Bugtraq: by thread

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: by thread

681 messages starting Feb 02 04 and ending Feb 28 04
Date index | Thread index | Author index

RE: virus handling Rainer Gerhards (Feb 02)
- <Possible follow-ups>
- Re: virus handling Mike Healan (Feb 02)
- RE: virus handling Shaun Bertrand (Feb 03)
Re: RFC: virus handling 3APA3A (Feb 02)
- getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Gadi Evron (Feb 03)
  - Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] James A. Thornton (Feb 04)
  - Re: getting rid of outbreaks and spam (junk) James Riden (Feb 04)
  - Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] der Mouse (Feb 05)
  - Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Georg Schwarz (Feb 06)
- <Possible follow-ups>
- Re: RFC: virus handling Sascha Wilde (Feb 02)
- Re: RFC: virus handling Pavel Levshin (Feb 02)
  - Re: RFC: virus handling David F. Skoll (Feb 03)
- Re: RFC: virus handling Jeremy Mates (Feb 02)
  - Hysterical first technical alert from US-CERT Larry Seltzer (Feb 03)
    - Re: Hysterical first technical alert from US-CERT Valdis . Kletnieks (Feb 04)
    - RE: Hysterical first technical alert from US-CERT Larry Seltzer (Feb 05)
    - Re: Hysterical first technical alert from US-CERT Valdis . Kletnieks (Feb 04)
    - Re: Hysterical first technical alert from US-CERT Stephen Samuel (Feb 06)
    - Re: Hysterical first technical alert from US-CERT Valdis . Kletnieks (Feb 06)
    - Re: Hysterical first technical alert from US-CERT Shawn McMahon (Feb 10)
    - Re: Hysterical first technical alert from US-CERT Philip Rowlands (Feb 05)
    - Re: Hysterical first technical alert from US-CERT Andreas Marx (Feb 06)
- Re: RFC: virus handling Piotr KUCHARSKI (Feb 02)
- Re: RFC: virus handling Patrick Proniewski (Feb 02)
  - Re: RFC: virus handling Matthew Dharm (Feb 03)
    - Re: RFC: virus handling Ben Wheeler (Feb 04)
    - Re: RFC: virus handling Shawn McMahon (Feb 07)
- Re: RFC: virus handling Craig Morrison (Feb 02)
  - Re: RFC: virus handling James C. Slora Jr. (Feb 03)
- Re: RFC: virus handling John Fitzgibbon (Feb 02)
  - Re: RFC: virus handling Dave Clendenan (Feb 03)
    - Re: RFC: virus handling Volker Kuhlmann (Feb 04)
- Re: RFC: virus handling Daniele Orlandi (Feb 02)
- Re: RFC: virus handling Pavel Kankovsky (Feb 02)
- Re: RFC: virus handling Dave Aronson (Feb 02)
- RE: RFC: virus handling David Brodbeck (Feb 03)
  - Re: RFC: virus handling Casper Dik (Feb 04)
http://www.smashguard.org Hilmi Ozdoganoglu (Feb 02)
- RE: http://www.smashguard.org Dave Paris (Feb 03)
  - Re: http://www.smashguard.org Nicholas Weaver (Feb 03)
  - RE: http://www.smashguard.org Hilmi Ozdoganoglu (Feb 07)
    - Re: http://www.smashguard.org Theo de Raadt (Feb 07)
    - Re[2]: http://www.smashguard.org Andrey Kolishak (Feb 09)
    - Re: http://www.smashguard.org Crispin Cowan (Feb 09)
    - Re: http://www.smashguard.org Theo de Raadt (Feb 10)
    - Re: http://www.smashguard.org Nicholas Weaver (Feb 09)
- Re: http://www.smashguard.org Leon Harris (Feb 04)
  - Re: http://www.smashguard.org Seth Arnold (Feb 05)
MDKSA-2004:006-1 - Updated gaim packages fix multiple vulnerabilities Mandrake Linux Security Team (Feb 02)
Advisory ! Mr Serbia (Feb 02)
outbreak warning: new Myydoom.B is out Gadi Evron (Feb 02)
- Re: [Full-Disclosure] outbreak warning: new Myydoom.B is out Gadi Evron (Feb 02)
Re: Remote exploit in Gallery 1.3.1, 1.3.2, 1.3.3, 1.4 and 1.4.1 Matus UHLAR - fantomas (Feb 02)
Re: new WIN virus? markus-1977 (Feb 02)
- <Possible follow-ups>
- Re: new WIN virus? pna.lists (Feb 02)
  - Re: new WIN virus? Atom 'Smasher' (Feb 02)
- Re: new WIN virus? Atom 'Smasher' (Feb 02)
- Re: new WIN virus? K-OTiK Security (Feb 02)
- Re: new WIN virus? Gregor Lawatscheck (Feb 02)
RFC: content-filter and AV notifications (Was: Re: RFC: virus handling) Andrey G. Sergeev (AKA Andris) (Feb 02)
- Re: RFC: content-filter and AV notifications (Was: Re: RFC: virus handling) Peter J. Holzer (Feb 03)
Mydoom DDoS attack time table Gadi Evron (Feb 02)
MS to stop allowing passwords in URLs McAllister, Andrew (Feb 02)
- RE: MS to stop allowing passwords in URLs Fergus Brooks (Feb 03)
  - RE: MS to stop allowing passwords in URLs Joe Weisenberger (Feb 03)
- Re: MS to stop allowing passwords in URLs N407ER (Feb 03)
- Re: MS to stop allowing passwords in URLs Dave Warren (Feb 03)
  - Re: MS to stop allowing passwords in URLs David B Harris (Feb 03)
  - Re: MS to stop allowing passwords in URLs �stlund (Feb 04)
  - Re: MS to stop allowing passwords in URLs Nick FitzGerald (Feb 06)
- Message not available
  - Re: MS to stop allowing passwords in URLs Vinny Abello (Feb 03)
- Re: MS to stop allowing passwords in URLs Ansgar -59cobalt- Wiechers (Feb 03)
- RE: MS to stop allowing passwords in URLs Andrew Harwood (Feb 03)
- Re: MS to stop allowing passwords in URLs 3APA3A (Feb 03)
- Re: MS to stop allowing passwords in URLs Dave McCormick (Feb 03)
- Re: MS to stop allowing passwords in URLs Nick FitzGerald (Feb 03)
- Re: MS to stop allowing passwords in URLs Sam Schinke (Feb 03)
- Message not available
  - Re: MS to stop allowing passwords in URLs Paul Smith (Feb 03)
- RE: MS to stop allowing passwords in URLs Richard M. Smith (Feb 03)
- <Possible follow-ups>
- RE: MS to stop allowing passwords in URLs Francis Favorini (Feb 03)
- RE: MS to stop allowing passwords in URLs Thor Larholm (Feb 03)
  - Re: MS to stop allowing passwords in URLs Sam Schinke (Feb 05)
- RE: MS to stop allowing passwords in URLs NESTING, DAVID M (SBCSI) (Feb 05)
Re: Major hack attack on the U.S. Senate Mariusz Woloszyn (Feb 02)
- Re: [security] Re: Major hack attack on the U.S. Senate rsh (Feb 03)
  - Re: [security] Re: Major hack attack on the U.S. Senate Bernie, CTA (Feb 04)
    - RE: [security] Re: Major hack attack on the U.S. Senate Larry Seltzer (Feb 07)
- Re: Major hack attack on the U.S. Senate Christian Vogel (Feb 03)
  - Re: Major hack attack on the U.S. Senate Ron DuFresne (Feb 03)
  - Re: Major hack attack on the U.S. Senate Daniel . Capo (Feb 03)
    - Re: Major hack attack on the U.S. Senate Thomas M. Payerle (Feb 06)
- RE: Major hack attack on the U.S. Senate David Schwartz (Feb 03)
Web Blog 1.1 Remote Execute Commands Bug ActualMInd (Feb 02)
[SECURITY] [DSA 431-1] New perl packages fix information leak in suidperl Matt Zimmerman (Feb 02)
Re: vulnerabilities of postscript printers Georg Lutz (Feb 02)
- <Possible follow-ups>
- Re: vulnerabilities of postscript printers Dragos Ruiu (Feb 02)
  - Re: vulnerabilities of postscript printers Nicolas Gregoire (Feb 10)
Re: Oracle toplink mapping workbench password algorithm Martin (Feb 02)
- <Possible follow-ups>
- Re: Oracle toplink mapping workbench password algorithm Pete Finnigan (Feb 02)
CoDeX-W0rm - what happened here? Chuck Rock (Feb 02)
- RE: CoDeX-W0rm - what happened here? Michael Marziani (Feb 03)
  - Re: CoDeX-W0rm - what happened here? Simon (Feb 04)
- Re: CoDeX-W0rm - what happened here? Charley Hamilton (Feb 03)
- RE: CoDeX-W0rm - what happened here? James C Slora Jr (Feb 04)
sqwebmail web login Marco Marabelli (Feb 02)
- Re: sqwebmail web login Antonio Messina (Feb 03)
  - Re: sqwebmail web login Tim Nelson (Feb 04)
- Re: sqwebmail web login Brian Bothwell (Feb 03)
- <Possible follow-ups>
- Re: sqwebmail web login scott . jefferd (Feb 03)
0verkill - little simple vulnerability. Adam Zabrocki (Feb 02)
[FLSA-2004:1193] Updated ethereal resolves security vulnerabilites Jesse Keating (Feb 02)
[SCSA-027] PHP-Nuke 6.9 SQL Injection Vulnerability advisory (Feb 02)
another Trojan with the ADO hole? + a twist in the story Gadi Evron (Feb 02)
[FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths) Jesse Keating (Feb 02)
Vulnerabilities in Crob FTP Server V3.5.1 Zero_X www . lobnan . de Team (Feb 02)
Refuting tall-tales and stories about the Mydoom worms Gadi Evron (Feb 02)
Symlink Vulnerability in GNU libtool <1.5.2 Stefan Nordhausen (Feb 02)
- Re: Symlink Vulnerability in GNU libtool <1.5.2 Joseph S. Myers (Feb 03)
  - Re: Symlink Vulnerability in GNU libtool <1.5.2 Scott James Remnant (Feb 04)
  - Re: Symlink Vulnerability in GNU libtool <1.5.2 Stefan Nordhausen (Feb 05)
- Re: Symlink Vulnerability in GNU libtool <1.5.2 Stefan Nordhausen (Feb 03)
- Re: Symlink Vulnerability in GNU libtool <1.5.2 jsm (Feb 05)
Directory Traversal in Aprox PHP Portal. Zero_X www . lobnan . de Team (Feb 02)
BUG IN APACHE HTTPD SERVER (current version 2.0.47) Vietnamese Security Group (Feb 02)
- Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) André Malo (Feb 03)
- <Possible follow-ups>
- Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Vietnamese Security Group (Feb 03)
- Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) langtuhaohoa caothuvolam (Feb 04)
  - Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) André Malo (Feb 04)
    - Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Dan Yefimov (Feb 05)
    - Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Seth Arnold (Feb 06)
    - Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Todd C. Campbell (Feb 06)
    - Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Tyler Larson (Feb 06)
Denial Of Service in ChatterBox 2.0 Donato Ferrante (Feb 02)
[HUC] Serv-U FTPD 3.x/4.x "SITE CHMOD" Command remote exploit V2.0 lion (Feb 02)
Re: Fw: phpBB privmsg.php XSS vulnerability patch. Micheal Cottingham (Feb 02)
- Re: Fw: phpBB privmsg.php XSS vulnerability patch. Truthless (Feb 04)
PHP Code Injection Vulnerabilities in phpGedView 2.65.1 and prior Cedric Cochin (Feb 02)
ZH2004-03SA (security advisory): Photopost PHP Pro 4.6 Sql Injection Vulnerability ZetaLabs (Feb 03)
[waraxe-2004-SA#001] - Script injection in GBook for Php-Nuke ver. 1.0 Janek Vind (Feb 03)
Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Cedric Cochin (Feb 03)
- Re: Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Security Admin (Feb 06)
X-Cart vulnerability Philip (Feb 03)
- <Possible follow-ups>
- Re: X-Cart vulnerability Dmitry (Feb 05)
[SECURITY] [DSA 432-1] New crawl packages fix potential local games exploit Martin Schulze (Feb 03)
Cisco Security Advisory: Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability Cisco Systems Product Security Incident Response Team (Feb 03)
Les Commentaires (PHP) Include file Himeur Nourredine (Feb 03)
Remote crash of Chaser game <= 1.50 Luigi Auriemma (Feb 03)
DIMVA 2004 deadline extended Thomas Biege (Feb 03)
Sandblad #12: Inject javascript url in history list (revisited) Andreas Sandblad (Feb 03)
Decompression Bombs Matthias Leu (Feb 03)
- <Possible follow-ups>
- RE: Decompression Bombs David Bachtel (Feb 06)
  - RE: Decompression Bombs Myron Davis (Feb 09)
    - Re: Decompression Bombs Brian Dessent (Feb 09)
    - Re: Decompression Bombs Myron Davis (Feb 11)
    - Re: Decompression Bombs Chris Green (Feb 09)
- RE: Decompression Bombs SBNelson (Feb 09)
- Re: Decompression Bombs Bipin Gautam . (Feb 11)
Web Crossing 4.x/5.x Denial of Service Vulnerability Peter Winter-Smith (Feb 03)
RE: MS to stop allowing passwords in URLs (Summary) McAllister, Andrew (Feb 03)
Multiple Vulnerabilities in PHPX mantra (Feb 03)
Re: Technical Details of Urlcount.cgi Vulnerability Tom Hanlin (Feb 03)
[SECURITY] [DSA 433-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) Martin Schulze (Feb 04)
Re: [Full-Disclosure] smbmount disrupts Windows file sharing. Daniel Kabs [ML] (Feb 04)
TYPSoft FTP Server 1.10 may be crashed intuit bug_hunter (Feb 04)
- Re: TYPSoft FTP Server 1.10 may be crashed Maxim Polyakov (Feb 05)
smbmount disrupts Windows file sharing. Daniel Kabs [ML] (Feb 04)
- RE: [Full-Disclosure] smbmount disrupts Windows file sharing. Steve Wray (Feb 04)
ZH2004-04SA (security advisory): Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro ZetaLabs (Feb 04)
iDEFENSE Security Advisory 02.04.04: GNU Radius Remote Denial of Service Vulnerability labs (Feb 04)
rxgoogle.cgi XSS Vulnerability. Shaun Colley (Feb 04)
RE: Hysterical first technical alert from US-CERT Eggers, Bill A [LTD] (Feb 04)
- Re: Hysterical first technical alert from US-CERT Andrew Fried (Feb 06)
- Re: Hysterical first technical alert from US-CERT Mary Landesman (Feb 06)
- RE: Hysterical first technical alert from US-CERT Darragh Bailey (Feb 06)
- <Possible follow-ups>
- RE: Hysterical first technical alert from US-CERT Stephen Martin (Feb 11)
Re: Snort-inline Federico Petronio (Feb 04)
Security Advisory: CSS Vulnerability in Web Froums Server 1.6 nimber (Feb 05)
announce: new mailing list - application security research - from vulnerabilities to code injection. Gadi Evron (Feb 05)
[PINE-CERT-20040201] reference count overflow in shmat() Joost Pol (Feb 05)
IRIX userland binary vulnerabilities update SGI Security Coordinator (Feb 05)
IBM cloudscape SQL Database (DB2J) vulnerable to remote command injection Marc Schoenefeld (Feb 05)
FreeBSD Security Advisory FreeBSD-SA-04:02.shmat FreeBSD Security Advisories (Feb 05)
[SECURITY] [DSA 434-1] New gaim packages fix several vulnerabilities Martin Schulze (Feb 05)
Multiple File Format Vulnerabilities (Overruns) in REALOne & RealPlayer NGSoftware Insight Security Research (Feb 05)
RE: Hysterical first technical alert from US-CERT - CERT#25304 Steen Larsen (Feb 05)
RE: Hacking USB Thumbdrives, Thumprint authentication markus-1977 (Feb 05)
- RE: Hacking USB Thumbdrives, Thumprint authentication Navaneetharangan (Feb 06)
  - Re: Hacking USB Thumbdrives, Thumprint authentication Eric 'MightyE' Stevens (Feb 11)
- Biometric systems security [WAS: Re: Hacking USB Thumbdrives, Thumprint authentication] Gadi Evron (Feb 07)
- Re: Hacking USB Thumbdrives, Thumprint authentication Dave Aronson (Feb 09)
  - Re: Hacking USB Thumbdrives, Thumprint authentication Eric Murray (Feb 11)
- <Possible follow-ups>
- RE: Hacking USB Thumbdrives, Thumprint authentication David Brodbeck (Feb 09)
  - RE: Hacking USB Thumbdrives, Thumprint authentication Charles Clancy (Feb 11)
    - RE: Hacking USB Thumbdrives, Thumprint authentication Lyal Collins (Feb 16)
- RE: Hacking USB Thumbdrives, Thumprint authentication David.Cross (Feb 11)
[CLA-2004:811] Conectiva Security Announcement - libtool Conectiva Updates (Feb 05)
[RHSA-2004:020-01] Updated mailman packages close cross-site scripting vulnerabilities bugzilla (Feb 05)
OpenBSD IPv6 remote kernel crash Thor Larholm (Feb 05)
Checkpoint 4.1 Vulnerability Macroscape Solutions (Feb 05)
Two checkpoint fw-1/vpn-1 vulns Bjørnar Bjørgum Larsen (Feb 05)
- Re: Two checkpoint fw-1/vpn-1 vulns Markus Wernig (Feb 06)
- Re: Two checkpoint fw-1/vpn-1 vulns Mariusz Woloszyn (Feb 06)
MDKSA-2004:009 - Updated glibc packages fix resolver vulnerabilities Mandrake Linux Security Team (Feb 06)
Remote crash Xlight ftp server 1.52 intuit e.b. (Feb 06)
Possible Cross Site Scripting in Discuz! Board Cheng Peng Su (Feb 06)
Re: getting rid of outbreaks and spam Thor Larholm (Feb 06)
- Re: getting rid of outbreaks and spam Dave Warren (Feb 06)
- RE: getting rid of outbreaks and spam Larry Seltzer (Feb 09)
- <Possible follow-ups>
- RE: getting rid of outbreaks and spam Randal, Phil (Feb 10)
[RHSA-2004:030-01] Updated NetPBM packages fix multiple temporary file vulnerabilities bugzilla (Feb 06)
Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) langtuhaohoa caothuvolam (Feb 06)
- <Possible follow-ups>
- Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) William A. Rowe, Jr. (Feb 06)
  - Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) Th�i (Feb 07)
    - Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) Guille -bisho- (Feb 09)
formmail (PHP) Upload file using CSS Himeur Nourredine (Feb 06)
Open Journal Blog Authenticaion Bypassing Vulnerability Tri Huynh (Feb 06)
RE: getting rid of outbreaks and spam (junk) Paul Murphy (Feb 06)
Linux 2.4.24 with vserver 1.24 exploit Markus Müller (Feb 06)
Re: Decompression Bombs [...missed something] Bipin Gautam . (Feb 06)
- Re: Decompression Bombs [...missed something] Andreas Marx (Feb 09)
CactuSoft CactuShop 5.0 Lite shopping cart software backdoor S-Quadra Security Research (Feb 06)
Apache-SSL security advisory - apache_1.3.28+ssl_1.52 and prior Adam Laurie (Feb 06)
Dotnetnuke Multiple Vulnerabilities Ferruh Mavituna (Feb 06)
[SECURITY] [DSA 435-1] New mpg123 packages fix heap overflow Matt Zimmerman (Feb 07)
[ GLSA 200402-01 ] PHP setting leaks from .htaccess files on virtual hosts Tim Yamin (Feb 07)
- Re: [ GLSA 200402-01 ] PHP setting leaks from .htaccess files on virtual hosts Alexander GQ Gerasiov (Feb 09)
[Fwd: zyxel prestige ethernet information leakage] DiSToAGe (Feb 07)
The Palace 3.x (Client) Stack Overflow Vulnerability Peter Winter-Smith (Feb 09)
Eggrop bug cyborgirl () libero it (Feb 09)
- Re: Eggrop bug Jeff Fisher (Feb 10)
  - Re: Eggrop bug Giuseppe (Feb 10)
TrackMania Demo Denial of Service scrap (Feb 09)
- <Possible follow-ups>
- Re: TrackMania Demo Denial of Service Luigi Auriemma (Feb 09)
PalmOS httpd accept() queue overflow DoS vulnerability. Shaun Colley (Feb 09)
[SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities Matt Zimmerman (Feb 09)
clamav 0.65 remote DOS exploit Oliver Eikemeier (Feb 09)
- Re: clamav 0.65 remote DOS exploit Nigel Horne (Feb 09)
  - Re: clamav 0.65 remote DOS exploit Oliver Eikemeier (Feb 09)
    - Re: clamav 0.65 remote DOS exploit Stefan Triller (Feb 09)
    - Re: clamav 0.65 remote DOS exploit Oliver Eikemeier (Feb 10)
    - Re: clamav 0.65 remote DOS exploit Mark Renouf (Feb 09)
    - Re: clamav 0.65 remote DOS exploit Dennis Freise (Feb 10)
- <Possible follow-ups>
- Re: clamav 0.65 remote DOS exploit Khalid J Hosein (Feb 11)
Outbreak warning: possibly Mydoom.C Gadi Evron (Feb 09)
- RE: Outbreak warning: possibly Mydoom.C Thor Larholm (Feb 09)
[waraxe-2004-SA#002] - Cross-Site Scripting (XSS) in Php-Nuke 7.1.0 Janek Vind (Feb 09)
ptl-2004-01: Multiple vulnerabilities in Nokia phones Pentest Security Advisories (Feb 09)
Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) K-OTiK Security (Feb 09)
- Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Gadi Evron (Feb 09)
- Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Nick FitzGerald (Feb 09)
  - RE: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Larry Seltzer (Feb 09)
    - Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Gadi Evron (Feb 10)
    - RE: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Nick FitzGerald (Feb 10)
- Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Mary Landesman (Feb 10)
Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Wang Yun (Feb 09)
- Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Dave Weis (Feb 10)
  - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Peter J. Holzer (Feb 12)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Oliver Schneider (Feb 12)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") André Malo (Feb 13)
    - RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Alun Jones (Feb 13)
    - RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") J. (Feb 17)
    - RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Alun Jones (Feb 17)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Peter J. Holzer (Feb 19)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Axel Beckert - ecos gmbh (Feb 16)
- Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Bill Stoddard (Feb 13)
[waraxe-2004-SA#003] - SQL injection in Php-Nuke 7.1.0 Janek Vind (Feb 09)
Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Disclosure From OSSI (Feb 09)
- Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Seth Arnold (Feb 09)
- RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer David Schwartz (Feb 09)
  - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Darren Reed (Feb 10)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse (Feb 10)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer John D. Hardin (Feb 11)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse (Feb 11)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Darren Reed (Feb 12)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse (Feb 12)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Darren Reed (Feb 12)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse (Feb 12)
    - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Glynn Clements (Feb 12)
- RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Oliver Lavery (Feb 09)
- RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Ward Taylor (Feb 09)
  - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Peter Pentchev (Feb 10)
  - Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Nexus (Feb 11)
- <Possible follow-ups>
- RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Disclosure From OSSI (Feb 12)
Red-M Red-Alert Multiple Vulnerabilities Bruno Morisson (Feb 09)
[local problems] eTrust Virus Protection 6.0 InoculateIT for linux Rene (Feb 09)
Brinkster Multiple Vulnerabilities Ferruh Mavituna (Feb 09)
Samba 3.x + kernel 2.6.x local root vulnerability Michal Medvecky (Feb 09)
- Re: Samba 3.x + kernel 2.6.x local root vulnerability Michael Kjorling (Feb 09)
- Re: Samba 3.x + kernel 2.6.x local root vulnerability Seth Arnold (Feb 09)
  - Re: Samba 3.x + kernel 2.6.x local root vulnerability Patrick J. Volkerding (Feb 09)
  - Re: Samba 3.x + kernel 2.6.x local root vulnerability Frank Louwers (Feb 11)
    - Re: Samba 3.x + kernel 2.6.x local root vulnerability Urban Widmark (Feb 12)
    - Re: Samba 3.x + kernel 2.6.x local root vulnerability Darren Reed (Feb 13)
- Message not available
  - Message not available
    - Re: Samba 3.x + kernel 2.6.x local root vulnerability Guille -bisho- (Feb 10)
- Re: Samba 3.x + kernel 2.6.x local root vulnerability Felipe Franciosi (Feb 11)
- <Possible follow-ups>
- RE: Samba 3.x + kernel 2.6.x local root vulnerability John . Airey (Feb 11)
HelpCtr - allow open any page or run Bartosz Kwitkowski (Feb 09)
- <Possible follow-ups>
- Re: HelpCtr - allow open any page or run Bartosz Kwitkowski (Feb 10)
- Re: HelpCtr - allow open any page or run N|ghtHawk (Feb 10)
- Re: HelpCtr - allow open any page or run Bartosz Kwitkowski (Feb 11)
Directory traversal in RealPlayer allows code execution Jouko Pynnonen (Feb 10)
XSS, Sql Injection and Avatar ScriptCode Injection in MaxWebPortal Manuel López (Feb 10)
Possible new cross zone scripting in IE Cheng Peng Su (Feb 10)
- <Possible follow-ups>
- Re: Possible new cross zone scripting in IE http-equiv () excite com (Feb 10)
ASPR #2004-01-20-1: Internet Explorer/Outlook double null character DoS ACROS Security (Feb 10)
[SCAN Associates Sdn Bhd Security Advisory] PHPNuke 6.9 > and below SQL Injection in multiple module. pokley (Feb 10)
XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow icbm (Feb 10)
Why are postmasters distributing the MyDoom virus? Richard M. Smith (Feb 10)
- Re: Why are postmasters distributing the MyDoom virus? David F. Skoll (Feb 10)
  - Re: Why are postmasters distributing the MyDoom virus? mgotts (Feb 11)
- Re: Why are postmasters distributing the MyDoom virus? Georg Schwarz (Feb 12)
- <Possible follow-ups>
- RE: Why are postmasters distributing the MyDoom virus? Harley David (Feb 10)
EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret (Feb 10)
- <Possible follow-ups>
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joe Blatz (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret (Feb 10)
  - RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tina Bird (Feb 10)
  - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption James Riden (Feb 11)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret (Feb 10)
  - RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption peter.huang (Feb 12)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tim Eddy (Feb 10)
  - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Peter Pentchev (Feb 12)
  - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Timothy J . Miller (Feb 12)
    - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Florian Weimer (Feb 16)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Rainer Gerhards (Feb 10)
  - RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tina Bird (Feb 11)
  - RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Alun Jones (Feb 11)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Rainer Gerhards (Feb 11)
  - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Steve Friedl (Feb 12)
  - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Thor Lancelot Simon (Feb 13)
    - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Buck Huppmann (Feb 16)
    - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption David Wilson (Feb 16)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Sam Schinke (Feb 12)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Drew Copley (Feb 12)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Boyce, Nick (Feb 13)
  - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Michael Shigorin (Feb 16)
  - Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joshua Levitsky (Feb 16)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Bill Gallagher (Feb 15)
EEYE: Microsoft ASN.1 Library Bit String Heap Corruption Marc Maiffret (Feb 10)
Another Low Blow From Microsoft: MBSA Failure! dotsecure (Feb 10)
- Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure! morning_wood (Feb 11)
  - Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure! Valdis . Kletnieks (Feb 11)
- <Possible follow-ups>
- RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley (Feb 10)
- RE: Another Low Blow From Microsoft: MBSA Failure! Joe DeMarco (Feb 10)
  - RE: Another Low Blow From Microsoft: MBSA Failure! Frank Knobbe (Feb 11)
- RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley (Feb 11)
- RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley (Feb 11)
- RE: Another Low Blow From Microsoft: MBSA Failure! Eric McCarty (Feb 11)
MyDoom.A Machines : The new P2P Sharing Network ... K-OTiK Security (Feb 10)
- Re: MyDoom.A Machines : The new P2P Sharing Network ... Nicolas Gregoire (Feb 11)
[CLA-2004:812] Conectiva Security Announcement - vim Conectiva Updates (Feb 10)
iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow iDefense Labs (Feb 10)
- Re: iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow Dr Andrew C Aitchison (Feb 16)
  - Re: iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow Steffen Kluge (Feb 17)
[CLA-2004:813] Conectiva Security Announcement - gaim Conectiva Updates (Feb 10)
Re: Outbreak warning: possibly Mydoom.C (Now Doomjuice.A) K-OTiK Security (Feb 10)
Microsoft Virtual PC Services Insecure Temporary File Creation Advisories (Feb 10)
PHP Code Injection Vulnerabilities in ezContents 2.0.2 and prior Cedric Cochin (Feb 11)
Scope of latest RealPlayer vuln Simon Brady (Feb 11)
- Re: Scope of latest RealPlayer vuln Simon Brady (Feb 13)
ZH2004-05SA (security advisory): Sql Injection Vulnerability in BosDates ZetaLabs (Feb 11)
[RHSA-2004:051-01] Updated mutt packages fix remotely-triggerable crash bugzilla (Feb 11)
Mutt-1.4.2 fixes buffer overflow. Thomas Roessler (Feb 11)
AIX password enumeration possible Scott J (Feb 11)
- Re: AIX password enumeration possible alex medvedev (Feb 11)
- Re: AIX password enumeration possible Sven Specker (Feb 15)
- Re: AIX password enumeration possible Darren Tucker (Feb 18)
RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Interne t Explorer Johnson, Jeff FOR:EX (Feb 11)
RE: Another Low Blow From Microsoft: MBSA Failure Eric Schultze (Feb 11)
Denial of Service in Monkey httpd <= 0.8.1 Luigi Auriemma (Feb 11)
ISS Security Brief: Microsoft ASN.1 Integer Manipulation Vulnerabilities X-Force (Feb 11)
SGI Advanced Linux Environment security update #10 SGI Security Coordinator (Feb 11)
XFree86 vulnerability exploit Bender (Feb 11)
- Re: XFree86 vulnerability exploit Adam Langley (Feb 13)
Internet Explorer and Microsoft clipboard poor security policy bool (Feb 11)
Denial of Service in Ratbag's game engine Luigi Auriemma (Feb 11)
Re: [Full-Disclosure] DreamFTP Server 1.02 Buffer Overflow Berend-Jan Wever (Feb 11)
AIM worm spreading around? Moshe Jacobson (Feb 11)
- <Possible follow-ups>
- RE: AIM worm spreading around? Tim Walraven (Feb 13)
Update - CheckPoint Vulnerabilities Mark Litchfield (Feb 11)
- Re: Update - CheckPoint Vulnerabilities Nicob (Feb 12)
  - Re: Update - CheckPoint Vulnerabilities Mark Litchfield (Feb 12)
[ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow Tim Yamin (Feb 12)
OpenLinux: slocate local user buffer overflow please_reply_to_security (Feb 12)
[ GLSA 200402-04 ] Gallery <= 1.4.1 and below remote exploit vulnerability Tim Yamin (Feb 12)
[ GLSA 200402-03 ] Monkeyd Denial of Service vulnerability Tim Yamin (Feb 12)
MDKSA-2004:011 - Updated NetPBM packages fix a number of temporary file bugs. Mandrake Linux Security Team (Feb 12)
CA Response: eTrust InoculateIT/Antivirus 6.0 for Linux vulnerability Jensen, Greg (Feb 12)
- <Possible follow-ups>
- FW: CA Response: eTrust InoculateIT/Antivirus 6.0 for Linux vulnerability Jensen, Greg (Feb 12)
MDKSA-2004:010 - Updated mutt packages fix remote crash Mandrake Linux Security Team (Feb 12)
aimSniff.pl file "deletion" (local) Martin (Feb 12)
phpnuke 6.9 search module exploit. pokley (Feb 12)
Cross Site Scripting in VBulletin forum software Jamie Fisher (Feb 12)
iDEFENSE Security Advisory 02.11.04: XFree86 Font Information File Buffer Overflow II iDefense Labs (Feb 12)
W2K source "leaked"? Gadi Evron (Feb 12)
- Re: W2K source "leaked"? Zhenkai Liang (Feb 13)
- RE: [inbox] W2K source "leaked"? Curt Purdy (Feb 16)
- <Possible follow-ups>
- RE: W2K source "leaked"? tlarholm (Feb 12)
  - Re: W2K source "leaked"? Víctor (Feb 13)
  - Re: W2K source "leaked"? Víctor (Feb 13)
    - Re: W2K source "leaked"? Byron Copeland (Feb 16)
- RE: W2K source "leaked"? Drew Copley (Feb 13)
- Re: W2K source "leaked"? telec (Feb 13)
- RE: W2K source "leaked"? tlarholm (Feb 13)
- RE: W2K source "leaked"? LordInfidel (Feb 16)
  - Re: W2K source "leaked"? Ho Chaw Ming (Feb 16)
    - Re: [work] Re: W2K source "leaked"? opticfiber (Feb 17)
[slackware-security] XFree86 security update (SSA:2004-043-02) Slackware Security Team (Feb 12)
[slackware-security] mutt security update (SSA:2004-043-01) Slackware Security Team (Feb 12)
Symlink vulnerabilities in mailmgr Marco van Berkum (Feb 12)
crob ftpd Denial of Service gsicht gsicht (Feb 12)
[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying Matt Zimmerman (Feb 13)
Sami FTP Server 1.1.3 multiple vulnerabilities intuit e.b. (Feb 13)
RE: [Full-Disclosure] RE: W2K source "leaked"? Andre Ludwig (Feb 13)
- <Possible follow-ups>
- RE: [Full-Disclosure] Re: W2K source "leaked"? Drew Copley (Feb 13)
  - RE: [Full-Disclosure] Re: W2K source "leaked"? Nick FitzGerald (Feb 16)
Windows 2000 Source Leak Verified. Get ready for the havoc. dotsecure (Feb 13)
Microsoft Windows 2000 source code leaked Marc Bejarano (Feb 13)
Windows2000 who relase the code? bladi (Feb 13)
TSLSA-2004-0006 - mutt Trustix Security Advisor (Feb 13)
MDKSA-2004:012 - Updated XFree86 packages fix buffer overflow vulnerabilities Mandrake Linux Security Team (Feb 13)
MDKSA-2004:013 - Updated mailman packages close various cross-site scripting vulnerabilities. Mandrake Linux Security Team (Feb 13)
[RHSA-2004:059-01] Updated XFree86 packages fix privilege escalation vulnerability bugzilla (Feb 13)
[RHSA-2004:048-01] Updated PWLib packages fix protocol security issues bugzilla (Feb 13)
Immunix Secured OS 7.3 XFree86 update Immunix Security Team (Feb 13)
DallasCon 2004 Information Security Conference and Boot Camp Bruce Khodabakhsh (Feb 13)
RE: ISS Security Rip: Microsoft ASN.1 (Half a sploit) kradhatman (Feb 13)
- Re: ISS Security Rip: Microsoft ASN.1 (Half a sploit) Valdis . Kletnieks (Feb 17)
vBulletin PHP Forum Version Rafel Ivgi, The-Insider (Feb 13)
[FLSA-2004:1232] Updated slocate resolves security vulnerabilites Jesse Keating (Feb 13)
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer carlo (Feb 13)
Symantec FireWall/VPN Appliance model 200 leak of security Davide Del Vecchio (Feb 16)
Possible race condition in Symantec AntiVirus Scan Engine for Red Hat Linux during LiveUpdate Dr. Peter Bieringer (Feb 16)
- Re: [Full-Disclosure] Possible race condition in Symantec AntiVirus Scan Engine for Red Hat Linux during LiveUpdate Valdis . Kletnieks (Feb 17)
Exploit based on leaked code released. Christopher Carboni (Feb 16)
- <Possible follow-ups>
- RE: Exploit based on leaked code released. tlarholm (Feb 16)
Broadcast client buffer-overflow in Purge Jihad <= 2.0.1 Luigi Auriemma (Feb 16)
problems with database files in 'SignatureDB' LynX (Feb 16)
Buffer overflow in mnoGoSearch Jedi/Sector One (Feb 16)
Re: Microsoft ASN.1 (Half a sploit) K-OTiK Security (Feb 16)
- <Possible follow-ups>
- Re: Microsoft ASN.1 (Half a sploit) WebHead (Feb 18)
  - Re: Microsoft ASN.1 (Half a sploit) Joshua Levitsky (Feb 19)
Xlight ftp server 1.52 RETR bug intuit e.b. (Feb 16)
[SECURITY] [DSA 429-2] New gnupg packages fix cryptographic weakness Matt Zimmerman (Feb 16)
ASP Portal Multiple Vulnerabilities Manuel López (Feb 16)
- <Possible follow-ups>
- Re: Asp Portal Multiple Vulnerabilities Manuel López (Feb 16)
Misinformation in Security Advisories (ASN.1) John Compton (Feb 16)
- Re: Misinformation in Security Advisories (ASN.1) Simon Brady (Feb 16)
  - Re: Misinformation in Security Advisories (ASN.1) Anthony Saffer (Feb 17)
- Re: Misinformation in Security Advisories (ASN.1) evol (Feb 16)
- Re: Misinformation in Security Advisories (ASN.1) Ivan Arce (Feb 16)
- Re: Misinformation in Security Advisories (ASN.1) Slawek (Feb 18)
- <Possible follow-ups>
- Re: Misinformation in Security Advisories (ASN.1) Steven M. Christey (Feb 16)
Fwd: Re: NT/W2K Source leak Dragos Ruiu (Feb 16)
buffer overflow in Robot FTP Server gsicht gsicht (Feb 16)
AllMyGuests PHP Code Injection vulnerability Pablo Santana (Feb 16)
AllMyVisitors PHP Code Injection vulnerability Pablo Santana (Feb 16)
LNSA-#2004-0001: mutt remote crash Vincenzo Ciaglia (Feb 16)
AllMyLinks PHP Code Injection vulnerability Pablo Santana (Feb 16)
Another YabbSE SQL Injection backspace (Feb 16)
- <Possible follow-ups>
- Re: Another YabbSE SQL Injection Mike Bobbitt (Feb 16)
Bypassing PatchFinder 2 Edgar Barbosa (Feb 16)
[ GLSA 200402-05 ] phpMyAdmin < 2.5.6-rc1 directory traversal attack Tim Yamin (Feb 17)
[ GLSA 200402-06 ] Linux kernel AMD64 ptrace vulnerability Tim Yamin (Feb 17)
Denial Of Service in Vizer Web Server 1.9.1 Donato Ferrante (Feb 17)
YABB information leakage on failed login David Cantrell (Feb 17)
ZH2004-06SA (security advisory): ShopCartCGI v2.3 Remote arbitrary file retrieving ZetaLabs (Feb 17)
KarjaSoft Sami HTTP Server 1.0.4 Buffer Overflow badpack3t (Feb 17)
APC 9606 SmartSlot Web/SNMP management card "backdoor" Dave Tarbatt (Feb 17)
- <Possible follow-ups>
- Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" Fredrik Björk (Feb 18)
  - Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" Charles R. Anderson (Feb 19)
- Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" brandon pierce (Feb 23)
Re: [Full-Disclosure] Misinformation in Security Advisories (ASN.1) Valdis . Kletnieks (Feb 17)
- <Possible follow-ups>
- RE: [Full-Disclosure] Misinformation in Security Advisories (ASN.1) first last (Feb 17)
ASN.1 telephony critical infrastructure warning - VOIP Gadi Evron (Feb 17)
- Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Michal Zalewski (Feb 17)
  - RE: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Zak Dechovich (Feb 17)
    - Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Michael Samuel (Feb 18)
    - RE: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP David Wilson (Feb 23)
- Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP 3APA3A (Feb 17)
  - Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP daniel uriah clemens (Feb 17)
  - Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Florian Weimer (Feb 18)
    - Re[2]: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP 3APA3A (Feb 18)
- Re: ASN.1 telephony critical infrastructure warning - VOIP RJ Auburn (Feb 18)
- Re: ASN.1 telephony critical infrastructure warning - VOIP Michael H. Warfield (Feb 18)
ASN.1 vulnerability -is- on Win98 Joshua Levitsky (Feb 17)
- Re: ASN.1 vulnerability -is- on Win98 Joshua Levitsky (Feb 19)
Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS thiago . vazquez (Feb 17)
- Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Thomas M. Payerle (Feb 18)
- Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS James Green (Feb 18)
  - Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Keith Clifton (Feb 19)
  - Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Frank Louwers (Feb 19)
  - Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Tom (Feb 19)
Broker FTP DoS (Message Server) Aviram Jenik (Feb 17)
iDEFENSE Security Advisory 02.17.04: Ipswitch IMail LDAP Daemon Remote Buffer Overflow iDefense Labs (Feb 17)
Beagle.b () mm spreading at a steady pace. dotsecure (Feb 17)
Second critical mremap() bug found in all Linux kernels Paul Starzetz (Feb 18)
- Re: Second critical mremap() bug found in all Linux kernels Dan Yefimov (Feb 19)
- Re: Second critical mremap() bug found in all Linux kernels Jared M Breland (Feb 19)
- Hotfix for new mremap vulnerability Pavel harry_x Palát (Feb 20)
  - Re: Hotfix for new mremap vulnerability Marc-Christian Petersen (Feb 23)
- <Possible follow-ups>
- Re: Second critical mremap() bug found in all Linux kernels Steve Bremer (Feb 18)
- RE: Second critical mremap() bug found in all Linux kernels tlarholm (Feb 19)
CesarFTP 0.99 : 100% employment of computer resources intuit e.b. (Feb 18)
EarlyImpact ProductCart shopping cart software multiple security vulnerabilities S-Quadra Security Research (Feb 18)
SNMP community string disclosure in Linksys WAP55AG NN Poster (Feb 18)
- Re: SNMP community string disclosure in Linksys WAP55AG Hugo van der Kooij (Feb 19)
  - Re: SNMP community string disclosure in Linksys WAP55AG Robbie Stone (Feb 20)
- <Possible follow-ups>
- Re: SNMP community string disclosure in Linksys WAP55AG Nicolai van der Smagt (Feb 20)
ZH2004-07SA (security advisory): Multiple Sql injection vulnerabilities in Online Store Kit 3.0 Products (Lite - Standard and Pro) ZetaLabs (Feb 18)
ZH2004-08SA (security advisory): OWLS 1.0 Remote arbitrary files retrieving ZetaLabs (Feb 18)
[slackware-security] metamail security update (SSA:2004-049-02) Slackware Security Team (Feb 18)
TSLSA-2004-0007 - kernel Trustix Security Advisor (Feb 18)
[RHSA-2004:065-01] Updated kernel packages resolve security vulnerabilities bugzilla (Feb 18)
- <Possible follow-ups>
- Re: [RHSA-2004:065-01] Updated kernel packages resolve security vulnerabilities Ulrich Keil (Feb 19)
WebCortex Webstores2000 version 6.0 multiple security vulnerabilities Nick Gudov (Feb 18)
[SECURITY] [DSA 438-1] New Linux 2.4.18 packages fix local root exploit (alpha+i386+powerpc) Martin Schulze (Feb 18)
[ GLSA 200402-07 ] Clamav 0.65 DoS vulnerability Tim Yamin (Feb 18)
[SECURITY] [DSA 440-1] New Linux 2.4.17 packages fix several local root exploits (powerpc/apus) Martin Schulze (Feb 18)
[slackware-security] Kernel security update (SSA:2004-049-01) Slackware Security Team (Feb 18)
[SECURITY] [DSA 439-1] New Linux 2.4.16 packages fix several local root exploits (arm) Martin Schulze (Feb 18)
Remote Administrator 2.x: highly possible remote hole or backdoor Pavel Levshin (Feb 18)
[SECURITY] [DSA 441-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) Martin Schulze (Feb 18)
OT: reports of a Trojan horse in the Arrow project Gadi Evron (Feb 18)
article: Alleged Trojan horse in Israeli Anti-Ballistic Missile System Gadi Evron (Feb 18)
Re: EarlyImpact ProductCart shopping cart software multiple security vulnerabilities Massimo Arrigoni (Feb 18)
metamail format string bugs and buffer overflows Ulf Härnhammar (Feb 18)
Smallftpd 1.0.3 DoS intuit e.b. (Feb 18)
bid: 9660 : Microsoft IIS Unspecified Remote Denial Of Service Vu lnerability kquest (Feb 18)
Multiple WinXP kernel vulns can give user mode programs kernel mode privileges first last (Feb 18)
- Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges 3APA3A (Feb 19)
- RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges Alun Jones (Feb 19)
- <Possible follow-ups>
- RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges first last (Feb 19)
RE: 9660 : Microsoft IIS Unspecified Remote Denial Of Service Vu lnerability kquest (Feb 19)
APC Security Advisory - Static factory password vulnerability security.advisory (Feb 19)
Microsoft Internet Explorer Unspecified CHM File Processing Arbitrary Code Execution Vulnerability (bid 9658) K-OTiK Security (Feb 19)
Zone Labs Security Advisory ZL04-08 - SMTP processing vulnerability Zone Labs Product Security (Feb 19)
Aol Instant Messenger/Microsoft Internet Explorer remote code execution Michael Evanchik (Feb 19)
- RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution Thor Larholm (Feb 19)
MDKSA-2004:014 - Updated metamail packages fix buffer overflow vulnerabilities Mandrake Linux Security Team (Feb 19)
PunkBuster SQL Injection Attack Just1n T1mberlake (Feb 19)
[SECURITY] [DSA 442-1] New Linux 2.4.17 packages fix local root exploits and more (s390) Martin Schulze (Feb 19)
iMail 8.05 LDAP service remote exploit Iván Rodriguez Almuiña (Feb 19)
APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. David Monosov (Feb 19)
- Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Keith Clifton (Feb 19)
- <Possible follow-ups>
- RE: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Miskell, Craig (Feb 19)
Cisco Security Advisory: Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 19)
NetBSD Security Advisory 2004-001: Insufficient packet validation in racoon IKE daemon NetBSD Security-Officer (Feb 19)
NetBSD Security Advisory 2004-004: shmat reference counting bug NetBSD Security-Officer (Feb 19)
LiveJournal XSS Joshua Miller (Feb 19)
SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:005) Thomas Biege (Feb 19)
EEYE: ZoneLabs SMTP Processing Buffer Overflow Marc Maiffret (Feb 19)
NetBSD Security Advisory 2004-003: OpenSSL 0.9.6 ASN.1 parser vulnerability NetBSD Security-Officer (Feb 19)
NetBSD Security Advisory 2004-002: Inconsistent IPv6 path MTU discovery handling NetBSD Security-Officer (Feb 19)
RE: Remote Administrator 2.x: highly possible remote hole or back door LordInfidel (Feb 19)
- Re: Remote Administrator 2.x: highly possible remote hole or backdoor Pavel Levshin (Feb 20)
- RE: Remote Administrator 2.x: highly possible remote hole or back door mgotts (Feb 20)
  - Re: Remote Administrator 2.x: highly possible remote hole or back door Ari Gordon-Schlosberg (Feb 23)
PGP signatures on recent NetBSD Security Advisories NetBSD Security-Officer (Feb 19)
OpenLinux: mpg123 remote denial of service and heap-based buffer overflow please_reply_to_security (Feb 19)
OpenLinux: Bind: cache poisoning BIND 8 prior to 8.3.7 and BIND 8.4.x prior 8.4.2 please_reply_to_security (Feb 19)
OpenLinux: Fetchmail 6.2.4 and earlier remote dennial of service please_reply_to_security (Feb 19)
OpenLinux: Multiple vulnerabilities were discovered in the saned daemon please_reply_to_security (Feb 20)
[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities Matt Zimmerman (Feb 20)
[SECURITY] [DSA 444-1] New Linux 2.4.17 packages fix local root exploit (ia64) Martin Schulze (Feb 20)
[CLA-2004:820] Conectiva Security Announcement - kernel Conectiva Updates (Feb 20)
fix for recently disclosed Oracle interval conversion overflows? Marc Bejarano (Feb 20)
[CLA-2004:821] Conectiva Security Announcement - XFree86 Conectiva Updates (Feb 20)
article: Theft of Client Information at a Major Israeli Bank's "Information Fortress". Gadi Evron (Feb 20)
Bank of America contact Lance James (Feb 20)
- <Possible follow-ups>
- Re: Bank of America Contact Lance James (Feb 23)
- Re: Bank of America Contact Jon W (Feb 23)
  - Re: Bank of America Contact Eloy A. Paris (Feb 24)
is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Stuart Moore (Feb 20)
- <Possible follow-ups>
- RE: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley (Feb 20)
- Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) http-equiv () excite com (Feb 20)
- RE: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley (Feb 20)
Remote Buffer Overflow in PSOProxy 0.91 Donato Ferrante (Feb 20)
OpenLinux: Perl Safe.pm unsafe access please_reply_to_security (Feb 20)
LNSA-#2004-0002: Fetchmail 6.2.4 and earlier remote denial of service Vincenzo Ciaglia (Feb 20)
LNSA-#2004-0003: Linux Kernel Vincenzo Ciaglia (Feb 20)
GateKeeper Pro 4.7 buffer overflow Iván Rodriguez Almuiña (Feb 23)
FYI: CAIF Format Specification Oliver Goebel (Feb 23)
[SECURITY] [DSA 436-2] New mailman packages fix bug introduced in DSA 436-1 Matt Zimmerman (Feb 23)
[SECURITY] [DSA 448-1] New pwlib packages fix multiple vulnerabilities Matt Zimmerman (Feb 23)
[SECURITY] [DSA 446-1] New synaesthesia packages fix insecure file creation Matt Zimmerman (Feb 23)
[SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability Matt Zimmerman (Feb 23)
lbreakout2 < 2.4beta-2 local exploit Li0n7 (Feb 23)
- Re: lbreakout2 < 2.4beta-2 local exploit Steve Kemp (Feb 23)
Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Steven M. Christey (Feb 23)
TSLSA-2004-0008 - kernel Trustix Security Advisor (Feb 23)
nCipher Advisory #9: Host-side attackers can access secret data nCipher Support (Feb 23)
SUSE Security Announcement: xf86/XFree86 (SuSE-SA:2004:006) Thomas Biege (Feb 23)
[SECURITY] [DSA 445-1] New lbreakout2 packages fix buffer overflow Matt Zimmerman (Feb 23)
Remote server crash in Team Factor <= 1.25 Luigi Auriemma (Feb 23)
PSOProxy <= 0.91 remote buffer overflow (exploit) li0n7 (Feb 23)
[waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2 Janek Vind (Feb 23)
- <Possible follow-ups>
- Re: [waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2 Ben (Feb 25)
Remote Buffer Overflow in Avirt Voice 4.0 Donato Ferrante (Feb 23)
Lam3rZ Security Advisory #2/2004: LSF eauth vulnerability leads to a possibility of controlling cluster jobs on behalf of other users Tomasz Grabowski (Feb 23)
Lam3rZ Security Advisory #1/2004: LSF eauth vulnerability leads to remote code execution Tomasz Grabowski (Feb 23)
Windows XP explorer.exe heap overflow. sunglasses (Feb 23)
- Re: Windows XP explorer.exe heap overflow. Eli K. (Feb 24)
  - RE: Windows XP explorer.exe heap overflow. Larry Seltzer (Feb 25)
    - Re: Windows XP explorer.exe heap overflow. Eli Kara (Feb 25)
    - Re: Windows XP explorer.exe heap overflow. Dragos Ruiu (Feb 26)
- Re: Windows XP explorer.exe heap overflow. Tim (Feb 24)
- <Possible follow-ups>
- Re: Windows XP explorer.exe heap overflow. Chris Calabrese (Feb 23)
  - blocking gzip encoded files Darwin Mecham (Feb 23)
    - Re: blocking gzip encoded files mgotts (Feb 24)
    - Re: blocking gzip encoded files Josep L. Guallar-Esteve (Feb 24)
- RE: Windows XP explorer.exe heap overflow. Michael Wojcik (Feb 23)
Somewhat new SQL Injection concept Tõnu Samuel (Feb 23)
ezBoard Cross Site Scripting Vulnerability Cheng Peng Su (Feb 23)
Multiple Remote Buffer Overflow in Avirt Soho 4.3 Donato Ferrante (Feb 23)
3Com DSL Router Long Request DoS exploit. Shaun Colley (Feb 23)
Cross Site Scripting in WebzEdit Cheng Peng Su (Feb 23)
Lam3rZ Security Advisory #3/2004: A bug in Confirm leads to remote command execution Mariusz Woloszyn (Feb 23)
Web Crossing 4.x/5.x Denial of Service Vulnerability (FIX) Peter Winter-Smith (Feb 23)
Mac OS X pppd format string vulnerability Advisories (Feb 24)
TYPSoft FTP Server 1.10 multiple vulnerabilities intuit e.b. (Feb 24)
MDKSA-2004:015 - Updated kernel packages fix multiple vulnerabilities Mandrake Linux Security Team (Feb 24)
Remote server crash in Haegemonia <= 1.07 Luigi Auriemma (Feb 24)
FlexWATCH-Webs 2.2 (NTSC) Authorization Bypass Rafel Ivgi, The-Insider (Feb 24)
iDEFENSE Security Advisory 02.23.04: Darwin Streaming Server Remote Denial of Service Vulnerability iDefense Labs (Feb 24)
STG Security Advisory: [SSA-20040217-06] Apache for cygwin directory traversal vulnerability advisory (Feb 24)
Remote crash in Ghost Recon engine Luigi Auriemma (Feb 24)
Gigabyte Broadband Router - Multiple Vulnerabilities Rafel Ivgi, The-Insider (Feb 24)
snort rules for ICQ http/https tunnels Alexander Antipov (Feb 24)
Hidden Gamespy code leads to vulnerabilities in diffused games (BF1942, Halo, Dredd and more) Luigi Auriemma (Feb 24)
New ICQ WORM Rafel Ivgi, The-Insider (Feb 25)
RE: blocking gzip encoded files Gervase Markham (Feb 25)
Advisory 02/2004: Trillian remote overflows Stefan Esser (Feb 25)
BadBlue 2.4 Local Path Disclosure By phptest.php Rafel Ivgi, The-Insider (Feb 25)
ZH2004-09SA (security advisory): PhpNewsManager Remote arbitrary files retrieving ZetaLabs (Feb 25)
jgs webserver 0.1.0 Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider (Feb 25)
Alcatel Omniswitch 7000 series Michael Shekman (Feb 25)
MS ASN library is fraught not only with integer overflow, but also with stack overflow. flashsky fangxing (Feb 25)
MDKSA-2004:016 - Updated mtools packages fix local root vulnerability Mandrake Linux Security Team (Feb 25)
Fw: [Unpatched] The Bizex worm Thor Larholm (Feb 25)
PSOProxy's exploit for Windows by Rosiello Security Angelo Rosiello (Feb 25)
Sandblad #13: Cross-domain exploit on zombie document with event handlers Andreas Sandblad (Feb 25)
MDKSA-2004:015-1 - Updated x86_64 kernel packages fix multiple vulnerabilities Mandrake Linux Security Team (Feb 26)
[RHSA-2004:063-01] Updated mod_python packages fix denial of service vulnerability bugzilla (Feb 26)
[RHSA-2004:091-01] Updated libxml2 packages fix security vulnerability bugzilla (Feb 26)
Denial Of Service in FreeChat 1.1.1a Donato Ferrante (Feb 26)
Dell OpenManage Web Server Heap Overflow wirepair (Feb 26)
[vulnwatch] Serv-U MDTM Command Buffer Overflow Vulnerability bkbll (Feb 26)
Dell OpenManage Web Server Heap Overflow (Pre-Auth) wirepair (Feb 26)
SmoothWall Project Security Advisory SWP-2004:002 William Anderson (Feb 26)
Serv-U "MDTM" buffer overflow PoC DoS exploit Shaun Colley (Feb 26)
- <Possible follow-ups>
- RE: Serv-U "MDTM" buffer overflow PoC DoS exploit Peter Buijsman (Feb 26)
SGI ProPack v2.4: Kernel fixes and security update SGI Security Coordinator (Feb 26)
SGI Advanced Linux Environment security update #12 SGI Security Coordinator (Feb 26)
SGI Advanced Linux Environment security update #11 SGI Security Coordinator (Feb 26)
Immunix Secured OS 7+ kernel update Immunix Security Team (Feb 26)
Nmap Security Scanner 3.50 Released Fyodor (Feb 26)
Extremail Security Problem Andrey Smirnov (Feb 26)
[SECURITY] [DSA 450-1] New Linux 2.4.19 packages fix several local root exploits (mips) Martin Schulze (Feb 27)
Calife heap corrupt / potential local root exploit DownBload (Feb 27)
- <Possible follow-ups>
- Re: Calife heap corrupt / potential local root exploit Ollivier Robert (Feb 27)
  - Re: Calife heap corrupt / potential local root exploit Carson Gaspar (Feb 27)
    - Re: Calife heap corrupt / potential local root exploit Ollivier Robert (Feb 27)
New version of ike-scan (IPsec IKE scanner) available - v1.6 Roy Hills (Feb 27)
iDEFENSE Security Advisory 02.27.04b: Microsoft Internet Explorer Cross Frame Scripting Restriction Bypass idlabs-advisories (Feb 27)
iDEFENSE Security Advisory 02.27.04a: WinZip MIME Parsing Buffer Overflow Vulnerability idlabs-advisories (Feb 27)
EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow Marc Maiffret (Feb 27)
Serv-U MDTM exploits Sam (Feb 27)
Multiple issues with Mac OS X AFP client Chris Adams (Feb 27)
- Re: Multiple issues with Mac OS X AFP client Chris Adams (Feb 28)
Symantec Gateway Security Management Service Cross Site Scripting Brian_J_Soby (Feb 27)
FreeBSD Security Advisory FreeBSD-SA-04:03.jail FreeBSD Security Advisories (Feb 27)
[HUC] Serv-U FTPD 2.x/3.x/4.x/5.x "MDTM" Command Remote Exploit lion (Feb 27)
[SECURITY] [DSA 451-1] New xboing packages fix buffer overflows Matt Zimmerman (Feb 27)
- <Possible follow-ups>
- Re: [SECURITY] [DSA 451-1] New xboing packages fix buffer overflows Steve Kemp (Feb 27)
New phpBB ViewTopic.php Cross Site Scripting Vulnerability Cheng Peng Su (Feb 28)
Invision Power Board SQL injection! Knight Commander (Feb 28)
LAN SUITE Web Mail 602Pro Multiple Vulnerabilities Rafel Ivgi, The-Insider (Feb 28)
InnoMedia VideoPhone Authorization Bypass Rafel Ivgi, The-Insider (Feb 28)
laptop security Gadi Evron (Feb 28)
Multiple WFTPD Denial of Service vulnerabilities axl rose (Feb 28)
Critical WFTPD buffer overflow vulnerability axl rose (Feb 28)

Previous period

Next period