Buqtraq Archiv März 2003
- [SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability,
Tamer Sahin
- Re: Bypassing Personal Firewalls,
Darwin
- Re: Netscape Communicator 4.x sensitive informations in configurationfile,
Nicolas RUFF (lists)
- Re: Netscape Communicator 4.x sensitive informations in configuration file,
Paul Szabo
- web-erp 0.1.4 database access vulnerability,
Ryan Fox
- Security responsible at AOL,
Michael Schwartzkopff
- nethack C340-137: security issue fixed,
devteam
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II -.zipper,
Dror Shalev
- Easy obtaining User+Pass+More on CoffeeCup Password Wizard All Versions,
Rynho Zeros Web
- gid games via toppler,
Knud Erik Højgaard
- PHP-Nuke : config.php reveled with php uploaded file.(Affect all uploads implementations in phpnuke).SECURING PHP-NUKE.,
Lorenzo Hernandez Garcia-Hierro
- Re: axis2400 webcams,
Sergio Gelato
- GLSA: eterm (200303-1),
Daniel Ahlberg
- GLSA: vte (200303-2),
Daniel Ahlberg
- WebChat (PHP),
Frog Man
- Implementation flaws in Adobe Document Server for Reader Extensions,
info
- New HP Jetdirect SNMP password vulnerability when using Web JetAdmin,
Sven Pechler
- Contact for Palm Computing,
Joel Maslak
- GTcatalog (PHP),
Frog Man
- sendmail 8.12.8 available,
Claus Assmann
- Mail Header Buffer Overflow In Sendmail,
SGI Security Coordinator
- [RHSA-2003:073-06] Updated sendmail packages fix critical security issues,
bugzilla
- Re: Terminal Emulator Security Issues,
Michael Jennings
- [SCSA-008] Cross Site Scripting & Script Injection Vulnerability in PY-Livredor,
Grégory
- Sendmail buffer overflow vulnerability in AIX.,
Shiva Persaud
- FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail,
FreeBSD Security Advisories
- Re: Ecardis Password Reseting Vulnerability,
Trish Lynch
- Cobalt RaQ server appliances,
Florian Effenberger
- [blaqhatz] - Pastel Accounting application security issues,
l33t guy
- MDKSA-2003:027 - Updated tcpdump packages fix denial of service vulnerabilities,
Mandrake Linux Security Team
- SuSE Security Announcement: sendmail (SuSE-SA:2003:013),
Roman Drahtmueller
- MDKSA-2003:028 - Updated sendmail packages fix remotely exploitable buffer overflow vulnerability,
Mandrake Linux Security Team
- Snort RPC Vulnerability (fwd),
Dave Ahmad
- Sygate Security Bulletin SS20030221-0001,
Elisha Riedlinger
- Siemens *35 and 45 series phones SMS Danial of Service,
subj subj
- [CLA-2003:571] Conectiva Linux Security Announcement - sendmail,
secure
- [Snort-2003-001] Buffer overflow in Snort RPC preprocessor (fwd),
Dave Ahmad
- [LSD] Technical analysis of the remote sendmail vulnerability,
Last Stage of Delirium
- NetBSD Security Advisory 2003-002: Malformed header Sendmail Vulnerability,
NetBSD Security Officer
- NetBSD Security Advisory 2003-001: Encryption weakness in OpenSSL code,
NetBSD Security Officer
- [OpenPKG-SA-2003.014] OpenPKG Security Advisory (tcpdump),
OpenPKG
- GLSA: sendmail (200303-4),
Daniel Ahlberg
- [SECURITY] [DSA-257-1] sendmail remote exploit,
Wichert Akkerman
- Fwd: APPLE-SA-2003-03-03 sendmail,
Bryan Blackburn
- HP-UX security bulletins digest [Fwd/sendmail issue],
IT Resource Center\
- Fwd: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail,
Muhammad Faisal Rauf Danka
- uploader.php vulnerability,
kingcope
- Re: New HP Jetdirect SNMP password vulnerability when using Web JetAdmin,
Sven Pechler
- Security Update: [CSSA-2003-SCO.3] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : ftp vulnerability with pipe symbols in filenames,
security
- [OpenPKG-SA-2003.017] OpenPKG Security Advisory (file),
OpenPKG
- [OpenPKG-SA-2003.016] OpenPKG Security Advisory (sendmail),
OpenPKG
- [OpenPKG-SA-2003.015] OpenPKG Security Advisory (zlib),
OpenPKG
- uploader.php script,
auto40951
- Log corruption on multiple webservers, log analyzers,...,
Vázquez
- iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1),
iDEFENSE Labs
- BIND 9.2.2 Vulnerabilities?,
John
- Re: Netscape Communicator 4.x sensitive informations in configuration file,
mstoltz
- GLSA: tcpdump (200303-5),
Daniel Ahlberg
- shopfactory shopping cart,
Maarten
- [RHSA-2003:042-07] Updated squirrelmail packages close cross-site scripting vulnerabilities,
bugzilla
- Sendmail exploit released???,
Kryptik Logik
- 3Com SuperStack 3 Firewall Content Filter Exploitable Via Telnet,
bit_logic
- Re: SA-03:04.sendmail Bin Update,
Charles M. Richmond
- potential buffer overflow in lprm (fwd),
Dave Ahmad
- [RHSA-2003:039-06] Updated im packages fix insecure handling of temporary files,
bugzilla
- [RHSA-2003:062-11] Updated OpenSSL packages fix timing attack,
bugzilla
- [SCSA-009] Remote Command Execution Vulnerability in PHP Ping,
Grégory
- PHP-Nuke 6.0 (& 6.5?) : Serious SQL Injection Security Holes,
Frog Man
- ILLC,
Vázquez
- file(1) exploit code,
Crazy Einstein
- GLSA: snort (200303-6),
Daniel Ahlberg
- Security Update: [CSSA-2003-SCO.4] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : Lax permissions on /dev/X,
security
- [New Research Paper] Bound by Tradition: A sampling of the security posture of the Internet's DNS servers,
Mike Schiffman
- [sorcerer-spells] BIND-SORCERER2003-03-06,
Michael Walton
- xscreensaver exploit for Redhat 7.3,
Angelo Rosiello
- Security Update: [CSSA-2003-009.0] Linux: slocate command line buffer overflows,
security
- [RHSA-2003:086-07] Updated file packages fix vulnerability,
bugzilla
- MDKSA-2003:030 - Updated file packages fix stack overflow vulnerability,
Mandrake Linux Security Team
- Wordit Logbook Version 0.98b3,
Aleksey Sintsov
- GLSA: mysqlcc (200303-7),
Daniel Ahlberg
- DBTools' DBManager Information Leak Vulnerability,
Ignacio Vazquez
- [ESA-20030307-007] 'snort' RPC preprocessor buffer overflow.,
EnGarde Secure Linux
- [sorcerer-spells] SNORT-SORCERER2003-03-06-1,
Michael Walton
- Smoothwall Firewall SNORT buffer overflow,
Martinez, Sylvain
- SimpleBBS 1.0.6 Default Permissions Vuln,
flur
- [EC-SA-01.2003] Windows XP "welcome screen" exposes the names of all the members of the local administrators group,
Eitan Caspi
- Security Update: [CSSA-2003-SCO.5] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : remote buffer overflow in sendmail (CERT CA-2003-07),
security
- NII Advisory - Buffer Overflow in SQLBase (Revised),
Network Intelligence India Pvt. Ltd.
- OpenBSD lprm(1) exploit,
Claes Nyberg
- Vulnerability in Upload Lite 3.22 that could allow somebody to upload/execute code on a remote host.,
Sil
- MySQL user can be changed to root,
bugsman@xxxxxxxxx
- RE: JRun: The Easiness of Session Fixation,
Mitja Kolsek
- [ESA-20030307-008] 'file' ELF parsing routine buffer overflow vulnerability.,
EnGarde Secure Linux
- GLSA: snort (200303-6.1),
Daniel Ahlberg
- Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue,
Martin O'Neal
- MDKSA-2003:029 - Updated snort packages fix buffer overflow vulnerability,
Mandrake Linux Security Team
- Cross-Referencing Linux vulnerability,
Albert Puigsech Galicia
- PHP-Nuke 6.0 & 6.5RC2 SQL Injection Again,
Frog Man
- Security Update: [CSSA-2003-SCO.4.1] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : REVISED: Lax permissions on /dev/X,
security
- [SECURITY] [DSA 258-1] New ethereal packages fix arbitrary code execution,
Martin Schulze
- QPopper 4.0.x buffer overflow vulnerability,
Florian Heinz
- Security Update: [CSSA-2003-011.0] Linux: format string vulnerability in zlib (gzprintf),
security
- Security Update: [CSSA-2003-010.0] Linux: remote buffer overflow in sendmail (CERT CA-2003-07),
security
- [SNS Advisory No.63] DeleGate Pointer Array Overflow May Let Remote Users Execute Arbitrary Code,
Secure Net Service(SNS) Security Advisory
- .MHT Buffer Overflow in Internet Explorer,
Tom Tanaka
- [Summary of Responses] Bound by Tradition: A sampling of the security posture of the Internet's DNS servers,
Mike Schiffman
- Vulnerability in man < 1.5l,
Jack Lloyd
- SOHO Routefinder 550 VPN, DoS and Buffer Overflow,
Peter Kruse
- GLSA: ethereal (200303-10),
Daniel Ahlberg
- Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue,
http-equiv@xxxxxxxxxx
- 802.11b DoS exploit,
Mark Osborne
- [Opera 7/6] Long Filename Buffer Overflow Vulnerability in Download,
nesumin
- [sorcerer-spells] MAN-SORCERER2003-03-11,
Michael Walton
- pgp4pine stack overflow vulnerability,
Eric AUGE
- VPOPMail Account Administration (squirrel mail) version 0.9.7,
error
- NetBSD Security Advisory 2003-003 Buffer Overflow in file(1),
NetBSD Security Officer
- @(#)Mordred Labs advisory - Remote DoS in PostgreSQL <= 7.2.2,
sir . mordred
- Potential PGP signature verification problem?,
Avri Schneider
- MDKSA-2003:031 - Updated usermode packages remove insecure shutdown command,
Mandrake Linux Security Team
- PivX Advisory MK002B H&R Block TaxCut Information Disclosure Vulnerability,
Mike Kristovich
- SuSE Security Announcement: lprold (SuSE-SA:2003:0014),
Thomas Biege
- R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication,
Rapid 7 Security Advisories
- R7-0012: Lotus Notes/Domino R6-beta PROTOS LDAP Denial of Service Regression,
Rapid 7 Security Advisories
- PivX Advisory MK002A Intuit TurboTax Information Disclosure Vulnerability,
Mike Kristovich
- R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow,
Rapid 7 Security Advisories
- SuSE Security Announcement: tcpdump (SuSE-SA:2003:0015),
Thomas Biege
- [SECURITY] [DSA-260-1] New file package fixes buffer overflow,
Michael Stone
- Sun ONE (iPlanet) Application Server Connector Module Overflow,
@stake Advisories
- RE: PivX Advisory MK002A Intuit TurboTax Information Disclosure V ulnerability,
Jeremy Epstein
- Fwd: CERT Advisory CA-2003-08 Increased Activity Targeting Windows Shares,
Muhammad Faisal Rauf Danka
- Nokia SGSN (DX200 Based Network Element) SNMP issue,
@stake Advisories
- Security Update: [CSSA-2003-SCO.6] OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : remote buffer overflow in sendmail (CERT CA-2003-07),
security
- response to tax software not encrypting tax info,
auto40951
- Protegrity buffer overflow,
sss sss
- [SECURITY] [DSA 261-1] New tcpdump packages fix denial of service vulnerability,
Martin Schulze
- Buffer overflows in ircII-based clients,
Timo Sirainen
- Vulnerability in OpenSSL,
David Brumley
- GiantRat Mailer exposes PoP password,
maninthemiddle
- Win32: Postmessage API security flaw,
Palan
- [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper),
OpenPKG
- @(#)Mordred Labs advisory - Texis sensitive information leak,
sir . mordred
- Unknown trust error when downloading ocget.dll,
Ken Fischer
- Guestbook v1.1.3 CSS Vuln,
flur
- Security Update: [CSSA-2003-012.0] Linux: KDE rlogin.protocol and telnet.protocol url kio Vulnerability,
security
- TSLSA-2003-0009 - mysql,
Trustix Secure Linux Advisor
- [] New samba packages fix security vulnerabilities,
bugzilla
- TSLSA-2003-0011 - samba,
Trustix Secure Linux Advisor
- TSLSA-2003-0007 - kernel,
Trustix Secure Linux Advisor
- PHP Message Board/Guestbook,
subj
- TSLSA-2003-0010 - openssl,
Trustix Secure Linux Advisor
- Simple WebDAV method validator (PERL code),
SensePost Research
- GLSA: mysql (200303-14),
Daniel Ahlberg
- [ESA-20030318-009] Several 'kernel' vulnerabilities,
EnGarde Secure Linux
- MDKSA-2003:033 - Updated zlib packages fix buffer overrun vulnerability,
Mandrake Linux Security Team
- SIPS (PHP),
subj
- Re: Microsoft Security Advisory MS 03-007,
Dave Aitel
- [OpenPKG-SA-2003.019] OpenPKG Security Advisory (openssl),
OpenPKG
- GLSA: man (200303-13),
Daniel Ahlberg
- [OpenPKG-SA-2003.020] OpenPKG Security Advisory (modssl),
OpenPKG
- [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba),
OpenPKG
- [OpenPKG-SA-2003.022] OpenPKG Security Advisory (mysql),
OpenPKG
- [security bulletin] SSRT0845U HP Tru64 UNIX, HP-UX stdio Potential Security Vulnerability,
Dave Ahmad
- Re: PROBLEMS WITH WINDOWS SHORTCUTS,
Alexander Kiwerski
- AOL's Billion SPAM March on Cyberspace,
Jason Coombs
- PHP-Nuke 5.5 and 6.0: Path Disclosure,
Rynho Zeros Web
- MDKSA-2003:032 - Updated samba packages fix remote root vulnerability,
Mandrake Linux Security Team
- CERT Advisory CA-2003-09 Buffer Overflow in Microsoft IIS 5.0 (fwd),
Dave Ahmad
- Re: qpopper timing analysis on to determine if a username exists on a system,
Waldo Nell
- [Sorcerer-spells] SAMBA-SORCERER2003-03-17,
Michael Walton
- [SCSA-010] Path Disclosure & Cross Site Scripting Vulnerability in MyABraCaDaWeb,
Grégory
- GLSA: samba (200303-11),
Daniel Ahlberg
- Security Bugfix for Samba - Samba 2.2.8 Released,
Maslov, Snowy
- [RHSA-2003:054-00] Updated rxvt packages fix various vulnerabilites,
bugzilla
- [ADVISORY] Timing Attack on OpenSSL,
Ben Laurie
- [INetCop Security Advisory #2002-0x82-013] Kebi Academy 2001 Web Solution Directory Traversing Vulnerability.,
dong-h0un U
- GLSA: qpopper (200303-12),
Daniel Ahlberg
- S21SEC-011 - Multiple vulnerabilities in BEA WebLogic Server,
Lluis Mora
- [RHSA-2003:072-08] Updated Gnome-lokkit packages fix vulnerability,
bugzilla
- SPI ADVISORY: Remote Administration of BEA WebLogic Server and Express,
Caleb Sima
- [SECURITY] [DSA 263-1] New tcpdump packages fix denial of service vulnerability,
Martin Schulze
- [RHSA-2003:098-00] Updated 2.4 kernel fixes vulnerability,
bugzilla
- MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol,
Tom Yu
- McAfee ePolicy Orchestrator Format String Vulnerability (a031703-1),
@stake Advisories
- Some XSS vulns,
Ertan Kurt
- [OpenPKG-SA-2003.023] OpenPKG Security Advisory (delegate),
OpenPKG
- [OpenPKG-SA-2003.024] OpenPKG Security Advisory (ircii),
OpenPKG
- [SECURITY] [DSA 264-1] New lxr packages fix information disclosure,
Martin Schulze
- [INetCop Security Advisory] ++Danger++ Outblaze Web based e-mail that is exposed in very dangerous state !!!,
dong-h0un U
- SuSE Security Announcement: samba (SuSE-SA:2003:016),
Marc Heuse
- WF-Chat,
subj
- EEYE: XDR Integer Overflow,
Marc Maiffret
- SMB/CIFS Security Vulnerability in Samba on IRIX,
SGI Security Coordinator
- Easy DoS on Kaspersky Anti-Hacker v1.0,
Bojan Zdrnja
- [OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding,
Bodo Moeller
- linux kmod/ptrace bug - details,
Andrzej Szombierski
- MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes,
Tom Yu
- [RHSA-2003:089-00] Updated glibc packages fix vulnerabilities in RPC XDR decoder,
bugzilla
- Java Security Fixes on IRIX,
SGI Security Coordinator
- iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine,
iDEFENSE Labs
- CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent,
CORE SECURITY TECHNOLOGIES ADVISORIES
- mutt-1.4.1 fixes a buffer overflow.,
Thomas Roessler
- Security Update: [CSSA-2003-013.0] Linux: integer overflow vulnerability in XDR/RPC routines,
security
- [ESA-20030320-010] Several vulnerabilities in the OpenSSL toolkit.,
EnGarde Secure Linux
- [RHSA-2003:088-01] New kernel 2.2 packages fix vulnerabilities,
bugzilla
- Microsoft Security Bulletin MS03-009: Flaw In ISA Server DNS Intrusion Detection Filter Can Cause Denial Of Service (331065) (fwd),
Dave Ahmad
- [Sorcerer-spells] GLIBC-SORCERER2003-03-20,
Michael Walton
- [Sorcerer-spells] KRB5-SORCERER2003-03-20,
Michael Walton
- Fwd: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines,
Muhammad Faisal Rauf Danka
- [IPS] osCommerce multiple XSS vulnerabilities,
Daniel Alcántara de la Hoz
- [Sorcerer-spells] LINUX-SORCERER2003-03-20,
Michael Walton
- FreeBSD Security Advisory FreeBSD-SA-03:05.xdr,
FreeBSD Security Advisories
- [OpenPKG-SA-2003.025] OpenPKG Security Advisory (mutt),
OpenPKG
- Safeboot PC Security User Emuneration Vulnerability,
Advisories
- IBM Tivoli Firewall Security Toolbox buffer overflow vulnerability,
Niels Heinen
- CORE-20030304-02: Vulnerability in Mutt Mail User Agent,
CORE Security Technologies Advisories
- [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl),
OpenPKG
- Opara 6.06 Released, Security-Hole Left,
nesumin
- [SCSA-011] Path Disclosure Vulnerability in XOOPS,
Grégory
- GLSA: evolution (200303-18),
Daniel Ahlberg
- New attack vectors and a vulnerability dissection of MS03-007,
David Litchfield
- [ESA-20030321-010] 'glibc' RPC XDR decoder vulnerability,
EnGarde Secure Linux
- SuSE Security Announcement: qpopper (SuSE-SA:2003:018),
Thomas Biege
- [SECURITY] [DSA 265-1] New bonsai packages fix several vulnerabilities,
Martin Schulze
- SuSE Security Announcement: ethereal (SuSE-SA:2003:019),
Thomas Biege
- [RHSA-2003:108-01] Updated Evolution packages fix multiple vulnerabilities,
bugzilla
- SuSE Security Announcement: file (SuSE-SA:2003:017),
Thomas Biege
- Check Point FW-1 NG FP3 & FP3 HF1: DoS attack against syslog daemon possible,
Dr. Peter Bieringer
- Edonkey and Overnet resources consumption,
Auriemma Luigi
- GLSA: kernel (200303-17),
Daniel Ahlberg
- [Sorcerer-spells] OPENSSL-SORDCERER2003-03-21,
Michael Walton
- IRM 004: ActiveSync Version 3.5 Denial of Service Vulnerability,
IRM Advisories
- Re: Check Point FW-1 NG FP3 & FP3 HF1: DoS attack against syslog daemon possible,
Hines, Eric
- Guestbook tr3.a,
subj
- Stunnel: RSA timing attacks / key discovery,
Brian Hatch
- FreeBSD Security Advisory FreeBSD-SA-03:06.openssl,
FreeBSD Security Advisories
- RE: Check Point FW-1 NG FP3 & FP3 HF1: DoS attack against syslog daemon possible,
Hines, Eric
- NT Service Killer,
tomotocigare
- SimpleChat,
subj
- GLSA: rxvt (200303-16),
Daniel Ahlberg
- [sorcerer-spells] MUTT-SORCERER2003-03-19,
Michael Walton
- ProtWare "HTML Guardian" has pathetic "encryption",
rain_song
- Re: [INetCop Security Advisory] ++Danger++ Outblaze Web based e-mail that is exposed in very dangerous state !!!,
Suresh Ramasubramanian
- GLSA: openssl (200303-15),
Daniel Ahlberg
- GLSA: mutt (200303-19),
Daniel Ahlberg
- IE - reading local files,
Adam [ckkl]
- 3com RAS 1500 Remote vulnerabilities.,
Piotr Chytla
- [ESA-20030324-012] 'MySQL' root exploit.,
EnGarde Secure Linux
- [SECURITY] [DSA 266-1] New krb5 packages fix several vulnerabilities,
Martin Schulze
- paFileDB 3.x SQL Injection Vulnerability,
flur
- GLSA: bitchx (200303-21),
Daniel Ahlberg
- GLSA: openssl (200303-20),
Daniel Ahlberg
- [SECURITY] [DSA 267-1] New lpr packages fix local root exploit,
Martin Schulze
- SuSE Security Announcement: mutt (SuSE-SA:2003:020),
Thomas Biege
- Samba-TNG 0.3.1 Security Release (fwd),
Erik Parker
- WebDav Exploit ffs,
Rafael Nuñez
- Security Update: [CSSA-2003-SCO.7] UnixWare 7.1.1 Open UNIX 8.0.0 : Several vulnerabilities in XDR/RPC routines,
security
- DEF CON Announcement: CFP, Media now on line!,
The Dark Tangent
- Security Update: [CSSA-2003-014.0] Linux: several recently discovered openssl vulnerabilities,
security
- Multiple Vulnerabilities and Enhancements in ftpd on IRIX,
SGI Security Coordinator
- Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL,
Bryan Blackburn
- @(#)Mordred Labs advisory - Integer overflow in PHP socket_iovec_alloc() function,
Sir Mordred
- GLSA: glibc (200303-22),
Daniel Ahlberg
- CSS in PHP WEB CHAT,
Over_G
- [RHSA-2003:095-02] New samba packages fix security vulnerabilities,
bugzilla
- [SECURITY] [DSA 268-1] New mutt packages fix arbitrary code execution,
Martin Schulze
- IRM 005: JWalk Application Server Version 3.2c9 Directory Traversal Vulnerability,
IRM Advisories
- PHPNuke viewpage.php allows Remote File retrieving,
Zero_X www . lobnan . de Team
- VChat,
subj
- Re: Check Point FW-1 NG FP3 & FP3 HF1: DoS attack against syslog daemon possible,
Rizan Sheikh Mohd
- Axis Video and Camera Servers - System log access and file access/overwrite via HTTP/CGI,
Axis Product Security
- Emule 0.27b remote crash,
Auriemma Luigi
- SuSE Security Announcement: kernel (SuSE-SA:2003:021),
Roman Drahtmueller
- GLSA: stunnel (200303-24),
Daniel Ahlberg
- IIS 5.0 WebDAV -Proof of concept-. Fully documented.,
Roman Medina
- MDKSA-2003:037 - Updated glibc packages fix vulnerabilities in RPC XDR decoder,
Mandrake Linux Security Team
- Security Update: [CSSA-2003-015.0] Linux: apcupsd remote root vulnerability and buffer overflows,
security
- MDKSA-2003:036 - Updated netpbm packages fix math overflow errors,
Mandrake Linux Security Team
- Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged,
Vladimir Katalov
- MDKSA-2003:034 - Updated rxvt packages fix escape sequence insecurities,
Mandrake Linux Security Team
- MDKSA-2003:035 - Updated openssl packages fix RSA-related insecurities,
Mandrake Linux Security Team
- GLSA: mod_ssl (200303-23),
Daniel Ahlberg
- WebDAV exploit: using wide character decoder scheme,
오정욱
- SuSE Security Announcement: apcupsd (SuSE-SA:2003:022),
Thomas Biege
- Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue,
Martin O'Neal
- RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME atta chment evasion issue,
Martin O'Neal
- @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator,
Sir Mordred
- [SECURITY] [DSA 269-1] New heimdal packages fix authentication failure,
Martin Schulze
- Security Advisory - MyTaxexpress 2003,
Nathan Wosnack
- NetBSD Security Advisory 2003-004: Format string vulnerability in zlib gzprintf(),
NetBSD Security Officer
- NetBSD Security Advisory 2003-005: RSA timing attack in OpenSSL code,
NetBSD Security Officer
- NetBSD Security Advisory 2003-008: faulty length checks in xdrmem_getbytes,
NetBSD Security Officer
- NetBSD Security Advisory 2003-007: (Another) Encryption weakness in OpenSSL code,
NetBSD Security Officer
- [RHSA-2003:051-01] Updated kerberos packages fix various vulnerabilities,
bugzilla
- NSFOCUS SA2003-01: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability,
NSFCOSU Security Team
- Fwd: CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino,
Muhammad Faisal Rauf Danka
- Vulnerability in my guest book,
Over_G
- @(#)Mordred Labs advisory - PHP for Win32: buffer overflow in openlog() function,
sir.mordred
- [SECURITY] [DSA 271-1] New ecartis and listar packages fix password change vulnerability,
Martin Schulze
- SNMP security issues in D-Link DSL Broadband Modem/Router,
Arhont Information Security
- TSLSA-2003-0013 - openssl,
Trustix Secure Linux Advisor
- TSLSA-2003-0014 - glibc,
Trustix Secure Linux Advisor
- [SCSA-013] Cross Site Scripting vulnerability in testcgi.exe,
Grégory
- [SECURITY] [DSA 270-1] New Linux kernel packages (mips + mipsel) fix local root exploit,
Martin Schulze
- Immunix Secured OS 7+ openssl update,
Immunix Security Team
- [SCSA-012] Multiple vulnerabilities in Sambar Server,
Grégory
- D-Link DI-614 wiresless router crash/reboots,
Thomas Reinke
- PostNuke Sensitive Information Disclosure,
rkc
- Problems with Snort-1.9.1,
Toby Miller
- [SECURITY] [DSA 274-1] New mutt packages fix arbitrary code execution,
Martin Schulze
- Clearswift MAILsweeper hotfix,
fwegwg dfbndebndebner
- Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit,
Eric Hines
- CORE-2003-0304-03: Vulnerability in GNOME's Eye of Gnome,
CORE Security Technologies Advisories
- [SECURITY] [DSA 273-1] New krb4 packages fix authentication failure,
Martin Schulze
- [SECURITY] [DSA 272-1] New dietlibc packages fix arbitrary code execution,
Martin Schulze
- GLSA: zlib (200303-25),
Daniel Ahlberg
- MDKSA-2003:039 - Updated kernel22 packages fix multiple vulnerabilities,
Mandrake Linux Security Team
- MDKSA-2003:038 - Updated 2,4 kernel packages fix ptrace vulnerability,
Mandrake Linux Security Team
- Mod_Survey ENV tag vulnerability,
Joel Palmius
- RE: FUD-ALARM: @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator,
sir.mordred
- CORE-2003-0306: RealPlayer PNG deflate heap corruption vulnerability,
CORE Security Technologies Advisories
- Netscape and Opera crash via java,
Marc Schoenefeld
- Beanwebb Guestbook v1.0 vulnerabilities,
euronymous
- Justice Guestbook 1.3 vulnerabilities,
euronymous
- ScozBook BETA 1.1 vulnerabilities,
euronymous
- sendmail 8.12.9 available,
Claus Assmann
- CGI-City's CCGuestBook Script Injection Vulns,
BrainRawt .
- CGI-City's CCLOG Script Injection Vulns,
BrainRawt .
- [security@xxxxxxxxxxxxx: [slackware-security] Samba buffer overflow fixed],
White Vampire
- [security@xxxxxxxxxxxxx: [slackware-security] Sendmail buffer overflow fixed],
White Vampire
- Sendmail: -1 gone wild,
Michal Zalewski
- [SCSA-014] Remote Denial of Service Vulnerability in EZ Server,
Grégory
- PHP-Nuke block-Forums.php subject vulnerabilities,
lethalman
- Positive Technologies Security Advisory 2003-0307: DoS-attack in Kerio WinRoute Firewall,
Dmitry Maksimov
- GLSA: dietlibc (200303-29),
Daniel Ahlberg
- Oracle JDBC: Inconsistent handling of timestamps,
Peter Conrad
- [RHSA-2003:120-01] Updated sendmail packages fix vulnerability,
bugzilla
- SRT2003-03-31-1219 - SAP world writable server binaries,
KF
- Vulnerability in News/Новости,
Over_G
- CGI Citys CCLOG and CCGuestbook Script Injection Vulns Fixed!!!,
BrainRawt .
- NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability,
NSFCOSU Security Team
- OpenSSH 3.6 released (fwd),
Jonas Eriksson
- [RHSA-2003:034-01] Updated dhcp packages fix possible packet storm,
bugzilla
- Security issues in D-Link DSL-300/DSL-300G+ Broadband Modem/Router,
Arhont Information Security
- NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability,
NSFCOSU Security Team
- [DDI-1012] Malformed request causes denial of service in HP Instant TopTools,
Erik Parker
- Personal FTP Server,
subj
- [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail),
OpenPKG
- Ericsson Mobile Phones Security Contact?,
Ollie Whitehouse
- GLSA: krb5 & mit-krb5 (200303-28),
Daniel Ahlberg
- GLSA: sendmail (200303-27),
Daniel Ahlberg
- GLSA: openafs (200303-26),
Daniel Ahlberg
- MiniPortal,
subj
- FreeBSD Security Advisory FreeBSD-SA-03:07.sendmail,
FreeBSD Security Advisories
- Buffer Overflow in Broker FTP Server,
subj
- BRS WebWeaver: full disclosure,
euronymous
- Fwd: QuickTime 6.1 for Windows is available,
Bryan Blackburn
- Sambar Server "Buffer OverFlow" Vulnerabilities,
Lorenzo Manuel Hernandez Garcia-Hierro
- TYPSoft FTP Server,
subj
- Immunix Secured OS 7+ samba update,
Immunix Security Team
- iDEFENSE Security Advisory 03.31.03: Buffer Overflow in Windows QuickTime Player,
iDEFENSE Labs
- SRT2004-01-18-0747 - IBM Informix IDS 9.4 contains multiple vulnerabilities,
KF
Mail converted by MHonArc