Bugtraq: by date

PreviousPrevious period
Next periodNext

366 messages starting Sep 30 04 and ending Oct 30 04
Date index | Thread index | Author index

Thursday, 30 September

iDEFENSE Security Advisory 09.29.04 - Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability customer service mailbox
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Chris Paget
RE: Promiscuous email printing in Canon imageRunner Jeff Bates
CFMX vulnerability Eric Lackey
RE: Diebold Global Election Management System (GEMS) Backdoor David Schwartz
[SECURITY] [DSA 553-1] New getmail packages fix root compromise Martin Schulze
Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Shawn McMahon

Friday, 01 October

TSLSA-2004-0051 - samba Trustix Security Advisor
Multiple Vulnerabilities in AJ-Fork Ahmad Muammar
SQL Injection vulnerability in bBlog 0.7.3 James McGlinn
Oracle 9i Union Flaw Brandon Petty
EEYE: RealPlayer pnen3260.dll Heap Overflow Marc Maiffret
Broadcast buffer-overflow in Vypress Messenger 3.5.1 Luigi Auriemma
Re: Possible GDI Exploit Vector Babar Shafiq Nazmi
Re: cdrecord local root exploit Greg A. Woods
Re: cdrdao local root exploit newbug Tseng
MDKSA-2004:104 - Updated samba packages fix vulnerability Mandrake Linux Security Team
[ GLSA 200410-01 ] sharutils: Buffer overflows in shar.c and unshar.c Thierry Carrez
Re: Oracle 9i Union Flaw Brandon Petty
Re: Promiscuous email printing in Canon imageRunner Marco Ivaldi
dbPowerAmp Buffer Overflow And Dos Vulnerabilities GulfTech Security
Re: cdrecord local root exploit Jason T. Miller

Saturday, 02 October

On Polymorphic Evasion Phantasmal Phantasmagoria
Security advisory - Xerces-C++ 2.5.0: Attribute blowup Amit Klein (AKsecurity)
[FLSA-2004:1733] Updated squirrelmail resolves security vulnerabilities Dominic Hargreaves
In-game format string in Judge Dredd vs. Death 1.01 Luigi Auriemma
Re:2. Code execution in Icecast 2.0.1(exploit with shellcode) me
Re: cdrecord local root exploit Solar Designer

Monday, 04 October

Re: Oracle 9i Union Flaw Peter J. Holzer
[SECURITY] [DSA 556-1] New netkit-telnet packages fix invalid free Matt Zimmerman
[FLSA-2004:1372] Updated sysstat packages fix security vulnerabilities Marc Deslauriers
Buffer Overflow in Spider game Security Team
[LoWNOISE] IPSWITCH WhatsUp Gold 8.03 Remote fr33 exploit ET LoWNOISE
[SECURITY] [DSA 557-1] New rp-pppoe packages fix potential root compromise Martin Schulze
[FLSA-2004:1325] Updated mod_python packages fix security vulnerability Dominic Hargreaves
FreeBSD Security Advisory FreeBSD-SA-04:15.syscons FreeBSD Security Advisories
Full path disclosure in PHP Links Nikyt0x Argentina
[FLSA-2004:1324] Updated libxml2 resolves security vulnerability Marc Deslauriers
[ GLSA 200410-02 ] Netpbm: Multiple temporary file issues Thierry Carrez
Re: Buffer Overflow in Spider game Steve Kemp

Tuesday, 05 October

Patch available for critical IBM DB2 Universal Database flaws NGSSoftware Insight Security Research
[security bulletin]SSRT4826 rev.0 Mozilla Application Suite for HP Tru64 UNIX Multiple Potential Security Vulnerabilities Boren, Rich (SSRT)
SUSE Security Announcement: samba (SUSE-SA:2004:035) Thomas Biege
Re: EEYE: RealPlayer pnen3260.dll Heap Overflow Chenghuai Lu
Antivirus, Trojan, Spy ware scanner, Nested file manual scan bypass bug Bipin Gautam
Test your windows OS Berend-Jan Wever
Re: Full path disclosure in PHP Links Scott T. Cameron
[MAXPATROL Security Advisories] Cross site scripting in Invision Power Board Alexander Antipov
ERRATA: Potential Arbitrary File Access (CAN-2004-0815) Gerald (Jerry) Carter
Re: Buffer Overflow in Spider game van Helsing
Re: Full path disclosure in PHP Links - more LSS Security

Wednesday, 06 October

Full path disclosure and sql injection on CubeCart 2.0.1 Pedro Sanches
[Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal Alexander Antipov
GDI+ JPEG exploit albatross
Multiple vulnerabilities in BlackBoard Lin Xiaofeng
Patch available for multiple high risk vulnerabilities in RealPlayer NGSSoftware Insight Security Research
[SECURITY] [DSA 559-1] New net-acct packages fix insecure temporary file creation Martin Schulze
SUSE Security Announcement: mozilla (SUSE-SA:2004:036) Sebastian Krahmer
Re: [Full-Disclosure] iDEFENSE Security Advisory 10.05.04b: Symantec Norton AntiVirus Reserved Device Name Handling Vulnerability 3APA3A
CodeCon 2005 Call for Papers Len Sassaman
[ GLSA 200410-04 ] PHP: Memory disclosure and arbitrary location file upload Dan Margolis
Directory traversal in Tridcomm 1.3 Luigi Auriemma
Latest Apple Sec update Michael Bartosh
[GoSecure Advisory] Neoteris IVE Vulnerability Jian Hui Wang
MDKSA-2004:105 - Updated xine-lib packages fix multiple vulnerabilities Mandrake Linux Security Team
[SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service Martin Schulze
Patch available for high risk flaws in the AtHoc Toolbar NGSSoftware Insight Security Research
Re: Multiple vulnerabilities in BlackBoard Yves Goergen
[Gosecure Adivsory] Neoteris IVE Vulnerability Jian Hui Wang
New Microsoft Security Response Center PGP Key [pgp] Microsoft Security Response Center
Hi webhelp
Re: Buffer Overflow in Spider game Matt Zimmerman

Thursday, 07 October

[HV-HIGH] MS Word multiple exceptions, at least one exploitable vuln
HTTP Response Splitting Vulnerability in Wordpress 1.2 Chaotic Evil
[SECURITY] [DSA 600-1] New samba packages fix arbitrary file access Martin Schulze
[SECURITY] [DSA 560-1] New lesstif packages fix several vulnerabilities Martin Schulze
[ GLSA 200410-05 ] Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities Kurt Lieber
Server crash in Flash Messaging 5.2.0g Luigi Auriemma

Friday, 08 October

ASP.NET cannonicalization issue Evans, Arian
TSLSA-2004-0053 - cyrus-sasl Trustix Security Advisor
MDKSA-2004:106 - Updated cyrus-sasl packages fix local vulnerability Mandrake Linux Security Team
Limited \secure\ buffer-overflow in some old Monolith games Luigi Auriemma

Saturday, 09 October

[ GLSA 200410-06 ] CUPS: Leakage of sensitive information Kurt Lieber

Monday, 11 October

[MAxpatrol Security Advisory] Multiple vulnerabilities in GoSmart Message Board Alexander Antipov
[SECURITY] [DSA 562-1] New mysql packages fix several vulnerabilities Martin Schulze
[SECURITY] [DSA 458-3] New python2.2 packages really fix buffer overflow and restore functionality Martin Schulze
Multiple vulnerabilities in ZanfiCmsLite Lin Xiaofeng

Tuesday, 12 October

Micronet wireless broadband router SP916BM admin password reset when power off MrJoe
MonkeyShell: using XML-RPC for access to a remote shell Abe Usher
FW: problem in voip environment Walton, John Michael (John)
Microsoft cabarc directory traversal Jelmer
[SECURITY] [DSA 563-1] New cyrus-sasl packages fix arbitrary code execution Martin Schulze
Insecure Default Service DACL's in Windows 2003 Ziots, Edward
Regression in IE: Accessing remote/local content in IE (GM#009-IE) GreyMagic Security
UnixWare 7.1.3up UnixWare 7.1.4 : CUPS before 1.1.21 allows remote attackers to cause a denial of service please_reply_to_security
Microsoft Internet Explorer Install Engine Control Buffer Overflow NGSSoftware Insight Security Research
[SECURITY] [DSA 563-2] New cyrus-sasl packages really fix arbitrary code execution Martin Schulze
UnixWare 7.1.4 : Multiple Vulnerabilities in libpng please_reply_to_security
CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities CORE Security Technologies Advisories
RE: Insecure Default Service DACL's in Windows 2003 Kurt Dillard
Re: Regression in IE: Accessing remote/local content in IE (GM#009-IE) Nick FitzGerald
Reverse Engineering the First Pocket PC Trojan kers0r
[hackgen-2004-#002] - Remote file inclusion bug in ocPortal 1.0.3. Exoduks
Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS Amit Klein (AKsecurity)
MS October Security bulletins albatross

Wednesday, 13 October

[SECURITY] [DSA 564-1] New mpg123 packages fix arbitrary code exceution Martin Schulze
XXS in fusetalk forum Matthew Oyer
XXS in SCT email client Matthew Oyer
[HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss vuln
BindView Advisory: Memory Leak and DoS in NT4 RPC server advisory
[FLSA-2004:2102] Updated samba packages fix security vulnerability Dominic Hargreaves
ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer ACROS Security
EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability Derek Soeder
[ GLSA 200410-10 ] gettext: Insecure temporary file handling Luke Macken
[SECURITY] [DSA 565-1] New sox packages fix buffer overflow Martin Schulze
IT Underground Talks Dave Aitel
Adobe acrobat / Adobe Reader 6 can read local files Jelmer
[ GLSA 200410-11 ] tiff: Buffer overflows in image decoding Thierry Carrez
EEYE: Windows VDM #UD Local Privilege Escalation Derek Soeder
MSN Gaming Heartbeat Component Buffer Overflow NGSSoftware Insight Security Research
[ GLSA 200410-09 ] LessTif: Integer and stack overflows in libXpm Luke Macken
Format String Vulnerability in Valve's CS-Source Some One

Thursday, 14 October

Buffer Overflow In Microsoft Excel Brett Moore
SetWindowLong Shatter Attacks Brett Moore
[CLA-2004:872] Conectiva Security Announcement - cups Conectiva Updates
[ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities Luke Macken
[CLA-2004:873] Conectiva Security Announcement - samba Conectiva Updates
[FLSA-2004:1888] Updated mod_ssl package fixes Apache security vulnerabilities Marc Deslauriers
[HV-MED] UPDATE: RIM Blackberry DoS, data loss vuln
[FLSA-2004:1737] Updated httpd packages fix a mod_proxy security vulnerability Marc Deslauriers
[SECURITY] [DSA 563-3] New cyrus-sasl packages fix arbitrary code execution on sparc and arm Martin Schulze
[FLSA-2004:1833] Updated lha resolves security vulnerabilities Marc Deslauriers
[SECURITY] [DSA 566-1] New CUPS packages fix information leak Martin Schulze
[OpenPKG-SA-2004.043] OpenPKG Security Advisory (tiff) OpenPKG
Buffer-overflow in ShixxNOTE 6.net Luigi Auriemma
CESA-2004-006: libtiff chris
3COM Wireless router (3CRADSL72) information disclosure Karb0nOxyde -
New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory John Bissell
ACROS Security: Unsanitized Session ID Cookie Allows Modifying Server Response ACROS Security
ACROS Security: HTML Injection in JRun Management Console ACROS Security
ACROS Security: Session Fixation in JRun Management Console ACROS Security
UPDATE: Format String Vulnerability in Valve's CS-Source Some One
Re: Adobe acrobat / Adobe Reader 6 can read local files Nick Leoncavallo
[ GLSA 200410-10 ] gettext: Insecure temporary file handling Luke Macken

Friday, 15 October

[ GLSA 200410-13 ] BNC: Input validation flaw Thierry Carrez
[FLSA-2004:2102] Updated samba packages fix security vulnerability [updated] Dominic Hargreaves
TSLSA-2004-0054 - multi Trustix Security Advisor
[OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) OpenPKG
a path disclosure and a posibility file inclusion and vulneability in thepeak file upload v1.3 keitel andres ortega
Writing Trojans that bypass Windows XP Service Pack 2 Firewall americanidiot
Re: EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability Bipin Gautam
Bypass of Antivirus software with GDI+ bug exploit Mutations Andrey Bayora
Microsoft Windows NetDDE Service Buffer Overflow NGSSoftware Insight Security Research
Re: Insecure Default Service DACL's in Windows 2003 Jean-Baptiste Marchand
Multiple Cross Site Scripting Vulnerabilities in FuseTalk steven
ProFTPD 1.2.x remote users enumeration bug LSS Security
Re: Format String Vulnerability in Valve's CS-Source Luigi Auriemma
Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant) Daniel Milisic
Directory traversal in Yak! 2.1.2 Luigi Auriemma
Eudora 6.2.0.7 attachment spoof Paul Szabo
Clientexec Billing Software bugtraq
Re: [VulnWatch] CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities wirepair
[SECURITY] [DSA 567-1] New libtiff packages fix remote code execution Martin Schulze
More details on BID 11408 (3com 3cradsl72 wireless router) Ivan Casado
RE: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Polazzo Justin
[IE 6 SP2] Possible URL Spoofing Andrew Hunter

Monday, 18 October

Re: Adobe acrobat / Adobe Reader 6 can read local files Shannon Eric Peevey
Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory SysAdminKC
Multiple Vulnerabilities in CoolPHP R00tCr4ck
Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory marco correnti
Re: Format String Vulnerability in Valve's CS-Source Some One
Re: 3COM Wireless router (3CRADSL72) information disclosure mccauley () gmx net
ms04-031 pre-auth ?? Sinan Eren
Web browsers - a mini-farce Michal Zalewski
IISShield and ASP.NET canonicalization Tiago Halm
cPanel hardlink backup issue Karol Więsek
cPanel hardlink chown issue Karol Więsek
cPanel symlink chmod issue Karol Więsek
Multiple vulnerabilities in Sage Saleslogix Carl
iDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability customer service mailbox
Re: [IE 6 SP2] Possible URL Spoofing http-equiv () excite com
Re: Directory traversal in Yak! 2.1.2 bil
Re: Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant) secure
Re: EEYE: Windows VDM #UD Local Privilege Escalation Jim Hatfield
[SECURITY] [DSA 569-1] New netkit-telnet-ssl packages fix denial of service Martin Schulze
ProFTPD 1.2.x remote users enumeration bug - correction LSS Security
IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS Juan C Calderon
[FLSA-2004:2072] Updated CUPS packages fix security vulnerability Marc Deslauriers
[Powie's PSCRIPT Forum] Multiple SQL-Injection Vulnerabilities Christoph Jeschke
[FLSA-2004:1237] Updated gaim package resolves security issues Marc Deslauriers
[SECURITY] [DSA 568-1] New cyrus-sasl-mit packages fix arbitrary code execution Martin Schulze
Re: IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS Juan C Calderon
[SECURITY] [DSA 556-2] New netkit-telnet packages really fix denial of service Martin Schulze
[ GLSA 200410-15 ] Squid: Remote DoS vulnerability Luke Macken
Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Jay Calvert
Mutiple AntiVirus Reserved Device Name Handling Vulnerability Sowhat .
apexec.pl is still vulnerable against Directory Traversal. Zero_X www . lobnan . de Team
RE: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Simon Zuckerbraun
[ GLSA 200410-14 ] phpMyAdmin: Vulnerability in MIME-based transformation system Thierry Carrez
[CLA-2004:875] Conectiva Security Announcement - gtk+ Conectiva Updates
Re: [IE 6 SP2] Possible URL Spoofing Paul Kurczaba

Tuesday, 19 October

[FLSA-2004:1804] Updated kernel resolves security vulnerabilities Dominic Hargreaves
UnixWare 7.1.4 UnixWare 7.1.3 : The error handling in the inflate and inflateBack functions in ZLib compression library allows local users to cause a denial of service please_reply_to_security
RE: [IE 6 SP2] Possible URL Spoofing Dror Shalev
Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory Chris Norton
avoiding stackguard vallez
Multiple AntiVirus Reserved Device Name Handling Vulnerability Sowhat .
Broadcast crash in Vypress Tonecast 1.3 Luigi Auriemma
Google Script Insertion Exploit Jim Ley

Wednesday, 20 October

MDKSA-2004:109 - Updated libtiff packages fix multiple vulnerabilities Mandrake Linux Security Team
Buffer-overflow in Age of Sail II 1.04.151 Luigi Auriemma
[EXPL] (MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow (PoC) houseofdabus HOD
RE: How to Break Windows XP SP2 + Internet Explorer 6 SP2 Thor Larholm
How to Break Windows XP SP2 + Internet Explorer 6 SP2 http-equiv () excite com
[SECURITY] [DSA 571-1] New libpng3 packages fix several vulnerabilities Martin Schulze
[SECURITY] [DSA 570-1] New libpng packages fix several vulnerabilities Martin Schulze
Re: Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant) secure
MDKSA-2004:108 - Updated cvs packages fix vulnerability Mandrake Linux Security Team
mpg123 "getauthfromurl" buffer overflow Carlos Barros
MDKSA-2004:107 - Updated mozilla packages fix vulnerabilities Mandrake Linux Security Team

Thursday, 21 October

[SECURITY] [DSA 573-1] New cupsys packages fix arbitrary code execution Martin Schulze
Critical Vulnerability in Altiris Deployment Server architecture Brian Gallagher
CAN-2004-0814: Linux terminal layer races Alan Cox
SuSE Security Announcement: kernel (SUSE-SA:2004:037) Marcus Meissner
NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability NSFOCUS Security Team
[SECURITY] [DSA 572-1] New ecartis packages fix unauthorised access to admin interface Martin Schulze
SQL Injection in UBB.threads 3.4.x Florian Rock
MDKSA-2004:111 - Updated wxGTK2 packages fix vulnerabilities Mandrake Linux Security Team
Re: IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS (Risk increased) Juan C Calderon
MDKSA-2004:110 - Updated gaim packages fix vulnerabilities Mandrake Linux Security Team
HTTP Response Splitting in Serendipity 0.7-beta4 Chaotic Evil
Re: Critical Vulnerability in Altiris Deployment Server architecture KF_lists

Friday, 22 October

MDKSA-2004:112 - Updated squid packages fix SNMP processing vulnerability Mandrake Linux Security Team
[ GLSA 200410-21 ] Apache 2, mod_ssl: Bypass of SSLCipherSuite directive Kurt Lieber
MDKSA-2004:114 - Updated gpdf packages fix DoS vulnerability Mandrake Linux Security Team
MDKSA-2004:115 - Updated kdegraphics packages fix DoS vulnerability Mandrake Linux Security Team
[KDE security advisory] Multiple integer overflows in kpdf Dirk Mueller
MDKSA-2004:116 - Updated cups packages fix DoS vulnerabilities Mandrake Linux Security Team
[Security Bulletin] SSRT4807 HP-UX stmkfont local unauthorized privileged access Boren, Rich (SSRT)
[HV-LOW] Unsafe WAV header handling can cause DoS on Windows vuln
MDKSA-2004:113 - Updated xpdf packages fix vulnerabilities Mandrake Linux Security Team
J2ME security vulnerabilities Adam Gowdiak
[Fwd: Altiris Carbon Copy Remote Control local SYSTEM exploitation.] KF_lists
SuSE Security Announcement: libtiff (SUSE-SA:2004:038) Marcus Meissner
Windows DoS in certain pGina configurations Steven
Hack Dot AE Spy Hat
Re: avoiding stackguard Crispin Cowan
iDEFENSE Security Advisory XX.XX.04 - Novell SuSe Linux LibTIFF Heap Overflow Vulnerability customer service mailbox
[CLA-2004:877] Conectiva Security Announcement - mozilla Conectiva Updates
Is Windows up to snuff for running our world? Richard M. Smith
AOL Journals BlogID incrementing discloses account names and e-mail Steven
Norton AntiVirus 2004/2005 Script Blocking Redux Daniel Milisic
Ability FTP Server 2.34 Buffer Overflow Exploit Jérôme
Re: Full path disclosure and sql injection on CubeCart 2.0.1 sculptex
windows 2000 server terminal server denial of service Nick Caramella

Saturday, 23 October

dwc_articles possible sql injection Rene
rssh: pizzacode security alert Derek Martin
Update: Web browsers - a mini-farce (MSIE gives in) Michal Zalewski

Monday, 25 October

Re: Google Script Insertion Exploit Jérôme
python does mangleme (with IE bugs!) ned
[BUGZILLA] Vulnerabilities in Bugzilla 2.16.6 and 2.18rc2 David Miller
Re: Is Windows up to snuff for running our world? Thor
STG Security Advisory: [SSA-20041022-08] MoniWiki XSS vulnerability advisory
Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd) Atom 'Smasher'
Re: [Full-Disclosure] python does mangleme (with IE bugs!) Berend-Jan Wever
RE: Update: Web browsers - a mini-farce (MSIE gives in) David Brodbeck
Mozilla Firefox (tested on 0.9.3) html-code crash. ducch apple
Fake RedHat - Fedora Security Patch / Trojan Source Code & Analysis K-OTiK Security
Re: Update: Web browsers - a mini-farce (MSIE gives in) gabrield89
Re: [Full-Disclosure] Update: Web browsers - a mini-farce (MSIE gives in) Daniel Veditz
Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2 michael evanchik
[CLA-2004:878] Conectiva Security Announcement - zlib Conectiva Updates
Two Vulnerabilities in OpenWFE Web Client Joxean Koret
Bug in hotmail security
Re: CAN-2004-0814: Linux terminal layer races Pavel Kankovsky
RE: Critical Vulnerability in Altiris Deployment Server architecture Brooks, Shane

Tuesday, 26 October

libxml2 remote buffer overflows (not in xml parsing code though) infamous41md
SUSE Security Announcement: xpdf, gpdf, kpdf, pdftohtml, cups (SUSE-SA:2004:039) Thomas Biege
OpenSSL 0.9.7e released (fwd from mark () openssl org) je
[ GLSA 200410-24 ] MIT krb5: Insecure temporary file use in send-pr.sh Thierry Carrez
[ GLSA 200410-26 ] socat: Format string vulnerability Luke Macken
inetutils tftp client, DNS resolving bofs infamous41md
libgd integer overflow infamous41md
MailCarrier 2.51 SMTP server Buffer Overflow [PoC included] Jérôme
pacsec.jp advisory: Firewire/IEEE 1394 Considered Harmful to Physical Security Dragos Ruiu
Hawking Technologies HAR11A router considered insecure Marcus Garvey
[ GLSA 200410-25 ] Netatalk: Insecure tempfile handling in etc2ps.sh Luke Macken
pppd out of bounds memory access, possible DOS infamous41md
[ GLSA 200410-23 ] Gaim: Multiple vulnerabilities Matthias Geerdsen
[ GLSA 200410-22 ] MySQL: Multiple vulnerabilities Thierry Carrez
wvtfpd remote root heap overflow infamous41md
zgv image viewing heap overflows infamous41md
Re: Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd) Valdis . Kletnieks

Wednesday, 27 October

Rendering large binary file as HTML makes Mozilla Firefox stop responding Peter Kruse
debian dhcpd, old format string bug infamous41md
PTms04-030 pigrelax
Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis . Kletnieks
MMDF deliver local root exploit for SCO OpenServer 5.0.7 x86 Ramon de Carvalho Valle
PuTTY SSH client vulnerability Anatole Shaw
[CLA-2004:879] Conectiva Security Announcement - kernel Conectiva Updates
RE: Update: Web browsers - a mini-farce (MSIE gives in) Michael Wojcik
Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis . Kletnieks
Crashs in Master of Orion III 1.2.5 Luigi Auriemma
iDEFENSE Security Advisory 10.27.04 - PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability customer service mailbox
[CLA-2004:880] Conectiva Security Announcement - foomatic-filters Conectiva Updates
[ GLSA 200410-29 ] PuTTY: Pre-authentication buffer overflow Sune Kloppenborg Jeppesen
High Risk Vulnerability in Quicktime for Windows NGSSoftware Insight Security Research
EEYE: RealPlayer Zipped Skin File Buffer Overflow Marc Maiffret
Multiple Vulnerabilites in Quake II Server Richard Stanway
RE: Update: Web browsers - a mini-farce (MSIE gives in) Michael Wojcik
[security bulletin] SSRT3526 Serviceguard potential increase in privilege Boren, Rich (SSRT)
High Risk Vulnerability in RealPlayer NGSSoftware Insight Security Research

Thursday, 28 October

Presentation: Bypassing client application protection techniques with notepad 3APA3A
[SECURITY] [DSA 574-1] New cabextract packages fix unintended directory traversal Martin Schulze
[SECURITY] [DSA 575-1] New catdoc packages fix temporary file vulnerability Martin Schulze
Re: Update: Web browsers - a mini-farce (MSIE gives in) MCMuir
RE: Update: Web browsers - a mini-farce (MSIE gives in) David Brodbeck
Re: zgv image viewing heap overflows Chris Frey
Re: debian dhcpd, old format string bug Tarragon Allen
PHP4 cURL functions bypass open_basedir FraMe
Re: Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd) Paul Schmehl
RE: Update: Web browsers - a mini-farce (MSIE gives in) Michael Wojcik
[USN-5-1] gettext vulnerabilities Martin Pitt
[USN-4-1] Standard C library script vulnerabilities Martin Pitt
Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis . Kletnieks
[FLSA-2004:2089] Updated mozilla packages fix security vulnerabilities Dominic Hargreaves
[USN-9-1] tetex-bin vulnerabilities Martin Pitt
[USN-3-1] GhostScript utility script vulnerabilities Martin Pitt
[ GLSA 200410-28 ] rssh: Format string vulnerability Thierry Carrez
[USN-7-1] imagemagick vulnerability Martin Pitt
[USN-8-1] gaim vulnerabilities Martin Pitt
New URL spoofing bug in Microsoft Internet Explorer 0-1-2-3
[ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in included xpdf Thierry Carrez
Re: Mozilla Firefox (tested on 0.9.3) html-code crash. Crispin Cowan
[USN-6-1] postgresql contributed script vulnerability Martin Pitt

Friday, 29 October

[SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability Martin Schulze
Re: Mozilla Firefox (tested on 0.9.3) html-code crash. Michal Zalewski
[SECURITY] [DSA 576-1] New Squid packages fix several vulnerabilities Martin Schulze
[OpenPKG-SA-2004.047] OpenPKG Security Advisory (apache) OpenPKG
RE: New URL spoofing bug in Microsoft Internet Explorer Larry Seltzer
[USN-11-1] libgd2 vulnerabilities Martin Pitt
[ GLSA 200410-31 ] Archive::Zip: Virus detection evasion Thierry Carrez
Re: debian dhcpd, old format string bug infamous41md
local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33? Larry Cashdollar
Re: libgd integer overflow Richard Dawe
RE: libgd integer overflow infamous41md
RE: Update: Web browsers - a mini-farce (MSIE gives in) Tim Newsham
Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis . Kletnieks
RE: Update: Web browsers - a mini-farce (MSIE gives in) Tim Newsham
RE: Update: Web browsers - a mini-farce (MSIE gives in) David Brodbeck
Re: Update: Web browsers - a mini-farce (MSIE gives in) Michael Shigorin
Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ
Re: Update: Web browsers - a mini-farce (MSIE gives in) infamous41md
Re: New URL spoofing bug in Microsoft Internet Explorer Christopher J. Pilkington
[OpenPKG-SA-2004.046] OpenPKG Security Advisory (postgresql) OpenPKG
Re: New URL spoofing bug in Microsoft Internet Explorer Jérôme
Re: local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33? André Malo
Re: Update: Web browsers - a mini-farce (MSIE gives in) Chris Paget
Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ

Saturday, 30 October

Re: local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33? Michael Engert
Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ
Re: New URL spoofing bug in Microsoft Internet Explorer 0-1-2-3
[USN-12-1] ppp Denial of Service Martin Pitt
[OpenPKG-SA-2004.048] OpenPKG Security Advisory (squid) OpenPKG
RE: New URL spoofing bug in Microsoft Internet Explorer Larry Seltzer
Re: New URL spoofing bug in Microsoft Internet Explorer http-equiv () excite com
PreviousPrevious period
Next periodNext