PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 [23] 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. Re: [Full-Disclosure] python does mangleme (with IE bugs!)
  2. Mozilla Firefox (tested on 0.9.3) html-code crash.
  3. Re: [Full-Disclosure] Update: Web browsers - a mini-farce (MSIE gives
  4. Fake RedHat - Fedora Security Patch / Trojan Source Code & Analysis
  5. Bug in hotmail
  6. [CLA-2004:878] Conectiva Security Announcement - zlib
  7. Two Vulnerabilities in OpenWFE Web Client
  8. libxml2 remote buffer overflows (not in xml parsing code though)
  9. MailCarrier 2.51 SMTP server Buffer Overflow [PoC included]
  10. OpenSSL 0.9.7e released (fwd from mark@openssl.org)
  11. pacsec.jp advisory: Firewire/IEEE 1394 Considered Harmful to Physical Security
  12. [ GLSA 200410-24 ] MIT krb5: Insecure temporary file use in send-pr.sh
  13. [ GLSA 200410-26 ] socat: Format string vulnerability
  14. libgd integer overflow
  15. inetutils tftp client, DNS resolving bofs
  16. Hawking Technologies HAR11A router considered insecure
  17. pppd out of bounds memory access, possible DOS
  18. [ GLSA 200410-25 ] Netatalk: Insecure tempfile handling in
  19. [ GLSA 200410-23 ] Gaim: Multiple vulnerabilities
  20. [ GLSA 200410-22 ] MySQL: Multiple vulnerabilities
  21. wvtfpd remote root heap overflow
  22. Re: Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd)
  23. Rendering large binary file as HTML makes Mozilla Firefox stop responding
  24. PTms04-030
  25. debian dhcpd, old format string bug
  26. Crashs in Master of Orion III 1.2.5
  27. PuTTY SSH client vulnerability
  28. [CLA-2004:879] Conectiva Security Announcement - kernel
  29. [CLA-2004:880] Conectiva Security Announcement - foomatic-filters
  30. iDEFENSE Security Advisory 10.27.04 - PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability
  31. MMDF deliver local root exploit for SCO OpenServer 5.0.7 x86
  32. [ GLSA 200410-29 ] PuTTY: Pre-authentication buffer overflow
  33. High Risk Vulnerability in Quicktime for Windows
  34. EEYE: RealPlayer Zipped Skin File Buffer Overflow
  35. Multiple Vulnerabilites in Quake II Server
  36. [security bulletin] SSRT3526 Serviceguard potential increase in privilege
  37. High Risk Vulnerability in RealPlayer
  38. Presentation: Bypassing client application protection techniques with notepad
  39. [SECURITY] [DSA 574-1] New cabextract packages fix unintended directory traversal
  40. [SECURITY] [DSA 575-1] New catdoc packages fix temporary file vulnerability
  41. Re: zgv image viewing heap overflows
  42. PHP4 cURL functions bypass open_basedir
  43. Re: Some Voters Say Machines Failed, Incorrect Choices Appear on
  44. [USN-4-1] Standard C library script vulnerabilities
  45. [USN-5-1] gettext vulnerabilities
  46. [ GLSA 200410-28 ] rssh: Format string vulnerability
  47. [USN-7-1] imagemagick vulnerability
  48. [FLSA-2004:2089] Updated mozilla packages fix security vulnerabilities
  49. [USN-8-1] gaim vulnerabilities
  50. New URL spoofing bug in Microsoft Internet Explorer
  51. [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in included
  52. [USN-3-1] GhostScript utility script vulnerabilities
  53. [USN-6-1] postgresql contributed script vulnerability
  54. [SECURITY] [DSA 576-1] New Squid packages fix several vulnerabilities
  55. [SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability
  56. local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33?
  57. [ GLSA 200410-31 ] Archive::Zip: Virus detection evasion
  58. [USN-11-1] libgd2 vulnerabilities
  59. Re: local buffer overflow in htpasswd for apache 1.3.31 not fixed
  60. [OpenPKG-SA-2004.046] OpenPKG Security Advisory (postgresql)
  61. [OpenPKG-SA-2004.047] OpenPKG Security Advisory (apache)
  62. [USN-12-1] ppp Denial of Service
  63. [OpenPKG-SA-2004.048] OpenPKG Security Advisory (squid)
  64. New Whitepaper - "Second-order Code Injection Attacks"
  65. XDICT Buffer OverRun Vulnerability,funny :-)
  66. [SECURITY] [DSA 579-1] New abiword packages fix arbitrary code execution
  67. [SECURITY] [DSA 578-1] New mpg123 packages fix arbitrary code execution
  68. [ GLSA 200411-01 ] ppp: Remote denial of service vulnerability
  69. [USN-13-1] groff utility vulnerability
  70. [USN-14-1] xpdf vulnerabilities
  71. p h i s h i n g p h o r p h u n p h o r p h u q u e s a k e
  72. [USN-10-1] XML library vulnerabilities
  73. [OpenPKG-SA-2004.045] OpenPKG Security Advisory (mysql)
  74. TSLSA-2004-0055 - multi
  75. [SECURITY] [DSA 580-1] New iptables packages fix modprobe failure
  76. [OpenPKG-SA-2004.050] OpenPKG Security Advisory (libxml)
  77. [OpenPKG-SA-2004.049] OpenPKG Security Advisory (gd)
  78. Safari vulnerable to URL spoofing
  79. Internet Explorer HTML Help Control ActiveX Cross Domain/Zone
  80. [ GLSA 200411-02 ] Cherokee: Format string vulnerability
  81. [CLA-2004:881] Conectiva Security Announcement - rsync
  82. Medium Risk Vulnerability in WinRAR
  83. [USN-15-1] lvm10 vulnerability
  84. [ GLSA 200411-03 ] Apache 1.3: Buffer overflow vulnerability in mod_include
  85. [SECURITY] [DSA 581-1] New xpdf packages fix arbitrary code execution
  86. Exploiting default exception handler to increase exploit
  87. zlib 1.2.2 released
  88. MDKSA-2004:117 - Updated gaim packages fix vulnerability
  89. MDKSA-2004:118 - Updated perl-Archive-Zip packages fix vulnerability
  90. Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication
  91. MDKSA-2004:119 - Updated MySQL packages fix multiple vulnerabilities
  92. MDKSA-2004:120 - Updated mpg123 packages fix vulnerability
  93. MDKSA-2004:121 - Updated netatalk packages fix temporary file vulnerability
  94. MDKSA-2004:122 - Updated mod_ssl packages fix information disclosure vulnerability
  95. [ GLSA 200411-04 ] Speedtouch USB driver: Privilege escalation
  96. MDKSA-2004:123 - Updated perl-MIME-tools packages fix vulnerability
  97. zlib 1.2.2 released
  98. Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exp
  99. Rv: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exp
  100. Multiple Vulnerabilities in Web Forums Server
  101. Microsoft ISA Server Authentication Bypassing
  102. URL spoofing bug (with iframes) in Microsoft Internet Explorer (11/02/2004)
  103. [SECURITY] [DSA 582-1] New libxml packages fix arbitrary code execution
  104. [Hat-Squad] SQL injection and XSS Vulnerabilities in HELM
  105. [USN-16-1] perl vulnerabilities
  106. [ GLSA 200411-06 ] MIME-tools: Virus detection evasion
  107. [CLA-2004:882] Conectiva Security Announcement - squid
  108. [ GLSA 200411-05 ] libxml2: Remotely exploitable buffer overflow
  109. [ GLSA 200411-07 ] Proxytunnel: Format string vulnerability
  110. ERRATA: [ GLSA 200411-01 ] ppp: No denial of service vulnerability
  111. [SECURITY] [DSA 583-1] New lvm10 packages fix insecure temporary directory
  112. [CLA-2004:885] Conectiva Security Announcement - apache
  113. [CLA-2004:884] Conectiva Security Announcement - gaim
  114. [CLA-2004:883] Conectiva Security Announcement - subversion
  115. [HV-MED] Zip/Linux long path buffer overflow
  116. [SECURITY] [DSA 584-1] New dhcp packages fix format string vulnerability
  117. [ GLSA 200411-08 ] GD: Integer overflow
  118. [ GLSA 200411-09 ] shadow: Unauthorized modification of account information
  119. MDKSA-2004:124 - Updated xorg-x11 packages fix libXpm overflow vulnerabilities
  120. SSC Advisory TSA-052 (Callwave.com)
  121. MDKSA-2004:125 - Updated iptables packages fix vulnerability
  122. MDKSA-2004:126 - Updated shadow-utils packages fix security bypass vulnerability
  123. MDKSA-2004:127 - Updated libxml and libxml2 packages fix multiple vulnerabilities
  124. [USN-18-1] zip vulnerability
  125. Re: [Full-Disclosure] [HV-MED] Zip/Linux long path buffer overflow
  126. Multiple vulnerabilities in Icewarp Web Mail 5.2.8 : New face of
  127. [FLSA-2004:2076] Updated foomatic package fixes security vulnerability
  128. FW: Hacker Group back again, this time claiming to have source code
  129. [USN-17-1] passwd vulnerability
  130. SSC Advisory TSA-053 (Ureach.com)
  131. TSLSA-2004-0056 - apache
  132. In-game format string bug in the Lithtech engine
  133. Making distinctions between similar-looking vulnerabilities
  134. [SECURITY] [DSA 585-1] New shadow packages fix unintended behaviour
  135. UPDATE: [ GLSA 200410-20 ] Xpdf, CUPS: Multiple integer overflows
  136. UPDATE: [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in
  137. [ GLSA 200411-10 ] Gallery: Cross-site scripting vulnerability
  138. Resources consumption in 602 Lan Suite 2004.0.04.0909
  139. [ GLSA 200411-11 ] ImageMagick: EXIF buffer overflow
  140. [USN-19-1] squid vulnerabilities
  141. MSIE src&name property disclosure
  142. [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability
  143. Offline WPA-PSK auditing tool (coWPAtty)
  144. Re: [Full-Disclosure] MSIE src&name property disclosure
  145. [ GLSA 200411-15 ] OpenSSL, Groff: Insecure tempfile handling
  146. up-imapproxy DoS vulnerabilities
  147. [ GLSA 200411-12 ] zgv: Multiple buffer overflows
  148. [SECURITY] [DSA 588-1] New gzip packages fix insecure temporary files
  149. [ GLSA 200411-14 ] Kaffeine,
  150. [HV-LOW] Symantec LiveUpdate issues may cause DoS
  151. [SECURITY] [DSA 586-1] New ruby packages fix denial of service
  152. Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property
  153. [CLA-2004:888] Conectiva Security Announcement - libtiff3
  154. [CLA-2004:886] Conectiva Security Announcement - xpdf
  155. Evidence Mounts that the Vote Was Hacked
  156. MDKSA-2004:128 - Updated ruby packages fix remote DoS vulnerability
  157. [SECURITY] [DSA 590-1] New gnats packages fix arbitrary code execution
  158. Re: BoF in Windows 2000: ddeshare.exe
  159. [SECURITY] [DSA 589-1] New libgd1 packages fix arbitrary code execution
  160. [USN-20-1] Ruby CGI module vulnerability
  161. Security Contact for T-Mobile?
  162. BoF in Windows 2000: ddeshare.exe
  163. [SECURITY] [DSA 591-1] New libgd2 packages fix arbitrary code execution
  164. Vulnerabilities in JAF CMS
  165. EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service
  166. [ GLSA 200411-17 ] mtink: Insecure tempfile handling
  167. [ GLSA 200411-16 ] zip: Path name buffer overflow
  168. Linux ELF loader vulnerabilities
  169. Multiple Vulnerabilities in WebCalendar
  170. Nortel Networks Contivity VPN Client information leakage vulnerability
  171. BNC 2.8.9 remote buffer overflow
  172. Unsecure Ftpd on HP PSC 2510 Printer
  173. 04WebServer Three Vulnerabilities
  174. Security Contact Info for IPSWITCH
  175. Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service
  176. [SquirrelMail Security Advisory] Cross Site Scripting in encoded text
  177. Hotfoon Ver 4.0 Highv Risk
  178. SQL injection in vBulletin forums (last10.php)
  179. Cisco Security Advisory: Crafted Timed Attack Evades Cisco Security Agent Protections
  180. Re: [Full-Disclosure] Re: Linux ELF loader vulnerabilities
  181. Zone Labs IMsecure Active Link Filter Bypass
  182. [ GLSA 200411-22 ] Davfs2, lvm-user: Insecure tempfile handling
  183. [ GLSA 200411-19 ] Pavuk: Multiple buffer overflows
  184. [USN-21-1] libgd vulnerabilities
  185. [ GLSA 200411-18 ] Apache 2.0: Denial of Service by memory consumption
  186. security hole (http response splitting) in phpwebsite
  187. RE: Norton AntiVirus Script Blocking Exploit -- Symantec's response
  188. [USN-22-1] samba vulnerability
  189. [CLA-2004:889] Conectiva Security Announcement - sasl2
  190. [ GLSA 200411-20 ] ez-ipupdate: Format string vulnerability
  191. Contact in HP related to OpenView / Coda
  192. Unofficial Internet Explorer FRAME/IFRAME fix
  193. Security flaw in ALCATEL/THOMSON Speed Touch Pro ADSL modems
  194. [SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability
  195. Vulnerability not with vBulletin
  196. [USN-23-1] apache2 vulnerability
  197. Sudo version 1.6.8p2 now available (fwd)
  198. Crash in Secure Network Messenger 1.4.2
  199. SQL Injection in phpBT (bug.php)
  200. [USN-24-1] openssl script vulnerability
  201. [ GLSA 200411-21 ] Samba: Remote Denial of Service
  202. phpBB Code EXEC (v2.0.10)
  203. Eudora 6.2 attachment spoof
  204. TWiki search function allows arbitrary shell command execution
  205. IPSwitch-IMail-8.13 Stack Overflow in the DELETE Command
  206. SQL Injection in phpBT (bug.php - Add)
  207. SQL Injection in phpBT (bug.php) add project
  208. Multiple XSS holes in TheFaceBook
  209. Skype callto:// BoF technical details
  210. Format string bug in Army Men RTS
  211. iDEFENSE Security Advisory 11.15.04: Multiple Security Vulnerabilities in Fcron
  212. Multiple vulnerabilities in Hired Team: Trial (Shine engine)
  213. Google Desktop Search ignores Preferences
  214. [USN-25-1] libgd2 vulnerability
  215. XSS in TheFaceBook round 2
  216. Re: [Full-Disclosure] TWiki search function allows arbitrary shell command execution
  217. [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd
  218. [SECURITY] [DSA 593-1] New imagemagick packages fix arbitrary code execution
  219. Flaws in SP2 security features, part II
  220. [waraxe-2004-SA#038 - Multiple vulnerabilities in Event Calendar
  221. TSLSA-2004-0058 - multi
  222. [SNS Advisory No.79] A Possibility of Cookie Overwrite in
  223. Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow
  224. [ GLSA 200411-24 ] BNC: Buffer overflow vulnerability
  225. [ GLSA 200411-23 ] Ruby: Denial of Service issue
  226. [ GLSA 200411-25 ] SquirrelMail: Encoded text XSS vulnerability
  227. [SECURITY] [DSA 594-1] New Apache packages fix arbitrary code execution
  228. [USN-26-1] bogofilter vulnerability
  229. [USN-27-1] libxpm4 vulnerability
  230. MDKSA-2004:135 - Updated apache2 packages fix request DoS
  231. Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities
  232. MDKSA-2004:132 - Updated gd packages fix integer overflows
  233. RX171104 Cscope v15.5 and minors - symlink vulnerability -
  234. [USN-28-1] sudo vulnerability
  235. MDKSA-2004:134 - Updated apache packages fix buffer overflow in mod_include
  236. [ GLSA 200411-26 ] GIMPS, SETI@home, ChessBrain: Insecure installation
  237. MDKSA-2004:133 - Updated sudo packages fix vulnerability
  238. Vulnerabilities in forum phpBB2 with Cash_Mod (all ver.)
  239. AppServ 2.5.x and Prior Exploit
  240. FreeBSD Security Advisory FreeBSD-SA-04:16.fetch
  241. EXEC exploit in phpBB - fix
  242. [MaxPatrol] SQL-injection in Invision Power Board 2.x
  243. Buffer overlow in DMS POP3 Server for Windows 2000/XP 1.5.3 build
  244. [USN-29-1] samba vulnerability
  245. [ GLSA 200411-27 ] Fcron: Multiple vulnerabilities
  246. [USN-30-1] Linux kernel vulnerabilities
  247. [CLA-2004:890] Conectiva Security Announcement - libxml2
  248. A Brief Analysis of Bofra/MyDoom.AG/AH
  249. [CLA-2004:892] Conectiva Security Announcement - MySQL
  250. Inofficial updates to 758884/NISCC/DNS