Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
302 messages
starting Apr 30 02 and
ending May 31 02
Date index |
Thread index |
Author index
Tuesday, 30 April
IE/OE6.0 cannot handle malformed XBM files Adam [wp-ckkl]
Wednesday, 01 May
Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability Charles M. Richmond
[RHSA-2002:062-08] Insecure DocBook stylesheet option bugzilla
Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability rogersk
FW: Fscan advisory (fwd) Dave Ahmad
CERT Advisory CA-2002-10 Format String Vulnerability in rpc.rwalld CERT Advisory
Classic Cross Site Scripting: Gibson Research Corporation http-equiv () excite com
Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability Ken . Williams
IRIX nsd symlink vulnerability SGI Security Coordinator
Thursday, 02 May
Security Update: [CSSA-2002-SCO.17] OpenServer 5.0.5 : sar -o buffer overflow security
[RHSA-2002:070-06] Updated mod_python packages available bugzilla
Honeynet Project -> The Reverse Challenge Lance Spitzner
KPMG-2002017: Snapgear Lite+ Firewall Denial of Service Peter Gründl
IRIX Xlib vulnerability SGI Security Coordinator
[RHSA-2002:064-12] Updated Nautilus for symlink vulnerability writing metadata files bugzilla
R7-0003: Nautilus Symlink Vulnerability Joe Testa
RE: Honeynet Project -> The Reverse Challenge REAVA, JEFFREY [IT/0200]
Logitech Keyboard Insecurity keyboardhacker
Re: Logitech Keyboard Insecurity Paul Cardon
latest Progress patch has suid issues AGAIN. KF
Re: Logitech Keyboard Insecurity richard . fuser
Macromedia Flash Activex Buffer overflow Marc Maiffret
iXsecurity.20020404.4d_webserver.a Jonas Ländin
Friday, 03 May
Announcing DEF CON 10! The Dark Tangent
Re: Logitech Keyboard Insecurity big bon
Fix for Mozilla XMLHttpRequest file disclosure vulnerability Frank Hecker
Re: Intel D845HV/WN/PT series motherboard vulnerability Dave Oliver
[CLA-2002:477] Conectiva Linux Security Announcement - mod_python secure
Re: trusting user-supplied data (was Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio) Paul Starzetz
Re: Logitech Keyboard Insecurity KJK::Hyperion
Beonex Communicator 0.8-pre based on Mozilla 1.0-branch released Ben Bucksch
Saturday, 04 May
UPDATE (1-May-2002): Reading local files in Netscape 6 and Mozilla (GM#001-NS) GreyMagic Software
Windows 2000 Server IIS 5.0 .ASP Overflow Exploit CHINANSL Security Team
Sunday, 05 May
Administrivia Dave Ahmad
Reverse Challenge - Binary released Lance Spitzner
[LSD] Solaris cachefsd remote buffer overflow vulnerability Last Stage of Delirium
Monday, 06 May
b2 php remote command execution Frank
Misformated message header causes msn messenger to crash underdoc
ldap vulnerabilities blackshell
cURL remote PoC for FBSD KF
w00w00 on AOL Instant Messenger remote overflow #2 Matt Conover
cURL remote PoC for Linux KF
CERT Advisory CA-2002-11 Heap Overflow in Cachefs Daemon (cachefsd) CERT Advisory
Tuesday, 07 May
SuSE Security Announcement: imlib (SuSE-SA:2002:015) Thomas Biege
KPMG-2002018: Pointsec for PalmOS PIN disclosure Binken, Rens
IRIX netstat vulnerability SGI Security Coordinator
[CLA-2002:480] Conectiva Linux Security Announcement - tcpdump secure
Multiple Vulnerabilities in MDaemon + WorldClient Obscure
Lysias Lidik Webserver suffers from a Directory Traversal Vulnerability Florian Hobelsberger / BlueScreen
Wednesday, 08 May
[SNS Advisory No.52] Webmin/Usermin Cross-site Scripting Vulnerability snsadv () lac co jp
[SNS Advisory No.53] Webmin/Usermin Session ID Spoofing Vulnerability snsadv () lac co jp
cqure.net.20020412.netware_sdmr.a Patrik Karlsson
cqure.net.20020412.bordermanager_36_mv1.a Patrik Karlsson
cqure.net.20020412.netware_client.a Patrik Karlsson
cqure.net.20020408.netware_nwftpd.a Patrik Karlsson
SuSE Security Announcement: sysconfig (SuSE-SA:2002:016) Sebastian Krahmer
Cisco Security Advisory: NTP vulnerability Cisco Systems Product Security Incident Response Team
CRLF Injection Ulf Harnhammar
[CARTSA-20020402] Linux Netfilter NAT/ICMP code information leak Philippe Biondi
[CLA-2002:481] Conectiva Linux Security Announcement - imlib secure
NTFS and PGP interact to expose EFS encrypted data Ry Jones
[NGSEC-2002-2] ISC DHCPDv3, remote root compromise NGSEC Research Team
Security Update: [CSSA-2002-SCO.18] Open UNIX 8.0.0 UnixWare 7.1.1 : CDE /var/dt and subdirectories are writable by world security
RE: Multiple Vulnerabilities in MDaemon + WorldClient Terry Lavoie
Re: cqure.net.20020408.netware_nwftpd.a Brian Eckman
ADVISORY: MSN Messenger OCX Buffer Overflow Marc Maiffret
IRIX fsr_xfs vulnerability SGI Security Coordinator
Unfortunate interaction between EZMLM and MessageLabs virus scanning Ben Laurie
CERT Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD CERT Advisory
[RHSA-2002:070-08] Updated mod_python packages available bugzilla
Re: Patrol security bugs Mike Crane
Summercon 2002 Announce Summercon Admin
Nearly undocumented NT security feature - the solution to executable attachments? KJK::Hyperion
Thursday, 09 May
[RHSA-2002:086-05] Netfilter information leak bugzilla
[CLA-2002:483] Conectiva Linux Security Announcement - dhcp secure
OpenBSD local DoS and root exploit fozzy
Re: OpenBSD local DoS and root exploit Dave Ahmad
Re: Cisco Security Advisory: NTP vulnerability (fwd) Tina Bird
Friday, 10 May
Re: cqure.net.20020412.bordermanager_36_mv1.a Corey J. Steele
1st Linux and Free Software Festival - Ankara 2002 Burc Yildirim
wu-imap buffer overflow condition Marcell Fodor
Re: Nearly undocumented NT security feature - the solution to executable attachments? Keary Suska
GOBBLES SECURITY ADVISORY #33 Dave Ahmad
[RHSA-2002:081-06] perl-Digest-MD5 UTF8 bug results in incorrect MD5 sums bugzilla
Flaw caused by default rulesets in many desktop firewalls under windows Christian decoder Holler
Possible Buffer Overflow in ACDSee 4.0 Markus Arndt
Re: OpenBSD local DoS and root exploit Jonas Eriksson
Re: Unfortunate interaction between EZMLM and MessageLabs virus scanning Alun Jones
Re: Nearly undocumented NT security feature - the solution to executable attachments? Vanja Hrustic
Re: Nearly undocumented NT security feature - the solution to executable attachments? 3APA3A
SafeWeb Vulnerability - Fingerprinting Websites Using Traffic Analysis Andrew Hintz (Drew)
Fix available for Sgdynamo Stuart Moore
Cisco ATA-186 admin password can be trivially circumvented Patrick Michael Kane
Two (2) Critical Path inJoin V4.0 Directory Server Issues Information Anarchy 2K01
MDKSA-2002:030 - temporary fix for netfilter information leak Mandrake Linux Security Team
Hole in AOL Instant Messenger InterWN Labs
FW: New Macromedia Security Zone Bulletins Posted Benjamin Keller
FIRST 2002 reminder Roger Safian
CERT Advisory CA-2002-13 Buffer Overflow in Microsoft's MSN Chat ActiveX CERT Advisory
Linux kernel 2.4 "weak end host" issue (previously discussed here as "arp problem") Felix von Leitner
Re: GOBBLES SECURITY ADVISORY #33 Blue Boar
Saturday, 11 May
Bug in mnogosearch-3.1.19 qitest1
Re: wu-imap buffer overflow condition Jeff Franklin
Re: Linux kernel 2.4 "weak end host" issue (previously discussed here as "arp problem") Dax Kelson
Re: Unfortunate interaction between EZMLM and MessageLabs virus scanning der Mouse
Re: GOBBLES SECURITY ADVISORY #33 Andrew Clover
Re: Flaw caused by default rulesets in many desktop firewalls under windows Christian decoder Holler
Re: Flaw caused by default rulesets in many desktop firewalls under windows Frank Knobbe
Re: Unfortunate interaction between EZMLM and MessageLabs virus scanning Stephen Cope
Fwd: GOBBLES RESPONSE TO THE BLUE BOAR ("fixed version") gobbles
Monday, 13 May
ATMSNMPD Vulnerable but not Addressed Ross Coppage
Gaim abritary Email Reading Scott Mackenzie
nCipher Security Advisory #3: MSCAPI CSP Install Wizard nCipher Support
ATMSNMPD Vulnerable but not Addressed Coppage, Ross
Re: ATMSNMPD Vulnerable but not Addressed Emre Yildirim
Security Update: [CSSA-2002-020.0] Linux: icecast buffer overflows and denial-of-service security
Tuesday, 14 May
NOCC: cross-site-scripting bug ppp-design
Re: Fwd: GOBBLES RESPONSE TO THE BLUE BOAR ("fixed version") 3APA3A
LevCGI.coms NetPad 1.0.2 multiple vulnerabilities BrainRawt .
Re: Linux kernel 2.4 "weak end host" issue Explained Matthew G. Marsh
dH team & SECURITY.NNOV: A variant of "Word Mail Merge" vulnerability ERRor
[RHSA-2002:065-13] Updated sharutils package fixes uudecode issue bugzilla
Re: Fwd: GOBBLES RESPONSE TO THE BLUE BOAR ("fixed version") Georgi Guninski
NetPad eq MALWARE, was: LevCGI.coms NetPad 1.0.2 multiple vulnerabilities superpetz
Security Update: [CSSA-2002-018.1] Linux: REVISED: Race condition in fileutils security
(SSRT0822) Security Bulletin - Compaq & Java Proxy/VM Potential Security Vulnerabilities (fwd) Dave Ahmad
Wednesday, 15 May
Opera javascript protocoll vulnerability [Sandblad advisory #6] Andreas Sandblad
Remote quake 2 3.2x server cvar leak Richard Stanway
swatch bug in throttle SUZUKI Yasuhiro
dH team & SECURITY.NNOV: special device access, information leakage and DoS in Outlook Express ERRor
Cisco Security Advisory: Transparent Cache Engine and Content Engine TCP Relay Vulnerability Cisco Systems Product Security Incident Response Team
Security Update: [CSSA-2002-021.0] Linux: imapd buffer overflow when fetching partial mailbox attributes security
Cisco Security Advisory: Content Service Switch HTTP Processing Vulnerabilities Cisco Systems Product Security Incident Response Team
[RHSA-2002:079-13] Updated Mozilla packages fix a security issue bugzilla
Security Update: [CSSA-2002-022.0] Linux: OpenSSH ticket and token passing buffer overflow security
Thursday, 16 May
[SNS Advisory No.48] Microsoft Internet Explorer Still Download And Execute ANY Program Automatically snsadv () lac co jp
SuSE Security Announcement: lukemftp, nkitb, nkitserv (SuSE-SA:2002:018) Thomas Biege
MS02-023 does not patch actual issue! GreyMagic Software
Re: MS02-023 does not patch actual issue! .-=D3FC0N/=-.
Update and comments on the MS02-023 patch, holes still remain Thor Larholm
[RHSA-2002:078-04] Updated mpg321 packages available bugzilla
SuSE Security Announcement: shadow (SuSE-SA:2002:017) Sebastian Krahmer
Re: MS02-023 does not patch actual issue! Tom Gilder
MDKSA-2002:031 - fileutils update Mandrake Linux Security Team
Re: [security-intern] [security () suse de] FWD - GNU rm fileutils race condition problems on SuSE Thomas Biege
GNU rm fileutils race condition problems on SuSE Paul Starzetz
RE: MS02-023 does not patch actual issue! David McKenzie
MDKSA-2002:032 - tcpdump update Mandrake Linux Security Team
Friday, 17 May
RE: Update and comments on the MS02-023 patch, holes still remain Thor Larholm
Re: dH team & SECURITY.NNOV: special device access, information leakage and DoS in Outlook Express Chad Loder
Re: Update and comments on the MS02-023 patch, holes still remain Andrew Clover
Hosting Controller still have dangerous bugs! hdlkha
Sonicwall SOHO Content Blocking Script Injection, LogFile Denial of Service E M
Security Update: [CSSA-2002-023.0] Linux: PHP multipart/form-data vulnerabilities security
Grsecurity problem - modifying "read-only kernel" Guillaume PELAT
Re[2]: dH team & SECURITY.NNOV: special device access, information leakage and DoS in Outlook Express 3APA3A
Phorum 3.3.2a remote command execution Markus Arndt
RE: MS02-023 does not patch actual issue! John . Airey
OpenSSH 3.2.2 released (fwd) Jonas Eriksson
RE: MS02-023 does not patch actual issue! John . Airey
14+ CGIscript.net scripts - Path Disclosure Steve Gustin
Xerox DocuTech problems J Edgar Hoover
Saturday, 18 May
Phorum 3.3.2a has another bug for remote command execution Markus Arndt
RE: Xerox DocuTech problems Darren W. MacDonald
Re: Xerox DocuTech problems kikaiju
Re: Phorum 3.3.2a remote command execution Gabriel A. Maggiotti
ps under FreeBSD Jakub Filonik
Re: ps under FreeBSD Yuri A. Kabaenkov
Re: Xerox DocuTech problems uid0
Sunday, 19 May
Verisign PKI: anyone to subordinate CA Pidgorny, Slav
cross-site scripting bug of ViewCVS office
Monday, 20 May
[CSICON] - Registration is now open for CSICON CSICONdotNET
FreeBSD Security Advisory FreeBSD-SA-02:24.k5su FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-02:25.bzip2 FreeBSD Security Advisories
IE dot bug - Sandblad advisory #7 Andreas Sandblad
Re: Xerox DocuTech problems Ken Weaverling
Re: Verisign PKI: anyone to subordinate CA Muller Zsolt
Another vulnerability in hosting controller Bao Dai Nhan
RE: Verisign PKI: anyone to subordinate CA John Howie
Re: ps under FreeBSD Torbjorn Kristoffersen
Plain Text Password Vulnerability in Winamp 2.80 isox
Foundstone Advisory - Buffer Overflow in Ipswitch Imail 7.1 and prior (fwd) Dave Ahmad
Re: ps under FreeBSD Crist J. Clark
CAPZLOCK SECURITY ADVISORY NO. 1 capzlock
Re: ps under FreeBSD Guillaume PELAT
Re: Phorum 3.3.2a remote command execution Thomas Seifert
Re: Verisign PKI: anyone to subordinate CA George Capehart
Multiple vendors web server source code disclosure (8.3 name form at vulnerability - take II) Ory Segal
Re: ps under FreeBSD Crist J. Clark
Tuesday, 21 May
[SecurityOffice] Stronghold Secure Webserver Sample Script Path Disclosure Vulnerability Tamer Sahin
Security Update: [CSSA-2002-SCO.19] OpenServer 5.0.5 OpenServer 5.0.6 : yppasswdd remotely exploitable buffer overflow security
"The Cross Site Scripting FAQ" zeno
eSecurityOnline advisory 5063 - Sun AnswerBook2 gettransbitmap buffer overflow vulnerability researchteam
Re: Plain Text Password Vulnerability in Winamp 2.80 Muhammad Faisal Rauf Danka
route of #phrack is a funny man! gobbles
Evolution of Cross-Site Scripting Attacks David Endler
Cisco IOS ICMP redirect DoS FX
[RHSA-2002:047-10] Updated fetchmail packages available bugzilla
Cisco IOS ICMP redirect DoS - Cisco's response Damir Rajnovic
Catalyst 4000 COULOMBE, TROY
YoungZSoft CMailServer overflow, PATCH + WAREZ!@#! 2c79cbe14ac7d0b8472d3f129fa1df55
ISS Alert: Microsoft SQL Spida Worm Propagation X-Force
Wednesday, 22 May
[DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd david evlis reign
MatuFtpServer Remote Buffer Overflow and Possible DoS Kanatoko
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IP Telephones Cisco Systems Product Security Incident Response Team
Multiple vulnerabilities in NewAtlanta ServletExec ISAPI 4.1 Matt Moore
MDKSA-2002:033 - webmin update Mandrake Linux Security Team
Opty-Way Enterprise includes MSDE with sa <blank> Philippe de Brito
SuSE Security Announcement: dhcp/dhcp-server (SuSE-SA:2002:019) Thomas Biege
Multiple Vulnerabilities in CISCO VoIP Phones Johnathan Nightingale
Thursday, 23 May
Re: Efficient Networks Contact info Pedro Paulo Ferreira Bueno
Efficient Networks Contact info Shea, Tim
Microsoft Active Directory security vulnerability Jonathan Lamberson
[Fwd: Updated version of SSH Secure Shell available] Stephanie Schiebert
Cisco Security Advisory: ATA-186 Password Disclosure Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: CBOS - Improving Resilience to DoS Attacks Cisco Systems Product Security Incident Response Team
Friday, 24 May
Netstd 3.07-17 multiple remote buffer overflows Spybreak
Security Update: [CSSA-2002-SCO.20] OpenServer 5.0.5 OpenServer 5.0.6 : popper buffer overflow and denial-of-service security
Re: route of #phrack is a funny man! George Staikos
[CLA-2002:487] Conectiva Linux Security Announcement - imap secure
[SecurityOffice] LocalWeb2000 Web Server Protected File Access Vulnerability Tamer Sahin
File Locking Local Denial of Service; Impact on sendmail Gregory Neil Shapiro
Sendmail file locking - PoC KF
Cisco IDS Device Manager 3.1.1 Advisory Andrew . Lopacki
[CLA-2002:489] Conectiva Linux Security Announcement - mailman secure
Re: Misformated message header causes msn messenger to crash Beck Mr . R
[GOBBLES] reflections on talkd hole gobbles
Security-risk on gridscan.com Michael Metz [SpeedPartner]
[RHSA-2002:092-11] Buffer overflow in UW imap daemon bugzilla
pks public key server DOS and remote execution Max
Saturday, 25 May
[DER ADV#8] - Local off by one in CVSD david evlis reign
irssi backdoored. Martin Östlund
Re: Netstd 3.07-17 multiple remote buffer overflows Lupe Christoph
TrendMicro Interscan VirusWall security problem Pedro Quintanilha
Monday, 27 May
Reading ANY local file in Opera (GM#001-OP) GreyMagic Software
[SecurityOffice] Falcon Web Server Unauthorized File Disclosure Vulnerability #2 Tamer Sahin
AMANDA security issues zillion
Yahoo Messenger - Multiple Vulnerabilities Phuong Nguyen
VP-ASP shopping cart software. hkvrg thdftghr
Vulnerability in 3Com® OfficeConnect® Remote 812 ADSL Router Ismael Briones
Netscreen 25 unauthorised reboot issue quentyn
RE: TrendMicro Interscan VirusWall security problem Pedro Quintanilha
Re: VP-ASP shopping cart software. Noam Rathaus
Cross Site Scripting Vulnerability in phpBB2's [IMG] tag and remote avatar Martijn Boerwinkel
OpenSSH 3.2.3 released (fwd) Jonas Eriksson
wbbboard 1.1.1 registration _new_users_vulnerability_ SeazoN
Re: Yahoo Messenger - Multiple Vulnerabilities Ben Laurie
[SecurityOffice] Falcon Web Server Unauthorized File Disclosure Vulnerability Tamer Sahin
Problems with various windows FTP servers SnakeByte / Eric Sesterhenn
More ELF buggery... the grugq
[RHSA-2002:084-17] Updated nss_ldap packages fix pam_ldap vulnerability bugzilla
Re: [DER ADV#8] - Local off by one in CVSD Larry Jones
Tuesday, 28 May
Re: Problems with various windows FTP servers ByteRage
Re: Problems with various windows FTP servers Stephen Cope
MDKSA-2002:035 - perl-Digest-MD5 update Mandrake Linux Security Team
Information Disclosure Vulnerability in IDS 0.8x isox
MDKSA-2002:036 - fetchmail update Mandrake Linux Security Team
Wednesday, 29 May
SuSE Security Announcement: tcpdump/libpcap (SuSE-SA:2002:020) Sebastian Krahmer
Macromedia JRUN Buffer overflow vulnerability (#NISR29052002) NGSSoftware Insight Security Research
Potential security issues in Ethereal Jonas Eriksson
Vulnerability in Apache Tomcat v3.23 & v3.24 (part 3) webmaster
FreeBSD Security Advisory FreeBSD-SA-02:27.rc FreeBSD Security Advisories
Addendum to advisory #NISR29052002 (JRun buffer overflow) NGSSoftware Insight Security Research
FreeBSD Security Advisory FreeBSD-SA-02:26.accept FreeBSD Security Advisories
Vulnerability in Apache Tomcat v3.23 & v3.24 (part 2) webmaster
Gafware's CFXImage vulnerability webmaster
[CLA-2002:490] Conectiva Linux Security Announcement - mozilla secure
Security Update: [CSSA-2002-SCO.21] OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely security
New Kismet Packages available - SayText() and suid kismet_server issues KF
Xandros based linux autorun -c KF
Security Update: [CSSA-2002-SCO.22] OpenServer 5.0.5 OpenServer 5.0.6 : scoadmin command creates temporary files insecurely security
Vulnerability in Novell Netware 5.0 (part 2) webmaster
Vulnerability in Novell Netware 5.0 (part1) webmaster
MDKSA-2002:037 - dhcp update Mandrake Linux Security Team
Vulnerability in Apache Tomcat v3.23 & v3.24 webmaster
To Provide a Patch or to Service Pack? David Litchfield
Thursday, 30 May
Re: To Provide a Patch or to Service Pack? Georgi Guninski
2 security problem Quantum SNAP server awacs
SECURITY vulnerability in ECS-K7S5A(L) boards Guy Van Sanden
Informix SE-7.25 /lib/sqlexec Vulnerability pask
CGIscript.net - csPassword.cgi - Multiple Vulnerabilities Steve Gustin
Re: To Provide a Patch or to Service Pack? ellipse
Security Implications of Novell eDirectory. steven . sporen
[RHSA-2002:094-08] Updated tcpdump packages fix buffer overflow bugzilla
MDKSA-2002:034 - imap update Mandrake Linux Security Team
FW: HP-UX security bulletins digest Boyce, Nick
Fwd: [EXPL] Remote Exploit for UW-IMAPd Capability (IMAP4) nexus-mail
US TurboLinux Security Severely Out of Date David Endler
Security Update: [CSSA-2002-SCO.23] Open UNIX 8.0.0 UnixWare 7.1.1 : ftpd allows data connection hijacking via PASV mode security
MDKSA-2002:037-1 - dhcp update Mandrake Linux Security Team
Friday, 31 May
Trojan/backdoor in fragroute 1.2 source distribution Anders Nordby
[[ TH 026 Inc. ]] SA #3 - Shambala Server 4.5, Directory Traversal and DoS Daniel Nyström
Re: [RHSA-2002:047-10] Updated fetchmail packages available Florian Weimer
Re: Trojan/backdoor in fragroute 1.2 source distribution uid0
Re: Trojan/backdoor in fragroute 1.2 source distribution Dug Song
Re: More ELF buggery... Julien Vanegue
SRT Security Advisory (SRT2002-04-31-1159): Mnews zillion
AIM+ SpyWare Pedram Amini
Re: [RHSA-2002:047-10] Updated fetchmail packages available Nate Eldredge
Re: Problems with various windows FTP servers Alun Jones
Re: [RHSA-2002:047-10] Updated fetchmail packages available Olaf Kirch
Multiple vulnerabilities in QNX Simon Ouellette