Bugtraq: by thread
278 messages
starting Dec 01 02 and
ending Dec 31 02
Date index |
Thread index |
Author index
- RE: User downgraded from Administrator to User retains the ability to list other user's running tasks John Tolmachofft (Dec 01)
- <Possible follow-ups>
- RE: User downgraded from Administrator to User retains the ability to list other user's running tasks Eitan Caspi (Dec 01)
- Thatware (PHP) Frog Man (Dec 02)
- Multiple pServ Remote Buffer Overflow Vulnerabilities Matthew Murphy (Dec 02)
- Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND Robert Tracz (Dec 02)
- <Possible follow-ups>
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Vagner Sacramento (Dec 02)
- Cross-site Scripting Vulnerability in YaBB 1 Gold - SP1! Fabricio Angeletti (Dec 02)
- [SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service Martin Schulze (Dec 02)
- GLSA: pine Daniel Ahlberg (Dec 02)
- Potential Vuln in McAfee VirusScan 451 jari.helenius (Dec 02)
- Re: [Full-Disclosure] Netscape Problems. Ben Bucksch (Dec 02)
- Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability David Laganière (Dec 02)
- Advisory: Lawson Financials RDBMS Insecurity John Eisenschmidt (Dec 02)
- Advisory: Webster HTTP Server Matthew Murphy (Dec 02)
- RE: Kerberos login sniffer and cracker for Windows 2000/XP Jason Coombs (Dec 02)
- Re: Solaris priocntl exploit Jay Beale (Dec 02)
- Re: Solaris priocntl exploit Pavel Kankovsky (Dec 23)
- RE: Exploit for traceroute-nanog overflow Carl Livitt (Dec 02)
- pre-login buffer overflow in Cyrus IMAP server Timo Sirainen (Dec 02)
- [RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability bugzilla (Dec 02)
- possible virus break in german exchange option of Inoculate IT 6.0 tigerblue (Dec 02)
- ShopFactory shopping cart price manipulation Richard van den Berg (Dec 02)
- Cyrus Sieve / libSieve buffer overflow Timo Sirainen (Dec 02)
- [VU#317417] Denial of Service condition in vxworks ftpd/3com nbx Michael S. Scheidell (Dec 02)
- Bypassing Integrity Protection Driver (time vulnerability) Jan Rutkowski (Dec 02)
- CORE-20021005: Vulnerability Report For Linksys Devices Carlos Sarraute (Dec 03)
- MDKSA-2002:085 - Updated WindowMaker packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 03)
- [SNS Advisory No.59] Buffalo Wireless LAN Access Point Denial of Service Vulnerability (was Re: Buffalo AP Denial of Service) snsadv (Dec 03)
- Local Netfilter / IPTables IP Queue PID Wrap Flaw James Morris (Dec 03)
- Re: Local Netfilter / IPTables IP Queue PID Wrap Flaw James Morris (Dec 03)
- Poisonous Style for Dialog window turns the zone off. Liu Die Yu (Dec 03)
- SquirrelMail v1.2.9 XSS bugs euronymous (Dec 03)
- Re: SquirrelMail v1.2.9 XSS bugs Jonathan Angliss (Dec 05)
- Zeroo Webserver remote directory traversal exploit Mike Cramp (Dec 03)
- [SECURITY] [DSA 202-1] New IM packages fix insecure temporary file creation Martin Schulze (Dec 03)
- MDKSA-2002:084 - Updated pine packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 03)
- Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service Muhammad Faisal Rauf Danka (Dec 03)
- Local root vulnerability found in exim 4.x (and 3.x) Wana Thomas (Dec 04)
- Re: Local root vulnerability found in exim 4.x (and 3.x) Tabor J. Wells (Dec 05)
- Re: Local root vulnerability found in exim 4.x (and 3.x) Tabor J. Wells (Dec 05)
- Re: Local root vulnerability found in exim 4.x (and 3.x) Tabor J. Wells (Dec 05)
- SAP database local root via symlink KF (Dec 04)
- [SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution Martin Schulze (Dec 04)
- [CLA-2002:551] Conectiva Linux Security Announcement - pine secure (Dec 04)
- Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv security (Dec 04)
- [RHSA-2002:220-40] Updated KDE packages fix security issues bugzilla (Dec 04)
- [RHSA-2002:254-05] Updated Webalizer packages fix vulnerability bugzilla (Dec 04)
- Windows XP Disclosure of Registered AP Information snsadv (Dec 04)
- Buffer Overflow Vulnerability in X Font Server on IRIX SGI Security Coordinator (Dec 04)
- Multiple Vulnerabilities in BIND Name Service Daemon on IRIX SGI Security Coordinator (Dec 04)
- Sygate Personal Firewall can be shut down without a need to supply a password - although one is required Eitan Caspi (Dec 04)
- <Possible follow-ups>
- RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required Russ (Dec 06)
- Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow security (Dec 04)
- Apache/Tomcat Denial Of Service And Information Leakage Vulnerability alias (Dec 05)
- [SECURITY] [DSA 204-1] New kdlibs packages fix arbitrary program execution Martin Schulze (Dec 05)
- Multiple vulnerabilities in akfingerd Gianni Tedesco (Dec 05)
- Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 Volker Tanger (Dec 05)
- Re: Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 - and 3.7 Build 1190 Dr. Peter Bieringer (Dec 09)
- <Possible follow-ups>
- Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 jrodriga (Dec 23)
- BIND Name Server DNS Spoofing Vulnerability on IRIX SGI Security Coordinator (Dec 05)
- Samba Security Vulnerability on IRIX SGI Security Coordinator (Dec 05)
- Cross-site Scripting Vulnerability in phpBB 2.0.3 Fabricio Angeletti (Dec 05)
- Input Validation Error in vbulletin 2.2.x Dorin Balanica (Dec 11)
- [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability] Dan Rowles (Dec 05)
- Cobalt RaQ4 Remote root exploit grazer (Dec 05)
- Re: TracerouteNG - never ending story Thomas Biege (Dec 05)
- Sygate Personal Firewall can be shut down without a need to suppl y Seth Knox (Dec 05)
- RE: Sygate Personal Firewall can be shut down without a need to supply Eitan Caspi (Dec 05)
- Notes on MS02-068, extensive downplaying of severity Thor Larholm (Dec 05)
- Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench security (Dec 06)
- SuSE Security Announcement: OpenLDAP2 (SuSE-SA:2002:047) Sebastian Krahmer (Dec 06)
- [SECURITY] [DSA 202-2] New IM packages correct hidden architecture dependency Martin Schulze (Dec 06)
- WebReflex Directory Traversal Vulnerability luca.ercoli () inwind it (Dec 06)
- [SECURITY] [DSA 192-2] New html2ps packages correct fix against arbitrary code execution Martin Schulze (Dec 06)
- APBoard-Bug DNA ESC (Dec 06)
- Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow security (Dec 07)
- XSS and Path Disclosure in UPB euronymous (Dec 07)
- <Possible follow-ups>
- Re: XSS and Path Disclosure in UPB Frog Man (Dec 10)
- SECURITY.NNOV: more Ikonboard 3.1.1 crossite scriptings 3APA3A (Dec 09)
- [SecurityOffice] Enceladus Server Suite v3.9 Buffer Overflow Vulnerability Tamer Sahin (Dec 09)
- Cyrus SASL library buffer overflows Timo Sirainen (Dec 09)
- Re: Cyrus SASL library buffer overflows Matthias Andree (Dec 10)
- Security Update: [CSSA-2002-SCO.43] UnixWare 7.1.1 Open UNIX 8.0.0 : closed file descriptor race vulnerability security (Dec 09)
- [RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability Derek Luce (Dec 09)
- [RHSA-2002:246-18] Updated Canna packages fix vulnerabilities bugzilla (Dec 10)
- Unchecked buffer in PC-cillin advisories () texonet com (Dec 10)
- Remote multiple vulnerability in apt-www-proxy. dong-h0un U (Dec 10)
- <Possible follow-ups>
- Remote multiple vulnerability in apt-www-proxy. dong-h0un U (Dec 11)
- TFTP32 DOS securma massine (Dec 10)
- [RHSA-2002:229-10] Updated wget packages fix directory traversal bug bugzilla (Dec 10)
- MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability Mandrake Linux Security Team (Dec 10)
- RE: Sygate Personal Firewall can be shut down without a need to s upply a password - although one is required Seth Knox (Dec 10)
- KunaniFTP-Server v.1.0.10 allows dictionary traversal Zero-X www.lobnan.de Team (Dec 10)
- Re: KunaniFTP-Server v.1.0.10 allows dictionary traversal Alun Jones (Dec 11)
- [SECURITY] [DSA-206-1] tcpdump BGP decoding error Wichert Akkerman (Dec 10)
- [SECURITY] [DSA-205-1] gtetrinet buffer overflows Wichert Akkerman (Dec 10)
- Directory traversing bug in 'myServer' webserver. dong-h0un U (Dec 11)
- Directory Traversal Vulnerabilities in FTP Clients Steven M. Christey (Dec 11)
- Re: Directory Traversal Vulnerabilities in FTP Clients Stephen Samuel (Dec 12)
- Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability Cisco Systems Product Security Incident Response Team (Dec 11)
- Security Update: [CSSA-2002-058.0] Linux: buffer overflow in nss_ldap DNS SRV security (Dec 11)
- Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug Colin Watson (Dec 11)
- [SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution Martin Schulze (Dec 11)
- Denial of Service vulnerability in VisNetic Website Peter Kruse (Dec 11)
- proftpd <=1.2.7rc3 DoS Rob klein Gunnewiek (Dec 11)
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Kurt Seifried (Dec 10)
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Rob klein Gunnewiek (Dec 11)
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Kurt Seifried (Dec 12)
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Rob klein Gunnewiek (Dec 11)
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Kurt Seifried (Dec 10)
- MTPSR1-120 Firewall Proxy configuration software UkR security team™ (Dec 11)
- Security Update: [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate checks on user-specified output files security (Dec 11)
- Enceladus Server Suite traversal directory vulnerability luca.ercoli () inwind it (Dec 11)
- CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers (fwd) Muhammad Faisal Rauf Danka (Dec 12)
- Advisory 04/2002: Multiple MySQL vulnerabilities Stefan Esser (Dec 12)
- Advisory Title: iASP Remote Console Applet Allows Remote ph33r (Dec 13)
- [RHSA-2002:222-21] Updated apache, httpd, and mod_ssl packages available bugzilla (Dec 12)
- Multiple Mambo Site Server sec-weaknesses euronymous (Dec 12)
- [SECURITY] [DSA 208-1] New Perl packages correct Safe handling Martin Schulze (Dec 12)
- VisNetic WebSite XSS vulnerability through HTTP referer header Ory Segal (Dec 12)
- PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability Marc Maiffret (Dec 12)
- MDKSA-2002:086 - Updated wget packages fix directory traversal vulnerability Mandrake Linux Security Team (Dec 12)
- Password Hole Found In Webshots Brian Carpenter (Dec 12)
- Re: Password Hole Found In Webshots Ian Nguyen (Dec 12)
- XSS flaw found at "https://www.e-gold.com" Liu Die Yu (Dec 12)
- Adelphia Powerlink service vulnerable to man in the middle attacks by cable modem users. 0x90 (Dec 12)
- iDefense Security Advisory gobbles (Dec 12)
- <Possible follow-ups>
- RE: iDefense Security Advisory David Endler (Dec 13)
- [SECURITY] [DSA-209-1] two wget problems Wichert Akkerman (Dec 12)
- [SECURITY] [DSA-210-1] lynx CRLF injection Wichert Akkerman (Dec 12)
- [SECURITY] [DSA 211-1] New mICQ packages fix denial of service Martin Schulze (Dec 13)
- Eserv remote denial of service securma massine (Dec 13)
- Anyone can read all XOOPS private messages Val Deux (Dec 13)
- [ESA-20021213-033] Several MySQL vulnerabilities. EnGarde Secure Linux (Dec 13)
- Advisory 05/2002: Another Fetchmail Remote Vulnerability Stefan Esser (Dec 13)
- Directory Traversal Vulnerability in FTP Client on IRIX SGI Security Coordinator (Dec 13)
- [CLA-2002:552] Conectiva Linux Security Announcement - wget secure (Dec 13)
- FW: SQL Injection Solved Louie Conceicao (Dec 13)
- MyPHPLinks (PHP) : SQL Injection Frog Man (Dec 14)
- GLSA: mysql Daniel Ahlberg (Dec 16)
- <Possible follow-ups>
- GLSA: mysql Daniel Ahlberg (Dec 16)
- GLSA: fetchmail Daniel Ahlberg (Dec 16)
- GLSA: squirrelmail Daniel Ahlberg (Dec 16)
- Password Disclosure in Cryptainer K. K. Mookhey (Dec 16)
- Re: [VulnWatch] Password Disclosure in Cryptainer Kurt Seifried (Dec 17)
- Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD Amit Klein (Dec 16)
- [OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl) OpenPKG (Dec 16)
- PHP-Nuke code execution and XSS vulnerabilities Ulf Harnhammar (Dec 16)
- [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex) OpenPKG (Dec 16)
- GLSA: exim Daniel Ahlberg (Dec 16)
- [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql) OpenPKG (Dec 16)
- PHP-Nuke 6.0 : Path Disclosure & Cross Site Scripting Frog Man (Dec 16)
- PHPNuke 6.0 path disclosure [again] Ing. Bernardo Lopez (Dec 23)
- R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors Rapid 7 Security Advisories (Dec 16)
- RE: Cross-site scripting vulnerability in CF 5.0 CORREIA, PATRICK (Dec 16)
- <Possible follow-ups>
- Cross-site scripting vulnerability in CF 5.0 KiLL CoLe (Dec 16)
- Re: Cross-site scripting vulnerability in CF 5.0 SecurityFocus (Dec 16)
- zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A) NGSSoftware Insight Security Research (Dec 16)
- PFinger 0.7.8 format string vulnerability (#NISR16122002B) NGSSoftware Insight Security Research (Dec 16)
- RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Stefan Esser (Dec 16)
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) der Mouse (Dec 17)
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Valdis . Kletnieks (Dec 17)
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Stefan Esser (Dec 17)
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) der Mouse (Dec 17)
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Andreas Borchert (Dec 18)
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Andreas Tscharner (Dec 27)
- RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Stefan Esser (Dec 16)
- [CLA-2002:554] Conectiva Linux Security Announcement - fetchmail secure (Dec 16)
- [CLA-2002:553] Conectiva Linux Security Announcement - kernel 2.4 secure (Dec 16)
- Security Patchs for PHP Products Frog Man (Dec 16)
- Captaris (Infinite) WebMail XSS Pedram Amini (Dec 16)
- Macromedia Shockwave Flash Malformed Header Overflow #2 Marc Maiffret (Dec 17)
- [CLA-2002:555] Conectiva Linux Security Announcement - MySQL secure (Dec 17)
- [SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities Wichert Akkerman (Dec 17)
- [RHSA-2002:228-11] Updated Net-SNMP packages fix security and other bugs bugzilla (Dec 17)
- [RHSA-2002:293-09] Updated Fetchmail packages fix security vulnerability bugzilla (Dec 17)
- Re: adelphia vulnerability within subnets 0x90 (Dec 17)
- [OpenPKG-SA-2002.016] OpenPKG Security Advisory (fetchmail) OpenPKG (Dec 17)
- export LD_LIBRARY_PATH in /etc/profile.d/* files rich (Dec 17)
- Re: export LD_LIBRARY_PATH in /etc/profile.d/* files mlh (Dec 17)
- <Possible follow-ups>
- Re: export LD_LIBRARY_PATH in /etc/profile.d/* files Antonomasia (Dec 18)
- Fwd: CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations Muhammad Faisal Rauf Danka (Dec 17)
- Directory traversal vulnerabilities in several archivers processing .tar Florian Schafferhans (Dec 17)
- Re: Directory traversal vulnerabilities in several archivers processing .tar der Mouse (Dec 17)
- RE: Directory traversal vulnerabilities in several archivers processing .tar Andrew Kopp (Dec 18)
- Re: Directory traversal vulnerabilities in several archivers processing .tar Stephen Samuel (Dec 19)
- RE: Directory traversal vulnerabilities in several archivers processing .tar konto mailingowe (Dec 20)
- RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability Michal Zalewski (Dec 17)
- Missing admin sql password in Okena StormWatch Marc Ruef (Dec 18)
- <Possible follow-ups>
- RE: Missing admin sql password in Okena StormWatch Marcus Gavel (Dec 19)
- Security Paper: Session Fixation Vulnerability in Web-based Applications Mitja Kolsek (ACROS Lists) (Dec 18)
- gfxboot allows boot password circumvention, SuSE 8.1 GRUB Matthias Andree (Dec 18)
- [securitydigest.org]: Changes for December 2002 Curator at Security Digest Archives (Dec 18)
- MDKSA-2002:087 - Updated MySQL packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 18)
- MDKSA-2002:068-1 - Updated apache packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 18)
- Historic blackhat archives exposed Pry (Dec 18)
- Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd) Dave Ahmad (Dec 18)
- Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Dave Ahmad (Dec 18)
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) David Howe (Dec 19)
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Richard Stanway (Dec 21)
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Russell Garrett (Dec 21)
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) David Howe (Dec 19)
- [SECURITY] [DSA 213-1] New libpng packages fix buffer overflow Martin Schulze (Dec 19)
- [CLA-2002:556] Conectiva Linux Security Announcement - openldap secure (Dec 19)
- WAnewsletter (PHP) Frog Man (Dec 19)
- Openwebmail 1.71 remote root compromise Dmitry Guyvoronsky (Dec 19)
- Multiple vulnerability in Enceladus Server securma massine (Dec 19)
- Re: Cisco IOS EIGRP Network DoS Damir Rajnovic (Dec 19)
- <Possible follow-ups>
- Cisco IOS EIGRP Network DoS FX (Dec 19)
- TSLSA-2002-0086 - mysql Trustix Secure Linux Advisor (Dec 19)
- TSLSA-2002-0089 - wget Trustix Secure Linux Advisor (Dec 19)
- TSLSA-2002-0085 - lynx-ssl Trustix Secure Linux Advisor (Dec 19)
- TSLSA-2002-0087 - perl Trustix Secure Linux Advisor (Dec 19)
- TSLSA-2002-0084 - tcpdump Trustix Secure Linux Advisor (Dec 19)
- TSLSA-2002-0083 - kernel Trustix Secure Linux Advisor (Dec 19)
- RE: Password Hole Found In Webshots - (Webshots Confirmed) Shutters, Mike (Dec 19)
- [Fix] Openwebmail 1.71 remote root compromise Dmitry Guyvoronsky (Dec 19)
- iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) iDEFENSE Labs (Dec 19)
- <Possible follow-ups>
- Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Joe Testa (Dec 21)
- Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) zen-parse (Dec 21)
- Web server vulnerability in Axis Network Cameras, Video Servers and DVRs Axis Product Security (Dec 20)
- [RAZOR] Problems with mkstemp() Michal Zalewski (Dec 20)
- GLSA: perl Daniel Ahlberg (Dec 20)
- GLSA: canna Daniel Ahlberg (Dec 20)
- [SecurityOffice] Polycom Video Conference System Management Server Authentication Bypass Vulnerability Tamer Sahin (Dec 20)
- SuSE Security Announcement: cyrus-imapd (SuSE-SA:2002:048) Sebastian Krahmer (Dec 20)
- SPGpartenaires (PHP) Frog Man (Dec 20)
- nCipher Advisory #6: Access control defects in PKCS#11 keys nCipher Support (Dec 20)
- GLSA: wget Daniel Ahlberg (Dec 20)
- RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002) NGSSoftware Insight Security Research (Dec 20)
- PHP-Nuke mail CRLF Injection vulnerabilities Ulf Harnhammar (Dec 20)
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd) Shutters, Mike (Dec 20)
- [SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows Martin Schulze (Dec 20)
- Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities Cisco Systems Product Security Incident Response Team (Dec 20)
- Security Update: [CSSA-2002-059.0] Linux: multiple vulnerabilities in BIND (CERT CA-2002-31) security (Dec 20)
- XSS and PHP include bug in W-Agora xatr0z (Dec 20)
- Re: XSS and PHP include bug in W-Agora Marc Druilhe (Dec 20)
- KDE Security Advisory: Multiple vulnerabilities in KDE Dirk Mueller (Dec 21)
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE fozzy (Dec 23)
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE Florian Weimer (Dec 23)
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE fozzy (Dec 23)
- Matlab /tmp usage Paul Szabo (Dec 23)
- 'printenv' XSS vulnerability Dr . Tek (Dec 23)
- Re: 'printenv' XSS vulnerability Marc Slemko (Dec 23)
- [SECURITY] [DSA 215-1] New cyrus-imapd packages fix remote command execution Martin Schulze (Dec 23)
- zkfingerd remote exploit security (Dec 23)
- Hyperion FTP Server buffer overflow securma massine (Dec 23)
- GLSA: kde-3.0.x Daniel Ahlberg (Dec 23)
- junkbuster 2.0-1 proxy relaying spam Andrew Daviel (Dec 23)
- Antwort: Openwebmail 1.71 remote root compromise Stephan Sachweh (Dec 23)
- iDEFENSE Security Advisory 12.23.02: Integer Overflow in pdftops iDEFENSE Labs (Dec 23)
- [SNS Advisory No.60 rev.2] Windows XP Disclosure of Registered AP Information snsadv () lac co jp (Dec 24)
- [SECURITY] [DSA 216-1] New fetchmail packages fix buffer overflow Martin Schulze (Dec 24)
- Full Disclosure: Windows File Protection Arbitrary Certificate Chain Vulnerability FORENSICS.ORG Security Coordinator (Dec 26)
- Full Disclosure: Windows File Protection Old Security Catalog Vulnerability FORENSICS.ORG Security Coordinator (Dec 26)
- (MSIE)A rather old trick for web server is now played on MSIE. Liu Die Yu (Dec 26)
- Re: Solaris priocntl exploit - Sol8 patches available Scott Howard (Dec 27)
- [SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow Martin Schulze (Dec 27)
- [GIS 2002101601] SkyStream Admin Shell Privilege Escalation. Global InterSec Research (Dec 27)
- [CLA-2002:557] Conectiva Linux Security Announcement - cyrus-imapd secure (Dec 27)
- Buffer overflow in PHP "wordwrap" function David F. Skoll (Dec 27)
- GLSA: cyrus-sasl Daniel Ahlberg (Dec 27)
- [IPS] PUTTY SSH-Client Exploit Daniel Alcántara de la Hoz (Dec 28)
- Gallery v1.3.2 allows remote exploit (fixed in 1.3.3) Bharat Mediratta (Dec 28)
- PHRACK #60 HAS BEEN RELEASED phrackstaff (Dec 28)
- Telindus 112x ADSL Router - Weak Password Encryption eflorio (Dec 30)
- GLSA: openldap Daniel Ahlberg (Dec 30)
- GLSA: cups Daniel Ahlberg (Dec 30)
- Potential DOS attack with Web-CyrAdm. Casper Aleva (Dec 30)
- Leafnode security announcement SA:2002:01 Matthias Andree (Dec 30)
- [SECURITY] [DSA 218-1] New bugzilla packages fix cross site scripting problem Martin Schulze (Dec 30)
- Multiple vulnerabilities found in PlatinumFTPserver V1.0.6 Dennis Rand (Dec 30)
- CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS http-equiv () excite com (Dec 30)
- Re: CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS Ben Laurie (Dec 31)
- Visual SourceSafe - Preliminary Observations Joel Maslak (Dec 30)
- Wired.com: So Many Holes, So Few Hacks Richard M. Smith (Dec 30)
- Updated "Secure Programming for Linux and Unix HOWTO" now available. David Wheeler (Dec 31)
- [SECURITY] [DSA 219-1] New dhcpcd packages fix remote command execution vulnerability Martin Schulze (Dec 31)
- PEEL (PHP) Frog Man (Dec 31)