Home page logo
/

470 messages starting Dec 13 04 and ending Dec 22 04
Date index | Thread index | Author index

Adam Gray

NetWare Screensaver Authentication Bypass From The Local Console Adam Gray (Dec 13)

Adam Shostack

Re: MD5 To Be Considered Harmful Someday Adam Shostack (Dec 09)
Re: Local versus remote security holes Adam Shostack (Dec 22)

advisory

STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability advisory (Dec 14)
STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability advisory (Dec 15)
STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki advisory (Dec 16)
STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard advisory (Dec 16)
STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod advisory (Dec 16)
STG Security Advisory: [SSA-20041215-19] Vulnerability of uploading files with multiple extensions in MediaWiki advisory (Dec 16)
STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard advisory (Dec 24)

Ahmad Muammar

Multiple Vulnerabilities in paFileDB 3.1 Ahmad Muammar (Dec 07)

aikon none

Internet Explorer Code Execution Bypass Vulnerability aikon none (Dec 18)

Alberto Garcia Hierro

Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC Alberto Garcia Hierro (Dec 31)

Albert Puigsech Galicia

7a69Adv#16 - Konqueror FTP command injection Albert Puigsech Galicia (Dec 07)
Re: 7a69Adv#16 - Konqueror FTP command injection Albert Puigsech Galicia (Dec 08)
7a69Adv#15 - Internet Explorer FTP command injection Albert Puigsech Galicia (Dec 08)

Alexander Anisimov

[MaxPatrol] SQL-injection in Ikonboard 3.1.x Alexander Anisimov (Dec 16)

Alexander Klimov

Re: phpBB Worm Alexander Klimov (Dec 22)

Alexey I. Froloff

Re: [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines Alexey I. Froloff (Dec 16)

ali reza AcTiOnSpIdEr

ASP Calendar Vulnerability <www.ashiyane.com> ali reza AcTiOnSpIdEr (Dec 14)

Alvin Packard

Re: phpBB Worm Alvin Packard (Dec 23)

amit sides

Webmin BruteForce + Command execution - By Di42lo <DiAblo_2 () 012 net il> amit sides (Dec 22)

amoXi Devilkin

4 Vulnerabilities in GamePort amoXi Devilkin (Dec 17)
4 Vulnerabilities in GamePort amoXi Devilkin (Dec 17)

Anders Henke

Re: phpBB Worm Anders Henke (Dec 23)
Re: phpBB Worm Anders Henke (Dec 24)

Andy Fewtrell

Sanity Worm Concepts Andy Fewtrell (Dec 29)

Anthony.zboralski

Final Call for Papers & Workshops - BCS Asia 2005 Anthony.zboralski (Dec 24)

Antoine Martin

Re: DJB's students release 44 *nix software vulnerability advisories Antoine Martin (Dec 21)

Arman Nayyeri

MS Windows Media Player 9 Vulns (2) Arman Nayyeri (Dec 20)

Artem Chuprina

Re: DJB's students release 44 *nix software vulnerability advisories Artem Chuprina (Dec 21)

Avleen Vig

Re: Did a 16-bit counter overflow shut down Comair? Avleen Vig (Dec 29)

b0f www . b0f . net

Winamp 5.07 (latest version) Remote Crash + other stupid shizle b0f www . b0f . net (Dec 13)

bad boy

phphpbb2 + php version < 4.3.10 unserialize() memory dump sql password from config.php exploit bad boy (Dec 17)

bad_son

New Winhlp32.exe vuln bad_son (Dec 25)

Bartek Nowotarski

Multiple Vulnerabilities in Moodle Bartek Nowotarski (Dec 28)

beniwiedmer

Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge) beniwiedmer (Dec 31)

Bennett R. Samowich

Bug in Crypt::ECB perl module Bennett R. Samowich (Dec 18)

Berend-Jan Wever

Official IFRAME patch - make sure it installs correctly Berend-Jan Wever (Dec 02)
Re: [Advisory] Mozilla Products Remote Crash Vulnerability Berend-Jan Wever (Dec 07)
Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer. Berend-Jan Wever (Dec 22)
Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer. Berend-Jan Wever (Dec 22)
Re: Microsoft Windows LoadImage API IntegerBuffer overflow Berend-Jan Wever (Dec 28)

Bill

Windows Explorer TGA Crash Bill (Dec 20)

Black Dot

Re: Winamp - Buffer Overflow In IN_CDDA.dll Black Dot (Dec 01)

Boren, Rich (SSRT)

Security Bulletin SSRT4687 rev.0 HP-UX newgrp(1) local privilege elevation Boren, Rich (SSRT) (Dec 20)
[ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increase Boren, Rich (SSRT) (Dec 23)
[Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflow Boren, Rich (SSRT) (Dec 23)
[Security Bulletin] SSRT4876 rev.0 HP Tru64 UNIX SWS (Apache) Secure Web Server Remote Boren, Rich (SSRT) (Dec 23)
[Security Bulletin] SSRT4883 rev.3 HP-UX ftp and ftpd remote unauthorized access Boren, Rich (SSRT) (Dec 23)
[Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS) Boren, Rich (SSRT) (Dec 24)

Brad Bendily

Re: NetWare Screensaver Authentication Bypass From The Local Console Brad Bendily (Dec 15)

Brett Glass

Re: Microsoft Windows LoadImage API Integer Buffer overflow Brett Glass (Dec 25)

Brett Moore

Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ] Brett Moore (Dec 07)
HyperTerminal - Buffer Overflow In .ht File Brett Moore (Dec 15)

bugtraq

Xprobe 0.2.1 Released bugtraq (Dec 21)

Casper . Dik

Re: *nix data wipe tools Casper . Dik (Dec 17)
Re: DJB's students release 44 *nix software vulnerability advisories Casper . Dik (Dec 22)

cees-bart

Re: DJB's students release 44 *nix software vulnerability advisories cees-bart (Dec 17)
AIX 5.1/5.2/5.3 local root exploits cees-bart (Dec 20)

Chet Ramey

Re: Local root exploit on Mac OS X with Adobe Version Cue Chet Ramey (Dec 07)

chewkeong

[SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities chewkeong (Dec 16)

Chris Ess

RE: phpBB Worm Chris Ess (Dec 25)

Chris Paget

Re: Bypass personal firewall application protection . Again. Chris Paget (Dec 08)
Re: DJB's students release 44 *nix software vulnerability advisories Chris Paget (Dec 22)

Chris Wysopal

Re: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included Chris Wysopal (Dec 28)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco CNS Network Registrar Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Dec 02)
Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly Detector Cisco Systems Product Security Incident Response Team (Dec 16)
Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default Passwords Cisco Systems Product Security Incident Response Team (Dec 16)

cmthemc

Re: Internet Explorer Code Execution Bypass Vulnerability cmthemc (Dec 20)

CoKi

Citadel/UX <= v6.27 Remote Format String Vulnerability CoKi (Dec 13)

Colin Keith

PHPBB worm in action Colin Keith (Dec 25)

Conectiva Updates

[CLA-2004:904] Conectiva Security Announcement - cyrus-imapd Conectiva Updates (Dec 01)
[CLA-2004:902] Conectiva Security Announcement - abiword Conectiva Updates (Dec 02)
[CLA-2004:905] Conectiva Security Announcement - squirrelmail Conectiva Updates (Dec 03)
[CLA-2004:909] Conectiva Security Announcement - netpbm Conectiva Updates (Dec 29)

CorryL

NetCat V 1.11 Multiple Bugs CorryL (Dec 30)

Crispin Cowan

Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 17)
Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 22)
Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 23)
Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 23)
Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 24)

customer service mailbox

iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability customer service mailbox (Dec 13)
iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerability customer service mailbox (Dec 14)
iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerability customer service mailbox (Dec 15)
iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerability customer service mailbox (Dec 15)
iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability customer service mailbox (Dec 16)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler Negative Read Length Heap Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: libtiff Directory Entry Count Integer Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability customer service mailbox (Dec 22)

cybertronic

Crystal FTP Pro 2.8 PoC cybertronic (Dec 23)
RE: Crystal FTP Pro 2.8 PoC cybertronic (Dec 23)

Damian Put

SHOUTcast remote format string vulnerability Damian Put (Dec 23)

Daniel Fabian

SugarSales Multiple Vulnerabilities Daniel Fabian (Dec 13)
PHP Input Validation Vulnerabilities Daniel Fabian (Dec 16)

Dan Kaminsky

MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 07)
Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08)
Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08)
Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08)
Re: MD5 To Be Considered Harmful Today Dan Kaminsky (Dec 09)
Re: MD5 To Be Considered Harmful Today Dan Kaminsky (Dec 09)

Dan Margolis

Re: [Full-Disclosure] [HV-LOW] Symantec LiveUpdate issues may cause DoS Dan Margolis (Dec 14)

Dave Holland

Re: DJB's students release 44 *nix software vulnerability advisories Dave Holland (Dec 21)

David Brodbeck

RE: Local versus remote security holes David Brodbeck (Dec 23)

David Cannings

Re: *nix data wipe tools David Cannings (Dec 16)

David Eisner

Re: DJB's students release 44 *nix software vulnerability advisories David Eisner (Dec 22)

David F. Skoll

Re: MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability David F. Skoll (Dec 08)
Re: MD5 To Be Considered Harmful Someday David F. Skoll (Dec 09)
Re: DJB's students release 44 *nix software vulnerability advisories David F. Skoll (Dec 22)

David Schwartz

RE: MD5 To Be Considered Harmful Someday David Schwartz (Dec 08)

David Wagner

Re: DJB's students release 44 *nix software vulnerability advisories David Wagner (Dec 24)

Debasis Mohanty

MS IE User's Authentication Details (userid/password) Sharing Issue Debasis Mohanty (Dec 13)

Devin Ganger

RE: DJB's students release 44 *nix software vulnerability advisories Devin Ganger (Dec 22)

Dirk Mueller

KDE Security Advisory: plain text password exposure Dirk Mueller (Dec 09)
KDE Security Advisory: kfax libtiff vulnerabilities Dirk Mueller (Dec 09)
KDE Security Advisory: kpdf Buffer Overflow Vulnerability Dirk Mueller (Dec 28)

D. J. Bernstein

Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 20)
Local versus remote security holes D. J. Bernstein (Dec 22)
Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 22)
Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 23)

Dmitry V. Levin

Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Dmitry V. Levin (Dec 22)

Donato Ferrante

XSS in yacy 0.31 Donato Ferrante (Dec 24)

Dragos Ruiu

Re: MD5 To Be Considered Harmful Someday Dragos Ruiu (Dec 08)
What's "may have exploitable buffer overflows" mean in tcpdump? Dragos Ruiu (Dec 13)

duffbeer

Strange Java Loader duffbeer (Dec 30)

Emile van Elen

Advanced Guestbook Emile van Elen (Dec 03)

even multiplexed

Re: Linux kernel scm_send local DoS even multiplexed (Dec 15)
Re: Linux kernel scm_send local DoS even multiplexed (Dec 16)

Evgeny Demidov

MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service Evgeny Demidov (Dec 07)
NetBSD kernel local vulnerabilities Evgeny Demidov (Dec 17)

fintler

Local root exploit on Mac OS X with Adobe Version Cue fintler (Dec 07)
Possible local root vulnerability in Roxio Toast on Mac OS X fintler (Dec 14)

flashsky fangxing

Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability flashsky fangxing (Dec 23)
Microsoft Windows LoadImage API Integer Buffer overflow flashsky fangxing (Dec 23)
Microsoft Windows winhlp32.exe Heap Overflow Vulnerability flashsky fangxing (Dec 23)
Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation flashsky fangxing (Dec 23)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-04:17.procfs FreeBSD Security Advisories (Dec 03)

gadgeteer

Re: Linux kernel scm_send local DoS gadgeteer (Dec 16)

Gadi Evron

malware effecting broadband users in Israel Gadi Evron (Dec 22)

Gandalf The White

Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 07)
Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 08)

George Georgalis

Re: MD5 To Be Considered Harmful Someday George Georgalis (Dec 08)
Re: *nix data wipe tools George Georgalis (Dec 18)

Gerald Carter

[SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9 Gerald Carter (Dec 16)

Giovanni Delvecchio

Disclosure of file system information in Mozilla Firefox and Opera Browser: Giovanni Delvecchio (Dec 01)
[ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien Giovanni Delvecchio (Dec 13)
[ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictions Giovanni Delvecchio (Dec 14)

GreyMagic Security

Online Script Decoder GreyMagic Security (Dec 07)

GulfTech Security

Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ] GulfTech Security (Dec 15)
Multiple Vulnerabilities In Kayako eSupport v2.x GulfTech Security (Dec 20)
Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier GulfTech Security (Dec 23)
Multiple WHM Autopilot Vulnerabilities GulfTech Security (Dec 28)
php-Calendar File Include Vulnerability [ Command Exec ] GulfTech Security (Dec 29)
WHM AutoPilot Security Release [ Plus Upgrade Instructions ] GulfTech Security (Dec 31)

Hat-Squad Security Team

[HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included Hat-Squad Security Team (Dec 28)
Netcat v1.11 For Windows , New fixed version Hat-Squad Security Team (Dec 28)

headpimp

DoS leading to crash of client in Remote Execute 2.30 headpimp (Dec 07)

Herman Sheremetyev

new phpBB worm affects 2.0.11 Herman Sheremetyev (Dec 25)

Hideki Yamane

Re: iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability Hideki Yamane (Dec 17)

Hillel Himovich

Invision Power Board 'Allow auto login' setting override Hillel Himovich (Dec 01)

Holger Zimmermann

Re: Pi3Web/2.0.0 File-Disclosure/Path Disclosure vuln Holger Zimmermann (Dec 01)

Hongzhen Zhou

RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability Hongzhen Zhou (Dec 14)
Re: RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability Hongzhen Zhou (Dec 15)

houseofdabus HOD

[EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC houseofdabus HOD (Dec 31)

http-equiv () excite com

Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6 http-equiv () excite com (Dec 08)
HOW TO BREAK XP SP2 POPUP BLOCKER: kick it in the nut ! http-equiv () excite com (Dec 10)

iDEFENSE Security Advisory

iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow Vulnerability iDEFENSE Security Advisory (Dec 16)
iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability iDEFENSE Security Advisory (Dec 16)
iDEFENSE Security Advisory 12.16.04: MPlayer Remote RTSP HeapOverflow Vulnerability iDEFENSE Security Advisory (Dec 16)
iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability iDEFENSE Security Advisory (Dec 16)
iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability iDEFENSE Security Advisory (Dec 16)

Jack Lloyd

Re: MD5 To Be Considered Harmful Someday Jack Lloyd (Dec 08)
Re: MD5 To Be Considered Harmful Someday Jack Lloyd (Dec 08)
Re: DJB's students release 44 *nix software vulnerability advisories Jack Lloyd (Dec 22)

James Bandara

Security Advisory for ALL forum services with client-set images James Bandara (Dec 22)

Jamie Cameron

Re: [webmin-l] Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2 () 012 net il> Jamie Cameron (Dec 23)

Jamie McCarthy

Security Advisory for CVS Slash Jamie McCarthy (Dec 15)

Jan Minar

wget: Arbitrary file overwriting/appending/creating and other vulnerabilities Jan Minar (Dec 10)

Jaroslaw Sajko

Gadu-Gadu several vulnerabilities Jaroslaw Sajko (Dec 13)
Gadu-Gadu, another two bugs Jaroslaw Sajko (Dec 17)
WPkontakt message parsing error Jaroslaw Sajko (Dec 23)

Jason Wies

rssh and scponly arbitrary command execution Jason Wies (Dec 02)

Jeff Damens

Re: possible local exploit via sendmail with procmail on solaris Jeff Damens (Dec 24)

Jirka Kosina

RE: Linux kernel IGMP vulnerabilities Jirka Kosina (Dec 17)

Joel Maslak

Re: MD5 To Be Considered Harmful Someday Joel Maslak (Dec 08)
Re: MD5 To Be Considered Harmful Someday Joel Maslak (Dec 08)

Joe Philipps

Asante FM2008 10/100 Ethernet switch backdoor login Joe Philipps (Dec 15)

John Bissell

Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0 John Bissell (Dec 07)

JohnH

Remote Mercury32 Imap exploit JohnH (Dec 03)

Jonathan G. Lampe

stick with "anonymous" or "authenticated" when describing attacks Jonathan G. Lampe (Dec 22)

Jonathan Rockway

Re: DJB's students release 44 *nix software vulnerability advisories Jonathan Rockway (Dec 22)
Re: DJB's students release 44 *nix software vulnerability advisories Jonathan Rockway (Dec 22)

Jonathan T Rockway

Re: DJB's students release 44 *nix software vulnerability advisories Jonathan T Rockway (Dec 21)

Juergen Schmidt

New Santy-Worm attacks *all* PHP-skripts Juergen Schmidt (Dec 25)

Julian T J Midgley

Re: DJB's students release 44 *nix software vulnerability advisories Julian T J Midgley (Dec 20)

Julio Cesar Fort

QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004] Julio Cesar Fort (Dec 29)

Katrina Tsipenyuk

Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernel Katrina Tsipenyuk (Dec 17)

Keith Oxenrider

Re: MD5 To Be Considered Harmful Someday Keith Oxenrider (Dec 08)

K-OTiK Security

Re: New Santy-Worm attacks *all* PHP-skripts ( Santy.c ? ) K-OTiK Security (Dec 25)
Re: Strange Java Loader (not so strange - Trojan.ByteVerify) K-OTiK Security (Dec 30)

Kristoffer Brånemyr

Exploit for Ultrix 4.5 dxterm Kristoffer Brånemyr (Dec 20)

Kurczaba Associates advisories

[KA Advisory 0411291] IPCop Cross Site Scripting Vulnerability in "proxylog.dat" Kurczaba Associates advisories (Dec 02)

laffer1

Re: DJB's students release 44 *nix software vulnerability advisories laffer1 (Dec 22)

Len Sassaman

CodeCon CFP deadline nearing Len Sassaman (Dec 10)

Liu Die Yu

Re: Disclosure of file system information in Mozilla Firefox and Opera Browser: Liu Die Yu (Dec 03)
Re: [USN-52-1] vim vulnerability Liu Die Yu (Dec 24)

Lode Vermeiren

zone transfers, a spammer's dream? Lode Vermeiren (Dec 07)

Luca Ercoli

Crystal FTP Pro Client Buffer Overflow Luca Ercoli (Dec 20)

Luigi Auriemma

Multiple vulnerabilities in Kreed 1.05 Luigi Auriemma (Dec 02)
Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2 Luigi Auriemma (Dec 07)
In-game buffer-overflow in the Gamespy cd-key validation SDK Luigi Auriemma (Dec 10)
Socket unreacheable in the Lithtech engine (new protocol) Luigi Auriemma (Dec 13)

Luke Macken

[ GLSA 200411-37 ] Open DC Hub: Remote code execution Luke Macken (Dec 02)
[ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library Luke Macken (Dec 06)
[ GLSA 200412-05 ] mirrorselect: Insecure temporary file creation Luke Macken (Dec 07)
[ GLSA 200412-04 ] Perl: Insecure temporary file creation Luke Macken (Dec 08)
[ GLSA 200412-08 ] nfs-utils: Multiple remote vulnerabilities Luke Macken (Dec 14)
[ GLSA 200412-11 ] Cscope: Insecure creation of temporary files Luke Macken (Dec 16)
[ GLSA 200412-12 ] Adobe Acrobat Reader: Buffer overflow vulnerability Luke Macken (Dec 17)
UPDATE: [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities Luke Macken (Dec 20)
[ GLSA 200412-20 ] NASM: Buffer overflow vulnerability Luke Macken (Dec 20)
[ GLSA 200412-18 ] abcm2ps: Buffer overflow vulnerability Luke Macken (Dec 20)
[ GLSA 200412-23 ] Zwiki: XSS vulnerability Luke Macken (Dec 22)

Maciej Soltysiak

Gadu-Gadu Remote DoS (all versions) Maciej Soltysiak (Dec 20)
Re: [Full-Disclosure] Re: Gadu-Gadu, another two bugs Maciej Soltysiak (Dec 20)

madsys

Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux) madsys (Dec 07)

Mandrake Linux Security Team

MDKSA-2004:142 - Updated gzip packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 07)
MDKSA-2004:143 - Updated ImageMagick packages fix vulnerability Mandrake Linux Security Team (Dec 07)
MDKSA-2004:147 - Updated openssl packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 08)
MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability Mandrake Linux Security Team (Dec 08)
MDKSA-2004:146 - Updated nfs-utils packages fix remote DoS vulnerability Mandrake Linux Security Team (Dec 08)
MDKSA-2004:144 - Updated lvm1 packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 08)
MDKSA-2004:148 - Updated iproute2 packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 14)
MDKSA-2004:149 - Updated postgresql packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 14)
MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerability Mandrake Linux Security Team (Dec 16)
MDKSA-2004:151 - Updated php packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 20)
MDKSA-2004:153 - Updated aspell packages fix vulnerability Mandrake Linux Security Team (Dec 20)
MDKSA-2004:152 - Updated ethereal packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 20)
MDKSA-2004:154 - Updated kdelibs packages fix multiple vulnerability Mandrake Linux Security Team (Dec 22)
MDKSA-2004:156 - Updated krb5 packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 22)
MDKSA-2004:155 - Updated logcheck packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 22)
MDKSA-2004:157 - Updated mplayer packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 22)
MDKSA-2004:158 - Updated samba packages fix integer overflow vulnerabilities Mandrake Linux Security Team (Dec 28)
MDKSA-2004:160 - Updated kdelibs packages fix konqueror email vulnerability Mandrake Linux Security Team (Dec 30)
MDKSA-2004:161 - Updated xpdf packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 30)
MDKSA-2004:164 - Updated cups packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 30)
MDKSA-2004:159 - Updated glibc packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 30)
MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 30)
MDKSA-2004:165 - Updated koffice packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 30)
MDKSA-2004:162 - Updated gpdf packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 31)
MDKSA-2004:166 - Updated tetex packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 31)

Manning, Robert (Mission Systems)

RE: DJB's students release 44 *nix software vulnerability advisories Manning, Robert (Mission Systems) (Dec 22)

Marc Bejarano

Re: Patch available for multiple critical flaws in Oracle Marc Bejarano (Dec 20)
possible error in latest NGS realplayer advisory Marc Bejarano (Dec 28)

Marcin Owsiany

Re: DJB's students release 44 *nix software vulnerability advisories Marcin Owsiany (Dec 20)

Marcin Pacyna

RE: zone transfers, a spammer's dream? Marcin Pacyna (Dec 13)

Marco Ivaldi

raptor's xmas pack 2004 Marco Ivaldi (Dec 24)

Marc Schoenefeld

Opera 7.54 vulnerabilities again (still unfixed) Marc Schoenefeld (Dec 04)
Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability Marc Schoenefeld (Dec 22)

Marcus Meissner

SUSE Security Announcement: various kernel problems (SUSE-SA:2004:042) Marcus Meissner (Dec 01)
SUSE Security Announcement: various kernel problems (SUSE-SA:2004:044) Marcus Meissner (Dec 21)
SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2004:046) Marcus Meissner (Dec 23)
Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Marcus Meissner (Dec 28)

Martin Dougiamas

Re: Multiple Vulnerabilities in Moodle Martin Dougiamas (Dec 31)

Martin Eiszner

php unserialize Martin Eiszner (Dec 16)

Martin Mewes

Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2 () 012 net il> Martin Mewes (Dec 24)

Martin Pitt

[USN-35-1] imagemagick vulnerabilities Martin Pitt (Dec 01)
[USN-36-1] NFS statd vulnerability Martin Pitt (Dec 01)
[USN-33-1] libgd vulnerabilities Martin Pitt (Dec 02)
[USN-34-1] OpenSSH information leakage Martin Pitt (Dec 02)
[USN-37-1] cyrus21-imapd vulnerability Martin Pitt (Dec 02)
[USN-38-1] Linux kernel vulnerabilities Martin Pitt (Dec 15)
[USN-39-1] Linux amd64 kernel vulnerability Martin Pitt (Dec 16)
[USN-40-1] PHP vulnerabilities Martin Pitt (Dec 16)
[USN-41-1] Samba vulnerability Martin Pitt (Dec 20)
[USN-42-1] Xine library vulnerabilities Martin Pitt (Dec 20)
[USN-43-1] groff utility vulnerabilities Martin Pitt (Dec 20)
[USN-47-1] Linux kernel vulnerabilities Martin Pitt (Dec 23)
[USN-48-1] xpdf, tetex-bin vulnerabilities Martin Pitt (Dec 23)
[USN-49-1] debmake vulnerability Martin Pitt (Dec 23)
[USN-51-1] teTeX auxiliary script vulnerability Martin Pitt (Dec 23)
[USN-52-1] vim vulnerability Martin Pitt (Dec 23)
[USN-50-1] CUPS vulnerabilities Martin Pitt (Dec 24)

Martin Schulze

[SECURITY] [DSA 603-1] New openssl packages fix insecure temporary file creation Martin Schulze (Dec 01)
[SECURITY] [DSA 604-1] New hpsockd packages fix denial of service Martin Schulze (Dec 03)
[SECURITY] [DSA 605-1] New viewcvs packages fix information leak Martin Schulze (Dec 07)
[SECURITY] [DSA 606-1] New nfs-utils packages fix denial of service Martin Schulze (Dec 08)
[SECURITY] [DSA 607-1] New libxpm packages fix several vulnerabilities Martin Schulze (Dec 10)
[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit Martin Schulze (Dec 14)
[SECURITY] [DSA 608-1] New zgv packages fix arbitrary code execution Martin Schulze (Dec 14)
[SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation Martin Schulze (Dec 18)
[SECURITY] [DSA 611-1] New htget packages fix arbitrary code execution Martin Schulze (Dec 20)
[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution Martin Schulze (Dec 20)
[SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code execution Martin Schulze (Dec 21)
[SECURITY] [DSA 613-1] New ethereal packages fix denial of service Martin Schulze (Dec 22)
[SECURITY] [DSA 615-1] New debmake package fixes insecure temporary directories Martin Schulze (Dec 22)
[SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code execution Martin Schulze (Dec 23)
[SECURITY] [DSA 618-1] New imlib packages fix arbitrary code execution Martin Schulze (Dec 24)
[SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code execution Martin Schulze (Dec 24)
[SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities Martin Schulze (Dec 30)
[SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution Martin Schulze (Dec 30)
[SECURITY] [DSA 621-1] New CUPS packages fix arbitrary code execution Martin Schulze (Dec 31)

matthew-bugtraq

Re: Linux kernel IGMP vulnerabilities matthew-bugtraq (Dec 16)

Matthias Geerdsen

[ GLSA 200412-07 ] file: Arbitrary code execution Matthias Geerdsen (Dec 13)

Maurycy Prodeus

Heap overflow in Mozilla Browser <= 1.7.3 NNTP code. Maurycy Prodeus (Dec 30)

Michael Barnes

possible local exploit via sendmail with procmail on solaris Michael Barnes (Dec 22)

Michael Hampton

Re: Citadel/UX <= v6.27 Remote Format String Vulnerability Michael Hampton (Dec 14)

Michael Roitzsch

XSA-2004-7: stack overflow in AIFF demultiplexer Michael Roitzsch (Dec 28)

Michal Zalewski

Re: DJB's students release 44 *nix software vulnerability advisories Michal Zalewski (Dec 23)

mike bailey

SQL Injection Vulnerability In IBProArcade mike bailey (Dec 31)

Mike DeMaria

Cleartext SMB passwords in Novell Desktop Linux using KDE Mike DeMaria (Dec 07)

Mike Nice

Re: Did a 16-bit counter overflow shut down Comair? Mike Nice (Dec 29)

milw0rm Inc.

Re: DJB's students release 44 *nix software vulnerability advisories milw0rm Inc. (Dec 21)

Min-sung Choi

KorWeblog php injection Vulnerability Min-sung Choi (Dec 30)

Monte Ratzlaff

Discussion: Microsoft(R) PowerPoint Action Settings feature allows invocation of default browser pointed at arbitrary URL. Monte Ratzlaff (Dec 16)

Moritz Muehlenhoff

Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Moritz Muehlenhoff (Dec 23)

mouse small

Hosting Controller mouse small (Dec 06)

NetBSD Security-Officer

NetBSD Security Advisory 2004-010: Insufficient argument validation in compat code NetBSD Security-Officer (Dec 17)

NGSSoftware Insight Security Research

Sybase ASE 12.5.2 vulnerabilities NGSSoftware Insight Security Research (Dec 22)
Oracle Trigger Abuse (#NISR2122004I) NGSSoftware Insight Security Research (Dec 23)
Oracle clear text passwords (#NISR2122004D) NGSSoftware Insight Security Research (Dec 23)
Oracle ISQLPlus file access vulnerability (#NISR2122004E) NGSSoftware Insight Security Research (Dec 23)
Oracle Character Conversion Bugs (#NISR2122004G) NGSSoftware Insight Security Research (Dec 23)
Oracle extproc buffer overflow (#NISR23122004A) NGSSoftware Insight Security Research (Dec 23)
Oracle extproc directory traversal (#NISR23122004B) NGSSoftware Insight Security Research (Dec 23)
Oracle extproc local command execution (#NISR23122004C) NGSSoftware Insight Security Research (Dec 23)
IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L) NGSSoftware Insight Security Research (Dec 23)
Oracle TNS Listener DoS (#NISR2122004F) NGSSoftware Insight Security Research (Dec 23)
Oracle wrapped procedure overflow (#NISR2122004J) NGSSoftware Insight Security Research (Dec 23)
Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H) NGSSoftware Insight Security Research (Dec 23)
IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J) NGSSoftware Insight Security Research (Dec 23)

Nick Johnson

Re: WebWorm using PHPBB vulnerability in the wild! Nick Johnson (Dec 23)

Nicolas Gregoire

Multiple vulnerabilities in w3who ISAPI DLL Nicolas Gregoire (Dec 07)
Re: [Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLL Nicolas Gregoire (Dec 08)
Multiple vulnerabilities in phpMyAdmin Nicolas Gregoire (Dec 13)

Niek van der Maas

[Advisory] Mozilla Products Remote Crash Vulnerability Niek van der Maas (Dec 08)

Niki Denev

WebWorm using PHPBB vulnerability in the wild! Niki Denev (Dec 22)

Ofer Shezaf

RE: phpBB Worm Ofer Shezaf (Dec 23)

offtopic

Bypass personal firewall application protection . Again. offtopic (Dec 07)

oliver

F-Secure Policy Manager - physical path disclosure oliver (Dec 09)

OpenPKG

[OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim) OpenPKG (Dec 15)
[OpenPKG-SA-2004.053] OpenPKG Security Advisory (php) OpenPKG (Dec 16)
[OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) OpenPKG (Dec 17)
[OpenPKG-SA-2004.056] OpenPKG Security Advisory (cvstrac) OpenPKG (Dec 17)
[OpenPKG-SA-2004.055] OpenPKG Security Advisory (gettext) OpenPKG (Dec 23)

Palmer, Paul (ISSAtlanta)

RE: DJB's students release 44 *nix software vulnerability advisories Palmer, Paul (ISSAtlanta) (Dec 23)

Paul

MSIE DHTML Edit Control Cross Site Scripting Vulnerability Paul (Dec 15)
Internet Explorer Help ActiveX Control Local Zone Security Restriction Bypass Vulnerability (updated) Paul (Dec 20)
Microsoft Internet Explorer SP2 Fully Automated Remote Compromise Paul (Dec 25)

Paul Kurczaba

RE: phpBB Worm Paul Kurczaba (Dec 22)

Paul Laudanski

phpBB Attachment Mod Directory Traversal HTTP POST Injection Paul Laudanski (Dec 14)
Re: Sanity Worm Concepts Paul Laudanski (Dec 31)

Paul Owen

RE: CSS in phpBB 1.4.4 Paul Owen (Dec 16)

Paul Starzetz

Linux kernel IGMP vulnerabilities Paul Starzetz (Dec 14)
Linux kernel scm_send local DoS Paul Starzetz (Dec 14)
Re: Linux kernel scm_send local DoS Paul Starzetz (Dec 15)
Re: Linux kernel IGMP vulnerabilities Paul Starzetz (Dec 16)

Paul Wouters

Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08)
Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08)

Pavel Kankovsky

Re: MD5 To Be Considered Harmful Someday Pavel Kankovsky (Dec 09)
Re: Linux kernel scm_send local DoS Pavel Kankovsky (Dec 23)

Pavel Machek

MD5 To Be Considered Harmful Today Pavel Machek (Dec 08)
Re: MD5 To Be Considered Harmful Today Pavel Machek (Dec 09)

Pekka Savola

Re: Linux kernel IGMP vulnerabilities Pekka Savola (Dec 15)

Peter Conrad

Permission problem in Skype BETA for linux Peter Conrad (Dec 22)

Przemyslaw Frasunek

Re: Gadu-Gadu, another two bugs Przemyslaw Frasunek (Dec 20)

Rafael San Miguel Carrasco

Re: Multiple Vulnerabilities in paFileDB 3.1 Rafael San Miguel Carrasco (Dec 09)

Rafel Ivgi

Hotmail Cross-Site Scripting Vulnerability #1 Rafel Ivgi (Dec 15)
Hotmail Cross Site Scripting Vulnerability #2 Rafel Ivgi (Dec 15)
Yahoo! Mail Cross-Site Scripting Vulnerability Rafel Ivgi (Dec 15)

Rafel Ivgi, The-Insider

Yahoo! Mail Cross-Site Scripting Vulnerability Rafel Ivgi, The-Insider (Dec 16)
Hotmail Cross-Site Scripting Vulnerability #2 Rafel Ivgi, The-Insider (Dec 16)
Hotmail Cross-Site Scripting Vulnerability #1 Rafel Ivgi, The-Insider (Dec 16)

Rager, Anton (Anton)

RE: MD5 To Be Considered Harmful Someday Rager, Anton (Anton) (Dec 08)

Raymond Dijkxhoorn

Re: phpBB Worm Raymond Dijkxhoorn (Dec 22)
Re: phpBB Worm Raymond Dijkxhoorn (Dec 24)

Raymond M. Reskusich

Re: DJB's students release 44 *nix software vulnerability advisories Raymond M. Reskusich (Dec 22)

Reed Arvin

Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003. Reed Arvin (Dec 01)

Richard M. Smith

Did a 16-bit counter overflow shut down Comair? Richard M. Smith (Dec 28)

Richard Stanway

RE: STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard Richard Stanway (Dec 16)

robert

Web Application Security Consortium 'Guest Articles' Call for Papers robert (Dec 07)

RSnake

Re: IE6 Vulnerability - Local File Detection RSnake (Dec 08)

Ruth A. Kramer

Re: MD5 To Be Considered Harmful Someday Ruth A. Kramer (Dec 08)

SandI]

CSS in phpBB 1.4.4 SandI] (Dec 16)

sean

Re: DJB's students release 44 *nix software vulnerability advisories sean (Dec 23)

Sebastian Krahmer

SUSE Security Announcement: samba (SUSE-SA:2004:045) Sebastian Krahmer (Dec 22)

Sebastian Wiesinger

Re: phpBB Worm Sebastian Wiesinger (Dec 22)

secure

Re: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory secure (Dec 14)

Secure Computer Group

[CAN-2004-1022] Insecure Credential Storage on Kerio Software Secure Computer Group (Dec 14)
[CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio Software Secure Computer Group (Dec 14)

Secure Network Operations, Inc.

Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory Secure Network Operations, Inc. (Dec 13)
[Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory Secure Network Operations, Inc. (Dec 15)

security curmudgeon

Re: DJB's students release 44 *nix software vulnerability advisories security curmudgeon (Dec 17)

Shannon Lee

phpBB Worm Shannon Lee (Dec 21)

shervin khaleghjou

ASP-rider is vulnerable to sql injection attack shervin khaleghjou (Dec 14)
iwebnegar is vulnerable to all kind of sql injections shervin khaleghjou (Dec 16)

Shiva Persaud

Re: AIX 5.1/5.2/5.3 local root exploits (diag issue) Shiva Persaud (Dec 21)
Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue) Shiva Persaud (Dec 22)

ShredderSub7 SecExpert

Remote code execution with parameters withoutu ser interaction, even with XP SP2 ShredderSub7 SecExpert (Dec 28)

Simple Nomad

Re: Inexcusable weakness in Kmail / GnuPG Simple Nomad (Dec 24)

Solar Designer

Re: MD5 To Be Considered Harmful Someday Solar Designer (Dec 08)
Re: MD5 To Be Considered Harmful Someday Solar Designer (Dec 13)

Spy Hat

Re: Advanced Guestbook Spy Hat (Dec 07)

Stefan Esser

Advisory 01/2004: Multiple vulnerabilities in PHP 4/5 Stefan Esser (Dec 15)
Re: php unserialize Stefan Esser (Dec 16)

Stefano Di Paola

PHP shmop.c module permits write of arbitrary memory. Stefano Di Paola (Dec 20)

Stefan Paletta

Re: Online Script Decoder Stefan Paletta (Dec 07)
Re: Security Advisory for ALL forum services with client-set images Stefan Paletta (Dec 23)

Stephen Harris

Re: DJB's students release 44 *nix software vulnerability advisories Stephen Harris (Dec 22)

stephen joseph butler

Re: Linux kernel IGMP vulnerabilities stephen joseph butler (Dec 16)

Stephen Samuel

Re: DJB's students release 44 *nix software vulnerability advisories Stephen Samuel (Dec 22)

steve

Re: phpBB Worm steve (Dec 24)

Steve Friedl

Re: MD5 To Be Considered Harmful Someday Steve Friedl (Dec 08)
Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC Steve Friedl (Dec 31)

Steve Kemp

Blog Torrent preview 0.8 - arbitary file download Steve Kemp (Dec 02)

steven

ArGoSoft FTP Server reveals valid usernames and allows for brute force attacks steven (Dec 31)

Steven M. Christey

Re: DJB's students release 44 *nix software vulnerability advisories Steven M. Christey (Dec 22)
Re: DJB's students release 44 *nix software vulnerability advisories Steven M. Christey (Dec 22)
Re: stick with "anonymous" or "authenticated" when describing Steven M. Christey (Dec 23)

Sune Kloppenborg Jeppesen

[ GLSA 200412-13 ] Samba: Integer overflow Sune Kloppenborg Jeppesen (Dec 18)
[ GLSA 200412-15 ] Ethereal: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 20)
[ GLSA 200412-16 ] kdelibs, kdebase: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 20)
[ GLSA 200412-17 ] kfax: Multiple overflows in the included TIFF library Sune Kloppenborg Jeppesen (Dec 20)
[Full-Disclosure] [ GLSA 200412-19 ] phpMyAdmin: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 20)

The Warlock

PHP v4.3.x exploit for Windows. The Warlock (Dec 22)

Thierry Carrez

[ GLSA 200412-01 ] rssh, scponly: Unrestricted command execution Thierry Carrez (Dec 04)
[ GLSA 200412-03 ] imlib: Buffer overflows in image decoding Thierry Carrez (Dec 08)
[ GLSA 200412-06 ] PHProjekt: setup.php vulnerability Thierry Carrez (Dec 13)
[ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmap Thierry Carrez (Dec 15)
[ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines Thierry Carrez (Dec 15)
[ GLSA 200412-14 ] PHP: Multiple vulnerabilities Thierry Carrez (Dec 20)
[ GLSA 200412-21 ] MPlayer: Multiple overflows Thierry Carrez (Dec 20)
[ GLSA 200412-25 ] CUPS: Multiple vulnerabilities Thierry Carrez (Dec 29)
[ GLSA 200412-26 ] ViewCVS: Information leak and XSS vulnerabilities Thierry Carrez (Dec 29)
[ GLSA 200412-24 ] Xpdf, GPdf: New integer overflows Thierry Carrez (Dec 29)

Thomas C. Greene

*nix data wipe tools Thomas C. Greene (Dec 15)
Re: *nix data wipe tools Thomas C. Greene (Dec 17)
Inexcusable weakness in Kmail / GnuPG Thomas C. Greene (Dec 23)

Thomas Waldegger

Multiple XSS Vulnerabilities in Wordpress 1.2.1 Thomas Waldegger (Dec 16)
Re: Wordpress 1.2.2 is still vulnerable Thomas Waldegger (Dec 22)

Thor

Re: DJB's students release 44 *nix software vulnerability advisories Thor (Dec 21)

Thor Larholm

RE: Disclosure of file system information in Mozilla Firefox and Opera Browser: Thor Larholm (Dec 07)
DJB's students release 44 *nix software vulnerability advisories Thor Larholm (Dec 16)

Tim

Re: MD5 To Be Considered Harmful Someday Tim (Dec 08)

Tim Jackson

Re: Security Advisory for ALL forum services with client-set images Tim Jackson (Dec 23)

Tom Yu

MITKRB5-SA-2004-004: heap overflow in libkadm5srv Tom Yu (Dec 20)

Trustix Security Advisor

TSLSA-2004-0064 - nfs-utils Trustix Security Advisor (Dec 09)
TSLSA-2004-0066 - multi Trustix Security Advisor (Dec 20)
TSLSA-2004-0068 - kernel Trustix Security Advisor (Dec 20)
Updated: TSLSA-2004-0068 - kernel Trustix Security Advisor (Dec 20)
TSLSA-2004-0069 - kerberos5 Trustix Security Advisor (Dec 21)

Valdis . Kletnieks

Re: DJB's students release 44 *nix software vulnerability advisories Valdis . Kletnieks (Dec 22)
Re: [Full-Disclosure] Re: Linux kernel scm_send local DoS Valdis . Kletnieks (Dec 23)

venglin

Local off-by-one in mtr versions 0.55 to 0.65 venglin (Dec 11)

ViPeR

IE6 Vulnerability - Local File Detection ViPeR (Dec 08)

Waldo Bastian

KDE Security Advisory: Konqueror Window Injection Vulnerability Waldo Bastian (Dec 13)
KDE Security Advisory: Konqueror Java Vulnerability Waldo Bastian (Dec 20)

Wang Ning

3cdaemon tftp server DOS vulnerability Wang Ning (Dec 15)
CleanCache v2.19: False Sense of Security WBG Links (Dec 25)

Wei Li

Realone2.0 "pnxr3260.dll" Lets Remote Users IE Browser Crash Wei Li (Dec 22)

Wietse Venema

Re: *nix data wipe tools Wietse Venema (Dec 17)

William Geoghegan

Re: phpBB Worm William Geoghegan (Dec 23)

Wolfpaw - Dale Corse

RE: Linux kernel IGMP vulnerabilities Wolfpaw - Dale Corse (Dec 16)

x90c

Re: rpcl_icmpdos.c x90c (Dec 15)

ycw1bh302

Re: phpBB Worm ycw1bh302 (Dec 22)

Zeljko Brajdic

Re: phpBB Worm Zeljko Brajdic (Dec 25)

zib zib

2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability zib zib (Dec 22)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]