Bugtraq: by thread

Disclosure of file system information in Mozilla Firefox and Opera Browser: Giovanni Delvecchio (Dec 01 2004)
- Re: Disclosure of file system information in Mozilla Firefox and Opera Browser: Liu Die Yu (Dec 01 2004)
- RE: Disclosure of file system information in Mozilla Firefox and Opera Browser: Thor Larholm (Dec 06 2004)
Invision Power Board 'Allow auto login' setting override Hillel Himovich (Nov 30 2004)
Re: Winamp - Buffer Overflow In IN_CDDA.dll Black Dot (Dec 01 2004)
SUSE Security Announcement: various kernel problems (SUSE-SA:2004:042) Marcus Meissner (Dec 01 2004)
Re: Pi3Web/2.0.0 File-Disclosure/Path Disclosure vuln Holger Zimmermann (Nov 30 2004)
[CLA-2004:904] Conectiva Security Announcement - cyrus-imapd Conectiva Updates (Dec 01 2004)
Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003. Reed Arvin (Dec 01 2004)
[SECURITY] [DSA 603-1] New openssl packages fix insecure temporary file creation Martin Schulze (Dec 01 2004)
[USN-35-1] imagemagick vulnerabilities Martin Pitt (Nov 30 2004)
[USN-36-1] NFS statd vulnerability Martin Pitt (Dec 01 2004)
[USN-33-1] libgd vulnerabilities Martin Pitt (Nov 29 2004)
[ GLSA 200411-37 ] Open DC Hub: Remote code execution Luke Macken (Nov 28 2004)
[CLA-2004:902] Conectiva Security Announcement - abiword Conectiva Updates (Dec 01 2004)
[USN-34-1] OpenSSH information leakage Martin Pitt (Nov 30 2004)
[KA Advisory 0411291] IPCop Cross Site Scripting Vulnerability in "proxylog.dat" Kurczaba Associates advisories (Nov 30 2004)
Cisco Security Advisory: Cisco CNS Network Registrar Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Dec 02 2004)
rssh and scponly arbitrary command execution Jason Wies (Dec 02 2004)
Blog Torrent preview 0.8 - arbitary file download Steve Kemp (Dec 02 2004)
[USN-37-1] cyrus21-imapd vulnerability Martin Pitt (Dec 02 2004)
Official IFRAME patch - make sure it installs correctly Berend-Jan Wever (Dec 01 2004)
Multiple vulnerabilities in Kreed 1.05 Luigi Auriemma (Dec 02 2004)
Remote Mercury32 Imap exploit JohnH (Dec 01 2004)
[CLA-2004:905] Conectiva Security Announcement - squirrelmail Conectiva Updates (Dec 02 2004)
FreeBSD Security Advisory FreeBSD-SA-04:17.procfs FreeBSD Security Advisories (Dec 01 2004)
Advanced Guestbook Emile van Elen (Dec 02 2004)
- Re: Advanced Guestbook Spy Hat (Dec 05 2004)
[SECURITY] [DSA 604-1] New hpsockd packages fix denial of service Martin Schulze (Dec 03 2004)
[ GLSA 200412-01 ] rssh, scponly: Unrestricted command execution Thierry Carrez (Dec 03 2004)
Opera 7.54 vulnerabilities again (still unfixed) Marc Schoenefeld (Dec 04 2004)
[ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library Luke Macken (Dec 05 2004)
Hosting Controller mouse small (Dec 05 2004)
[SECURITY] [DSA 605-1] New viewcvs packages fix information leak Martin Schulze (Dec 06 2004)
Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ] Brett Moore (Dec 05 2004)
Multiple vulnerabilities in w3who ISAPI DLL Nicolas Gregoire (Dec 06 2004)
- Re: [Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLL Nicolas Gregoire (Dec 08 2004)
DoS leading to crash of client in Remote Execute 2.30 headpimp_at_pimp-industries.com (Dec 05 2004)
Web Application Security Consortium 'Guest Articles' Call for Papers robert_at_webappsec.org (Dec 05 2004)
Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux) madsys (Dec 06 2004)
Local root exploit on Mac OS X with Adobe Version Cue fintler (Dec 06 2004)
- Re: Local root exploit on Mac OS X with Adobe Version Cue Chet Ramey (Dec 07 2004)
MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service Evgeny Demidov (Dec 07 2004)
[ GLSA 200412-05 ] mirrorselect: Insecure temporary file creation Luke Macken (Dec 07 2004)
Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2 Luigi Auriemma (Dec 07 2004)
MDKSA-2004:142 - Updated gzip packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 06 2004)
Multiple Vulnerabilities in paFileDB 3.1 Ahmad Muammar (Dec 06 2004)
- Re: Multiple Vulnerabilities in paFileDB 3.1 Rafael San Miguel Carrasco (Dec 09 2004)
Online Script Decoder GreyMagic Security (Dec 07 2004)
- Re: Online Script Decoder Stefan Paletta (Dec 07 2004)
Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0 John Bissell (Dec 07 2004)
MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 06 2004)
- Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 07 2004)
  - Re: MD5 To Be Considered Harmful Someday Tim (Dec 07 2004)
    - Re: MD5 To Be Considered Harmful Someday Dragos Ruiu (Dec 08 2004)
    - Re: MD5 To Be Considered Harmful Someday David F. Skoll (Dec 08 2004)
  - Re: MD5 To Be Considered Harmful Someday Joel Maslak (Dec 07 2004)
    - Re: MD5 To Be Considered Harmful Someday Steve Friedl (Dec 08 2004)
  - RE: MD5 To Be Considered Harmful Someday David Schwartz (Dec 07 2004)
    - Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 07 2004)
      - Re: MD5 To Be Considered Harmful Someday Keith Oxenrider (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Adam Shostack (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Solar Designer (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Pavel Kankovsky (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Solar Designer (Dec 11 2004)
    - Re: MD5 To Be Considered Harmful Someday George Georgalis (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08 2004)
  - Re: MD5 To Be Considered Harmful Someday Ruth A. Kramer (Dec 05 2004)
- MD5 To Be Considered Harmful Today Pavel Machek (Dec 07 2004)
  - Re: MD5 To Be Considered Harmful Today Dan Kaminsky (Dec 08 2004)
    - Re: MD5 To Be Considered Harmful Today Pavel Machek (Dec 08 2004)
      - Re: MD5 To Be Considered Harmful Today Dan Kaminsky (Dec 08 2004)
- RE: MD5 To Be Considered Harmful Someday Rager, Anton (Anton) (Dec 08 2004)
- Re: MD5 To Be Considered Harmful Someday Joel Maslak (Dec 07 2004)
  - Re: MD5 To Be Considered Harmful Someday Jack Lloyd (Dec 08 2004)
  - Re: MD5 To Be Considered Harmful Someday Jack Lloyd (Dec 08 2004)
MDKSA-2004:143 - Updated ImageMagick packages fix vulnerability Mandrake Linux Security Team (Dec 06 2004)
Bypass personal firewall application protection . Again. offtopic (Dec 07 2004)
- Re: Bypass personal firewall application protection . Again. Chris Paget (Dec 08 2004)
Cleartext SMB passwords in Novell Desktop Linux using KDE Mike DeMaria (Dec 07 2004)
7a69Adv#16 - Konqueror FTP command injection Albert Puigsech Galicia (Dec 05 2004)
- Re: 7a69Adv#16 - Konqueror FTP command injection Albert Puigsech Galicia (Dec 06 2004)
zone transfers, a spammer's dream? Lode Vermeiren (Dec 07 2004)
- RE: zone transfers, a spammer's dream? Marcin Pacyna (Dec 13 2004)
IE6 Vulnerability - Local File Detection ViPeR (Dec 07 2004)
- Re: IE6 Vulnerability - Local File Detection RSnake (Dec 08 2004)
MDKSA-2004:147 - Updated openssl packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 06 2004)
MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability Mandrake Linux Security Team (Dec 06 2004)
- Re: MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability David F. Skoll (Dec 07 2004)
[ GLSA 200412-04 ] Perl: Insecure temporary file creation Luke Macken (Dec 06 2004)
MDKSA-2004:146 - Updated nfs-utils packages fix remote DoS vulnerability Mandrake Linux Security Team (Dec 06 2004)
[Advisory] Mozilla Products Remote Crash Vulnerability Niek van der Maas (Dec 06 2004)
- Re: [Advisory] Mozilla Products Remote Crash Vulnerability Berend-Jan Wever (Dec 06 2004)
MDKSA-2004:144 - Updated lvm1 packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 06 2004)
[ GLSA 200412-03 ] imlib: Buffer overflows in image decoding Thierry Carrez (Dec 06 2004)
[SECURITY] [DSA 606-1] New nfs-utils packages fix denial of service Martin Schulze (Dec 07 2004)
Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6 http-equiv_at_excite.com (Dec 07 2004)
7a69Adv#15 - Internet Explorer FTP command injection Albert Puigsech Galicia (Dec 06 2004)
TSLSA-2004-0064 - nfs-utils Trustix Security Advisor (Dec 09 2004)
KDE Security Advisory: plain text password exposure Dirk Mueller (Dec 09 2004)
KDE Security Advisory: kfax libtiff vulnerabilities Dirk Mueller (Dec 09 2004)
F-Secure Policy Manager - physical path disclosure oliver_at_greyhat.de (Dec 09 2004)
CodeCon CFP deadline nearing Len Sassaman (Dec 10 2004)
wget: Arbitrary file overwriting/appending/creating and other vulnerabilities Jan Minar (Dec 09 2004)
In-game buffer-overflow in the Gamespy cd-key validation SDK Luigi Auriemma (Dec 10 2004)
[SECURITY] [DSA 607-1] New libxpm packages fix several vulnerabilities Martin Schulze (Dec 10 2004)
HOW TO BREAK XP SP2 POPUP BLOCKER: kick it in the nut ! http-equiv_at_excite.com (Dec 10 2004)
Local off-by-one in mtr versions 0.55 to 0.65 venglin_at_freebsd.lublin.pl (Dec 11 2004)
SugarSales Multiple Vulnerabilities Daniel Fabian (Dec 13 2004)
Citadel/UX <= v6.27 Remote Format String Vulnerability CoKi (Dec 12 2004)
- Re: Citadel/UX <= v6.27 Remote Format String Vulnerability Michael Hampton (Dec 13 2004)
Gadu-Gadu several vulnerabilities Jaroslaw Sajko (Dec 13 2004)
Multiple vulnerabilities in phpMyAdmin Nicolas Gregoire (Dec 13 2004)
MS IE User's Authentication Details (userid/password) Sharing Issue Debasis Mohanty (Dec 12 2004)
KDE Security Advisory: Konqueror Window Injection Vulnerability Waldo Bastian (Dec 13 2004)
iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability customer service mailbox (Dec 13 2004)
[ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien Giovanni Delvecchio (Dec 13 2004)
Winamp 5.07 (latest version) Remote Crash + other stupid shizle b0f www.b0f.net (Dec 13 2004)
Socket unreacheable in the Lithtech engine (new protocol) Luigi Auriemma (Dec 13 2004)
[ GLSA 200412-07 ] file: Arbitrary code execution Matthias Geerdsen (Dec 13 2004)
NetWare Screensaver Authentication Bypass From The Local Console Adam Gray (Dec 12 2004)
- Re: NetWare Screensaver Authentication Bypass From The Local Console Brad Bendily (Dec 14 2004)
[ GLSA 200412-06 ] PHProjekt: setup.php vulnerability Thierry Carrez (Dec 10 2004)
Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory Secure Network Operations, Inc. (Dec 13 2004)
- Re: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory secure_at_symantec.com (Dec 13 2004)
What's "may have exploitable buffer overflows" mean in tcpdump? Dragos Ruiu (Dec 13 2004)
Linux kernel IGMP vulnerabilities Paul Starzetz (Dec 14 2004)
- Re: Linux kernel IGMP vulnerabilities Pekka Savola (Dec 14 2004)
- Re: Linux kernel IGMP vulnerabilities stephen joseph butler (Dec 14 2004)
  - Re: Linux kernel IGMP vulnerabilities Paul Starzetz (Dec 15 2004)
    - Re: Linux kernel IGMP vulnerabilities matthew-bugtraq_at_newtoncomputing.co.uk (Dec 15 2004)
      - RE: Linux kernel IGMP vulnerabilities Wolfpaw - Dale Corse (Dec 15 2004)
      - RE: Linux kernel IGMP vulnerabilities Jirka Kosina (Dec 16 2004)
phpBB Attachment Mod Directory Traversal HTTP POST Injection Paul Laudanski (Dec 14 2004)
Linux kernel scm_send local DoS Paul Starzetz (Dec 14 2004)
- Re: Linux kernel scm_send local DoS even multiplexed (Dec 14 2004)
  - Re: Linux kernel scm_send local DoS Paul Starzetz (Dec 15 2004)
    - Re: Linux kernel scm_send local DoS even multiplexed (Dec 15 2004)
    - Re: Linux kernel scm_send local DoS gadgeteer_at_elegantinnovations.org (Dec 15 2004)
    - Re: [Full-Disclosure] Re: Linux kernel scm_send local DoS Valdis.Kletnieks_at_vt.edu (Dec 22 2004)
- Re: Linux kernel scm_send local DoS Pavel Kankovsky (Dec 23 2004)
Re: [Full-Disclosure] [HV-LOW] Symantec LiveUpdate issues may cause DoS Dan Margolis (Dec 13 2004)
[ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictions Giovanni Delvecchio (Dec 13 2004)
iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerability customer service mailbox (Dec 14 2004)
MDKSA-2004:148 - Updated iproute2 packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 13 2004)
[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit Martin Schulze (Dec 14 2004)
ASP Calendar Vulnerability <www.ashiyane.com> ali reza AcTiOnSpIdEr (Dec 14 2004)
[CAN-2004-1022] Insecure Credential Storage on Kerio Software Secure Computer Group (Dec 14 2004)
RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability Hongzhen Zhou (Dec 14 2004)
- Re: RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability Hongzhen Zhou (Dec 15 2004)
Possible local root vulnerability in Roxio Toast on Mac OS X fintler (Dec 13 2004)
STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability advisory_at_stgsecurity.com (Dec 13 2004)
[SECURITY] [DSA 608-1] New zgv packages fix arbitrary code execution Martin Schulze (Dec 14 2004)
[ GLSA 200412-08 ] nfs-utils: Multiple remote vulnerabilities Luke Macken (Dec 13 2004)
[CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio Software Secure Computer Group (Dec 14 2004)
MDKSA-2004:149 - Updated postgresql packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 13 2004)
ASP-rider is vulnerable to sql injection attack shervin khaleghjou (Dec 14 2004)
iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerability customer service mailbox (Dec 14 2004)
iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerability customer service mailbox (Dec 14 2004)
[Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory Secure Network Operations, Inc. (Dec 14 2004)
[USN-38-1] Linux kernel vulnerabilities Martin Pitt (Dec 14 2004)
HyperTerminal - Buffer Overflow In .ht File Brett Moore (Dec 14 2004)
Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ] GulfTech Security (Dec 14 2004)
Asante FM2008 10/100 Ethernet switch backdoor login Joe Philipps (Dec 15 2004)
Hotmail Cross-Site Scripting Vulnerability #1 Rafel Ivgi (Oct 15 2004)
Hotmail Cross Site Scripting Vulnerability #2 Rafel Ivgi (Oct 15 2004)
Yahoo! Mail Cross-Site Scripting Vulnerability Rafel Ivgi (Oct 15 2004)
*nix data wipe tools Thomas C. Greene (Dec 14 2004)
- Re: *nix data wipe tools David Cannings (Dec 16 2004)
  - Re: *nix data wipe tools Wietse Venema (Dec 17 2004)
    - Re: *nix data wipe tools Casper.Dik_at_Sun.COM (Dec 17 2004)
  - Re: *nix data wipe tools Thomas C. Greene (Dec 17 2004)
  - Re: *nix data wipe tools George Georgalis (Dec 17 2004)
3cdaemon tftp server DOS vulnerability Wang Ning (Dec 15 2004)
Re: rpcl_icmpdos.c x90c (Dec 15 2004)
[ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmap Thierry Carrez (Dec 15 2004)
MSIE DHTML Edit Control Cross Site Scripting Vulnerability Paul (Dec 15 2004)
[OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim) OpenPKG (Dec 15 2004)
STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability advisory_at_stgsecurity.com (Dec 15 2004)
[ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines Thierry Carrez (Dec 15 2004)
- Re: [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines Alexey I. Froloff (Dec 15 2004)
Security Advisory for CVS Slash Jamie McCarthy (Dec 15 2004)
Advisory 01/2004: Multiple vulnerabilities in PHP 4/5 Stefan Esser (Dec 15 2004)
Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly Detector Cisco Systems Product Security Incident Response Team (Dec 15 2004)
iwebnegar is vulnerable to all kind of sql injections shervin khaleghjou (Dec 15 2004)
Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default Passwords Cisco Systems Product Security Incident Response Team (Dec 15 2004)
STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki advisory_at_stgsecurity.com (Dec 15 2004)
CSS in phpBB 1.4.4 SandI] (Dec 15 2004)
- RE: CSS in phpBB 1.4.4 Paul Owen (Dec 15 2004)
php unserialize Martin Eiszner (Dec 15 2004)
- Re: php unserialize Stefan Esser (Dec 15 2004)
MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerability Mandrake Linux Security Team (Dec 15 2004)
iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability customer service mailbox (Dec 15 2004)
[SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9 Gerald Carter (Dec 16 2004)
STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard advisory_at_stgsecurity.com (Dec 15 2004)
- RE: STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard Richard Stanway (Dec 16 2004)
STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod advisory_at_stgsecurity.com (Dec 15 2004)
[MaxPatrol] SQL-injection in Ikonboard 3.1.x Alexander Anisimov (Dec 16 2004)
STG Security Advisory: [SSA-20041215-19] Vulnerability of uploading files with multiple extensions in MediaWiki advisory_at_stgsecurity.com (Dec 15 2004)
Multiple XSS Vulnerabilities in Wordpress 1.2.1 Thomas Waldegger (Dec 15 2004)
DJB's students release 44 *nix software vulnerability advisories Thor Larholm (Dec 16 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 16 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories cees-bart (Dec 17 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Marcin Owsiany (Dec 17 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories security curmudgeon (Dec 16 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Julian T J Midgley (Dec 17 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 17 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Artem Chuprina (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Stephen Samuel (Dec 21 2004)
    - Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 21 2004)
      - Re: DJB's students release 44 *nix software vulnerability advisories David Eisner (Dec 22 2004)
      - Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 22 2004)
      - Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 22 2004)
      - Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 24 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories Jonathan T Rockway (Dec 20 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories milw0rm Inc. (Dec 21 2004)
    - Re: DJB's students release 44 *nix software vulnerability advisories Antoine Martin (Dec 21 2004)
      - Re: DJB's students release 44 *nix software vulnerability advisories Chris Paget (Dec 22 2004)
    - Re: DJB's students release 44 *nix software vulnerability advisories Jack Lloyd (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Dave Holland (Dec 21 2004)
    - Re: DJB's students release 44 *nix software vulnerability advisories sean (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Thor (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories David F. Skoll (Dec 21 2004)
    - Re: DJB's students release 44 *nix software vulnerability advisories Jonathan Rockway (Dec 21 2004)
      - Re: DJB's students release 44 *nix software vulnerability advisories Casper.Dik_at_Sun.COM (Dec 22 2004)
      - Re: DJB's students release 44 *nix software vulnerability advisories Michal Zalewski (Dec 23 2004)
    - Re: DJB's students release 44 *nix software vulnerability advisories Valdis.Kletnieks_at_vt.edu (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories laffer1 (Dec 21 2004)
    - Re: DJB's students release 44 *nix software vulnerability advisories Jonathan Rockway (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Stephen Harris (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Raymond M. Reskusich (Dec 21 2004)
- RE: DJB's students release 44 *nix software vulnerability advisories Devin Ganger (Dec 21 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories Steven M. Christey (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories David Wagner (Dec 23 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories Steven M. Christey (Dec 21 2004)
  - Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 23 2004)
- RE: DJB's students release 44 *nix software vulnerability advisories Manning, Robert (Mission Systems) (Dec 21 2004)
- RE: DJB's students release 44 *nix software vulnerability advisories Palmer, Paul (ISSAtlanta) (Dec 23 2004)
- Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 22 2004)
PHP Input Validation Vulnerabilities Daniel Fabian (Dec 16 2004)
iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow Vulnerability iDEFENSE Security Advisory (Dec 16 2004)
iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability iDEFENSE Security Advisory (Dec 16 2004)
iDEFENSE Security Advisory 12.16.04: MPlayer Remote RTSP HeapOverflow Vulnerability iDEFENSE Security Advisory (Dec 16 2004)
[USN-39-1] Linux amd64 kernel vulnerability Martin Pitt (Dec 16 2004)
[USN-40-1] PHP vulnerabilities Martin Pitt (Dec 16 2004)
iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability iDEFENSE Security Advisory (Dec 16 2004)
- Re: iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability Hideki Yamane (Dec 16 2004)
Yahoo! Mail Cross-Site Scripting Vulnerability Rafel Ivgi, The-Insider (Dec 16 2004)
iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability iDEFENSE Security Advisory (Dec 16 2004)
Hotmail Cross-Site Scripting Vulnerability #2 Rafel Ivgi, The-Insider (Dec 16 2004)
Hotmail Cross-Site Scripting Vulnerability #1 Rafel Ivgi, The-Insider (Dec 16 2004)
Discussion: Microsoft(R) PowerPoint �Action Settings� feature allows invocation of default browser pointed at arbitrary URL. Monte Ratzlaff (Dec 16 2004)
[OpenPKG-SA-2004.053] OpenPKG Security Advisory (php) OpenPKG (Dec 16 2004)
[ GLSA 200412-11 ] Cscope: Insecure creation of temporary files Luke Macken (Dec 16 2004)
[SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities chewkeong_at_security.org.sg (Dec 16 2004)
Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernel Katrina Tsipenyuk (Dec 16 2004)
[OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) OpenPKG (Dec 17 2004)
Gadu-Gadu, another two bugs Jaroslaw Sajko (Dec 17 2004)
- Re: Gadu-Gadu, another two bugs Przemyslaw Frasunek (Dec 20 2004)
  - Re: [Full-Disclosure] Re: Gadu-Gadu, another two bugs Maciej Soltysiak (Dec 20 2004)
NetBSD Security Advisory 2004-010: Insufficient argument validation in compat code NetBSD Security-Officer (Dec 16 2004)
phphpbb2 + php version < 4.3.10 unserialize() memory dump sql password from config.php exploit bad boy (Dec 17 2004)
[ GLSA 200412-12 ] Adobe Acrobat Reader: Buffer overflow vulnerability Luke Macken (Dec 16 2004)
4 Vulnerabilities in GamePort amoXi Devilkin (Dec 17 2004)
NetBSD kernel local vulnerabilities Evgeny Demidov (Dec 17 2004)
4 Vulnerabilities in GamePort amoXi Devilkin (Dec 17 2004)
[OpenPKG-SA-2004.056] OpenPKG Security Advisory (cvstrac) OpenPKG (Dec 17 2004)
Internet Explorer Code Execution Bypass Vulnerability aikon none (Dec 17 2004)
- Re: Internet Explorer Code Execution Bypass Vulnerability cmthemc_at_yahoo.com (Dec 19 2004)
[SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation Martin Schulze (Dec 17 2004)
Bug in Crypt::ECB perl module Bennett R. Samowich (Dec 17 2004)
[ GLSA 200412-13 ] Samba: Integer overflow Sune Kloppenborg Jeppesen (Dec 17 2004)
Multiple Vulnerabilities In Kayako eSupport v2.x GulfTech Security (Dec 18 2004)
MS Windows Media Player 9 Vulns (2) Arman Nayyeri (Dec 17 2004)
MDKSA-2004:151 - Updated php packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 17 2004)
Re: Patch available for multiple critical flaws in Oracle Marc Bejarano (Dec 18 2004)
[USN-41-1] Samba vulnerability Martin Pitt (Dec 17 2004)
[SECURITY] [DSA 611-1] New htget packages fix arbitrary code execution Martin Schulze (Dec 20 2004)
Security Bulletin SSRT4687 rev.0 HP-UX newgrp(1) local privilege elevation Boren, Rich (SSRT) (Dec 20 2004)
[ GLSA 200412-14 ] PHP: Multiple vulnerabilities Thierry Carrez (Dec 19 2004)
AIX 5.1/5.2/5.3 local root exploits cees-bart (Dec 20 2004)
PHP shmop.c module permits write of arbitrary memory. Stefano Di Paola (Dec 19 2004)
TSLSA-2004-0066 - multi Trustix Security Advisor (Dec 20 2004)
TSLSA-2004-0068 - kernel Trustix Security Advisor (Dec 20 2004)
[ GLSA 200412-15 ] Ethereal: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 19 2004)
Crystal FTP Pro Client Buffer Overflow Luca Ercoli (Dec 19 2004)
Windows Explorer TGA Crash Bill (Dec 18 2004)
- Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer. Berend-Jan Wever (Dec 20 2004)
  - Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer. Berend-Jan Wever (Dec 20 2004)
KDE Security Advisory: Konqueror Java Vulnerability Waldo Bastian (Dec 20 2004)
UPDATE: [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities Luke Macken (Dec 19 2004)
Exploit for Ultrix 4.5 dxterm Kristoffer Br�nemyr (Dec 19 2004)
[ GLSA 200412-16 ] kdelibs, kdebase: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 19 2004)
Internet Explorer Help ActiveX Control Local Zone Security Restriction Bypass Vulnerability (updated) Paul (Dec 19 2004)
[ GLSA 200412-17 ] kfax: Multiple overflows in the included TIFF library Sune Kloppenborg Jeppesen (Dec 19 2004)
[ GLSA 200412-20 ] NASM: Buffer overflow vulnerability Luke Macken (Dec 20 2004)
[ GLSA 200412-18 ] abcm2ps: Buffer overflow vulnerability Luke Macken (Dec 19 2004)
[ GLSA 200412-21 ] MPlayer: Multiple overflows Thierry Carrez (Dec 20 2004)
[USN-42-1] Xine library vulnerabilities Martin Pitt (Dec 20 2004)
[Full-Disclosure] [ GLSA 200412-19 ] phpMyAdmin: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 19 2004)
Gadu-Gadu Remote DoS (all versions) Maciej Soltysiak (Dec 20 2004)
[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution Martin Schulze (Dec 20 2004)
MDKSA-2004:153 - Updated aspell packages fix vulnerability Mandrake Linux Security Team (Dec 20 2004)
MDKSA-2004:152 - Updated ethereal packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 20 2004)
Updated: TSLSA-2004-0068 - kernel Trustix Security Advisor (Dec 20 2004)
[USN-43-1] groff utility vulnerabilities Martin Pitt (Dec 20 2004)
MITKRB5-SA-2004-004: heap overflow in libkadm5srv Tom Yu (Dec 20 2004)
TSLSA-2004-0069 - kerberos5 Trustix Security Advisor (Dec 21 2004)
[SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code execution Martin Schulze (Dec 21 2004)
Re: AIX 5.1/5.2/5.3 local root exploits (diag issue) Shiva Persaud (Dec 20 2004)
phpBB Worm Shannon Lee (Dec 20 2004)
- Re: phpBB Worm Raymond Dijkxhoorn (Dec 21 2004)
  - Re: phpBB Worm Sebastian Wiesinger (Dec 22 2004)
    - Re: phpBB Worm William Geoghegan (Dec 22 2004)
  - Re: phpBB Worm Anders Henke (Dec 23 2004)
- RE: phpBB Worm Paul Kurczaba (Dec 21 2004)
- Re: phpBB Worm Alexander Klimov (Dec 22 2004)
- Re: phpBB Worm ycw1bh302_at_sneakemail.com (Dec 21 2004)
  - Re: phpBB Worm Alvin Packard (Dec 22 2004)
  - Re: phpBB Worm Anders Henke (Dec 23 2004)
- RE: phpBB Worm Ofer Shezaf (Dec 23 2004)
  - RE: phpBB Worm Chris Ess (Dec 24 2004)
- Re: phpBB Worm steve_at_uptime.org.uk (Dec 24 2004)
  - Re: phpBB Worm Raymond Dijkxhoorn (Dec 24 2004)
    - new phpBB worm affects 2.0.11 Herman Sheremetyev (Dec 24 2004)
- Re: phpBB Worm Zeljko Brajdic (Dec 25 2004)
Xprobe 0.2.1 Released bugtraq_at_sys-security.com (Dec 21 2004)
SUSE Security Announcement: various kernel problems (SUSE-SA:2004:044) Marcus Meissner (Dec 21 2004)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability customer service mailbox (Dec 21 2004)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler Negative Read Length Heap Overflow Vulnerability customer service mailbox (Dec 21 2004)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerability customer service mailbox (Dec 21 2004)
iDEFENSE Security Advisory 12.21.04: libtiff Directory Entry Count Integer Overflow Vulnerability customer service mailbox (Dec 21 2004)
iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability customer service mailbox (Dec 21 2004)
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Dmitry V. Levin (Dec 22 2004)
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Moritz Muehlenhoff (Dec 23 2004)
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Marcus Meissner (Dec 27 2004)
iDEFENSE Security Advisory 12.21.04: Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability customer service mailbox (Dec 21 2004)
Re: Wordpress 1.2.2 is still vulnerable Thomas Waldegger (Dec 21 2004)
WebWorm using PHPBB vulnerability in the wild! Niki Denev (Dec 20 2004)
- Re: WebWorm using PHPBB vulnerability in the wild! Nick Johnson (Dec 22 2004)
Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue) Shiva Persaud (Dec 20 2004)
[SECURITY] [DSA 613-1] New ethereal packages fix denial of service Martin Schulze (Dec 20 2004)
SUSE Security Announcement: samba (SUSE-SA:2004:045) Sebastian Krahmer (Dec 22 2004)
[SECURITY] [DSA 615-1] New debmake package fixes insecure temporary directories Martin Schulze (Dec 22 2004)
Local versus remote security holes D. J. Bernstein (Dec 21 2004)
- Re: Local versus remote security holes Adam Shostack (Dec 22 2004)
  - stick with "anonymous" or "authenticated" when describing attacks Jonathan G. Lampe (Dec 22 2004)
- RE: Local versus remote security holes David Brodbeck (Dec 22 2004)
MDKSA-2004:154 - Updated kdelibs packages fix multiple vulnerability Mandrake Linux Security Team (Dec 22 2004)
Sybase ASE 12.5.2 vulnerabilities NGSSoftware Insight Security Research (Dec 22 2004)
MDKSA-2004:156 - Updated krb5 packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 22 2004)
malware effecting broadband users in Israel Gadi Evron (Dec 22 2004)
Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability Marc Schoenefeld (Dec 22 2004)
possible local exploit via sendmail with procmail on solaris Michael Barnes (Dec 21 2004)
- Re: possible local exploit via sendmail with procmail on solaris Jeff Damens (Dec 22 2004)
Permission problem in Skype BETA for linux Peter Conrad (Dec 22 2004)
PHP v4.3.x exploit for Windows. The Warlock (Dec 22 2004)
Realone2.0 "pnxr3260.dll" Lets Remote Users IE Browser Crash Wei Li (Dec 22 2004)
[ GLSA 200412-23 ] Zwiki: XSS vulnerability Luke Macken (Dec 21 2004)
MDKSA-2004:155 - Updated logcheck packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 22 2004)
Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il> amit sides (Dec 22 2004)
- Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il> Martin Mewes (Dec 23 2004)
  - Re: [webmin-l] Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il> Jamie Cameron (Dec 23 2004)
MDKSA-2004:157 - Updated mplayer packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 22 2004)
2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability zib zib (Dec 21 2004)
Security Advisory for ALL forum services with client-set images James Bandara (Dec 22 2004)
- Re: Security Advisory for ALL forum services with client-set images Stefan Paletta (Dec 23 2004)
- Re: Security Advisory for ALL forum services with client-set images Tim Jackson (Dec 22 2004)
SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2004:046) Marcus Meissner (Dec 22 2004)
Oracle Trigger Abuse (#NISR2122004I) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle clear text passwords (#NISR2122004D) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle ISQLPlus file access vulnerability (#NISR2122004E) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle Character Conversion Bugs (#NISR2122004G) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle extproc buffer overflow (#NISR23122004A) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle extproc directory traversal (#NISR23122004B) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle extproc local command execution (#NISR23122004C) NGSSoftware Insight Security Research (Dec 23 2004)
IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle TNS Listener DoS (#NISR2122004F) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle wrapped procedure overflow (#NISR2122004J) NGSSoftware Insight Security Research (Dec 23 2004)
Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H) NGSSoftware Insight Security Research (Dec 23 2004)
[OpenPKG-SA-2004.055] OpenPKG Security Advisory (gettext) OpenPKG (Dec 23 2004)
IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J) NGSSoftware Insight Security Research (Dec 23 2004)
[SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code execution Martin Schulze (Dec 23 2004)
Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability flashsky fangxing (Dec 23 2004)
Microsoft Windows LoadImage API Integer Buffer overflow flashsky fangxing (Dec 23 2004)
- Re: Microsoft Windows LoadImage API Integer Buffer overflow Brett Glass (Dec 24 2004)
SHOUTcast remote format string vulnerability Damian Put (Dec 23 2004)
Crystal FTP Pro 2.8 PoC cybertronic_at_gmx.net (Dec 22 2004)
- RE: Crystal FTP Pro 2.8 PoC cybertronic_at_gmx.net (Dec 23 2004)
[USN-47-1] Linux kernel vulnerabilities Martin Pitt (Dec 22 2004)
Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier GulfTech Security (Dec 22 2004)
Re: stick with "anonymous" or "authenticated" when describing Steven M. Christey (Dec 23 2004)
Inexcusable weakness in Kmail / GnuPG Thomas C. Greene (Dec 22 2004)
- Re: Inexcusable weakness in Kmail / GnuPG Simple Nomad (Dec 23 2004)
Microsoft Windows winhlp32.exe Heap Overflow Vulnerability flashsky fangxing (Dec 23 2004)
[USN-48-1] xpdf, tetex-bin vulnerabilities Martin Pitt (Dec 23 2004)
[USN-49-1] debmake vulnerability Martin Pitt (Dec 23 2004)
[USN-51-1] teTeX auxiliary script vulnerability Martin Pitt (Dec 23 2004)
[USN-52-1] vim vulnerability Martin Pitt (Dec 23 2004)
- Re: [USN-52-1] vim vulnerability Liu Die Yu (Dec 23 2004)
[ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increase Boren, Rich (SSRT) (Dec 23 2004)
WPkontakt message parsing error Jaroslaw Sajko (Dec 23 2004)
[Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflow Boren, Rich (SSRT) (Dec 23 2004)
[Security Bulletin] SSRT4876 rev.0 HP Tru64 UNIX SWS (Apache) Secure Web Server Remote Boren, Rich (SSRT) (Dec 23 2004)
Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation flashsky fangxing (Dec 23 2004)
[Security Bulletin] SSRT4883 rev.3 HP-UX ftp and ftpd remote unauthorized access Boren, Rich (SSRT) (Dec 23 2004)
[USN-50-1] CUPS vulnerabilities Martin Pitt (Dec 23 2004)
[Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS) Boren, Rich (SSRT) (Dec 23 2004)
raptor's xmas pack 2004 Marco Ivaldi (Dec 22 2004)
[SECURITY] [DSA 618-1] New imlib packages fix arbitrary code execution Martin Schulze (Dec 24 2004)
[SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code execution Martin Schulze (Dec 24 2004)
STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard advisory_at_stgsecurity.com (Dec 23 2004)
XSS in yacy 0.31 Donato Ferrante (Dec 24 2004)
Final Call for Papers & Workshops - BCS Asia 2005 Anthony.zboralski (Dec 24 2004)
CleanCache v2.19: False Sense of Security WBG Links (Dec 25 2004)
New Santy-Worm attacks *all* PHP-skripts Juergen Schmidt (Dec 25 2004)
New Winhlp32.exe vuln bad_son_at_pimp.it (Dec 24 2004)
PHPBB worm in action Colin Keith (Dec 24 2004)
Re: New Santy-Worm attacks *all* PHP-skripts ( Santy.c ? ) K-OTiK Security (Dec 25 2004)
Microsoft Internet Explorer SP2 Fully Automated Remote Compromise Paul (Dec 25 2004)
Multiple Vulnerabilities in Moodle Bartek Nowotarski (Dec 27 2004)
- Re: Multiple Vulnerabilities in Moodle Martin Dougiamas (Dec 30 2004)
MDKSA-2004:158 - Updated samba packages fix integer overflow vulnerabilities Mandrake Linux Security Team (Dec 27 2004)
possible error in latest NGS realplayer advisory Marc Bejarano (Dec 27 2004)
Did a 16-bit counter overflow shut down Comair? Richard M. Smith (Dec 28 2004)
- Re: Did a 16-bit counter overflow shut down Comair? Mike Nice (Dec 28 2004)
- Re: Did a 16-bit counter overflow shut down Comair? Avleen Vig (Dec 29 2004)
Multiple WHM Autopilot Vulnerabilities GulfTech Security (Dec 28 2004)
Remote code execution with parameters withoutu ser interaction, even with XP SP2 ShredderSub7 SecExpert (Dec 28 2004)
[HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included Hat-Squad Security Team (Dec 27 2004)
- Re: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included Chris Wysopal (Dec 28 2004)
Netcat v1.11 For Windows , New fixed version Hat-Squad Security Team (Dec 28 2004)
XSA-2004-7: stack overflow in AIFF demultiplexer Michael Roitzsch (Dec 26 2004)
KDE Security Advisory: kpdf Buffer Overflow Vulnerability Dirk Mueller (Dec 28 2004)
Re: Microsoft Windows LoadImage API IntegerBuffer overflow Berend-Jan Wever (Dec 25 2004)
php-Calendar File Include Vulnerability [ Command Exec ] GulfTech Security (Dec 29 2004)
QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004] Julio Cesar Fort (Dec 28 2004)
Sanity Worm Concepts Andy Fewtrell (Dec 29 2004)
- Re: Sanity Worm Concepts Paul Laudanski (Dec 29 2004)
[CLA-2004:909] Conectiva Security Announcement - netpbm Conectiva Updates (Dec 29 2004)
[ GLSA 200412-25 ] CUPS: Multiple vulnerabilities Thierry Carrez (Dec 28 2004)
[ GLSA 200412-26 ] ViewCVS: Information leak and XSS vulnerabilities Thierry Carrez (Dec 28 2004)
[ GLSA 200412-24 ] Xpdf, GPdf: New integer overflows Thierry Carrez (Dec 28 2004)
Heap overflow in Mozilla Browser <= 1.7.3 NNTP code. Maurycy Prodeus (Dec 29 2004)
[SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities Martin Schulze (Dec 30 2004)
MDKSA-2004:160 - Updated kdelibs packages fix konqueror email vulnerability Mandrake Linux Security Team (Dec 29 2004)
MDKSA-2004:161 - Updated xpdf packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 29 2004)
KorWeblog php injection Vulnerability Min-sung Choi (Dec 30 2004)
NetCat V 1.11 Multiple Bugs CorryL (Dec 30 2004)
[SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution Martin Schulze (Dec 30 2004)
MDKSA-2004:164 - Updated cups packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 29 2004)
MDKSA-2004:159 - Updated glibc packages fix temporary file vulnerability Mandrake Linux Security Team (Dec 29 2004)
Strange Java Loader duffbeer (Dec 29 2004)
MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 29 2004)
MDKSA-2004:165 - Updated koffice packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 29 2004)
Re: Strange Java Loader (not so strange - Trojan.ByteVerify) K-OTiK Security (Dec 30 2004)
MDKSA-2004:162 - Updated gpdf packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 29 2004)
MDKSA-2004:166 - Updated tetex packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 29 2004)
SQL Injection Vulnerability In IBProArcade mike bailey (Dec 31 2004)
[EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC houseofdabus HOD (Dec 30 2004)
- Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC Alberto Garcia Hierro (Dec 31 2004)
  - Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC Steve Friedl (Dec 31 2004)
ArGoSoft FTP Server reveals valid usernames and allows for brute force attacks steven_at_lovebug.org (Dec 31 2004)
[SECURITY] [DSA 621-1] New CUPS packages fix arbitrary code execution Martin Schulze (Dec 31 2004)
Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge) beniwiedmer_at_tiscali.ch (Dec 31 2004)
WHM AutoPilot Security Release [ Plus Upgrade Instructions ] GulfTech Security (Dec 31 2004)