Bugtraq: by thread

Bugtraq: by thread

367 messages starting Jul 01 04 and ending Jul 31 04
Date index | Thread index | Author index

FW: [security bulletin] SSRT3552 HP-UX running ARPA transport local Denial of Service (DoS) Boren, Rich (SSRT) (Jul 01)
RE: Microsoft technologies. By default, non-HIPAA compliant? Boring, Andrew (Jul 01)
- <Possible follow-ups>
- Re: Microsoft technologies. By default, non-HIPAA compliant? Dave Paris (Jul 01)
- RE: Microsoft technologies. By default, non-HIPAA compliant? bob () dexis net (Jul 02)
- Re: Microsoft technologies. By default, non-HIPAA compliant? Nicholas Weaver (Jul 02)
- Re: Microsoft technologies. By default, non-HIPAA compliant? Nick FitzGerald (Jul 02)
- RE: Microsoft technologies. By default, non-HIPAA compliant? Anything But Microsoft (Jul 06)
  - RE: Microsoft technologies. By default, non-HIPAA compliant? Tina Bird (Jul 07)
Unprevileged user can change quota on Domino Andreas Klein (Jul 01)
(IE/SCOB) Switching Software Because of Bugs: Some Facts About Software and Security bugs Drew Copley (Jul 01)
- <Possible follow-ups>
- Re: (IE/SCOB) Switching Software Because of Bugs: Some Facts About Software and Security bugs Thomas C. Greene (Jul 07)
Re: php codes injection in phpMyAdmin version 2.5.7. Marc Delisle (Jul 01)
- <Possible follow-ups>
- Re: php codes injection in phpMyAdmin version 2.5.7. Marc Delisle (Jul 01)
SecurityLab report: The Top 10 Most Critical Vulnerabilities in June 2004 Alexander (Jul 01)
DoS against Domino 6.5.1 Andreas Klein (Jul 01)
- Re: DoS against Domino 6.5.1 Andreas Klein (Jul 24)
DLINK 624, script injection vulnerability Gregory Duchemin (Jul 02)
Announce: RSBAC v1.2.3 released Amon Ott (Jul 02)
MD5 hash cracking service md5er (Jul 02)
[ GLSA 200407-01 ] Esearch: Insecure temp file handling Joshua J. Berry (Jul 02)
Brightmail leaks other user's spam Thomas Springer (Jul 02)
SUSE Security Announcement: kernel (SUSE-SA:2004:020) Roman Drahtmueller (Jul 02)
FreeBSD Security Advisory FreeBSD-SA-04:13.linux FreeBSD Security Advisories (Jul 02)
Multiple Vulnerabilities in Easy Chat Server 1.2 Donato Ferrante (Jul 02)
XSS in SCI Photo Chat Server 3.4.9 Donato Ferrante (Jul 02)
Sanity check in Centre Manip (Jul 02)
Registry fixes for the recent IE vulnerabilities Mike Cheng (Jul 02)
[HW-MED] XSS in Netegrity IdentityMinder vuln (Jul 02)
Registry Fix For Variant of Scob Drew Copley (Jul 03)
- <Possible follow-ups>
- RE: Registry Fix For Variant of Scob Thor Larholm (Jul 05)
  - RE: Registry Fix For Variant of Scob Jelmer (Jul 06)
- RE: Registry Fix For Variant of Scob Drew Copley (Jul 06)
- Re: Registry Fix For Variant of Scob http-equiv () excite com (Jul 07)
Enterasys XSR Security Routers DoS Frederico Queiroz (Jul 03)
RE: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security http-equiv () excite com (Jul 03)
THE INSIDER VULNERABILITY STILL WORKS AFTER TODAY'S PATCH liudieyu (Jul 03)
- RE: [Full-Disclosure] THE VULNERABILITY STILL WORKS AFTER TODAY'S PATCH Jelmer (Jul 03)
Re: [Full-Disclosure] Fix for IE ADODB.Stream vulnerability is out http-equiv () excite com (Jul 03)
Public Review of OIS Security Vulnerability Reporting and Response Guidelines OIS (Jul 03)
- Re: [Full-Disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines dave (Jul 05)
  - Re: [Dailydave] Re: [Full-Disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines Halvar Flake (Jul 05)
  - Re: Public Review of OIS Security Vulnerability Reporting and Response Guidelines Pete Herzog (Jul 06)
  - Re: [Full-Disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines rsh (Jul 07)
- Re: Public Review of OIS Security Vulnerability Reporting and ResponseGuidelines Fred Mobach (Jul 05)
  - Re: Public Review of OIS Security Vulnerability Reporting and ResponseGuidelines ET LoWNOISE (Jul 08)
Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits Remote Cross-Site Scripting Attacks Dr Ponidi (Jul 03)
The 3 D's: Demo for the Dullards and Dunces http-equiv () excite com (Jul 03)
[SECURITY] [DSA 527-1] New pavuk packages fix buffer overflow Matt Zimmerman (Jul 03)
Re: DLINK 614+ - SOHO routers, system DOS Gregory Duchemin (Jul 03)
[SECURITY] [DSA 526-1] New webmin packages fix multiple vulnerabilities Matt Zimmerman (Jul 03)
Linux Virtual Server/Secure Context procfs shared permissions flaw Veit Wahlich (Jul 05)
[ GLSA 200407-04 ] Pure-FTPd: Potential DoS when maximum connections is reached Thierry Carrez (Jul 05)
XSS in 12Planet Chat Server 2.9 Donato Ferrante (Jul 05)
[ GLSA 200407-03 ] Apache 2: Remote denial of service attack Thierry Carrez (Jul 05)
unreal ircd ip cloaking subsystem vulnerability bartavelle (Jul 05)
Fastream NETFile FTP/Web Server Input validation Errors at4r (Jul 05)
MySQL Authentication Bypass NGSSoftware Insight Security Research (Jul 05)
- BENCHMARK() is not the only way to determine successfull MySQL injection Philip Stoev (Jul 06)
Re: Java applet crashing with native assertion Ronald Oussoren (Jul 05)
RE: Microsoft and Security Alun Jones (Jul 05)
- RE: Microsoft and Security Radoslav Dejanovic (Jul 05)
- Re: Microsoft and Security Justin Wheeler (Jul 06)
  - RE: Microsoft and Security Alun Jones (Jul 06)
    - RE: Microsoft and Security David F. Skoll (Jul 07)
    - Re: Microsoft and Security Adam Shostack (Jul 07)
    - Re: Microsoft and Security Valdis . Kletnieks (Jul 09)
    - Re: Microsoft and Security Charles Otstot (Jul 17)
    - Re: Microsoft and Security Lucas Holt (Jul 19)
- Re: Microsoft and Security Jason Coombs (Jul 06)
[ GLSA 200407-05 ] XFree86, X.org: XDM ignores requestPort setting Thierry Carrez (Jul 05)
Do not adopt OIS standards (Was: Public Review of OIS Security Vulnerability Reporting and Response Guidelines) Ferguson, Ann (Jul 05)
xingtone opens server on desktop using undocumented protocol (probably http) Burton M. Strauss III (Jul 06)
[OpenPKG-SA-2004.030] OpenPKG Security Advisory (png) OpenPKG (Jul 06)
Re: [ISN] E-Mail Snooping Ruled Permissible Jason Coombs (Jul 06)
backdoor menu on conexant chipset dsl router (Zoom X3) Adam Laurie (Jul 06)
Eudora 6.1.2 attachment spoof Paul Szabo (Jul 07)
MDKSA-2004:066 - Updated kernel packages fix multiple vulnerabilities Mandrake Linux Security Team (Jul 07)
Enterasys XSR Security Router Record Route Denial Of Service Vulnerability (More information) Frederico Queiroz (Jul 07)
Comersus Cart Cross-Site Scripting Vulnerability Thomas Ryan (Jul 07)
Npds BB HTML Injection Benjamin Tolman (Jul 07)
Can we prevent IE exploits a priori? security-bugtraq (Jul 07)
- RE: Can we prevent IE exploits a priori? James C Slora Jr (Jul 08)
- Re: Can we prevent IE exploits a priori? Thor Larholm (Jul 09)
- <Possible follow-ups>
- RE: Can we prevent IE exploits a priori? Drew Copley (Jul 07)
  - Re: Can we prevent IE exploits a priori? Jason Coombs (Jul 09)
- Re: Can we prevent IE exploits a priori? bugtraq223344 (Jul 17)
FW: [security bulletin] SSRT4718 rev.0 HP Tru64 UNIX NTP Integer Overflow Boren, Rich (SSRT) (Jul 07)
Comersus Cart Improper Request Handling Thomas Ryan (Jul 07)
Suggestion: erase data posted to the Web Andrew Daviel (Jul 07)
- Re: Suggestion: erase data posted to the Web Nick Lamb (Jul 08)
- Re: Suggestion: erase data posted to the Web Luciano Miguel Ferreira Rocha (Jul 08)
- <Possible follow-ups>
- RE: Suggestion: erase data posted to the Web Michael Wojcik (Jul 08)
  - Re: Suggestion: erase data posted to the Web devnull (Jul 09)
Scob variant using IIS 6.0 or just upgrades ? Hubbard, Dan (Jul 07)
Security contact wanted S G Masood (Jul 08)
- Re: Security contact wanted Patrick van Zweden (Jul 15)
[ GLSA 200407-07 ] Shorewall : Insecure temp file handling Thierry Carrez (Jul 08)
[GLSA 200407-06] libpng: Buffer overflow on row buffers Sune Kloppenborg Jeppesen (Jul 08)
Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Bipin Gautam (Jul 09)
- Re: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Tom Spencer (Jul 09)
- RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] DaiTengu (Jul 10)
- <Possible follow-ups>
- RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Eric McCarty (Jul 09)
- Re: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Bipin Gautam (Jul 10)
- RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Sym Security (Jul 13)
- RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Sym Security (Jul 14)
- Re: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Bipin Gautam (Jul 17)
[OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd) OpenPKG (Jul 09)
Mozilla Security Advisory 2004-07-08 dveditz (Jul 09)
Microsoft Word Email Object Data Vulnerability James C. Slora, Jr. (Jul 09)
- <Possible follow-ups>
- Re: Microsoft Word Email Object Data Vulnerability http-equiv () excite com (Jul 09)
- RE: Microsoft Word Email Object Data Vulnerability Drew Copley (Jul 09)
MOZILLA: execute local file and its fix liudieyu (Jul 09)
[ GLSA 200407-08 ] Ethereal: Multiple security problems Kurt Lieber (Jul 09)
CYBSEC - Security Advisory: Denial of Service in IBM WebSphere Edge Server Leandro Meiners (Jul 09)
MDKSA-2004:067 - Updated ethereal packages fix multiple vulnerabilities Mandrake Linux Security Team (Jul 09)
Covert Channels allow Cross-Site-Java in Microsoft VM Marc Schoenefeld (Jul 10)
- Re: Covert Channels allow Cross-Site-Java in Microsoft VM Siva Subbu (Jul 12)
  - Re: Covert Channels allow Cross-Site-Java in Microsoft VM Marc Schoenefeld (Jul 12)
current leading bots used in drone armies [June/July 2004] Gadi Evron (Jul 10)
- Re: current leading bots used in drone armies [June/July 2004] Jan Knutar (Jul 15)
[tool] p0f 2.0.4 is out Michal Zalewski (Jul 10)
MSOE Javascript Execution Vulnerability Paul (Jul 12)
- Re: MSOE Javascript Execution Vulnerability Fabricio A. Angeletti (Jul 17)
- <Possible follow-ups>
- Re: MSOE Javascript Execution Vulnerability Monu (Jul 17)
[ GLSA 200407-10 ] rsync: Directory traversal in rsync daemon Kurt Lieber (Jul 12)
[BUGZILLA] Multiple vulnerabilities in Bugzilla 2.16.5 and 2.17.7 David Miller (Jul 12)
MSIE Download Window Filename + Filetype Spoofing Vulnerability Paul (Jul 12)
- <Possible follow-ups>
- RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Drew Copley (Jul 12)
- RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Polazzo Justin (Jul 13)
- RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Drew Copley (Jul 13)
- RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Eric McCarty (Jul 17)
Media Preview Script Execution Vulnerability Paul (Jul 12)
I small poem in JScript Berend-Jan Wever (Jul 12)
HijackClick 3 Paul (Jul 12)
- <Possible follow-ups>
- Re: HijackClick 3 http-equiv () excite com (Jul 12)
- RE: Re: HijackClick 3 Drew Copley (Jul 14)
- RE: HijackClick 3 http-equiv () excite com (Jul 14)
- Re: Re: HijackClick 3 Paul (Jul 17)
- RE: RE: HijackClick 3 Thor Larholm (Jul 17)
MOZILLA: SHELL can execute remote EXE program liudieyu (Jul 12)
[ GLSA 200407-09 ] MoinMoin: Group ACL bypass Kurt Lieber (Jul 12)
Remote crash of Half-Life servers and clients (versions before the 07 July 2004) Luigi Auriemma (Jul 12)
MSIE Similar Method Name Redirection Cross Site/Zone Scripting Vulnerability Paul (Jul 12)
- <Possible follow-ups>
- RE: MSIE Similar Method Name Redirection Cross Site/Zone Scripting Vulnerability Thor Larholm (Jul 17)
Two Vulnerabilities in Mozilla may lead to remote compromise Mind Warper (Jul 13)
- Re: Two Vulnerabilities in Mozilla may lead to remote compromise Daniel Veditz (Jul 13)
- RE: Two Vulnerabilities in Mozilla may lead to remote compromise Jelmer (Jul 13)
  - RE: Two Vulnerabilities in Mozilla may lead to remote compromise Pavel Kankovsky (Jul 15)
- RE: Two Vulnerabilities in Mozilla may lead to remote compromise Darren Pilgrim (Jul 14)
- <Possible follow-ups>
- Re: Two Vulnerabilities in Mozilla may lead to remote compromise Philliph (Jul 13)
- Re: Two Vulnerabilities in Mozilla may lead to remote compromise Mind Warper (Jul 14)
Moodle XSS Vulnerability Thomas Waldegger (Jul 13)
- <Possible follow-ups>
- Re: Moodle XSS Vulnerability Martin Dougiamas (Jul 17)
@stake advisory: WebSTAR (5.3.2 and below) Multiple Vulnerabilities Advisories (Jul 13)
Re: MSIE Similar Method Name Redirection Cross Site/Zone Scripting Vulnerability http-equiv () excite com (Jul 13)
IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 13)
Microsoft Window Utility Manager Local Elevation of Privileges Vivek Rathod (Application Security, Inc.) (Jul 13)
- Re: Microsoft Window Utility Manager Local Elevation of Privileges Chris Paget (Jul 14)
  - Re: Microsoft Window Utility Manager Local Elevation of Privileges KF (lists) (Jul 15)
  - Re: Microsoft Window Utility Manager Local Elevation of Privileges Cesar (Jul 17)
phrack #62 has been released phrack staff (Jul 13)
- <Possible follow-ups>
- RE: phrack #62 has been released Glenn_Everhart (Jul 15)
aterm 0.4.2 tty permission weakness Maarten Tielemans (Jul 13)
- Re: aterm 0.4.2 tty permission weakness Armin Wolfermann (Jul 15)
- Re: aterm 0.4.2 tty permission weakness Coleman Kane (Jul 15)
- Re: aterm 0.4.2 tty permission weakness Sebastian Hans (Jul 15)
- Re: [security] aterm 0.4.2 tty permission weakness lorenzo (Jul 15)
Find the tag continued James C. Slora, Jr. (Jul 14)
HtmlHelp - .CHM File Heap Overflow Brett Moore (Jul 14)
Microsoft Windows Task Scheduler '.job' Stack Overflow NGSSoftware Insight Security Research (Jul 14)
Unchecked buffer in mstask.dll Brett Moore (Jul 14)
- <Possible follow-ups>
- RE: Unchecked buffer in mstask.dll Thor Larholm (Jul 14)
  - Re: Unchecked buffer in mstask.dll Mark Litchfield (Jul 16)
- RE: Unchecked buffer in mstask.dll Paul Szabo (Jul 15)
  - RE: Unchecked buffer in mstask.dll Dmitry Yu. Bolkhovityanov (Jul 19)
    - RE: [ok] [Full-Disclosure] RE: Unchecked buffer in mstask.dll Curt Purdy (Jul 19)
  - Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll Jordan Cole (stilist) (Jul 19)
    - Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll Nick FitzGerald (Jul 19)
    - Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll Curt Purdy (Jul 19)
- RE: Unchecked buffer in mstask.dll Thor Larholm (Jul 15)
Ref: http://www.securityfocus.com/archive/1/367866, Jul 1 2004 1:19PM, Subj: Brightmail leaks other user's spam Sym Security (Jul 14)
Advisory 12/2004: PHP strip_tags() bypass vulnerability Stefan Esser (Jul 14)
[ GLSA 200407-11 ] wv: Buffer overflow vulnerability Thierry Carrez (Jul 14)
Advisory 11/2004: PHP memory_limit remote vulnerability Stefan Esser (Jul 14)
RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 14)
- <Possible follow-ups>
- RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Drew Copley (Jul 14)
- RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Todd Towles (Jul 16)
  - Re: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Fabricio A. Angeletti (Jul 19)
    - RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 19)
- RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 16)
[security bulletin] SSRT4741 rev.1 DCE for HP OpenVMS Potential RPC Buffer Overflow Attack VU#259796, VU#568148, VU#326746 Boren, Rich (SSRT) (Jul 14)
TSSA-2004-013 - php tinysofa Security Team (Jul 14)
PHP BB bug sasan hezarkhani (Jul 14)
- Re: PHP BB bug Rich Lafferty (Jul 16)
- <Possible follow-ups>
- Re: PHP BB bug micheal () michealcottingham com (Jul 16)
  - Message not available
    - Re: PHP BB bug Micheal Cottingham (Jul 19)
[HV-MED] DoS in Microsoft SMS Client vuln (Jul 14)
MDKSA-2004:070 - Updated freeswan and super-freeswan packages fix certificate chain authentication vulnerability Mandrake Linux Security Team (Jul 15)
MDKSA-2004:068 - Updated php packages fix multiple vulnerabilities Mandrake Linux Security Team (Jul 15)
[ GLSA 200407-13 ] PHP: Multiple security vulnerabilities Kurt Lieber (Jul 15)
[CLA-2004:846] Conectiva Security Announcement - kernel Conectiva Updates (Jul 15)
Re: Mac OS X stores login/Keychain/FileVault passwords on disk Adi Kriegisch (Jul 15)
- Re: Mac OS X stores login/Keychain/FileVault passwords on disk Theo Van Dinter (Jul 17)
  - Re: Mac OS X stores login/Keychain/FileVault passwords on disk Adi Kriegisch (Jul 24)
- Re: Mac OS X stores login/Keychain/FileVault passwords on disk Ray Slakinski (Jul 17)
- <Possible follow-ups>
- Re: Mac OS X stores login/Keychain/FileVault passwords on disk johnny (Jul 17)
- Re: Mac OS X stores login/Keychain/FileVault passwords on disk Kurt Seifried (Jul 19)
  - Re: Mac OS X stores login/Keychain/FileVault passwords on disk Chris Boyd (Jul 19)
  - Re: Mac OS X stores login/Keychain/FileVault passwords on disk James Goodlet (Jul 19)
- RE: Mac OS X stores login/Keychain/FileVault passwords on disk Michael Shirk (Jul 20)
The Impact of RFC Guidelines on DNS Spoofing Attacks have2Banonymous (Jul 15)
- <Possible follow-ups>
- RE: The Impact of RFC Guidelines on DNS Spoofing Attacks have2Banonymous (Jul 19)
White Paper: 0x00 vs ASP file upload scripts Brett Moore (Jul 15)
- Re: White Paper: 0x00 vs ASP file upload scripts Martin Eiszner (Jul 17)
Trend Micro Officescan for Win2k strange behaviour Marco Monicelli (Jul 15)
- RE: Trend Micro Officescan for Win2k strange behaviour Seth Hall (Jul 17)
- Re: Trend Micro Officescan for Win2k strange behaviour 3APA3A (Jul 17)
MDKSA-2004:069 - Updated ipsec-tools packages fix multiple vulnerabilities Mandrake Linux Security Team (Jul 15)
- [Tool] HardTCP "Hardening TCP/IP" + SOURCE D'Amato Luigi (Jul 17)
SUSE Security Announcement: php4 (SUSE-SA:2004:021) Sebastian Krahmer (Jul 16)
[waraxe-2004-SA#034 - XSS and path full path disclosure in PhpBB 2.0.8] Janek Vind (Jul 16)
[security bulletin] SSRT4704 rev.0 HP-UX wu-ftpd local unauthorized access Boren, Rich (SSRT) (Jul 16)
[waraxe-2004-SA#035 - Multiple security holes in PhpNuke - part 2] Janek Vind (Jul 16)
[ GLSA 200407-12 ] Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling Tim Yamin (Jul 17)
[OpenPKG-SA-2004.032] OpenPKG Security Advisory (apache) OpenPKG (Jul 17)
[tool] webstretch 0.1.6 http inspection proxy Simon Shanks (Jul 17)
Hotmail Cross Site Scripting Vulnerability Paul (Jul 17)
- Re: Hotmail Cross Site Scripting Vulnerability GreyMagic Security (Jul 17)
- <Possible follow-ups>
- Re: Hotmail Cross Site Scripting Vulnerability Andrew Hunter (Jul 18)
[CLA-2004:847] Conectiva Security Announcement - php4 Conectiva Updates (Jul 17)
[CLA-2004:848] Conectiva Security Announcement - webmin Conectiva Updates (Jul 17)
[FMADV] Format String Bug in OllyDbg 1.10 ned (Jul 17)
MSIE Overly Trusted Location Variant Method Cache Vulnerability Paul (Jul 17)
Medal of Honor remote buffer-overflow Luigi Auriemma (Jul 17)
Web_Store.cgi allows Command Execution Zero_X www . lobnan . de Team (Jul 17)
utilman.exe exploit Iván Rodriguez Almuiña (Jul 17)
What A Drag http-equiv () excite com (Jul 18)
Mozilla Bug Isn't So Bad Paul (Jul 19)
- Re: Mozilla Bug Isn't So Bad Bill (Jul 19)
[SECURITY] [DSA 529-1] New netkit-telnet-ssl package fixes format string vulnerability Matt Zimmerman (Jul 19)
[SECURITY] [DSA 530-1] New l2tpd packages fix buffer overflow Matt Zimmerman (Jul 19)
[SECURITY] [DSA 528-1] New ethereal packages fix denial of service Matt Zimmerman (Jul 19)
new utilman.exe exploit (allinone remote exploitation) Iván Rodriguez Almuiña (Jul 19)
[waraxe-2004-SA#036 - Multiple security holes in PhpNuke - part 3] Janek Vind (Jul 19)
Artmedic kleinanzeigen include vulnerability Francisco Alisson (Jul 19)
PhpBB HTTP Response Splitting & Cross Site Scripting vulnerabilities Ory Segal (Jul 20)
More Webserver / IE Exploits Hubbard, Dan (Jul 20)
- Re: More Webserver / IE Exploits Benjamin Franz (Jul 20)
[ GLSA 200407-14 ] Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries Thierry Carrez (Jul 20)
[FLSA-2004:1734] Updated mailman resolves security vulnerability Jesse Keating (Jul 20)
[FLSA-2004:1324] Updated libxml2 resolves security vulnerabilities Jesse Keating (Jul 20)
Buffer overflow in Whisper FTP Surfer 1.0.7 Komrade (Jul 20)
Inappropriate methods exposed in XML -what's the essence? portsmut (Jul 20)
OpenServer 5.0.6 OpenServer 5.0.7 : MMDF Various buffer overflows and other security issues please_reply_to_security (Jul 20)
Denial of Service vulnerability in several Lexmark HTTP servers Peter Kruse (Jul 20)
- Re: Denial of Service vulnerability in several Lexmark HTTP servers Eric Sesterhenn / snakebyte (Jul 21)
dos_in_file_share_2.6 nekd0 (Jul 20)
[ GLSA 200407-15 ] Opera: Multiple spoofing vulnerabilities Sune Kloppenborg Jeppesen (Jul 20)
mi2g - fud, lies and libel not-mi2g (Jul 21)
Bug () FlashFTPd CoolICE (Jul 21)
[SECURITY] [DSA 531-1] New php4 packages fix multiple vulnerabilities Matt Zimmerman (Jul 21)
Denial of Service in Conceptronic CADSLR1 Router Administrador de 'Shell Security' (Jul 21)
DOS () XitamiHTTPd CoolICE (Jul 21)
Security Release - Samba 3.0.5 and 2.2.10 Gerald (Jerry) Carter (Jul 22)
[OpenPKG-SA-2004.034] OpenPKG Security Advisory (php) OpenPKG (Jul 22)
Comcast(tm) Email Manager allows arbitrary java and activex code execution Michael Scheidell (Jul 22)
[CLA-2004:851] Conectiva Security Announcement - samba Conectiva Updates (Jul 22)
[ GLSA 200407-17 ] l2tpd: Buffer overflow Kurt Lieber (Jul 22)
[OpenPKG-SA-2004.033] OpenPKG Security Advisory (samba) OpenPKG (Jul 22)
@stake advisory: HP dced Remote Command Execution Multiple OSes Advisories (Jul 22)
Samba 3.x swat preauthentication buffer overflow Evgeny Demidov (Jul 22)
TSSA-2004-014 - samba tinysofa Security Team (Jul 22)
SWAT PreAuthorization PoC bugtraq (Jul 22)
MDKSA-2004:071 - Updated samba packages fix vulnerability in SWAT, samba-server. Mandrake Linux Security Team (Jul 23)
Forward:FullDisclosure/IE - Possible Address Spoofing Liu Die Yu (Jul 23)
- <Possible follow-ups>
- RE: Forward:FullDisclosure/IE - Possible Address Spoofing Chenghuai Lu (Jul 27)
- RE: Forward:FullDisclosure/IE - Possible Address Spoofing Michael Silk (Jul 29)
  - RE: Forward:FullDisclosure/IE - Possible Address Spoofing Chenghuai Lu (Jul 29)
[SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability Matt Zimmerman (Jul 23)
SUSE Security Announcement: samba (SUSE-SA:2004:022) Thomas Biege (Jul 23)
[SECURITY] [DSA 534-1] New mailreader packages fix directory traversal vulnerability Matt Zimmerman (Jul 23)
mi2g attacks "so-called" security sites Rob Rosenberger (Jul 23)
OpenServer 5.0.7 : Mozilla Multiple issues please_reply_to_security (Jul 23)
Apache 1.3.x mod_userdir Exploit (wgetusr.c) John Bissell (Jul 23)
eSafe: Could this be exploited? Hugo van der Kooij (Jul 23)
- Re: eSafe: Could this be exploited? Nick FitzGerald (Jul 24)
- Re: eSafe: Could this be exploited? Oliver () greyhat de (Jul 24)
- Re: eSafe: Could this be exploited? 3APA3A (Jul 24)
  - Re: eSafe: Could this be exploited? Andreas Constantinides (MegaHz) (Jul 26)
  - Re: eSafe: Could this be exploited? MegaHz (Jul 26)
    - Re: eSafe: Could this be exploited? Hugo van der Kooij (Jul 27)
    - Re: eSafe: Could this be exploited? Kev Ford (Jul 29)
    - Re: eSafe: Could this be exploited? Nick FitzGerald (Jul 31)
LNSA-#2004-0015: buffer overflow in samba (Jul, 23 2004) Vincenzo Ciaglia (Jul 23)
APC Security Advisory � Denial of Service Vulnerability with PowerChuteBusinessEdition security.advisory (Jul 23)
FW: [Full-Disclosure] Progress and Challenges {tonyFelice} (Jul 23)
[security bulletin] SSRT4773 HP-UX xfs and stmkfont remote unauthorized access Boren, Rich (SSRT) (Jul 23)
LNSA-#2004-0016: Multiple problems in Ethereal 0.10.4 (Jul, 23 2004) Vincenzo Ciaglia (Jul 23)
EasyWeb FileManager Directory Traversal sullo (Jul 24)
- Re: EasyWeb FileManager Directory Traversal Noam Rathaus (Jul 26)
eSeSIX Thintune thin client multiple vulnerabilities Loss, Dirk (Jul 24)
MS SMS DOS Proof-of-concept code and Snort sig wang (Jul 24)
Easyins Stadtportal Francisco Alisson (Jul 24)
TSL-2004-0039 - multi Trustix Security Advisor (Jul 26)
[ GLSA 200407-19 ] Pavuk: Digest authentication helper buffer overflow Kurt Lieber (Jul 26)
Linux Netwosix Bugzilla - Bugtracking System Vincenzo Ciaglia (Jul 26)
QUESTION Alex Mega (Jul 26)
- Re: QUESTION Viktor Larionov (Jul 27)
ASPRunner Multiple Vulnerabilities Ferruh Mavituna (Jul 26)
Mozilla Firefox Certificate Spoofing E.Kellinis (Jul 26)
- Re: Mozilla Firefox Certificate Spoofing Chris Brown (Jul 27)
- Message not available
  - Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing Juan Carlos Navea (Jul 31)
NucleusCMS 3.01 SQL Injection Vulnerability acidbits (Jul 26)
CVS woes: .cvspass Chiaki (Jul 26)
- Re: CVS woes: .cvspass Valdis . Kletnieks (Jul 27)
  - Re: CVS woes: .cvspass Andreas Beck (Jul 29)
- Re: CVS woes: .cvspass Greg A. Woods (Jul 27)
  - Re: CVS woes: .cvspass Delian Krustev (Jul 31)
[ GLSA 200407-20 ] Subversion: Vulnerability in mod_authz_svn Joshua J. Berry (Jul 27)
- Re: [ GLSA 200407-20 ] Subversion: Vulnerability in mod_authz_svn Jack Repenning (Jul 28)
OSX Panther Internet Connect - Local root br00t (Jul 27)
[security bulletin] SSRT4782 rev. 0 HP-UX CIFS Server potential remote root access Boren, Rich (SSRT) (Jul 27)
IRM 009: RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities IRM Advisories (Jul 27)
[SECURITY] [DSA 532-2] New libapache-mod-ssl packages fix multiple vulnerabilities Matt Zimmerman (Jul 27)
[CLA-2004:852] Conectiva Security Announcement - kernel Conectiva Updates (Jul 28)
[Paper] Small XSS Paper Ferruh Mavituna (Jul 28)
WASC Releases Web Security Threat Classification Jeremiah Grossman (Jul 28)
MDKSA-2004:075 - Updated mod_ssl packages fix potential vulnerabilities Mandrake Linux Security Team (Jul 28)
Aladdin response regarding eSafe Ofer Elzam (Jul 28)
- Re: Aladdin response regarding eSafe 3APA3A (Jul 30)
  - Re: Aladdin response regarding eSafe Aleksandar Milivojevic (Jul 30)
MDKSA-2004:072 - Updated postgresql packages fix buffer overflow in odbc driver Mandrake Linux Security Team (Jul 28)
MDKSA-2004:074 - Updated webmin packages correct remote attacker vulnerabilities Mandrake Linux Security Team (Jul 28)
Pavuk Digest Authentication Buffer Overflow mattmurphy () kc rr com (Jul 28)
Re: [Full-Disclosure] Internet Explorer Remote Null Pointer Crash(mshtml.dll) Berend-Jan Wever (Jul 28)
MDKSA-2004:073 - Updated XFree86 packages fix issue with xdm opening random sockets Mandrake Linux Security Team (Jul 28)
UnixWare 7.1.3up : tcpdump several vulnerabilities in tcpdump. please_reply_to_security (Jul 28)
AntiBoard <= 0.7.2 XSS/SQL Injection Josh Gilmour (Jul 28)
Re: [Full-Disclosure] Crash IE with 11 bytes ;) Berend-Jan Wever (Jul 29)
OpenServer 5.0.6 OpenServer 5.0.7 : Multiple Vulnerabilities in Sendmail please_reply_to_security (Jul 29)
- Re: OpenServer 5.0.6 OpenServer 5.0.7 : Multiple Vulnerabilities in Sendmail George Capehart (Jul 30)
ERRATA: [ GLSA 200407-21 ] Samba: Multiple buffer overflows Thierry Carrez (Jul 29)
[ GLSA 200407-21 ] Samba: Multiple buffer overflows Kurt Lieber (Jul 29)
Linpha 0.9.4: authentication bypass Rubén Molina (Jul 29)
lostBook v1.1 Javascript Execution Joseph Moniz (Jul 29)
MDKSA-2004:076 - Updated sox packages fix buffer overflows with malicious .wav files Mandrake Linux Security Team (Jul 29)
DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability Rubén Molina (Jul 29)
File downloads in Opera at known locations Rohit Dube (Jul 29)
- Re: File downloads in Opera at known locations Josh Tolley (Jul 30)
Jaws 0.4: authentication bypass Rubén Molina (Jul 30)
[ GLSA 200407-22 ] phpMyAdmin: Multiple vulnerabilities Thierry Carrez (Jul 30)
[CLA-2004:854] Conectiva Security Announcement - samba Conectiva Updates (Jul 30)
MDKSA-2004:077 - Updated wv packages fix vulnerability Mandrake Linux Security Team (Jul 30)
Citadel/UX Remote DoS Vulnerability CoKi (Jul 30)
WpQuiz Gain Admin Rightd Exploit found jonathan tough (Jul 30)
[CLA-2004:855] Conectiva Security Announcement - sox Conectiva Updates (Jul 30)
Fusion News Yet Another Unauthorized Account Addition Vulnerability Joseph Moniz (Jul 30)
[ GLSA 200407-23 ] SoX: Multiple buffer overflows Thierry Carrez (Jul 31)
Fwd: New possible scam method : forged websites using XUL (Firefox) David Ahmad (Jul 31)
- Re: New possible scam method : forged websites using XUL (Firefox) Marc (Jul 31)
UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges. please_reply_to_security (Jul 31)
OpenServer 5.0.6 OpenServer 5.0.7 : OpenSSL Multiple Vulnerabilities please_reply_to_security (Jul 31)
OpenServer 5.0.6 OpenServer 5.0.7 : uudecode does not check for symlink or pipe please_reply_to_security (Jul 31)
[VSA0402] OpenFTPD format string vulnerability VOID.AT Security (Jul 31)
OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges. please_reply_to_security (Jul 31)
Sonicwall diag tool includes VPN credentlials Milton Lopez (Jul 31)
[EXPL] (MS04-022) Microsoft Windows XP Task Scheduler (.job) Universal Exploit houseofdabus HOD (Jul 31)

Previous period

Next period