer overflow sco-security_at_caldera.com (Jun 26 2001)
TSLSA-2001-0011 - Samba Trustix Secure Linux Advisor (Jun 27 2001)
Cisco Security Advisory: Multiple SSH vulnerabilities Cisco Systems Product Security Incident Response Team (Jun 27 2001)
Cisco Security Advisory: IOS HTTP authorization vulnerability Cisco Systems Product Security Incident Response Team (Jun 27 2001)
- Re: Cisco Security Advisory: IOS HTTP authorization vulnerability David Hyams (Jun 27 2001)
  - RE: Cisco Security Advisory: IOS HTTP authorization vulnerability Oliver Petruzel (Jun 28 2001)
    - Re: Cisco Security Advisory: IOS HTTP authorization vulnerability David Hyams (Jun 29 2001)
  - Re: Cisco Security Advisory: IOS HTTP authorization vulnerability Eric Vyncke (Jun 29 2001)
security bulletins digest IT Resource Center (Jun 27 2001)
reading from execve()ed setuid memory zen-parse_at_gmx.net (Jun 27 2001)
gnats update Joost Pol (Jun 27 2001)
ISAPI and SECUREIIS Crussaider (Jun 26 2001)
- RE: ISAPI and SECUREIIS Marc Maiffret (Jun 27 2001)
Identifying OpenBSD 2.6-2.9 based machines using ICMP Port Unreachables Ofir Arkin (Jun 26 2001)
Security Update:[CSSA-2001-020.1] Linux - format bug in gnupg Caldera Support Info (Jun 27 2001)
rxvt update -- Immunix OS 6.2, 7.0-beta, and 7.0 Immunix Security Team (Jun 27 2001)
[COVERT-2001-03] Oracle 8i SQLNet Header Vulnerability COVERT Labs (Jun 27 2001)
[COVERT-2001-04] Vulnerability in Oracle 8i TNS Listener COVERT Labs (Jun 27 2001)
- RE: [COVERT-2001-04] Vulnerability in Oracle 8i TNS Listener Jeffrey M. Smith (Jun 29 2001)
MDKSA-2001:046-3 - kdelibs update Linux Mandrake Security Team (Jun 27 2001)
Security Update: [CSSA-2001-SCO.3] UnixWare - cron buffer overflow sco-security_at_caldera.com (Jun 27 2001)
Security Update: [CSSA-2001-SCO.4] UnixWare: uucp utilities buffer overflows sco-security_at_caldera.com (Jun 27 2001)
Active Web Classifieds failure to authenticate leads to arbitrary code execution Deja User (Jun 27 2001)
[SNS Advisory No.34] TrendMicro InterScan VirusWall 3.51 smtpscan.dll Buffer Overflow SNS Advisory (Jun 28 2001)
[SNS Advisory No.35] TrendMicro InterScan VirusWall 3.51 HttpSaveC*P.dll Buffer Overflow SNS Advisory (Jun 28 2001)
MacOS Personal Wed Sharing DoS Jass Seljamaa (Jun 28 2001)
Mozilla is excessively generous. QuantumG (Jun 27 2001)
- Re: Mozilla is excessively generous. Jeffrey W. Baker (Jun 28 2001)
- Re: Mozilla is excessively generous. Mike Shaver (Jun 28 2001)
Exploit for xinetd-2.1.8.9pre11-1 qitest1 (Jun 29 2001)
SuSE Security Announcement: samba (SuSE-SA:2001:021) Roman Drahtmueller (Jun 29 2001)
SuSE Security Announcement: xinetd Sebastian Krahmer (Jun 29 2001)
[ESA-20010621-01] xinetd updates EnGarde Secure Linux (Jun 29 2001)
IE authentication breaks with expired HTTP passwords and 302 HTTP Status Code Dave Zwieback (Jun 29 2001)
Vulnerability: CylantSecure Juergen Pabel (Jun 29 2001)