Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
488 messages
starting Feb 29 00 and
ending Feb 28 00
Date index |
Thread index |
Author index
3APA3A
IIS dosn't check existance of local file before calling CGI 3APA3A (Feb 29)
Aaron Ross
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) Aaron Ross (Feb 08)
Adam Gray
Novell GroupWise 5.5 Enhancement Pack Web Access Denial of Servic e Adam Gray (Feb 07)
Alan Brown
Re: DDOS Attack Mitigation Alan Brown (Feb 14)
Alan Ramsbottom
Re: Microsoft signed software can be install software without pro mpting users Alan Ramsbottom (Feb 21)
Alec Muffett
ANN: Bruce 1.0ea2: Networked Host-Vulnerability Scanner for Solaris & Linux Alec Muffett (Feb 17)
Aleph One
Security Bulletins Digest Aleph One (Feb 14)
Security Bulletins Digest Aleph One (Feb 17)
New Allaire Security Zone Bulletin Aleph One (Feb 17)
[Debian] New version of make released Aleph One (Feb 21)
[Debian] New version of apcd released Aleph One (Feb 02)
Microsoft Security Bulletin (MS00-007) Aleph One (Feb 01)
Alexander Kiwerski
Re: Doubledot bug in FrontPage FrontPage Personal Web Server. Alexander Kiwerski (Feb 21)
Alexander Leidinger
Re: ASP Security Hole (PHP Too) Alexander Leidinger (Feb 17)
Alexander Schreiber
Re: 'cross site scripting' CERT advisory and MS Alexander Schreiber (Feb 18)
Alexandru Popa
Re: FireWall-1 FTP Server Vulnerability Alexandru Popa (Feb 14)
Alex Heiphetz
Re: EZ Shopper 3.0 shopping cart CGI remote command execution Alex Heiphetz (Feb 28)
Alfred Huger
Local / Remote Exploiteable Buffer Overflow Vulnerability in InterAccess TelnetD (fwd) Alfred Huger (Feb 23)
Andreas Busse
Re: DDOS Attack Mitigation Andreas Busse (Feb 15)
Andre L. Dos Santos
Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
Re: Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
Re: Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
Andrew Bennett
Re: ebay sends passwords in the clear Andrew Bennett (Feb 20)
Andrew Danforth
Re: perl-cgi hole in UltimateBB by Infopop Corp. Andrew Danforth (Feb 15)
Andrew Daviel
Zonealarm exports sensitive data Andrew Daviel (Feb 24)
Andrew van der Stock
Advisory: Foundry Networks ServerIron TCP/IP sequence predictability Andrew van der Stock (Feb 27)
Andrey
Re: SSH & xauth Andrey (Feb 25)
Andrzej Bialecki
Re: Packet Tracing (linux klog patch) Andrzej Bialecki (Feb 15)
Re: Packet Tracing (linux klog patch) Andrzej Bialecki (Feb 17)
Re: DDOS Attack Mitigation Andrzej Bialecki (Feb 14)
antirez
Re: unused bit attack alert antirez (Feb 23)
Re: Tempfile vulnerabilities antirez (Feb 05)
Ari Gordon-Schlosberg
Re: Evil Cookies. Ari Gordon-Schlosberg (Feb 08)
Re: Fwd: CERT Advisory CA-2000-02 Ari Gordon-Schlosberg (Feb 03)
Re: `Microsoft VM for Java' allows reading local files using `getSystemResourceAsStream'. Ari Gordon-Schlosberg (Feb 01)
Re: recent 'cross site scripting' CERT advisory Ari Gordon-Schlosberg (Feb 07)
-=ArkanoiD=-
Re: Future of s/key (Re: S/Key & OPIE Database Vulnerability) -=ArkanoiD=- (Jan 31)
Arne Vidstrom
"Recycle Bin Creation" Vulnerability in Windows NT / Windows 2000 Arne Vidstrom (Feb 01)
Re: "Strip Script Tags" in FW-1 can be circumvented Arne Vidstrom (Feb 01)
Bacano
Re: Bypass Virus Checking Bacano (Feb 01)
Barclay Osborn
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) Barclay Osborn (Feb 04)
Ben Collins
Re: vulnerability in Linux Debian default boot configuration Ben Collins (Feb 03)
Ben Greenbaum
Re: Windows NT and account list leak ! A new SID usage Ben Greenbaum (Feb 02)
BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Ben Greenbaum (Feb 25)
Bennett Todd
Re: perl-cgi hole in UltimateBB by Infopop Corp. Bennett Todd (Feb 18)
Re: DDOS Attack Mitigation Bennett Todd (Feb 15)
DDoS whitepaper Bennett Todd (Feb 17)
Berk Ulsoy
Serv-U FTP-Server v2.4a showing real path Berk Ulsoy (Feb 28)
Bertrand Schmitt
Re: BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Bertrand Schmitt (Feb 26)
bgreenbaum () SECURITYFOCUS COM
ASP Security Hole (fwd) bgreenbaum () SECURITYFOCUS COM (Feb 09)
Bill
Re: perl-cgi hole in UltimateBB by Infopop Corp. Bill (Feb 14)
Bill McKinnon
Re: perl-cgi hole in UltimateBB by Infopop Corp. Bill McKinnon (Feb 16)
Bill Thompson
Re: recent 'cross site scripting' CERT advisory Bill Thompson (Feb 06)
Bjørnar B. Larsen
Re: "Strip Script Tags" in FW-1 can be circumvented Bjørnar B. Larsen (Feb 01)
Bob Fiero
BorderManager csatpxy.nlm fix avalable. Bob Fiero (Feb 11)
Re: MS signed softwrare privileges Bob Fiero (Feb 22)
Bob Kline
NT Service Pack requirements (Bell Atlantic DSL) Bob Kline (Feb 10)
Borbely Zoltan
Re: FireWall-1 FTP Server Vulnerability Borbely Zoltan (Feb 15)
Brad Griffin
Re: Bypass Virus Checking Brad Griffin (Feb 01)
Bret Piatt
Re: "Strip Script Tags" in FW-1 can be circumvented Bret Piatt (Feb 02)
Brett Glass
Re: Zonealarm exports sensitive data Brett Glass (Feb 25)
Brian
Re: SSH & xauth Brian (Feb 28)
Brian Caswell
SSH & xauth Brian Caswell (Feb 24)
Brian Hampson
Re: SyGate 3.11 Port 7323 / Remote Admin hole Brian Hampson (Jan 31)
Brock Sides
Re: Bypass Virus Checking Brock Sides (Feb 01)
Re: perl-cgi hole in UltimateBB by Infopop Corp. Brock Sides (Feb 17)
Re: perl-cgi hole in UltimateBB by Infopop Corp. Brock Sides (Feb 18)
Byron Alley
Re: Fwd: CERT Advisory CA-2000-02 Byron Alley (Feb 07)
Cancer Omega
A.L.E.R.T.: BigMailBox.com href tokens leave mailboxes open to control by a malicious site. Cancer Omega (Feb 21)
Re: A.L.E.R.T.: BigMailBox.com href tokens leave mailboxes open to control by a malicious site. Cancer Omega (Feb 23)
Carlos García Argos
Re: unused bit attack alert Carlos García Argos (Feb 22)
Carson Gaspar
Re: DDOS Attack Mitigation Carson Gaspar (Feb 15)
Cassius
Re: Fwd: CERT Advisory CA-2000-02 Cassius (Feb 03)
Cave, Glynis
MMDF Cave, Glynis (Feb 21)
CDI
Re: sshd and pop/ftponly users incorrect configuration CDI (Feb 14)
Cedric Amand
Re: Response from FTPPro Cedric Amand (Feb 02)
cerberus
DOS in Trendmicro OfficeScan cerberus (Feb 26)
Charles Capps
Re: perl-cgi hole in UltimateBB by Infopop Corp. Charles Capps (Feb 15)
Charles Skoglund
Re: Wordpad vulnerability, exploitable also in IE for Win9x Charles Skoglund (Feb 23)
chess () US IBM COM
Re: FireWall-1 FTP Server Vulnerability chess () US IBM COM (Feb 18)
Chicken Man
Novell BorderManager 3.5 Remote Slow Death Chicken Man (Feb 08)
Chris Cappuccio
Re: DDOS Attack Mitigation Chris Cappuccio (Feb 15)
Re: Tempfile vulnerabilities Chris Cappuccio (Feb 03)
Christophe GRENIER
Re: Toshiba NoteBooks BIOS Password Backdoor - Password Cracker Christophe GRENIER (Feb 25)
Re: Scorpion Marlin Christophe GRENIER (Feb 28)
Scorpion Marlin Christophe GRENIER (Feb 24)
Chuck Phillips
Re: rp_filter? (was Re: DDOS Attack Mitigation) Chuck Phillips (Feb 20)
Clifford Hammerschmidt
W2K & ~25000+ temp files = crash + corruption? Clifford Hammerschmidt (Feb 28)
Colin Johnston
Re: Default password in Bay Networks switches. Colin Johnston (Feb 20)
Craig Brozefsky
Re: Debian (frozen): Perms on /usr/lib/libguile.so.6.0.0 Craig Brozefsky (Feb 08)
Re: Debian (frozen): Perms on /usr/lib/libguile.so.6.0.0 Craig Brozefsky (Feb 08)
Crashkiller
Re: RedHat 6.1 /and others/ PAM Crashkiller (Feb 01)
cuartango () TELELINE ES
MS signed softwrare privileges cuartango () TELELINE ES (Feb 22)
Curtis Anderson, CNE, MCSE
Re: Wordpad vulnerability, exploitable also in IE for Win9x Curtis Anderson, CNE, MCSE (Feb 25)
CyberPsychotic
Re: unused bit attack alert CyberPsychotic (Feb 22)
Cy Schubert - ITSD Open Systems Group
Re: SSH & xauth Cy Schubert - ITSD Open Systems Group (Feb 27)
Re: SSH & xauth Cy Schubert - ITSD Open Systems Group (Feb 28)
Dale Whitchurch
Re: Timbuktu Pro 2.0b650 DoS Dale Whitchurch (Feb 14)
Damir Rajnovic
Re: snmp problems still alive... Damir Rajnovic (Feb 17)
Daniel Austin
Re: ASP Security Hole (PHP Too) Daniel Austin (Feb 17)
Daniel Carosone
NetBSD Security Advisory 2000-001 Daniel Carosone (Feb 15)
UPDATED: NetBSD Security Advisory 2000-001 Daniel Carosone (Feb 18)
NetBSD Security Advisory 1999-012 Daniel Carosone (Feb 15)
Dan Stromberg
Re: Misleading sense of security in Netscape Dan Stromberg (Feb 14)
Danton Nunes
false alarms by real secure Danton Nunes (Feb 29)
Darren Reed
Re: A DDOS defeating technique based on routing Darren Reed (Feb 25)
Re: DDOS Attack Mitigation Darren Reed (Feb 15)
Re: DDOS Attack Mitigation Darren Reed (Feb 13)
Re: DDOS Attack Mitigation Darren Reed (Feb 14)
Re: Firewall and IP stack test tool Darren Reed (Feb 23)
redhat 6.0: single user boot security hole Darren Reed (Feb 22)
Re: DDOS Attack Mitigation Darren Reed (Feb 14)
Dave Dittrich
Re: Req. Clarification on Stacheldraht Analysis (fwd) Dave Dittrich (Feb 01)
Re: Analysis of "stacheldraht" Dave Dittrich (Feb 10)
Dave G.
KSR[T]Ware #002: Instructor 1.0 Dave G. (Feb 01)
AIX SNMP Defaults (fwd) Dave G. (Feb 17)
Dave Tarbatt - ACS
Disk (over)quota in Windows 2000 Dave Tarbatt - ACS (Feb 28)
David Brumley
Re: New Tool for DDoS Defense David Brumley (Feb 17)
David Evans
Re: flex license manager tempfile predictable name... David Evans (Feb 23)
David Harley
Re: Bypass Virus Checking David Harley (Feb 03)
David Kennedy CISSP
Reminder: BOF on Distributed DoS, San Jose 2/7/00 David Kennedy CISSP (Feb 06)
David LeBlanc
Re: Windows NT and account list leak ! A new SID usage David LeBlanc (Feb 01)
Re: 'cross site scripting' CERT advisory and MS David LeBlanc (Feb 10)
Re: 'cross site scripting' CERT advisory and MS David LeBlanc (Feb 16)
David Nesting
"Association of Responsible Internet Providers"? David Nesting (Feb 15)
David Pybus
Re: SSH & xauth David Pybus (Feb 26)
David Terrell
Re: SSH & xauth David Terrell (Feb 25)
Dawes, Rogan (ZA - JNB)
Re: {\rtf\a112911112911112911112911...112911} in the body will cr ash OE5 clients. Dawes, Rogan (ZA - JNB) (Feb 23)
Dax Kelson
Re: MS signed softwrare privileges Dax Kelson (Feb 22)
deepquest () NETSCAPE NET
Re: Timbuktu Pro 2.0b650 DoS deepquest () NETSCAPE NET (Feb 18)
Dennis Taylor
Re: perl-cgi hole in UltimateBB by Infopop Corp. Dennis Taylor (Feb 18)
der Mouse
Re: FireWall-1 FTP Server Vulnerability der Mouse (Feb 17)
dies
Open IP Directed Broadcast List... dies (Feb 23)
Doctor Muerte
Re: Toshiba NoteBooks BIOS Password Backdoor - Password Cracker - Follow The Instructions. Doctor Muerte (Feb 23)
Dragos Ruiu
A DDOS proposal. Dragos Ruiu (Feb 11)
Re: Packet Tracing (linux klog patch) Dragos Ruiu (Feb 17)
Packet Tracing (linux klog patch) Dragos Ruiu (Feb 12)
Re: A DDOS proposal. Dragos Ruiu (Feb 12)
Dug Song
Re: Tempfile vulnerabilities Dug Song (Jan 31)
Re: FireWall-1 FTP Server Vulnerability Dug Song (Feb 18)
Duncan Simpson
All the recent SQL vulnerabilities Duncan Simpson (Feb 28)
Dustin Miller
Re: 'cross site scripting' CERT advisory and MS Dustin Miller (Feb 09)
Dylan Griffiths
Re: Evil Cookies. Dylan Griffiths (Feb 07)
Edith Myers
Re: Local / Remote D.o.S Attack in InterAccess TelnetD Server Release 4.0 *ALL BUILDS* for WinNT Vulnerability Edith Myers (Feb 25)
Edwards Philip M Contr AFRL/SNRR
Re: flex license manager tempfile predictable name... Edwards Philip M Contr AFRL/SNRR (Feb 24)
-Eiji Ohki-
DoS for the iPlanet Web Server, Enterprise Edition 4.1 -Eiji Ohki- (Feb 22)
Eivind Eklund
Re: S/Key & OPIE Database Vulnerability Eivind Eklund (Jan 31)
Elias Levy
Administrivia Elias Levy (Feb 14)
Remote access vulnerability in all MySQL server versions Elias Levy (Feb 09)
Re: "Association of Responsible Internet Providers"? Elias Levy (Feb 17)
Administrivia Elias Levy (Feb 03)
DDOS Attack Mitigation Elias Levy (Feb 11)
Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Elias Levy (Mar 01)
Re: DDOS Attack Mitigation Elias Levy (Feb 11)
Microsoft signed software can be install software without prompting users Elias Levy (Feb 21)
Re: crash windows boxes on your local network (twinge.c) Elias Levy (Feb 14)
Re: DDOS Attack Mitigation Elias Levy (Feb 18)
Administrivia Elias Levy (Feb 16)
elijah wright
Re: ANNOUNCE: Medusa DS9 security system elijah wright (Feb 15)
Emiliano Kargieman
Re: FireWall-1 FTP Server Vulnerability Emiliano Kargieman (Feb 18)
Eric D. Williams
Re: Bypass Virus Checking Eric D. Williams (Feb 03)
Re: {\rtf\a112911112911112911112911...112911} in the body will cr ash OE5 clients. Eric D. Williams (Feb 25)
Eric Lecht
'cross site scripting' CERT advisory and MS Eric Lecht (Feb 08)
Eric Stevens
AUTORUN.INF Vulnerability Eric Stevens (Feb 17)
Erik Gjertsen
Re: [xforce () iss net: ISSalert: ISS E-Security Alert: Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications] Erik Gjertsen (Feb 03)
Fernando Schapachnik
A DDOS defeating technique based on routing Fernando Schapachnik (Feb 20)
Re: A DDOS defeating technique based on routing Fernando Schapachnik (Feb 22)
flynngn () JMU EDU
Re: 'cross site scripting' CERT advisory and MS flynngn () JMU EDU (Feb 17)
Re: 'cross site scripting' defenses flynngn () JMU EDU (Feb 06)
foo
Re: Tempfile vulnerabilities foo (Jan 31)
Fred Donck
SANE 2000 program details and registration - May 22-25, 2000 Fred Donck (Feb 25)
FreeBSD Security Officer
FreeBSD Security Advisory: FreeBSD-SA-00:05.mysql322-server FreeBSD Security Officer (Feb 28)
FTPPro
Response from FTPPro FTPPro (Feb 02)
fury
Re: Fwd: CERT Advisory CA-2000-02 fury (Feb 03)
GALES,SIMON (Non-A-ColSprings,ex1)
Re: Doubledot bug in FrontPage FrontPage Personal Web Server. GALES,SIMON (Non-A-ColSprings,ex1) (Feb 18)
Gary Geisbert
Re: Disable Parent Paths Gary Geisbert (Jan 31)
Geoff Hutchison
ht://Dig remote information exposure Geoff Hutchison (Feb 28)
George
Webspeed security issue George (Feb 03)
Georgi Chorbadzhiyski
Sambar Server alert! (2) Georgi Chorbadzhiyski (Feb 24)
Sambar Server alert! Georgi Chorbadzhiyski (Feb 23)
Georgi Guninski
Outlook Express 5 vulnerability - Active Scripting may read email messages Georgi Guninski (Feb 01)
Wordpad vulnerability, exploitable also in IE for Win9x Georgi Guninski (Feb 23)
Grant Taylor
Re: Tempfile vulnerabilities Grant Taylor (Jan 31)
Greg A. Woods
Re: Future of s/key (Re: S/Key & OPIE Database Vulnerability) Greg A. Woods (Feb 01)
Gregory Steuck
Re: recent 'cross site scripting' CERT advisory Gregory Steuck (Feb 08)
Gus Huber
Re: snmp problems still alive... Gus Huber (Feb 15)
Guy Cohen
1st International Hackers Conference in Israel - and a fight agai nst censorship Guy Cohen (Feb 17)
harikiri
AIX SNMP Defaults harikiri (Feb 15)
HC Security
Re: Statistical Attack Against Virtual Banks HC Security (Feb 08)
Re: Statistical Attack Against Virtual Banks HC Security (Feb 09)
H D Moore
Re: man bugs might lead to root compromise (RH 6.1 and other boxes) H D Moore (Feb 28)
spidermap-0.1 released H D Moore (Feb 10)
Re: man bugs might lead to root compromise (RH 6.1 and other boxes) H D Moore (Feb 27)
Re: perl-cgi hole in UltimateBB by Infopop Corp. H D Moore (Feb 14)
Henrik Nordstrom
Re: Fwd: CERT Advisory CA-2000-02 Henrik Nordstrom (Feb 05)
Re: FireWall-1 FTP Server Vulnerability Henrik Nordstrom (Feb 15)
Henri Torgemane
Re: Fwd: CERT Advisory CA-2000-02 Henri Torgemane (Feb 03)
Re: recent 'cross site scripting' CERT advisory Henri Torgemane (Feb 08)
Herold Heiko
Re: TrendMicro OfficeScan tmlisten.exe DoS Herold Heiko (Feb 28)
Herve DEBAR
CFP: RAID 2000 (3rd workshop - Recent Advances in Intrusion Detection) Herve DEBAR (Dec 22)
Homer Wilson Smith
Re: DDOS Attack Mitigation Homer Wilson Smith (Feb 14)
Horst von Brand
Re: Tempfile vulnerabilities Horst von Brand (Feb 09)
Iain Wade
Re: "The Finger Server" Iain Wade (Feb 05)
Evil Cookies. Iain Wade (Feb 02)
"The Finger Server" Iain Wade (Feb 04)
Ian Turner
Re: Tempfile vulnerabilities Ian Turner (Feb 07)
Re: RedHat 6.1 /and others/ PAM Ian Turner (Feb 01)
Indeera
{\rtf\a112911112911112911112911...112911} in the body will crash OE5 clients. Indeera (Feb 23)
Irwin Lazar
Re: perl-cgi hole in UltimateBB by Infopop Corp. Irwin Lazar (Feb 17)
Jaanus Kase
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) Jaanus Kase (Feb 04)
J.A. Gutierrez
Re: Sambar Server alert! (2) J.A. Gutierrez (Feb 25)
jalerta () nestworks com
UPDATE: Sygate 3.11 Port 7323 Telnet Hole jalerta () nestworks com (Feb 03)
James Lin
Re: "Strip Script Tags" in FW-1 can be circumvented James Lin (Feb 01)
James Seymour
Re: Sprint PCS vulnerable to malicious tags James Seymour (Feb 07)
Jamie Fifield
Debian (frozen): Perms on /usr/lib/libguile.so.6.0.0 Jamie Fifield (Feb 05)
Jan van de Rijt
Doubledot bug in FrontPage FrontPage Personal Web Server. Jan van de Rijt (Feb 15)
Jarle Aase
Re: war-ftpd 1.6x DoS Jarle Aase (Feb 02)
Jason Barlow
TFN2K - An Analysis Jason Barlow (Feb 11)
Jeff Dafoe
Re: Doubledot bug in FrontPage FrontPage Personal Web Server. Jeff Dafoe (Feb 18)
Jefferson Ogata
Re: BID 994,MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Jefferson Ogata (Feb 28)
Jeff Moss
Black Hat Briefings USA Call for Papers and Singapore conference announcement Jeff Moss (Feb 14)
Jeffrey Paul
Re: How the password could be recover using FTP Explorer's registry! Jeffrey Paul (Feb 28)
Jeff Stevens
DOS in TrendMicro Virus Scan Jeff Stevens (Feb 28)
TrendMicro OfficeScan tmlisten.exe DoS Jeff Stevens (Feb 25)
Jens Hektor
Packet filter logging: MAC & TCP flags Jens Hektor (Feb 15)
jeremy logan
Re: AUTORUN.INF Vulnerability jeremy logan (Feb 18)
Jeremy Whittington
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) Jeremy Whittington (Feb 08)
Jesper M. Johansson
Re: AUTORUN.INF Vulnerability Jesper M. Johansson (Feb 18)
Jesús López de Aguileta
More SQL hacking with IIS 4 through Access Driver Jesús López de Aguileta (Feb 07)
Joachim Feise
Re: Evil Cookies. Joachim Feise (Feb 03)
Jochen Bauer
Re: unused bit attack alert Jochen Bauer (Feb 22)
John Comeau
Re: snmp problems still alive... John Comeau (Feb 15)
John Edwards
Re: DDOS Attack Mitigation John Edwards (Feb 15)
John McDonald
FireWall-1 FTP Server Vulnerability John McDonald (Feb 09)
John Payne
Re: DDOS Attack Mitigation John Payne (Feb 14)
John Robert LoVerso
patching IE (Re: Microsoft Security Bulletin (MS00-009)) John Robert LoVerso (Feb 17)
John Viega
ITS4 software security scanner John Viega (Feb 21)
ITS4 Version 1.0.1 John Viega (Feb 23)
Jon
HP Omniback remote DoS Jon (Feb 28)
Jonah Kowall
Re: "Strip Script Tags" in FW-1 can be circumvented Jonah Kowall (Jan 31)
Re: "Strip Script Tags" in FW-1 can be circumvented Jonah Kowall (Feb 02)
Jonas Eriksson
MySQL 3.22.32 released (fwd) Jonas Eriksson (Feb 14)
Jonathan M. Bresler
Re: NT Service Pack requirements (Bell Atlantic DSL) Jonathan M. Bresler (Feb 11)
Jon Paul, Nollmann
Re: Evil Cookies. Jon Paul, Nollmann (Feb 05)
Jordan Ritter
Re: perl-cgi hole in UltimateBB by Infopop Corp. Jordan Ritter (Feb 15)
Joshua J. Drake
Re: ASP Security Hole (PHP Too) Joshua J. Drake (Feb 15)
J.T. Bloch
its4 1.0.1 J.T. Bloch (Feb 24)
Julian Midgley
Zeus Web Server: Null Terminated Strings Julian Midgley (Feb 08)
Julien Nadeau
rp_filter? (was Re: DDOS Attack Mitigation) Julien Nadeau (Feb 18)
Re: DDOS Attack Mitigation Julien Nadeau (Feb 14)
Juraj Bednar
Re: ANNOUNCE: Medusa DS9 security system Juraj Bednar (Feb 17)
Justin King
Re: ASP Security Hole (fwd) Justin King (Feb 10)
Re: Disable Parent Paths Justin King (Jan 31)
Keith Warno
Re: RedHat 6.1 /and others/ PAM Keith Warno (Feb 02)
Kelly.Setzer () INGRAMENTERTAINMENT COM
DBI bind values [was Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory)] Kelly.Setzer () INGRAMENTERTAINMENT COM (Feb 07)
Kevin Day
Re: Wordpad vulnerability, exploitable also in IE for Win9x Kevin Day (Feb 23)
Kevin Hillabolt
Re: perl-cgi hole in UltimateBB by Infopop Corp. Kevin Hillabolt (Feb 14)
Kevin Kadow
Security issues with S&P ComStock multiCSP (Linux) Kevin Kadow (Feb 01)
Kevin Novak
Re: Novell BorderManager 3.5 Remote Slow Death Kevin Novak (Feb 21)
±è¿ëÁØ KimYongJun (99Á¹¾÷)
[ Hackerslab bug_paper ] Linux dump buffer overflow ±è¿ëÁØ KimYongJun (99Á¹¾÷) (Feb 27)
Kit Knox
Microsoft Media Server 4.1 DoS - Exploit Kit Knox (Feb 24)
KOJIMA Hajime
Re: Doubledot bug in FrontPage FrontPage Personal Web Server. KOJIMA Hajime (Feb 24)
Kragen Sitaker
CGI.pm and the untrusted-URL problem Kragen Sitaker (Feb 14)
Re: CGI.pm and the untrusted-URL problem Kragen Sitaker (Feb 14)
Re: CGI.pm and the untrusted-URL problem Kragen Sitaker (Feb 15)
Kris Kennaway
FreeBSD Security Advisory: FreeBSD-SA-00:03.asmon Kris Kennaway (Feb 19)
FreeBSD Security Advisory: FreeBSD-SA-00:04.delegate Kris Kennaway (Feb 19)
Kuo, Jimmy
Re: Bypass Virus Checking Kuo, Jimmy (Feb 02)
Lampe, John W.
Re: Zonealarm exports sensitive data Lampe, John W. (Feb 28)
Lars.Troen () MERKANTILDATA NO
Re: FireWall-1 FTP Server Vulnerability Lars.Troen () MERKANTILDATA NO (Feb 12)
Laurent LEVIER
Timbuktu Pro 2.0b650 DoS Laurent LEVIER (Feb 11)
Len Budney
Re: Fwd: CERT Advisory CA-2000-02 Len Budney (Feb 08)
Re: Tempfile vulnerabilities Len Budney (Feb 03)
Licquia, Jeff
Re: Local / Remote D.o.S Attack in InterAccess TelnetD Server Rel ease 4.0 *ALL BUILDS* for WinNT Vulnerability Licquia, Jeff (Feb 25)
Re: man bugs might lead to root compromise (RH 6.1 and other boxe s) Licquia, Jeff (Feb 28)
LigerTeam
unused bit attack alert LigerTeam (Feb 21)
Lincoln Stein
Re: CGI.pm and the untrusted-URL problem Lincoln Stein (Feb 15)
Lionel Cons
Re: SSH & xauth Lionel Cons (Feb 28)
Losinski, Robert
Re: "Strip Script Tags" in FW-1 can be circumvented Losinski, Robert (Feb 01)
Lupe Christoph
Re: Perl's alleged tempfile vulnerabilities Lupe Christoph (Feb 06)
Manuel Martin
Re: recent 'cross site scripting' CERT advisory Manuel Martin (Feb 08)
Marc Lehmann
Re: Tempfile vulnerabilities Marc Lehmann (Feb 08)
Marc SCHAEFER
sshd and pop/ftponly users incorrect configuration Marc SCHAEFER (Feb 11)
Re: sshd and pop/ftponly users incorrect configuration Marc SCHAEFER (Feb 15)
Marc Slemko
Re: CGI.pm and the untrusted-URL problem Marc Slemko (Feb 14)
Re: Fwd: CERT Advisory CA-2000-02 Marc Slemko (Feb 03)
Re: recent 'cross site scripting' CERT advisory Marc Slemko (Feb 05)
Re: 'cross site scripting' CERT advisory and MS Marc Slemko (Feb 11)
don't run random "exploit" code Marc Slemko (Feb 08)
mario paskual
linux SGID-man exploit mario paskual (Feb 28)
Mark D. Miller
Re: How the password could be recover using FTP Explorer's registry! Mark D. Miller (Feb 28)
Mark L. VanScoyk
Re: ASP Security Hole (fwd) Mark L. VanScoyk (Feb 10)
Markus Dobel
Re: RedHat 6.1 /and others/ PAM Markus Dobel (Feb 01)
Mark Whitis
Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Mark Whitis (Feb 27)
Martin Bene
Re: Bypass Virus Checking Martin Bene (Feb 02)
Matt
Re: A DDOS proposal. Matt (Feb 12)
Matthew Firth
Re: Novell BorderManager 3.5 Remote Slow Death Matthew Firth (Feb 09)
Matthew R. Potter
Re: snmp problems still alive... Matthew R. Potter (Feb 17)
Max Vision
Re: Bypass Virus Checking Max Vision (Feb 04)
Re: unused bit attack alert Max Vision (Feb 24)
Re: Bypass Virus Checking Max Vision (Jan 31)
Re: unused bit attack alert Max Vision (Feb 23)
Michael Bryan
Re: Evil Cookies. Michael Bryan (Feb 08)
Michael R. Rudel
Re: Novell BorderManager 3.5 Remote Slow Death Michael R. Rudel (Feb 09)
Michael Wood
Re: perl-cgi hole in UltimateBB by Infopop Corp. Michael Wood (Feb 15)
Michal Krzysztofowicz
Sun Internet Mail Server Michal Krzysztofowicz (Feb 19)
Michal Zalewski
no comment Michal Zalewski (Feb 02)
Re: AIX SNMP Defaults Michal Zalewski (Feb 17)
Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Michal Zalewski (Feb 28)
Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
snmp problems still alive... Michal Zalewski (Feb 14)
man bugs might lead to root compromise (RH 6.1 and other boxes) Michal Zalewski (Feb 26)
lynx - someone is deaf and blind ;) Michal Zalewski (Feb 27)
Re: no comment Michal Zalewski (Feb 02)
Microsoft Product Security
Microsoft Security Bulletin (MS00-013) Microsoft Product Security (Feb 23)
Microsoft Security Bulletin (MS00-012) Microsoft Product Security (Feb 22)
Microsoft Security Bulletin (MS00-009) Microsoft Product Security (Feb 16)
Microsoft Security Bulletin (MS00-004) Microsoft Product Security (Feb 04)
Patch Available for "Site Wizard Input Validation" Vulnerability Microsoft Product Security (Feb 18)
Patch Available for "VM File Reading" Vulnerability Microsoft Product Security (Feb 19)
Microsoft Product Security Response Team
Re: MS signed softwrare privileges Microsoft Product Security Response Team (Feb 23)
Mikael Olsson
Re: How the password could be recover using FTP Explorer's registry! Mikael Olsson (Feb 26)
Multiple firewalls: FTP Application Level Gateway "PASV" Vulnerability Mikael Olsson (Feb 10)
Re: FireWall-1 FTP Server Vulnerability Mikael Olsson (Feb 17)
Re: recent 'cross site scripting' CERT advisory Mikael Olsson (Feb 08)
Mike, C
surfCONTROL SuperScout v2.6.1.6 flaw Mike, C (Feb 02)
Mike Frantzen
Firewall and IP stack test tool Mike Frantzen (Feb 22)
Mike Wade
Re: DoSing the Netgear ISDN RT34x router. Mike Wade (Feb 25)
Milan WWW Pikula
ANNOUNCE: Medusa DS9 security system Milan WWW Pikula (Feb 15)
Re: ANNOUNCE: Medusa DS9 security system Milan WWW Pikula (Feb 17)
Miles Sabin
Re: "Strip Script Tags" in FW-1 can be circumvented Miles Sabin (Feb 01)
minus
Re: Bypass Virus Checking minus (Feb 03)
MJE
Re: cookies - nothing new MJE (Feb 08)
Mnemonix
Alert: IIS 4 / IS 2 IDQ Cerberus Information Security Advisory (CISADV000202) Mnemonix (Feb 02)
Re: Alert: MS IIS 4 / IS 2 (Cerberus Security Advisory CISADV000126) Mnemonix (Jan 31)
2 MS Frontpage issues Cerberus Information Security Advisory (CISADV000203) Mnemonix (Feb 02)
monti
Re: FireWall-1 FTP Server Vulnerability monti (Feb 17)
Re: FireWall-1 FTP Server Vulnerability monti (Feb 14)
cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive monti (Feb 17)
Morten Welinder
xterm log file vulnerability Morten Welinder (Feb 29)
Mullen, Patrick
Re: unused bit attack alert Mullen, Patrick (Feb 22)
NAI Labs
ARCserve symlink vulnerability NAI Labs (Feb 16)
SCO OpenServer SNMPD vulnerability NAI Labs (Feb 07)
Re: MMDF NAI Labs (Feb 22)
Remote Vulnerability in the MMDF SMTP Daemon NAI Labs (Feb 16)
Neil Blakey-Milner
Re: Tempfile vulnerabilities Neil Blakey-Milner (Feb 02)
Neil Bortnak
Re: Bypass Virus Checking Neil Bortnak (Feb 02)
Nelson
How the password could be recover using FTP Explorer's registry! Nelson (Feb 24)
Niall R. Murphy
Re: Tempfile vulnerabilities Niall R. Murphy (Feb 01)
Nick FitzGerald
Re: AUTORUN.INF Vulnerability Nick FitzGerald (Feb 19)
Re: Toshiba NoteBooks BIOS Password Backdoor - Password Cracker Nick FitzGerald (Feb 25)
Re: Bypass Virus Checking Nick FitzGerald (Feb 03)
Re: FireWall-1 FTP Server Vulnerability Nick FitzGerald (Feb 17)
Nick Southwell
Re: BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Nick Southwell (Feb 29)
Niels Provos
Re: SSH & xauth Niels Provos (Feb 28)
Nobuo Miwa
RecyclerSnooper(MS00-007) Nobuo Miwa (Feb 01)
Tiny FTPd 0.52 beta3 Buffer Overflow Nobuo Miwa (Feb 01)
remote DoS on Internet Anywhere Mail Server Ver.3.1.3 Nobuo Miwa (Feb 10)
Olaf Seibert
Re: CGI.pm and the untrusted-URL problem Olaf Seibert (Feb 16)
Oliver Friedrichs
Re: SSH & xauth Oliver Friedrichs (Feb 25)
Oliver Lineham
Re: cookies - nothing new Oliver Lineham (Feb 09)
Omachonu Ogali
Re: application proxies? Omachonu Ogali (Feb 09)
Pascal Longpre
Windows NT and account list leak ! A new SID usage Pascal Longpre (Jan 31)
Patrick Hinsberger
WG: Bypass Virus Checking - NAI Patrick Hinsberger (Feb 02)
Patrick Oonk
[xforce () iss net: ISSalert: ISS E-Security Alert: Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications] Patrick Oonk (Feb 01)
Paul Chilton
Re: Evil Cookies Paul Chilton (Feb 04)
Pauli Ojanpera
riched32.dll buffer overflow Pauli Ojanpera (Feb 21)
Re: Wordpad vulnerability, exploitable also in IE for Win9x Pauli Ojanpera (Feb 23)
Paul L Schmehl
Re: Bypass Virus Checking Paul L Schmehl (Feb 08)
Paul Schreiber
Sprint PCS vulnerable to malicious tags Paul Schreiber (Feb 04)
Peter Benie
Re: FireWall-1 FTP Server Vulnerability Peter Benie (Feb 16)
Peter Berendi
Re: Tempfile vulnerabilities Peter Berendi (Feb 08)
Peter Gutmann
Re: Disk (over)quota in Windows 2000 Peter Gutmann (Feb 29)
Peter Jeremy
Re: Random Sequence Numbers Peter Jeremy (Feb 09)
Peter W
Re: DoS for the iPlanet Web Server, Enterprise Edition 4.1 Peter W (Feb 23)
Re: recent 'cross site scripting' CERT advisory Peter W (Feb 08)
Philip Hannay
Re: AUTORUN.INF Vulnerability Philip Hannay (Feb 22)
Pierre Beyssac
Re: vulnerability in Linux Debian default boot configuration Pierre Beyssac (Feb 03)
vulnerability in Linux Debian default boot configuration Pierre Beyssac (Feb 02)
Przemyslaw Frasunek
man exploit Przemyslaw Frasunek (Feb 28)
Puchatek
Re: Novell BorderManager 3.5 Remote Slow Death Puchatek (Feb 11)
rain forest puppy
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) rain forest puppy (Feb 08)
RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) rain forest puppy (Feb 03)
Ran Atkinson
MMDF Ran Atkinson (Feb 18)
Randal L. Schwartz
Re: perl-cgi hole in UltimateBB by Infopop Corp. Randal L. Schwartz (Feb 17)
Randy Bush
Re: DDOS Attack Mitigation Randy Bush (Feb 18)
Renzo Tomà
FW: Important UBB News For Licensed Users Renzo Tomà (Feb 25)
Richard Fromm
ebay sends passwords in the clear Richard Fromm (Feb 16)
Re: BUGTRAQ Digest - 18 Feb 2000 to 21 Feb 2000 (#2000-41) Richard Fromm (Feb 22)
Rishi Lee Khan
Re: 'cross site scripting' CERT advisory and MS Rishi Lee Khan (Feb 14)
Re: How the password could be recover using FTP Explorer's registry! Rishi Lee Khan (Feb 27)
Robert Graham
Re: Zonealarm exports sensitive data Robert Graham (Feb 28)
Robert van der Meulen
Remote access vulnerability in all MySQL server versions Robert van der Meulen (Feb 08)
Robert Watson
Re: SSH & xauth Robert Watson (Feb 28)
Re: SSH & xauth Robert Watson (Feb 28)
Re: SSH & xauth Robert Watson (Feb 25)
Re: SSH & xauth Robert Watson (Feb 28)
Robert Zilbauer
Cross Site Scripting security issue Robert Zilbauer (Feb 02)
Rob Systhine
Re: ASP Security Hole (fwd) Rob Systhine (Feb 10)
Roelof JT Jonkman
Re: flex license manager tempfile predictable name... Roelof JT Jonkman (Feb 22)
Ron van Daal
Re: Novell BorderManager 3.5 Remote Slow Death Ron van Daal (Feb 09)
Russ
Re: SyGate 3.11 Port 7323 / Remote Admin hole Russ (Feb 01)
Russ Johnson
Re: Bypass Virus Checking Russ Johnson (Jan 31)
Ruud de Rooij
nmh security update Ruud de Rooij (Feb 28)
Ryan Russell
Apache 1.3.12 Ryan Russell (Feb 25)
Re: DDOS Attack Mitigation Ryan Russell (Feb 16)
Re: snmp problems still alive... Ryan Russell (Feb 15)
salme () US IBM COM
Re: Bypass Virus Checking salme () US IBM COM (Feb 01)
Re: Bypass Virus Checking salme () US IBM COM (Feb 01)
Sanford Whiteman
Re: Wordpad vulnerability, exploitable also in IE for Win9x Sanford Whiteman (Feb 24)
Sani Huttunen
SV: SyGate 3.11 Port 7323 / Remote Admin hole Sani Huttunen (Feb 01)
Scott
Re: Wordpad vulnerability, exploitable also in IE for Win9x Scott (Feb 23)
Sebastian
TESO - Nameserver traffic amplify and NS route discovery Sebastian (Feb 12)
Security
SARA Security Auditor -- a new tool Security (Feb 01)
Sergei A. Golubchik
perl-cgi hole in UltimateBB by Infopop Corp. Sergei A. Golubchik (Feb 11)
Servio Medina
EZshopper version 3.0 - Last followup Servio Medina (Feb 28)
Seth David Schoen
Re: Tempfile vulnerabilities Seth David Schoen (Feb 07)
Seth R Arnold
Re: How the password could be recover using FTP Explorer's registry! Seth R Arnold (Feb 25)
Shockro () AOL COM
Fwd: CERT Advisory CA-2000-02 Shockro () AOL COM (Feb 02)
Signal 11
Re: {\rtf\a112911112911112911112911...112911} in the body will crashOE5 clients. Signal 11 (Feb 23)
Simple Nomad
Re: Troj_Trinoo and ZZ Simple Nomad (Feb 26)
Re: MS signed softwrare privileges Simple Nomad (Feb 24)
Re: RedHat 6.1 /and others/ PAM Simple Nomad (Feb 01)
Re: RedHat 6.1 /and others/ PAM Simple Nomad (Jan 31)
Troj_Trinoo and ZZ Simple Nomad (Feb 25)
New ZZ Posted Simple Nomad (Feb 29)
Tfn2k Password Recovery Simple Nomad (Feb 24)
New Tool for DDoS Defense Simple Nomad (Feb 15)
sinkhole () NILL NET
crash windows boxes on your local network (twinge.c) sinkhole () NILL NET (Feb 10)
Smith, Eric V.
Re: BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Smith, Eric V. (Feb 28)
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) Smith, Eric V. (Feb 09)
.sozni
Multiple vulnerabilities with Outblaze-based e-mail providers .sozni (Feb 23)
sp00n
flex license manager tempfile predictable name... sp00n (Feb 21)
sporty o'one
Re: "Strip Script Tags" in FW-1 can be circumvented sporty o'one (Feb 01)
Stainforth, Matthew
Re: DDOS Attack Mitigation Stainforth, Matthew (Feb 16)
Stephane Aubert
Re: Windows 2000 installation process weakness Stephane Aubert (Feb 23)
Windows 2000 installation process weakness Stephane Aubert (Feb 15)
Security problem with ISS RealSecure Stephane Aubert (Feb 29)
Steven Champeon
cookies - nothing new Steven Champeon (Feb 07)
Steven M. Bellovin
Re: Random Sequence Numbers Steven M. Bellovin (Feb 10)
Re: Misleading sense of security in Netscape Steven M. Bellovin (Feb 14)
Re: MS signed softwrare privileges Steven M. Bellovin (Feb 23)
suid () SUID KG
EZ Shopper 3.0 shopping cart CGI remote command execution suid () SUID KG (Feb 27)
Corel Linux 1.0 local root compromise suid () SUID KG (Feb 25)
Swift Griggs
DoSing the Netgear ISDN RT34x router. Swift Griggs (Feb 25)
Re: Statistical Attack Against Virtual Banks Swift Griggs (Feb 09)
TAKAGI, Hiromitsu
Re: `Microsoft VM for Java' allows reading local files using `getSystemResourceAsStream'. TAKAGI, Hiromitsu (Feb 24)
`Microsoft VM for Java' allows reading local files using `getSystemResourceAsStream'. TAKAGI, Hiromitsu (Jan 31)
Taneli Huuskonen
Re: recent 'cross site scripting' CERT advisory Taneli Huuskonen (Feb 07)
Theo de Raadt
Re: SSH & xauth Theo de Raadt (Feb 27)
Re: Tempfile vulnerabilities Theo de Raadt (Feb 02)
Re: sshd and pop/ftponly users incorrect configuration Theo de Raadt (Feb 15)
Re: Tempfile vulnerabilities Theo de Raadt (Feb 01)
Thomas Biege
(no subject) Thomas Biege (Feb 09)
Thomas Reinke
Re: Evil Cookies. Thomas Reinke (Feb 04)
Thompson, Zach, CPG
Re: MS IIS 5.0 Access Violation on handling URL String Thompson, Zach, CPG (Jan 31)
Tim Adam
Re: Evil Cookies. Tim Adam (Feb 08)
Tim Hollebeek
recent 'cross site scripting' CERT advisory Tim Hollebeek (Feb 04)
Tom Christiansen
Re: Perl's alleged tempfile vulnerabilities Tom Christiansen (Feb 07)
Perl's alleged tempfile vulnerabilities Tom Christiansen (Feb 04)
Torsten Landschoff
Re: Debian (frozen): Perms on /usr/lib/libguile.so.6.0.0 Torsten Landschoff (Feb 08)
Toshimi Makino
war-ftpd 1.6x DoS Toshimi Makino (Jan 31)
Troy Bollinger
Re: AIX SNMP Defaults Troy Bollinger (Feb 17)
Re: AIX SNMP Defaults Troy Bollinger (Feb 21)
Ussr Labs
Windows Api SHGetPathFromIDList Buffer Overflow Ussr Labs (Feb 04)
Local / Remote Exploiteable Buffer Overflow Vulnerability in InterAccess TelnetD Server 4.0 for Windows NT Ussr Labs (Feb 20)
Local / Remote D.o.S Attack in InterAccess TelnetD Server Release 4.0 *ALL BUILDS* for WinNT Vulnerability Ussr Labs (Feb 24)
Local / Remote D.o.S Attack in Serv-U FTP-Server v2.5b for Win9x/WinNT Vulnerability Ussr Labs (Feb 03)
Pragma Systems response to USSRLabs report Ussr Labs (Feb 23)
Uwe Schurig
Re: Bypass Virus Checking Uwe Schurig (Feb 02)
Valentin Pletzer
Re: AUTORUN.INF Vulnerability Valentin Pletzer (Feb 20)
van der Meulen, Robert
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) van der Meulen, Robert (Feb 05)
Vanja Hrustic
[SAFER 000229.EXP.1.3] Remote buffer overflow in Netscape Enterprise Server 3.6 SP2 Vanja Hrustic (Feb 29)
[SAFER 000209.EXP.1.2] Zeus Web Server - obtaining source of CGI scripts Vanja Hrustic (Feb 08)
Veille Technologique
DOS in TrendMicro OfficeScan Veille Technologique (Feb 28)
ALERT!: TendMicro InterScan (DOS & intrusion) Veille Technologique (Feb 28)
Vern Paxson
Re: unused bit attack alert Vern Paxson (Feb 21)
Viktor Fougstedt
Re: Serious bug in MySQL password handling. Viktor Fougstedt (Feb 14)
Vitek, Ian
Infosec.20000229.axisstorpointcd.a Vitek, Ian (Feb 29)
Infosec.20000207.axis700.a Vitek, Ian (Feb 07)
Vittal Aithal
Re: ASP Security Hole (PHP Too) Vittal Aithal (Feb 17)
Vladimir Dubrovin
Re: Bypass Virus Checking Vladimir Dubrovin (Feb 02)
W. Craig Trader
Re: RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) W. Craig Trader (Feb 09)
Werner Koch
Re: Tempfile vulnerabilities Werner Koch (Feb 02)
Re: Tempfile vulnerabilities Werner Koch (Feb 02)
Winkelmann, Brian
Re: Bypass Virus Checking Winkelmann, Brian (Feb 02)
Zelea
dnsa1.c - Exploit code for a denial of service attack using DNS (updated version) Zelea (Feb 28)