Guardian Digital BugTraq Mailing List Archive

....

Guardian Digital Inc. > InfoCenter > Mailing List Archives > BugTraq

BugTraq Mailing List Archive

About this list	End of Messages	Date view	Thread view	Author view	Attachment view

357 Messages
Starting:	Mon Dec 13 2004 - 16:09:21 EST	Ending:	Fri Dec 31 2004 - 14:19:35 EST

*nix data wipe tools
- George Georgalis (Fri Dec 17 2004 - 11:48:33 EST)
- Casper.Dik@Sun.COM (Fri Dec 17 2004 - 14:54:13 EST)
- Thomas C. Greene (Fri Dec 17 2004 - 04:24:24 EST)
- Wietse Venema (Fri Dec 17 2004 - 13:05:37 EST)
- David Cannings (Thu Dec 16 2004 - 15:06:07 EST)
- Thomas C. Greene (Wed Dec 15 2004 - 02:59:44 EST)
2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability
- zib zib (Wed Dec 22 2004 - 02:49:19 EST)
3cdaemon tftp server DOS vulnerability
- Wang Ning (Wed Dec 15 2004 - 12:37:18 EST)
4 Vulnerabilities in GamePort
- amoXi Devilkin (Fri Dec 17 2004 - 14:40:21 EST)
- amoXi Devilkin (Fri Dec 17 2004 - 11:34:45 EST)
[ GLSA 200412-06 ] PHProjekt: setup.php vulnerability
- Thierry Carrez (Fri Dec 10 2004 - 16:54:02 EST)
[ GLSA 200412-07 ] file: Arbitrary code execution
- Matthias Geerdsen (Mon Dec 13 2004 - 17:42:17 EST)
[ GLSA 200412-08 ] nfs-utils: Multiple remote vulnerabilities
- Luke Macken (Mon Dec 13 2004 - 22:54:15 EST)
[ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmap
- Thierry Carrez (Wed Dec 15 2004 - 04:21:34 EST)
[ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines
- Alexey I. Froloff (Thu Dec 16 2004 - 00:40:54 EST)
- Thierry Carrez (Wed Dec 15 2004 - 09:02:42 EST)
[ GLSA 200412-11 ] Cscope: Insecure creation of temporary files
- Luke Macken (Thu Dec 16 2004 - 15:31:21 EST)
[ GLSA 200412-12 ] Adobe Acrobat Reader: Buffer overflow vulnerability
- Luke Macken (Thu Dec 16 2004 - 18:50:30 EST)
[ GLSA 200412-13 ] Samba: Integer overflow
- Sune Kloppenborg Jeppesen (Fri Dec 17 2004 - 15:08:10 EST)
[ GLSA 200412-14 ] PHP: Multiple vulnerabilities
- Thierry Carrez (Sun Dec 19 2004 - 08:58:02 EST)
[ GLSA 200412-15 ] Ethereal: Multiple vulnerabilities
- Sune Kloppenborg Jeppesen (Sun Dec 19 2004 - 09:29:34 EST)
[ GLSA 200412-16 ] kdelibs, kdebase: Multiple vulnerabilities
- Sune Kloppenborg Jeppesen (Sun Dec 19 2004 - 09:37:43 EST)
[ GLSA 200412-17 ] kfax: Multiple overflows in the included TIFF library
- Sune Kloppenborg Jeppesen (Sun Dec 19 2004 - 14:15:53 EST)
[ GLSA 200412-18 ] abcm2ps: Buffer overflow vulnerability
- Luke Macken (Sun Dec 19 2004 - 14:48:37 EST)
[ GLSA 200412-19 ] phpMyAdmin: Multiple vulnerabilities
- Sune Kloppenborg Jeppesen (Sun Dec 19 2004 - 15:00:44 EST)
[ GLSA 200412-20 ] NASM: Buffer overflow vulnerability
- Luke Macken (Mon Dec 20 2004 - 08:46:24 EST)
[ GLSA 200412-21 ] MPlayer: Multiple overflows
- Thierry Carrez (Mon Dec 20 2004 - 09:06:31 EST)
[ GLSA 200412-23 ] Zwiki: XSS vulnerability
- Luke Macken (Tue Dec 21 2004 - 18:24:54 EST)
[ GLSA 200412-24 ] Xpdf, GPdf: New integer overflows
- Thierry Carrez (Tue Dec 28 2004 - 08:07:00 EST)
[ GLSA 200412-25 ] CUPS: Multiple vulnerabilities
- Thierry Carrez (Tue Dec 28 2004 - 08:11:56 EST)
[ GLSA 200412-26 ] ViewCVS: Information leak and XSS vulnerabilities
- Thierry Carrez (Tue Dec 28 2004 - 09:25:29 EST)
[ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increase
- Boren, Rich (SSRT) (Thu Dec 23 2004 - 15:16:15 EST)
[CAN-2004-1022] Insecure Credential Storage on Kerio Software
- Secure Computer Group (Tue Dec 14 2004 - 05:00:48 EST)
[CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio Software
- Secure Computer Group (Tue Dec 14 2004 - 05:08:25 EST)
[CLA-2004:909] Conectiva Security Announcement - netpbm
- Conectiva Updates (Wed Dec 29 2004 - 12:23:11 EST)
[Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory
- Secure Network Operations, Inc. (Tue Dec 14 2004 - 12:06:56 EST)
[EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC
- Steve Friedl (Fri Dec 31 2004 - 13:52:27 EST)
- Alberto Garcia Hierro (Fri Dec 31 2004 - 13:09:02 EST)
- houseofdabus HOD (Thu Dec 30 2004 - 18:39:21 EST)
[Full-Disclosure] [ GLSA 200412-07 ] file: Arbitrary code execution
- Matthias Geerdsen (Mon Dec 13 2004 - 17:42:17 EST)
[Full-Disclosure] [ GLSA 200412-19 ] phpMyAdmin: Multiple vulnerabilities
- Sune Kloppenborg Jeppesen (Sun Dec 19 2004 - 15:00:44 EST)
[Full-Disclosure] [ GLSA 200412-21 ] MPlayer: Multiple overflows
- Thierry Carrez (Mon Dec 20 2004 - 09:06:31 EST)
[Full-Disclosure] [HV-LOW] Symantec LiveUpdate issues may cause DoS
- Dan Margolis (Mon Dec 13 2004 - 21:45:36 EST)
[Full-Disclosure] Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability
- Marc Schoenefeld (Wed Dec 22 2004 - 06:42:04 EST)
[HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included
- Chris Wysopal (Tue Dec 28 2004 - 16:59:32 EST)
- Hat-Squad Security Team (Mon Dec 27 2004 - 12:57:12 EST)
[MaxPatrol] SQL-injection in Ikonboard 3.1.x
- Alexander Anisimov (Thu Dec 16 2004 - 17:51:08 EST)
[OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim)
- OpenPKG (Wed Dec 15 2004 - 12:17:02 EST)
[OpenPKG-SA-2004.053] OpenPKG Security Advisory (php)
- OpenPKG (Thu Dec 16 2004 - 16:23:13 EST)
[OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba)
- OpenPKG (Fri Dec 17 2004 - 11:11:17 EST)
[OpenPKG-SA-2004.055] OpenPKG Security Advisory (gettext)
- OpenPKG (Thu Dec 23 2004 - 09:37:48 EST)
[OpenPKG-SA-2004.056] OpenPKG Security Advisory (cvstrac)
- OpenPKG (Fri Dec 17 2004 - 12:59:06 EST)
[SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
- Gerald Carter (Thu Dec 16 2004 - 07:17:29 EST)
[Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS)
- Boren, Rich (SSRT) (Thu Dec 23 2004 - 14:33:26 EST)
[Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflow
- Boren, Rich (SSRT) (Thu Dec 23 2004 - 15:18:53 EST)
[Security Bulletin] SSRT4876 rev.0 HP Tru64 UNIX SWS (Apache) Secure Web Server Remote
- Boren, Rich (SSRT) (Thu Dec 23 2004 - 15:20:18 EST)
[Security Bulletin] SSRT4883 rev.3 HP-UX ftp and ftpd remote unauthorized access
- Boren, Rich (SSRT) (Thu Dec 23 2004 - 15:21:44 EST)
[SECURITY] [DSA 608-1] New zgv packages fix arbitrary code execution
- Martin Schulze (Tue Dec 14 2004 - 05:36:45 EST)
[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit
- Martin Schulze (Tue Dec 14 2004 - 11:03:01 EST)
[SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation
- Martin Schulze (Fri Dec 17 2004 - 04:08:36 EST)
[SECURITY] [DSA 611-1] New htget packages fix arbitrary code execution
- Martin Schulze (Mon Dec 20 2004 - 04:55:39 EST)
[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution
- Martin Schulze (Mon Dec 20 2004 - 06:29:57 EST)
[SECURITY] [DSA 613-1] New ethereal packages fix denial of service
- Martin Schulze (Tue Dec 21 2004 - 02:48:54 EST)
[SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code execution
- Martin Schulze (Tue Dec 21 2004 - 06:52:10 EST)
[SECURITY] [DSA 615-1] New debmake package fixes insecure temporary directories
- Martin Schulze (Wed Dec 22 2004 - 09:46:38 EST)
[SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code execution
- Martin Schulze (Thu Dec 23 2004 - 09:30:28 EST)
[SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code execution
- Martin Schulze (Fri Dec 24 2004 - 09:15:44 EST)
[SECURITY] [DSA 618-1] New imlib packages fix arbitrary code execution
- Martin Schulze (Fri Dec 24 2004 - 11:40:42 EST)
[SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution
- Martin Schulze (Thu Dec 30 2004 - 10:39:10 EST)
[SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities
- Martin Schulze (Thu Dec 30 2004 - 11:50:22 EST)
[SECURITY] [DSA 621-1] New CUPS packages fix arbitrary code execution
- Martin Schulze (Fri Dec 31 2004 - 06:20:58 EST)
[SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities
- chewkeong@security.org.sg (Thu Dec 16 2004 - 19:19:59 EST)
[USN-38-1] Linux kernel vulnerabilities
- Martin Pitt (Tue Dec 14 2004 - 14:05:39 EST)
[USN-39-1] Linux amd64 kernel vulnerability
- Martin Pitt (Thu Dec 16 2004 - 12:08:30 EST)
[USN-40-1] PHP vulnerabilities
- Martin Pitt (Thu Dec 16 2004 - 12:26:55 EST)
[USN-41-1] Samba vulnerability
- Martin Pitt (Fri Dec 17 2004 - 10:57:50 EST)
[USN-42-1] Xine library vulnerabilities
- Martin Pitt (Mon Dec 20 2004 - 10:34:37 EST)
[USN-43-1] groff utility vulnerabilities
- Martin Pitt (Mon Dec 20 2004 - 13:23:20 EST)
[USN-47-1] Linux kernel vulnerabilities
- Martin Pitt (Thu Dec 23 2004 - 02:54:49 EST)
[USN-48-1] xpdf, tetex-bin vulnerabilities
- Martin Pitt (Thu Dec 23 2004 - 03:14:57 EST)
[USN-49-1] debmake vulnerability
- Martin Pitt (Thu Dec 23 2004 - 06:35:34 EST)
[USN-50-1] CUPS vulnerabilities
- Martin Pitt (Thu Dec 23 2004 - 06:45:00 EST)
[USN-51-1] teTeX auxiliary script vulnerability
- Martin Pitt (Thu Dec 23 2004 - 08:09:14 EST)
[USN-52-1] vim vulnerability
- Liu Die Yu (Thu Dec 23 2004 - 23:31:12 EST)
- Martin Pitt (Thu Dec 23 2004 - 08:54:06 EST)
[ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictions
- Giovanni Delvecchio (Mon Dec 13 2004 - 18:45:24 EST)
[ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien
- Giovanni Delvecchio (Mon Dec 13 2004 - 08:49:23 EST)
Advisory 01/2004: Multiple vulnerabilities in PHP 4/5
- Stefan Esser (Wed Dec 15 2004 - 13:46:20 EST)
AIX 5.1/5.2/5.3 local root exploits
- cees-bart (Mon Dec 20 2004 - 06:10:41 EST)
AIX 5.1/5.2/5.3 local root exploits (diag issue)
- Shiva Persaud (Mon Dec 20 2004 - 20:57:25 EST)
AIX 5.1/5.2/5.3 local root exploits (paginit issue)
- Shiva Persaud (Mon Dec 20 2004 - 20:56:55 EST)
ArGoSoft FTP Server reveals valid usernames and allows for brute force attacks
- steven@lovebug.org (Fri Dec 31 2004 - 05:06:32 EST)
Asante FM2008 10/100 Ethernet switch backdoor login
- Joe Philipps (Wed Dec 15 2004 - 04:59:45 EST)
ASP Calendar Vulnerability <www.ashiyane.com>
- ali reza AcTiOnSpIdEr (Tue Dec 14 2004 - 05:59:57 EST)
ASP-rider is vulnerable to sql injection attack
- shervin khaleghjou (Tue Dec 14 2004 - 22:23:08 EST)
Bluetooth: BlueSnarf and BlueBug Full Disclusore
- Adam Laurie (Fri Dec 31 2004 - 04:53:09 EST)
Bug in Crypt::ECB perl module
- Bennett R. Samowich (Fri Dec 17 2004 - 10:08:10 EST)
Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default Passwords
- Cisco Systems Product Security Incident Response Team (Wed Dec 15 2004 - 11:45:00 EST)
Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly Detector
- Cisco Systems Product Security Incident Response Team (Wed Dec 15 2004 - 15:01:00 EST)
Citadel/UX <= v6.27 Remote Format String Vulnerability
- Michael Hampton (Mon Dec 13 2004 - 20:29:44 EST)
CleanCache v2.19: False Sense of Security
- WBG Links (Sat Dec 25 2004 - 11:34:47 EST)
Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge)
- beniwiedmer@tiscali.ch (Fri Dec 31 2004 - 11:47:14 EST)
Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier
- GulfTech Security (Wed Dec 22 2004 - 19:50:51 EST)
Crystal FTP Pro 2.8 PoC
- cybertronic@gmx.net (Thu Dec 23 2004 - 22:39:11 EST)
- cybertronic@gmx.net (Thu Dec 23 2004 - 02:27:10 EST)
Crystal FTP Pro Client Buffer Overflow
- Luca Ercoli (Sun Dec 19 2004 - 19:21:36 EST)
CSS in phpBB 1.4.4
- Paul Owen (Wed Dec 15 2004 - 17:15:33 EST)
- SandI] (Wed Dec 15 2004 - 14:23:55 EST)
Did a 16-bit counter overflow shut down Comair?
- Avleen Vig (Wed Dec 29 2004 - 03:41:12 EST)
- Mike Nice (Tue Dec 28 2004 - 22:27:45 EST)
- Richard M. Smith (Tue Dec 28 2004 - 12:44:20 EST)
Discussion: Microsoft(R) PowerPoint “Action Settings” feature allows invocation of default browser pointed at arbitrary URL.
- Monte Ratzlaff (Thu Dec 16 2004 - 10:01:28 EST)
DJB's students release 44 *nix software vulnerability advisories
- David Wagner (Fri Dec 24 2004 - 00:35:46 EST)
- Crispin Cowan (Fri Dec 24 2004 - 04:29:32 EST)
- Palmer, Paul (ISSAtlanta) (Thu Dec 23 2004 - 14:06:27 EST)
- Crispin Cowan (Wed Dec 22 2004 - 18:08:36 EST)
- Crispin Cowan (Thu Dec 23 2004 - 03:16:55 EST)
- D. J. Bernstein (Thu Dec 23 2004 - 01:39:55 EST)
- Michal Zalewski (Thu Dec 23 2004 - 11:49:55 EST)
- sean (Tue Dec 21 2004 - 16:55:57 EST)
- Jack Lloyd (Tue Dec 21 2004 - 18:58:48 EST)
- Crispin Cowan (Wed Dec 22 2004 - 13:26:41 EST)
- Manning, Robert (Mission Systems) (Tue Dec 21 2004 - 17:31:16 EST)
- Casper.Dik@Sun.COM (Wed Dec 22 2004 - 12:56:18 EST)
- Steven M. Christey (Tue Dec 21 2004 - 16:25:02 EST)
- David Eisner (Wed Dec 22 2004 - 13:32:30 EST)
- Steven M. Christey (Tue Dec 21 2004 - 16:48:01 EST)
- Valdis.Kletnieks@vt.edu (Tue Dec 21 2004 - 23:58:39 EST)
- Jonathan Rockway (Wed Dec 22 2004 - 01:06:15 EST)
- Chris Paget (Wed Dec 22 2004 - 07:23:34 EST)
- Jonathan Rockway (Tue Dec 21 2004 - 22:50:46 EST)
- D. J. Bernstein (Wed Dec 22 2004 - 02:05:12 EST)
- Raymond M. Reskusich (Tue Dec 21 2004 - 15:14:59 EST)
- laffer1 (Tue Dec 21 2004 - 16:22:08 EST)
- Stephen Harris (Tue Dec 21 2004 - 15:22:21 EST)
- David F. Skoll (Tue Dec 21 2004 - 14:59:15 EST)
- Devin Ganger (Tue Dec 21 2004 - 16:20:09 EST)
- Stephen Samuel (Tue Dec 21 2004 - 14:39:49 EST)
- Artem Chuprina (Tue Dec 21 2004 - 11:53:35 EST)
- Thor (Tue Dec 21 2004 - 16:11:48 EST)
- Antoine Martin (Tue Dec 21 2004 - 16:30:25 EST)
- Dave Holland (Tue Dec 21 2004 - 15:50:36 EST)
- milw0rm Inc. (Tue Dec 21 2004 - 15:34:20 EST)
- Jonathan T Rockway (Mon Dec 20 2004 - 18:14:22 EST)
- Marcin Owsiany (Fri Dec 17 2004 - 18:28:02 EST)
- Julian T J Midgley (Fri Dec 17 2004 - 18:35:03 EST)
- D. J. Bernstein (Fri Dec 17 2004 - 23:25:11 EST)
- security curmudgeon (Fri Dec 17 2004 - 02:40:58 EST)
- cees-bart (Fri Dec 17 2004 - 07:16:44 EST)
- Crispin Cowan (Thu Dec 16 2004 - 18:01:23 EST)
- Thor Larholm (Thu Dec 16 2004 - 04:47:12 EST)
Exploit for Ultrix 4.5 dxterm
- Kristoffer Brånemyr (Sun Dec 19 2004 - 08:47:01 EST)
Final Call for Papers & Workshops - BCS Asia 2005
- Anthony.zboralski (Fri Dec 24 2004 - 12:25:41 EST)
Gadu-Gadu Remote DoS (all versions)
- Maciej Soltysiak (Mon Dec 20 2004 - 10:32:58 EST)
Gadu-Gadu, another two bugs
- Maciej Soltysiak (Mon Dec 20 2004 - 16:43:07 EST)
- Przemyslaw Frasunek (Mon Dec 20 2004 - 12:20:37 EST)
- Jaroslaw Sajko (Fri Dec 17 2004 - 05:23:38 EST)
Heap overflow in Mozilla Browser <= 1.7.3 NNTP code.
- Maurycy Prodeus (Wed Dec 29 2004 - 16:29:27 EST)
Hotmail Cross Site Scripting Vulnerability #2
- Rafel Ivgi (Fri Oct 15 2004 - 06:49:27 EDT)
Hotmail Cross-Site Scripting Vulnerability #1
- Rafel Ivgi, The-Insider (Thu Dec 16 2004 - 12:38:19 EST)
- Rafel Ivgi (Fri Oct 15 2004 - 04:55:26 EDT)
Hotmail Cross-Site Scripting Vulnerability #2
- Rafel Ivgi, The-Insider (Thu Dec 16 2004 - 12:37:36 EST)
HyperTerminal - Buffer Overflow In .ht File
- Brett Moore (Tue Dec 14 2004 - 17:59:45 EST)
IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 12:05:53 EST)
IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 12:01:16 EST)
iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability
- customer service mailbox (Mon Dec 13 2004 - 13:30:57 EST)
iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerability
- customer service mailbox (Tue Dec 14 2004 - 16:07:51 EST)
iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerability
- customer service mailbox (Tue Dec 14 2004 - 10:39:02 EST)
iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerability
- customer service mailbox (Tue Dec 14 2004 - 14:10:37 EST)
iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability
- customer service mailbox (Wed Dec 15 2004 - 18:43:36 EST)
iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability
- iDEFENSE Security Advisory (Thu Dec 16 2004 - 13:49:31 EST)
iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability
- Hideki Yamane (Fri Dec 17 2004 - 00:23:47 EST)
- iDEFENSE Security Advisory (Thu Dec 16 2004 - 13:48:01 EST)
iDEFENSE Security Advisory 12.16.04: MPlayer Remote RTSP HeapOverflow Vulnerability
- iDEFENSE Security Advisory (Thu Dec 16 2004 - 13:45:21 EST)
iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow Vulnerability
- iDEFENSE Security Advisory (Thu Dec 16 2004 - 13:42:07 EST)
iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability
- iDEFENSE Security Advisory (Thu Dec 16 2004 - 13:51:55 EST)
iDEFENSE Security Advisory 12.21.04: Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability
- customer service mailbox (Tue Dec 21 2004 - 17:09:22 EST)
iDEFENSE Security Advisory 12.21.04: libtiff Directory Entry Count Integer Overflow Vulnerability
- customer service mailbox (Tue Dec 21 2004 - 17:09:26 EST)
iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability
- Marcus Meissner (Mon Dec 27 2004 - 05:37:02 EST)
- Moritz Muehlenhoff (Thu Dec 23 2004 - 06:58:50 EST)
- Dmitry V. Levin (Wed Dec 22 2004 - 06:45:45 EST)
- customer service mailbox (Tue Dec 21 2004 - 17:09:30 EST)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler Negative Read Length Heap Overflow Vulnerability
- customer service mailbox (Tue Dec 21 2004 - 17:09:13 EST)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerability
- customer service mailbox (Tue Dec 21 2004 - 17:09:19 EST)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability
- customer service mailbox (Tue Dec 21 2004 - 17:09:09 EST)
Inexcusable weakness in Kmail / GnuPG
- Simple Nomad (Fri Dec 24 2004 - 01:30:24 EST)
- Thomas C. Greene (Thu Dec 23 2004 - 02:58:30 EST)
Internet Explorer Code Execution Bypass Vulnerability
- cmthemc@yahoo.com (Sun Dec 19 2004 - 15:47:06 EST)
- aikon none (Fri Dec 17 2004 - 12:03:37 EST)
Internet Explorer Help ActiveX Control Local Zone Security Restriction Bypass Vulnerability (updated)
- Paul (Sun Dec 19 2004 - 12:18:30 EST)
iwebnegar is vulnerable to all kind of sql injections
- shervin khaleghjou (Wed Dec 15 2004 - 10:28:53 EST)
Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability
- Marc Schoenefeld (Wed Dec 22 2004 - 06:42:04 EST)
KDE Security Advisory: Konqueror Java Vulnerability
- Waldo Bastian (Mon Dec 20 2004 - 08:49:05 EST)
KDE Security Advisory: kpdf Buffer Overflow Vulnerability
- Dirk Mueller (Tue Dec 28 2004 - 16:17:38 EST)
KorWeblog php injection Vulnerability
- Min-sung Choi (Thu Dec 30 2004 - 16:53:17 EST)
Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
- flashsky fangxing (Thu Dec 23 2004 - 09:57:01 EST)
Linux kernel IGMP vulnerabilities
- Jirka Kosina (Thu Dec 16 2004 - 18:13:42 EST)
- matthew-bugtraq@newtoncomputing.co.uk (Wed Dec 15 2004 - 17:41:50 EST)
- stephen joseph butler (Wed Dec 15 2004 - 00:14:46 EST)
- Paul Starzetz (Wed Dec 15 2004 - 07:34:33 EST)
- Pekka Savola (Tue Dec 14 2004 - 12:16:39 EST)
- Paul Starzetz (Tue Dec 14 2004 - 05:31:21 EST)
Linux kernel scm_send local DoS
- Valdis.Kletnieks@vt.edu (Wed Dec 22 2004 - 22:59:12 EST)
- Pavel Kankovsky (Thu Dec 23 2004 - 10:54:39 EST)
- gadgeteer@elegantinnovations.org (Wed Dec 15 2004 - 15:48:28 EST)
- gadgeteer@elegantinnovations.org (Wed Dec 15 2004 - 15:48:28 EST)
- even multiplexed (Wed Dec 15 2004 - 07:52:22 EST)
- Paul Starzetz (Wed Dec 15 2004 - 07:31:30 EST)
- even multiplexed (Tue Dec 14 2004 - 22:23:22 EST)
- Paul Starzetz (Tue Dec 14 2004 - 05:32:57 EST)
Local versus remote security holes
- David Brodbeck (Wed Dec 22 2004 - 15:59:12 EST)
- Adam Shostack (Wed Dec 22 2004 - 12:27:55 EST)
- D. J. Bernstein (Wed Dec 22 2004 - 02:40:42 EST)
malware effecting broadband users in Israel
- Gadi Evron (Wed Dec 22 2004 - 06:19:27 EST)
MDKSA-2004:148 - Updated iproute2 packages fix temporary file vulnerability
- Mandrake Linux Security Team (Mon Dec 13 2004 - 19:15:54 EST)
MDKSA-2004:149 - Updated postgresql packages fix temporary file vulnerability
- Mandrake Linux Security Team (Mon Dec 13 2004 - 19:24:26 EST)
MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerability
- Mandrake Linux Security Team (Wed Dec 15 2004 - 17:02:29 EST)
MDKSA-2004:151 - Updated php packages fix multiple vulnerabilities
- Mandrake Linux Security Team (Fri Dec 17 2004 - 20:25:27 EST)
MDKSA-2004:152 - Updated ethereal packages fix multiple vulnerabilities
- Mandrake Linux Security Team (Mon Dec 20 2004 - 16:16:16 EST)
MDKSA-2004:153 - Updated aspell packages fix vulnerability
- Mandrake Linux Security Team (Mon Dec 20 2004 - 16:19:30 EST)
MDKSA-2004:154 - Updated kdelibs packages fix multiple vulnerability
- Mandrake Linux Security Team (Wed Dec 22 2004 - 10:50:39 EST)
MDKSA-2004:155 - Updated logcheck packages fix temporary file vulnerability
- Mandrake Linux Security Team (Wed Dec 22 2004 - 10:58:38 EST)
MDKSA-2004:156 - Updated krb5 packages fix buffer overflow vulnerability
- Mandrake Linux Security Team (Wed Dec 22 2004 - 11:04:11 EST)
MDKSA-2004:157 - Updated mplayer packages fix multiple vulnerabilities
- Mandrake Linux Security Team (Wed Dec 22 2004 - 11:50:33 EST)
MDKSA-2004:158 - Updated samba packages fix integer overflow vulnerabilities
- Mandrake Linux Security Team (Mon Dec 27 2004 - 18:48:58 EST)
MDKSA-2004:159 - Updated glibc packages fix temporary file vulnerability
- Mandrake Linux Security Team (Wed Dec 29 2004 - 22:24:38 EST)
MDKSA-2004:160 - Updated kdelibs packages fix konqueror email vulnerability
- Mandrake Linux Security Team (Wed Dec 29 2004 - 22:54:02 EST)
MDKSA-2004:161 - Updated xpdf packages fix buffer overflow vulnerability
- Mandrake Linux Security Team (Wed Dec 29 2004 - 22:58:10 EST)
MDKSA-2004:162 - Updated gpdf packages fix buffer overflow vulnerability
- Mandrake Linux Security Team (Wed Dec 29 2004 - 23:02:48 EST)
MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerability
- Mandrake Linux Security Team (Wed Dec 29 2004 - 23:07:13 EST)
MDKSA-2004:164 - Updated cups packages fix buffer overflow vulnerability
- Mandrake Linux Security Team (Wed Dec 29 2004 - 23:09:59 EST)
MDKSA-2004:165 - Updated koffice packages fix multiple vulnerabilities
- Mandrake Linux Security Team (Wed Dec 29 2004 - 23:16:29 EST)
MDKSA-2004:166 - Updated tetex packages fix multiple vulnerabilities
- Mandrake Linux Security Team (Wed Dec 29 2004 - 23:20:51 EST)
Microsoft Internet Explorer SP2 Fully Automated Remote Compromise
- Paul (Sat Dec 25 2004 - 15:31:25 EST)
Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability
- flashsky fangxing (Thu Dec 23 2004 - 09:59:14 EST)
Microsoft Windows LoadImage API Integer Buffer overflow
- Brett Glass (Fri Dec 24 2004 - 19:18:56 EST)
- flashsky fangxing (Thu Dec 23 2004 - 09:58:01 EST)
Microsoft Windows LoadImage API IntegerBuffer overflow
- Berend-Jan Wever (Sat Dec 25 2004 - 14:57:41 EST)
Microsoft Windows winhlp32.exe Heap Overflow Vulnerability
- flashsky fangxing (Thu Dec 23 2004 - 10:00:42 EST)
MITKRB5-SA-2004-004: heap overflow in libkadm5srv
- Tom Yu (Mon Dec 20 2004 - 17:58:43 EST)
MS Windows Media Player 9 Vulns (2)
- Arman Nayyeri (Sat Dec 18 2004 - 02:43:55 EST)
MSIE DHTML Edit Control Cross Site Scripting Vulnerability
- Paul (Wed Dec 15 2004 - 03:01:33 EST)
Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ]
- GulfTech Security (Tue Dec 14 2004 - 22:15:17 EST)
Multiple Vulnerabilities In Kayako eSupport v2.x
- GulfTech Security (Sat Dec 18 2004 - 13:33:00 EST)
Multiple Vulnerabilities in Moodle
- Martin Dougiamas (Thu Dec 30 2004 - 10:25:07 EST)
- Bartek Nowotarski (Mon Dec 27 2004 - 14:45:44 EST)
Multiple WHM Autopilot Vulnerabilities
- GulfTech Security (Tue Dec 28 2004 - 07:33:47 EST)
Multiple XSS Vulnerabilities in Wordpress 1.2.1
- Thomas Waldegger (Thu Dec 16 2004 - 01:21:19 EST)
NetBSD kernel local vulnerabilities
- Evgeny Demidov (Fri Dec 17 2004 - 15:45:33 EST)
NetBSD Security Advisory 2004-010: Insufficient argument validation in compat code
- NetBSD Security-Officer (Fri Dec 17 2004 - 00:30:29 EST)
NetCat V 1.11 Multiple Bugs
- CorryL (Thu Dec 30 2004 - 10:36:43 EST)
Netcat v1.11 For Windows , New fixed version
- Hat-Squad Security Team (Tue Dec 28 2004 - 21:42:16 EST)
NetWare Screensaver Authentication Bypass From The Local Console
- Brad Bendily (Tue Dec 14 2004 - 12:00:57 EST)
- Adam Gray (Sun Dec 12 2004 - 20:24:10 EST)
new phpBB worm affects 2.0.11
- Herman Sheremetyev (Fri Dec 24 2004 - 17:06:30 EST)
New Santy-Worm attacks *all* PHP-skripts
- Juergen Schmidt (Sat Dec 25 2004 - 12:12:21 EST)
New Santy-Worm attacks *all* PHP-skripts ( Santy.c ? )
- K-OTiK Security (Sat Dec 25 2004 - 21:37:52 EST)
New Winhlp32.exe vuln
- bad_son@pimp.it (Fri Dec 24 2004 - 18:53:52 EST)
Oracle Character Conversion Bugs (#NISR2122004G)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:31:16 EST)
Oracle clear text passwords (#NISR2122004D)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:34:40 EST)
Oracle extproc buffer overflow (#NISR23122004A)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:32:09 EST)
Oracle extproc directory traversal (#NISR23122004B)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:32:57 EST)
Oracle extproc local command execution (#NISR23122004C)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:33:51 EST)
Oracle ISQLPlus file access vulnerability (#NISR2122004E)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:35:28 EST)
Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:37:24 EST)
Oracle TNS Listener DoS (#NISR2122004F)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:36:09 EST)
Oracle Trigger Abuse (#NISR2122004I)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:29:32 EST)
Oracle wrapped procedure overflow (#NISR2122004J)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:38:29 EST)
Patch available for multiple critical flaws in Oracle
- Marc Bejarano (Sat Dec 18 2004 - 12:26:15 EST)
Permission problem in Skype BETA for linux
- Peter Conrad (Wed Dec 22 2004 - 12:12:36 EST)
PHP Input Validation Vulnerabilities
- Daniel Fabian (Thu Dec 16 2004 - 09:09:55 EST)
PHP shmop.c module permits write of arbitrary memory.
- Stefano Di Paola (Sun Dec 19 2004 - 13:40:54 EST)
php unserialize
- Stefan Esser (Wed Dec 15 2004 - 18:32:20 EST)
- Martin Eiszner (Wed Dec 15 2004 - 16:32:54 EST)
PHP v4.3.x exploit for Windows.
- The Warlock (Wed Dec 22 2004 - 10:19:17 EST)
php-Calendar File Include Vulnerability [ Command Exec ]
- GulfTech Security (Wed Dec 29 2004 - 09:43:37 EST)
phpBB Attachment Mod Directory Traversal HTTP POST Injection
- Paul Laudanski (Tue Dec 14 2004 - 04:58:53 EST)
phpBB Worm
- Chris Ess (Fri Dec 24 2004 - 23:49:47 EST)
- Zeljko Brajdic (Sat Dec 25 2004 - 06:25:43 EST)
- Raymond Dijkxhoorn (Fri Dec 24 2004 - 13:12:22 EST)
- steve@uptime.org.uk (Fri Dec 24 2004 - 11:10:26 EST)
- Anders Henke (Thu Dec 23 2004 - 07:59:00 EST)
- Ofer Shezaf (Thu Dec 23 2004 - 15:28:11 EST)
- William Geoghegan (Wed Dec 22 2004 - 18:34:12 EST)
- Anders Henke (Thu Dec 23 2004 - 07:31:09 EST)
- Alvin Packard (Wed Dec 22 2004 - 22:28:01 EST)
- ycw1bh302@sneakemail.com (Tue Dec 21 2004 - 23:34:59 EST)
- Alexander Klimov (Wed Dec 22 2004 - 10:21:22 EST)
- Sebastian Wiesinger (Wed Dec 22 2004 - 06:22:15 EST)
- Paul Kurczaba (Tue Dec 21 2004 - 15:11:27 EST)
- Raymond Dijkxhoorn (Tue Dec 21 2004 - 17:28:42 EST)
- Shannon Lee (Mon Dec 20 2004 - 18:51:13 EST)
PHPBB worm in action
- Colin Keith (Fri Dec 24 2004 - 22:04:23 EST)
phphpbb2 + php version < 4.3.10 unserialize() memory dump sql password from config.php exploit
- bad boy (Fri Dec 17 2004 - 12:20:23 EST)
possible error in latest NGS realplayer advisory
- Marc Bejarano (Mon Dec 27 2004 - 19:17:41 EST)
possible local exploit via sendmail with procmail on solaris
- Jeff Damens (Wed Dec 22 2004 - 17:24:56 EST)
- Michael Barnes (Tue Dec 21 2004 - 16:30:03 EST)
Possible local root vulnerability in Roxio Toast on Mac OS X
- fintler (Tue Dec 14 2004 - 01:40:17 EST)
QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004]
- Julio Cesar Fort (Tue Dec 28 2004 - 21:30:59 EST)
raptor's xmas pack 2004
- Marco Ivaldi (Wed Dec 22 2004 - 15:53:31 EST)
Realone2.0 "pnxr3260.dll" Lets Remote Users IE Browser Crash
- Wei Li (Wed Dec 22 2004 - 13:30:58 EST)
Remote code execution with parameters withoutu ser interaction, even with XP SP2
- ShredderSub7 SecExpert (Tue Dec 28 2004 - 06:20:05 EST)
RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability
- Hongzhen Zhou (Wed Dec 15 2004 - 06:08:47 EST)
- Hongzhen Zhou (Tue Dec 14 2004 - 12:34:39 EST)
rpcl_icmpdos.c
- x90c (Wed Dec 15 2004 - 09:52:57 EST)
Sanity Worm Concepts
- Paul Laudanski (Wed Dec 29 2004 - 20:03:42 EST)
- Andy Fewtrell (Wed Dec 29 2004 - 06:52:42 EST)
Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory
- secure@symantec.com (Mon Dec 13 2004 - 18:54:48 EST)
- Secure Network Operations, Inc. (Mon Dec 13 2004 - 16:28:34 EST)
Security Advisory for ALL forum services with client-set images
- Tim Jackson (Wed Dec 22 2004 - 19:52:08 EST)
- Stefan Paletta (Thu Dec 23 2004 - 03:50:40 EST)
- James Bandara (Wed Dec 22 2004 - 05:03:44 EST)
Security Advisory for CVS Slash
- Jamie McCarthy (Wed Dec 15 2004 - 11:03:56 EST)
Security Bulletin SSRT4687 rev.0 HP-UX newgrp(1) local privilege elevation
- Boren, Rich (SSRT) (Mon Dec 20 2004 - 05:03:55 EST)
SHOUTcast remote format string vulnerability
- Damian Put (Thu Dec 23 2004 - 13:24:04 EST)
Socket unreacheable in the Lithtech engine (new protocol)
- Luigi Auriemma (Mon Dec 13 2004 - 13:25:19 EST)
SQL Injection Vulnerability In IBProArcade
- mike bailey (Fri Dec 31 2004 - 08:19:01 EST)
STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability
- advisory@stgsecurity.com (Tue Dec 14 2004 - 01:04:45 EST)
STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability
- advisory@stgsecurity.com (Wed Dec 15 2004 - 12:34:33 EST)
STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki
- advisory@stgsecurity.com (Wed Dec 15 2004 - 13:13:01 EST)
STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard
- Richard Stanway (Thu Dec 16 2004 - 12:21:07 EST)
- advisory@stgsecurity.com (Wed Dec 15 2004 - 21:41:41 EST)
STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod
- advisory@stgsecurity.com (Wed Dec 15 2004 - 21:42:37 EST)
STG Security Advisory: [SSA-20041215-19] Vulnerability of uploading files with multiple extensions in MediaWiki
- advisory@stgsecurity.com (Wed Dec 15 2004 - 21:43:12 EST)
STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard
- advisory@stgsecurity.com (Thu Dec 23 2004 - 20:02:33 EST)
stick with "anonymous" or "authenticated" when describing
- Steven M. Christey (Thu Dec 23 2004 - 13:25:36 EST)
stick with "anonymous" or "authenticated" when describing attacks
- Jonathan G. Lampe (Wed Dec 22 2004 - 14:39:52 EST)
Strange Java Loader (not so strange - Trojan.ByteVerify)
- K-OTiK Security (Thu Dec 30 2004 - 20:58:02 EST)
SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2004:046)
- Marcus Meissner (Wed Dec 22 2004 - 10:01:26 EST)
SUSE Security Announcement: samba (SUSE-SA:2004:045)
- Sebastian Krahmer (Wed Dec 22 2004 - 09:32:24 EST)
SUSE Security Announcement: various kernel problems (SUSE-SA:2004:044)
- Marcus Meissner (Tue Dec 21 2004 - 14:37:48 EST)
Sybase ASE 12.5.2 vulnerabilities
- NGSSoftware Insight Security Research (Wed Dec 22 2004 - 10:52:50 EST)
TSLSA-2004-0066 - multi
- Trustix Security Advisor (Mon Dec 20 2004 - 05:30:32 EST)
TSLSA-2004-0068 - kernel
- Trustix Security Advisor (Mon Dec 20 2004 - 05:32:17 EST)
TSLSA-2004-0069 - kerberos5
- Trustix Security Advisor (Tue Dec 21 2004 - 05:44:56 EST)
Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernel
- Katrina Tsipenyuk (Thu Dec 16 2004 - 22:11:19 EST)
UPDATE: [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities
- Luke Macken (Sun Dec 19 2004 - 16:59:11 EST)
Updated: TSLSA-2004-0068 - kernel
- Trustix Security Advisor (Mon Dec 20 2004 - 16:35:52 EST)
Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il>
- Martin Mewes (Thu Dec 23 2004 - 04:34:59 EST)
- Jamie Cameron (Thu Dec 23 2004 - 06:17:35 EST)
- amit sides (Wed Dec 22 2004 - 22:05:03 EST)
WebWorm using PHPBB vulnerability in the wild!
- Nick Johnson (Wed Dec 22 2004 - 04:52:53 EST)
- Niki Denev (Mon Dec 20 2004 - 18:42:22 EST)
What's "may have exploitable buffer overflows" mean in tcpdump?
- Dragos Ruiu (Mon Dec 13 2004 - 17:14:47 EST)
WHM AutoPilot Security Release [ Plus Upgrade Instructions ]
- GulfTech Security (Fri Dec 31 2004 - 07:34:24 EST)
Winamp 5.07 (latest version) Remote Crash + other stupid shizle
- b0f www.b0f.net (Mon Dec 13 2004 - 14:13:03 EST)
Windows Explorer TGA Crash
- Bill (Sat Dec 18 2004 - 18:57:20 EST)
Windows Explorer TGA Crash is a DoS bug in Internet Explorer.
- Berend-Jan Wever (Mon Dec 20 2004 - 20:37:25 EST)
- Berend-Jan Wever (Mon Dec 20 2004 - 20:20:56 EST)
Wordpress 1.2.2 is still vulnerable
- Thomas Waldegger (Tue Dec 21 2004 - 16:56:51 EST)
WPkontakt message parsing error
- Jaroslaw Sajko (Thu Dec 23 2004 - 06:54:55 EST)
Xprobe 0.2.1 Released
- bugtraq@sys-security.com (Tue Dec 21 2004 - 03:31:23 EST)
XSA-2004-7: stack overflow in AIFF demultiplexer
- Michael Roitzsch (Sun Dec 26 2004 - 10:56:07 EST)
XSS in yacy 0.31
- Donato Ferrante (Fri Dec 24 2004 - 09:52:36 EST)
Yahoo! Mail Cross-Site Scripting Vulnerability
- Rafel Ivgi, The-Insider (Thu Dec 16 2004 - 12:38:48 EST)
- Rafel Ivgi (Fri Oct 15 2004 - 04:55:52 EDT)
zone transfers, a spammer's dream?
- Marcin Pacyna (Mon Dec 13 2004 - 12:01:03 EST)

Last message date:	Fri Dec 31 2004 - 14:19:35 EST	Archived on:	Fri Jan 07 2005 - 12:55:17 EST

About this list	Start of Messages	Date view	Thread view	Author view	Attachment view

[ About Guardian Digital ] - [ Press Center ] - [ Contact Us ] - [ System Activation ] - [ Reseller Info ] - [ Online Store ] - [ Site Map ]
Copyright (c) 2000 - 2004 Guardian Digital, Inc. Linux Lockbox and EnGarde are Trademarks of Guardian Digital, Inc.