Bekijk Volledige Versie : Bugtraq mailing lijst
- Re: [Full-Disclosure] python does mangleme (with IE bugs!)
- Mozilla Firefox (tested on 0.9.3) html-code crash.
- Re: [Full-Disclosure] Update: Web browsers - a mini-farce (MSIE gives
- Fake RedHat - Fedora Security Patch / Trojan Source Code & Analysis
- Bug in hotmail
- [CLA-2004:878] Conectiva Security Announcement - zlib
- Two Vulnerabilities in OpenWFE Web Client
- libxml2 remote buffer overflows (not in xml parsing code though)
- MailCarrier 2.51 SMTP server Buffer Overflow [PoC included]
- OpenSSL 0.9.7e released (fwd from mark@openssl.org)
- pacsec.jp advisory: Firewire/IEEE 1394 Considered Harmful to Physical Security
- [ GLSA 200410-24 ] MIT krb5: Insecure temporary file use in send-pr.sh
- [ GLSA 200410-26 ] socat: Format string vulnerability
- libgd integer overflow
- inetutils tftp client, DNS resolving bofs
- Hawking Technologies HAR11A router considered insecure
- pppd out of bounds memory access, possible DOS
- [ GLSA 200410-25 ] Netatalk: Insecure tempfile handling in
- [ GLSA 200410-23 ] Gaim: Multiple vulnerabilities
- [ GLSA 200410-22 ] MySQL: Multiple vulnerabilities
- wvtfpd remote root heap overflow
- Re: Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd)
- Rendering large binary file as HTML makes Mozilla Firefox stop responding
- PTms04-030
- debian dhcpd, old format string bug
- Crashs in Master of Orion III 1.2.5
- PuTTY SSH client vulnerability
- [CLA-2004:879] Conectiva Security Announcement - kernel
- [CLA-2004:880] Conectiva Security Announcement - foomatic-filters
- iDEFENSE Security Advisory 10.27.04 - PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability
- MMDF deliver local root exploit for SCO OpenServer 5.0.7 x86
- [ GLSA 200410-29 ] PuTTY: Pre-authentication buffer overflow
- High Risk Vulnerability in Quicktime for Windows
- EEYE: RealPlayer Zipped Skin File Buffer Overflow
- Multiple Vulnerabilites in Quake II Server
- [security bulletin] SSRT3526 Serviceguard potential increase in privilege
- High Risk Vulnerability in RealPlayer
- Presentation: Bypassing client application protection techniques with notepad
- [SECURITY] [DSA 574-1] New cabextract packages fix unintended directory traversal
- [SECURITY] [DSA 575-1] New catdoc packages fix temporary file vulnerability
- Re: zgv image viewing heap overflows
- PHP4 cURL functions bypass open_basedir
- Re: Some Voters Say Machines Failed, Incorrect Choices Appear on
- [USN-4-1] Standard C library script vulnerabilities
- [USN-5-1] gettext vulnerabilities
- [ GLSA 200410-28 ] rssh: Format string vulnerability
- [USN-7-1] imagemagick vulnerability
- [FLSA-2004:2089] Updated mozilla packages fix security vulnerabilities
- [USN-8-1] gaim vulnerabilities
- New URL spoofing bug in Microsoft Internet Explorer
- [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in included
- [USN-3-1] GhostScript utility script vulnerabilities
- [USN-6-1] postgresql contributed script vulnerability
- [SECURITY] [DSA 576-1] New Squid packages fix several vulnerabilities
- [SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability
- local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33?
- [ GLSA 200410-31 ] Archive::Zip: Virus detection evasion
- [USN-11-1] libgd2 vulnerabilities
- Re: local buffer overflow in htpasswd for apache 1.3.31 not fixed
- [OpenPKG-SA-2004.046] OpenPKG Security Advisory (postgresql)
- [OpenPKG-SA-2004.047] OpenPKG Security Advisory (apache)
- [USN-12-1] ppp Denial of Service
- [OpenPKG-SA-2004.048] OpenPKG Security Advisory (squid)
- New Whitepaper - "Second-order Code Injection Attacks"
- XDICT Buffer OverRun Vulnerability,funny :-)
- [SECURITY] [DSA 579-1] New abiword packages fix arbitrary code execution
- [SECURITY] [DSA 578-1] New mpg123 packages fix arbitrary code execution
- [ GLSA 200411-01 ] ppp: Remote denial of service vulnerability
- [USN-13-1] groff utility vulnerability
- [USN-14-1] xpdf vulnerabilities
- p h i s h i n g p h o r p h u n p h o r p h u q u e s a k e
- [USN-10-1] XML library vulnerabilities
- [OpenPKG-SA-2004.045] OpenPKG Security Advisory (mysql)
- TSLSA-2004-0055 - multi
- [SECURITY] [DSA 580-1] New iptables packages fix modprobe failure
- [OpenPKG-SA-2004.050] OpenPKG Security Advisory (libxml)
- [OpenPKG-SA-2004.049] OpenPKG Security Advisory (gd)
- Safari vulnerable to URL spoofing
- Internet Explorer HTML Help Control ActiveX Cross Domain/Zone
- [ GLSA 200411-02 ] Cherokee: Format string vulnerability
- [CLA-2004:881] Conectiva Security Announcement - rsync
- Medium Risk Vulnerability in WinRAR
- [USN-15-1] lvm10 vulnerability
- [ GLSA 200411-03 ] Apache 1.3: Buffer overflow vulnerability in mod_include
- [SECURITY] [DSA 581-1] New xpdf packages fix arbitrary code execution
- Exploiting default exception handler to increase exploit
- zlib 1.2.2 released
- MDKSA-2004:117 - Updated gaim packages fix vulnerability
- MDKSA-2004:118 - Updated perl-Archive-Zip packages fix vulnerability
- Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication
- MDKSA-2004:119 - Updated MySQL packages fix multiple vulnerabilities
- MDKSA-2004:120 - Updated mpg123 packages fix vulnerability
- MDKSA-2004:121 - Updated netatalk packages fix temporary file vulnerability
- MDKSA-2004:122 - Updated mod_ssl packages fix information disclosure vulnerability
- [ GLSA 200411-04 ] Speedtouch USB driver: Privilege escalation
- MDKSA-2004:123 - Updated perl-MIME-tools packages fix vulnerability
- zlib 1.2.2 released
- Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exp
- Rv: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exp
- Multiple Vulnerabilities in Web Forums Server
- Microsoft ISA Server Authentication Bypassing
- URL spoofing bug (with iframes) in Microsoft Internet Explorer (11/02/2004)
- [SECURITY] [DSA 582-1] New libxml packages fix arbitrary code execution
- [Hat-Squad] SQL injection and XSS Vulnerabilities in HELM
- [USN-16-1] perl vulnerabilities
- [ GLSA 200411-06 ] MIME-tools: Virus detection evasion
- [CLA-2004:882] Conectiva Security Announcement - squid
- [ GLSA 200411-05 ] libxml2: Remotely exploitable buffer overflow
- [ GLSA 200411-07 ] Proxytunnel: Format string vulnerability
- ERRATA: [ GLSA 200411-01 ] ppp: No denial of service vulnerability
- [SECURITY] [DSA 583-1] New lvm10 packages fix insecure temporary directory
- [CLA-2004:885] Conectiva Security Announcement - apache
- [CLA-2004:884] Conectiva Security Announcement - gaim
- [CLA-2004:883] Conectiva Security Announcement - subversion
- [HV-MED] Zip/Linux long path buffer overflow
- [SECURITY] [DSA 584-1] New dhcp packages fix format string vulnerability
- [ GLSA 200411-08 ] GD: Integer overflow
- [ GLSA 200411-09 ] shadow: Unauthorized modification of account information
- MDKSA-2004:124 - Updated xorg-x11 packages fix libXpm overflow vulnerabilities
- SSC Advisory TSA-052 (Callwave.com)
- MDKSA-2004:125 - Updated iptables packages fix vulnerability
- MDKSA-2004:126 - Updated shadow-utils packages fix security bypass vulnerability
- MDKSA-2004:127 - Updated libxml and libxml2 packages fix multiple vulnerabilities
- [USN-18-1] zip vulnerability
- Re: [Full-Disclosure] [HV-MED] Zip/Linux long path buffer overflow
- Multiple vulnerabilities in Icewarp Web Mail 5.2.8 : New face of
- [FLSA-2004:2076] Updated foomatic package fixes security vulnerability
- FW: Hacker Group back again, this time claiming to have source code
- [USN-17-1] passwd vulnerability
- SSC Advisory TSA-053 (Ureach.com)
- TSLSA-2004-0056 - apache
- In-game format string bug in the Lithtech engine
- Making distinctions between similar-looking vulnerabilities
- [SECURITY] [DSA 585-1] New shadow packages fix unintended behaviour
- UPDATE: [ GLSA 200410-20 ] Xpdf, CUPS: Multiple integer overflows
- UPDATE: [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in
- [ GLSA 200411-10 ] Gallery: Cross-site scripting vulnerability
- Resources consumption in 602 Lan Suite 2004.0.04.0909
- [ GLSA 200411-11 ] ImageMagick: EXIF buffer overflow
- [USN-19-1] squid vulnerabilities
- MSIE src&name property disclosure
- [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability
- Offline WPA-PSK auditing tool (coWPAtty)
- Re: [Full-Disclosure] MSIE src&name property disclosure
- [ GLSA 200411-15 ] OpenSSL, Groff: Insecure tempfile handling
- up-imapproxy DoS vulnerabilities
- [ GLSA 200411-12 ] zgv: Multiple buffer overflows
- [SECURITY] [DSA 588-1] New gzip packages fix insecure temporary files
- [ GLSA 200411-14 ] Kaffeine,
- [HV-LOW] Symantec LiveUpdate issues may cause DoS
- [SECURITY] [DSA 586-1] New ruby packages fix denial of service
- Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property
- [CLA-2004:888] Conectiva Security Announcement - libtiff3
- [CLA-2004:886] Conectiva Security Announcement - xpdf
- Evidence Mounts that the Vote Was Hacked
- MDKSA-2004:128 - Updated ruby packages fix remote DoS vulnerability
- [SECURITY] [DSA 590-1] New gnats packages fix arbitrary code execution
- Re: BoF in Windows 2000: ddeshare.exe
- [SECURITY] [DSA 589-1] New libgd1 packages fix arbitrary code execution
- [USN-20-1] Ruby CGI module vulnerability
- Security Contact for T-Mobile?
- BoF in Windows 2000: ddeshare.exe
- [SECURITY] [DSA 591-1] New libgd2 packages fix arbitrary code execution
- Vulnerabilities in JAF CMS
- EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service
- [ GLSA 200411-17 ] mtink: Insecure tempfile handling
- [ GLSA 200411-16 ] zip: Path name buffer overflow
- Linux ELF loader vulnerabilities
- Multiple Vulnerabilities in WebCalendar
- Nortel Networks Contivity VPN Client information leakage vulnerability
- BNC 2.8.9 remote buffer overflow
- Unsecure Ftpd on HP PSC 2510 Printer
- 04WebServer Three Vulnerabilities
- Security Contact Info for IPSWITCH
- Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service
- [SquirrelMail Security Advisory] Cross Site Scripting in encoded text
- Hotfoon Ver 4.0 Highv Risk
- SQL injection in vBulletin forums (last10.php)
- Cisco Security Advisory: Crafted Timed Attack Evades Cisco Security Agent Protections
- Re: [Full-Disclosure] Re: Linux ELF loader vulnerabilities
- Zone Labs IMsecure Active Link Filter Bypass
- [ GLSA 200411-22 ] Davfs2, lvm-user: Insecure tempfile handling
- [ GLSA 200411-19 ] Pavuk: Multiple buffer overflows
- [USN-21-1] libgd vulnerabilities
- [ GLSA 200411-18 ] Apache 2.0: Denial of Service by memory consumption
- security hole (http response splitting) in phpwebsite
- RE: Norton AntiVirus Script Blocking Exploit -- Symantec's response
- [USN-22-1] samba vulnerability
- [CLA-2004:889] Conectiva Security Announcement - sasl2
- [ GLSA 200411-20 ] ez-ipupdate: Format string vulnerability
- Contact in HP related to OpenView / Coda
- Unofficial Internet Explorer FRAME/IFRAME fix
- Security flaw in ALCATEL/THOMSON Speed Touch Pro ADSL modems
- [SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability
- Vulnerability not with vBulletin
- [USN-23-1] apache2 vulnerability
- Sudo version 1.6.8p2 now available (fwd)
- Crash in Secure Network Messenger 1.4.2
- SQL Injection in phpBT (bug.php)
- [USN-24-1] openssl script vulnerability
- [ GLSA 200411-21 ] Samba: Remote Denial of Service
- phpBB Code EXEC (v2.0.10)
- Eudora 6.2 attachment spoof
- TWiki search function allows arbitrary shell command execution
- IPSwitch-IMail-8.13 Stack Overflow in the DELETE Command
- SQL Injection in phpBT (bug.php - Add)
- SQL Injection in phpBT (bug.php) add project
- Multiple XSS holes in TheFaceBook
- Skype callto:// BoF technical details
- Format string bug in Army Men RTS
- iDEFENSE Security Advisory 11.15.04: Multiple Security Vulnerabilities in Fcron
- Multiple vulnerabilities in Hired Team: Trial (Shine engine)
- Google Desktop Search ignores Preferences
- [USN-25-1] libgd2 vulnerability
- XSS in TheFaceBook round 2
- Re: [Full-Disclosure] TWiki search function allows arbitrary shell command execution
- [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd
- [SECURITY] [DSA 593-1] New imagemagick packages fix arbitrary code execution
- Flaws in SP2 security features, part II
- [waraxe-2004-SA#038 - Multiple vulnerabilities in Event Calendar
- TSLSA-2004-0058 - multi
- [SNS Advisory No.79] A Possibility of Cookie Overwrite in
- Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow
- [ GLSA 200411-24 ] BNC: Buffer overflow vulnerability
- [ GLSA 200411-23 ] Ruby: Denial of Service issue
- [ GLSA 200411-25 ] SquirrelMail: Encoded text XSS vulnerability
- [SECURITY] [DSA 594-1] New Apache packages fix arbitrary code execution
- [USN-26-1] bogofilter vulnerability
- [USN-27-1] libxpm4 vulnerability
- MDKSA-2004:135 - Updated apache2 packages fix request DoS
- Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities
- MDKSA-2004:132 - Updated gd packages fix integer overflows
- RX171104 Cscope v15.5 and minors - symlink vulnerability -
- [USN-28-1] sudo vulnerability
- MDKSA-2004:134 - Updated apache packages fix buffer overflow in mod_include
- [ GLSA 200411-26 ] GIMPS, SETI@home, ChessBrain: Insecure installation
- MDKSA-2004:133 - Updated sudo packages fix vulnerability
- Vulnerabilities in forum phpBB2 with Cash_Mod (all ver.)
- AppServ 2.5.x and Prior Exploit
- FreeBSD Security Advisory FreeBSD-SA-04:16.fetch
- EXEC exploit in phpBB - fix
- [MaxPatrol] SQL-injection in Invision Power Board 2.x
- Buffer overlow in DMS POP3 Server for Windows 2000/XP 1.5.3 build
- [USN-29-1] samba vulnerability
- [ GLSA 200411-27 ] Fcron: Multiple vulnerabilities
- [USN-30-1] Linux kernel vulnerabilities
- [CLA-2004:890] Conectiva Security Announcement - libxml2
- A Brief Analysis of Bofra/MyDoom.AG/AH
- [CLA-2004:892] Conectiva Security Announcement - MySQL
- Inofficial updates to 758884/NISCC/DNS