Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
396 messages
starting Mar 31 03 and
ending Apr 30 03
Date index |
Thread index |
Author index
Monday, 31 March
NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability NSFCOSU Security Team
[RHSA-2003:034-01] Updated dhcp packages fix possible packet storm bugzilla
Ericsson Mobile Phones Security Contact? Ollie Whitehouse
GLSA: krb5 & mit-krb5 (200303-28) Daniel Ahlberg
Tuesday, 01 April
serious vulnerability present. all doomed. over. Security Experts, Liability Limited
GLSA: openafs (200303-26) Daniel Ahlberg
FreeBSD Security Advisory FreeBSD-SA-03:07.sendmail FreeBSD Security Advisories
[RHSA-2003:084-01] Updated vsftpd packages re-enable tcp_wrappers support bugzilla
Re: IRM 004: ActiveSync Version 3.5 Denial of Service Vulnerability panic
MiniPortal subj
Fwd: QuickTime 6.1 for Windows is available Bryan Blackburn
iDEFENSE Security Advisory 03.31.03: Buffer Overflow in Windows QuickTime Player iDEFENSE Labs
[RHSA-2003:095-03] New samba packages fix security vulnerabilities bugzilla
Immunix Secured OS 7+ openssl update Immunix Security Team
Buffer Overflow in Broker FTP Server subj
Sambar Server "Buffer OverFlow" Vulnerabilities Lorenzo Manuel Hernandez Garcia-Hierro
[RHSA-2003:101-01] Updated OpenSSL packages fix vulnerabilities bugzilla
BRS WebWeaver: full disclosure euronymous
TYPSoft FTP Server subj
Immunix Secured OS 7+ samba update Immunix Security Team
[SCSA-015] Remote Denial of Service Vulnerability in PowerFTP Grégory
Wednesday, 02 April
[ANNOUNCE] Apache 2.0.45 Released Lars Eilebrecht
re:3com RAS 1500 Remote vulnerabilities. Jan Kachlik
Phorum 3.4 Cross Site Scripting Stöckli
[INetCop Security Advisory] Remote Multiple Buffer Overflow vulnerability in passlogd sniffer. dong-h0un U
@(#)Mordred Labs advisory - Integer overflow in PHP array_pad() function Sir Mordred
Re: Positive Technologies Security Advisory 2003-0307: DoS-attack in Kerio WinRoute Firewall Peter Pentchev
RE: Netscape and Opera crash via java Zelena Endre
Inaccurate Reports Concerning PHP Vulnerabilities mattmurphy () kc rr com
Viewpoint Server Ben Maynard
IkonBoard v3.1.1: arbitrary command execution Nick Cleaton
@(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function Sir Mordred
OpenSSH 3.6.1 released Markus Friedl
[SECURITY] [DSA 275-1] New lpr-ppd packages fix local root exploit Martin Schulze
Css in Xoops module glossary 1.3.x magistrat
XSS in Python Documentation Server euronymous
[RHSA-2003:091-01] Updated kerberos packages fix various vulnerabilities bugzilla
BEA WebLogic internal hostname disclosure Michael Hendrickx
Microsoft Terminal Services vulnerable to MITM-attacks. Erik Forsberg
Re: PHP-Nuke block-Forums.php subject vulnerabilities Frog Man
MDKSA-2003:040 - Updated Eterm packages fix escape sequence insecurities Mandrake Linux Security Team
Re: NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability Alan Kong
Java and Javascript David F. Madrid
Re: Oracle JDBC: Inconsistent handling of timestamps Peter J. Holzer
Thursday, 03 April
Re: Phorum 3.4 Cross Site Scripting Hagen Kühnel - HagK
Another security problem in Netgear FM114P ProSafe Wireless Router firmware Björn Stickler
[SECURITY] [DSA 276-1] New Linux kernel packages (s390) fix local root exploit Martin Schulze
RE: Microsoft Terminal Services vulnerable to MITM-attacks. Larry Seltzer
[SECURITY] [DSA 277-1] New apcupsd packages fix remote root exploit Martin Schulze
Re: @(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function Goran Krajnovic
Security Update: [CSSA-2003-016.0] OpenLinux: sendmail sign extension buffer overflow (CERT CA-2003-12) security
[RHSA-2003:128-01] Updated Eye of GNOME packages fix vulnerability bugzilla
Using Java from Javascript David F. Madrid
SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow KF
Multiple vulnerabilities in AutomatedShops WebC shopping cart Carl Livitt
SRT2003-04-02-1735 - Progress PROSTARTUP root owned file read KF
RE: Another security problem in Netgear FM114P ProSafe Wireless Router firmware (also level-one) Björn Stickler
[RHSA-2003:060-01] Updated NetPBM packages fix multiple vulnerabilities bugzilla
passlogd sniffer remote buffer overflow root exploit. dong-h0un U
Re: BEA WebLogic internal hostname disclosure Kurt Seifried
Sendmail parseaddr security vulnerability on IRIX SGI Security Coordinator
[RHSA-2003:109-03] Updated balsa and mutt packages fix vulnerabilities bugzilla
Re: Microsoft Terminal Services vulnerable to MITM-attacks. Erik Forsberg
Sakki's guestbook V.1.01 script injection vulnerability. drG4njubas
Re: Phorum 3.4 Cross Site Scripting Brian Moon
NetBIOS could be used as network flood amplier Francesco Vigo
RE: Microsoft Terminal Services vulnerable to MITM-attacks. Devin Heitmueller
Friday, 04 April
Re: Multiple vulnerabilities in AutomatedShops WebC shopping cart Carl Livitt
[SECURITY] [DSA 278-1] New sendmail packages fix denial of service Martin Schulze
[SECURITY] [DSA 278-2] New sendmail packages fix DoS and arbitrary code execution Martin Schulze
Syscall implementation could lead to whether or not a file exists Andrew Griffiths
NetBSD Security Advisory 2003-006: Cryptographic weaknesses in Kerberos v4 protocol NetBSD Security Officer
[CLA-2003:613] Conectiva Security Announcement - snort Conectiva Updates
TA-2003-03 Buffer Overflow Vulnerability in Hyperion FTP Server 3.0 Rushjo () tripbit org
Re: SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow Marius Popa Adrian
[CLA-2003:614] Conectiva Security Announcement - sendmail Conectiva Updates
RE: NetBIOS could be used as network flood amplier Russ
RE: Netscape and Opera crash via java Richard H. Cotterell
AspJar guestbook script injection vulnerability. drG4njubas
SuSE Security Announcement: openssl (SuSE-SA:2003:024) Sebastian Krahmer
Re: Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged Vladimir Katalov
Re: passlogd sniffer remote buffer overflow root exploit. Dragos Ruiu
Re: @(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function Jedi/Sector One
Re: @(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function Javi Lavandeira
Re: Microsoft Terminal Services vulnerable to MITM-attacks. Henrik Storner
An Alternate View of Recently Reported PHP Vulnerabilities Steven M. Christey
buffalo AirStation G54 - (WBR-G54 ) DoS Pavel shpac
NetBSD Security Advisory 2003-009: sendmail buffer overrun in prescan() address parser NetBSD Security Officer
[CLA-2003:616] Conectiva Security Announcement - dhcp Conectiva Updates
[CLA-2003:617] Conectiva Security Announcement - file Conectiva Updates
SRT2003-04-04-1106 - AOLServer Proxy Daemon API unformatted syslog() call KF
Re: An Alternate View of Recently Reported PHP Vulnerabilities Sascha Schumann
LocalSystem account in Windows 2000/XP Pavel
Re: @(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function Jon Ribbens
[CLA-2003:615] Conectiva Security Announcement - samba Conectiva Updates
Re: @(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function Muhammad Faisal Rauf Danka
Saturday, 05 April
SignHere guestbook vulnerability. drG4njubas
Re: An Alternate View of Recently Reported PHP Vulnerabilities Goran Krajnovic
Abyss X1 1.1.2 remote crash Auriemma Luigi
Two Invision Power Board 1.1.x vulns Gossi The Dog
RE: LocalSystem account in Windows 2000/XP Russ
Interbase/Firebird - external file security bug Kotala Zdeněk
Re: An Alternate View of Recently Reported PHP Vulnerabilities dullien
Monday, 07 April
[DDI-1013] Buffer Overflow in Samba allows remote root compromise Erik Parker
[CLA-2003:618] Conectiva Security Announcement - kernel Conectiva Updates
[SECURITY] [DSA 279-1] New metrics packages fix insecure temporary file creation Martin Schulze
[OpenPKG-SA-2003.028] OpenPKG Security Advisory (samba) OpenPKG
Vignette Story Server sensitive information disclosure (a040703-1) @stake Advisories
Java Agent freezes Lotus Notes and Domino 6.0.1 Marc Schoenefeld
JpegX 2.0.0.3 Password Bypass Vulnerability JeiAr
Immunix Secured OS 7+ cvs update Immunix Security Team
Immunix Secured OS 7+ samba update Immunix Security Team
[SECURITY] [DSA 280-1] New samba packages fix remote root exploit Martin Schulze
[CLA-2003:619] Conectiva Security Announcement - zlib Conectiva Updates
SuSE Security Announcement: samba (SuSE-SA:2003:025) Roman Drahtmueller
Re: NetBIOS could be used as network flood amplier Francesco Vigo
MDKSA-2003:044 - Updated samba packages fix remote root vulnerability Mandrake Linux Security Team
Coppermine Photo Gallery remote compromise Berend-Jan Wever
Tuesday, 08 April
Immunix Secured OS 7+ Kerberos update Immunix Security Team
Unchecked Buffer in Opera 7.02 David F.Madrid
[RHSA-2003:137-01] New samba packages fix security vulnerability bugzilla
TSLSA-2003-0019 - samba Trustix Secure Linux Advisor
[Sorcerer-spells] SAMBA--SORCERER2003-04-08 Michael Walton
mIRC "dcc filename spoofing" Knud Erik Højgaard
AMaViS-ng 0.1.6.x and postfix: possible open relay and mail loss Phil Cyc
Orplex guestbook script injection. drG4njubas
[CLA-2003:620] Conectiva Security Announcement - man Conectiva Updates
[SECURITY] [DSA 281-1] New xftp packages fix arbitrary code execution Martin Schulze
[RHSA-2003:036-01] Updated mgetty packages available bugzilla
iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x iDEFENSE Labs
False-negatives in several Vulnerability Assessment tools Nicolas Gregoire
Re: False-negatives in several Vulnerability Assessment tools Geoff Shively
Wednesday, 09 April
Multiple Vulnerabilities in libc RPC functions on IRIX SGI Security Coordinator
samba 2.x call_trans2open() exploit noir sin
GLSA: setiathome (200304-03) Daniel Ahlberg
ISC guestbook script injection vulnerability. drG4njubas
Exploit Code Released for Apache 2.x Memory Leak mattmurphy () kc rr com
Immunix Secured OS 7+ PostgreSQL update WireX Security
[ARL03-A16] Multiple Security Issues in phPay Ahmet Sabri ALPER
Immunix Secured OS 7+ MySQL update WireX Security
Re: Buffer Overflow in Broker FTP Server Knud Erik Højgaard
GLSA: apache (200304-01) Daniel Ahlberg
[CLA-2003:624] Conectiva Security Announcement - samba Conectiva Updates
[SECURITY] [DSA 269-2] New heimdal packages fix authentication failure Martin Schulze
Re: AMaViS-ng 0.1.6.x and postfix: possible open relay and mail loss Phil Cyc
[RHSA-2003:137-02] New samba packages fix security vulnerability bugzilla
Hyperion FTP server Remote DOS and unauthorised remote access. moran zavdi
PoPToP PPTP server remotely exploitable buffer overflow Timo Sirainen
GLSA: samba (200304-02) Daniel Ahlberg
Vulnerabilities in Portable Executable (PE) File Format For Win32 Architecture Exurity Inc.
iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration (ISA) S iDEFENSE Labs
Samba Security Vulnerability on IRIX SGI Security Coordinator
Thursday, 10 April
Disclosing information in Super GuestBook Over_G
Admin access in GuestBook r4 Over_G
working apache <= 2.0.44 DoS exploit for linux. Daniel Nyström
KDE Security Advisory: PS/PDF file handling vulnerability Dirk Mueller
Flaw in Microsoft VM Could Enable System Compromise K-Otik . com
MDKSA-2003:038-1 - Updated 2.4 kernel packages fix ptrace vulnerability Mandrake Linux Security Team
Re: Unchecked Buffer in Opera 7.02 nesumin
Re: Microsoft Terminal Services vulnerable to MITM-attacks. Carlos Branco
xfsdump creates files insecurely on IRIX SGI Security Coordinator
Re: Exploit Code Released for Apache 2.x Memory Leak Serban Murariu
Re: PoPToP PPTP server remotely exploitable buffer overflow Dick St.Peters
GLSA: kde-3.x (200304-04) Daniel Ahlberg
Friday, 11 April
[CLA-2003:625] Conectiva Security Announcement - openssl Conectiva Updates
Integrigy Security Advisory - Oracle Applications FNDFS Vulnerability Integrigy Security Alerts
Saturday, 12 April
GLSA: kde-2.x (200304-05) Daniel Ahlberg
[RHSA-2003:089-00] Updated glibc packages fix vulnerabilities in RPC XDR decoder bugzilla
Medium Vulnerability in SNMP on Linsys BEFVP41 Branson Matheson
Immunix Secured OS 7+ PostgreSQL update WireX Security Team
MacOS X DirectoryService Privilege Escalation (a041003-1) @stake Advisories
FileMaker Pro network protocol sends passwords to any client attempting to connect to a shared database. Stephen White
Buffer Overflow Vulnerability Found in MailMax Version 5 Dennis Rand
[SECURITY] [DSA 283-1] New xfsdump packages fix insecure file creation Martin Schulze
Protection against buffer overflows: when your anchor is washed away, then you are overflowed and refuse to RET Exurity Inc.
Brocade Firmware SNMP Vulnerability SGI Security Coordinator
Re: Netscape and Opera crash via java Dan Harkless
Re: AMaViS-ng 0.1.6.x and postfix: possible open relay and mail loss Hilko Bengen
IRIX ToolTalk Vulnerabilities Update SGI Security Coordinator
R7-0013: Heap Corruption in Gaim-Encryption Plugin Rapid 7 Security Advisories
PATCH: [CAN-2003-0132] Apache 2.0.44 Denial of Service Vulnerability William A. Rowe, Jr.
Ocean12 ASP Guestbook Manager v1.00 drG4njubas
repost: SRT2003-04-01-1231 - Progress DLC overflows KF
Immunix Secured OS 7+ MySQL update WireX Security Team
[Sorcerer-spells] KDE-SORCERER2003-04-12 Michael Walton
[SECURITY] [DSA 284-1] New kdegraphics packages fix arbitrary command execution Martin Schulze
Re: Medium Vulnerability in SNMP on Linsys BEFVP41 Stefan Laudat
Re: working apache <= 2.0.44 DoS exploit for linux. Paul Johnston
Arp records in solaris Edward J. Aivazian
[SECURITY] [DSA 274-2] New mutt packages fix arbitrary code execution in potato Martin Schulze
Monday, 14 April
Multiple vulnerabilities in SheerDNS Jedi/Sector One
Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach Aviram Jenik
[SECURITY] [DSA 286-1] New gs-common packages fix insecure temporary file creation Martin Schulze
[SECURITY] [DSA 285-1] New lprng packages fix insecure temporary file creation Martin Schulze
Instaboard 1.3 SQL Injection Jim Dew
Multiple Vulnerabilities in BSD LPR Subsystem on IRIX SGI Security Coordinator
bitchx sources backdoored on distribution site Michał Szwaczko
Web Wiz Site News realease v3.06 administration access. drG4njubas
ActivCard password cache memory leakage OTERO Hernan Gustavo EDS
GLSA: kde-2.x (200304-05.1) Daniel Ahlberg
[RHSA-2003:126-01] Updated gtkhtml packages fix vulnerability bugzilla
FipsGuestbook Version 1.12.7 script injection. drG4njubas
Re: bitchx sources backdoored on distribution site Neeko Oni
Re: Arp records in solaris Brad Arlt
[CLA-2003:626] Conectiva Security Announcement - mutt Conectiva Updates
bitchx sources trojaned - follow up Michał Szwaczko
Tuesday, 15 April
GLSA: kdegraphics-3.1.x (200304-04.1) Daniel Ahlberg
MDKSA-2003:046 - Updated gtkhtml packages fix vulnerability Mandrake Linux Security Team
[SCSA-016] Multiple vulnerabilities in Ez publish Grégory
nb1300 router - default settings expose password denote
[SECURITY] [DSA 287-1] New EPIC packages fix DoS and arbitrary code execution Martin Schulze
SRT2003-04-15-1029 - Progres BINPATHX overflow KF
BitchX trojan, the real follow up. Rob Andrews
MDKSA-2003:045 - Updated evolution packages fix multiple vulnerabilities Mandrake Linux Security Team
[SECURITY] [DSA 267-2] New lpr packages fix local root exploit (potato) Martin Schulze
Windows 2003 win2k.sys vulnerability securityfocus.com
Oddities in Windows ACL inheritance Nicolas RUFF (lists)
CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability CORE Security Technologies Advisories
Immunix Secured OS 7+ glibc update Immunix Security Team
Re: ActivCard password cache memory leakage Massimo Cereda
Veritas BackupExec 9.0 may ship with upatched MS SQL Desktop Engine Marcus Beaman
Wednesday, 16 April
SFAD03-001: iWeb Mini Web Server Remote Directory Traversal subversive
i cracked restriction of 'zone' in mozilla. Liu Die Yu
MDKSA-2003:047 - Updated xfsdump packages fix insecure file creation Mandrake Linux Security Team
Netgear Logging Vulnerability { }
MDKSA-2003:048 - Updated eog packages fix arbitrary command execution Mandrake Linux Security Team
[CLA-2003:627] Conectiva Security Announcement - ethereal Conectiva Updates
Exploit/DoS in MS Internet Explorer 6.0 (OBJECT Tag) Ryan Emerle
Thursday, 17 April
[SCSA-017] Directory Traversal Vulnerability in EZ Server Grégory
[SECURITY] [DSA 290-1] New sendmail-wide packages fix DoS and arbitrary code execution Martin Schulze
IE 6.0 - trivial crash Adam [ckkl]
Vulnerability in rinetd Martin Schulze
Re: Exploit/DoS in MS Internet Explorer 6.0 (OBJECT Tag) Roland Postle
[SECURITY] [DSA 289-1] New rinetd packages fix denial of service Martin Schulze
RE: Exploit/DoS in MS Internet Explorer 6.0 (OBJECT Tag) Steve Ryan
Re: IE 6.0 - trivial crash Richard Moore
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability Martin Schulze
Re: i cracked restriction of 'zone' in mozilla. Alla Bezroutchko
Web Wiz Forums all version db stealing Uziel aka nuJIurpuM
MDKSA-2003:049 - Updated kde3 packages fix arbitrary command execution Mandrake Linux Security Team
Re: IE 6.0 - trivial crash Geoff Shively
CrossSite Scripting @ Snitz Forums 2000 badwebmasters
Fwd: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors Muhammad Faisal Rauf Danka
[CLA-2003:628] Conectiva Security Announcement - vixie-cron Conectiva Updates
Re: False-negatives in several Vulnerability Assessment tools Nicolas Gregoire
Friday, 18 April
Xinetd 2.3.10 Memory Leaks Steve Grubb
Exploit for PoPToP PPTP server einstein, dhtm
Saturday, 19 April
Authentication flaw in microsoft SMB protocol seclab
IE 6.0 - trivial crash - part II Adam [ckkl]
Re: Authentication flaw in microsoft SMB protocol Dave Aitel
Monday, 21 April
Race in XP SCM Service Shutdown Mechanism Matthew Murphy
BadBlue Remote Administrative Access Vulnerability Matthew Murphy
ACER Travelmate 600 and 800 series - Smartcard flawed Implementation Leonard.Ong
MPCSoftWeb Guest Book vulnerabilities. drG4njubas
Monkey HTTPd Remote Buffer Overflow Matthew Murphy
Remote Vulnerabilties in mod_ntlm Matthew Murphy
Re: Exploit/DoS in MS Internet Explorer 6.0 (OBJECT Tag) mattmurphy
PTNews v1.7.7 - Access to administrator functions without authentification scrap
Tuesday, 22 April
GLSA: snort (200304-05) Daniel Ahlberg
[NGSEC-2003-5] YABB SE, remote command execution labs
IE / Outlook / MS SHLWAPI Render - more trivial crash Ramon Pinuaga Cascales
RE: Authentication flaw in microsoft SMB protocol Jesper Johansson
[CLA-2003:629] Conectiva Security Announcement - tcpdump Conectiva Updates
AN HTTPd Sample Script File Truncation Matthew Murphy
[SECURITY] [DSA 292-1] New mime-support packages fix temporary file race conditions Martin Schulze
[SECURITY] [DSA 291-1] New ircII packages fix DoS and arbitrary code execution Martin Schulze
Stealth DMCA. Be afraid. Be very afraid... alaskan
SRT2003-04-22-1336 - SAP DB Development Tools install flaw KF
XMB 1.8 Partagium SQL Injection Bug zeez
[CLA-2003:630] Conectiva Security Announcement - balsa Conectiva Updates
Re: [mail_lists] Stealth DMCA. Be afraid. Be very afraid... Jim
Re: Authentication flaw in microsoft SMB protocol Chris Wysopal
Re: Stealth DMCA. Be afraid. Be very afraid... Darren Pilgrim
Re: Exploit for PoPToP PPTP server - Linux version John Leach
Defeating HTML "Encryption" rjfix
RE : IE / Outlook / MS SHLWAPI Render - more trivial crash Gervaize Maquard
Wednesday, 23 April
[RHSA-2003:032-01] Updated tcpdump packages fix various vulnerabilities bugzilla
Snort <=1.9.1 exploit truff
[SECURITY] [DSA 292-2] New mime-support packages fix temporary file race conditions Martin Schulze
Format strings vuln in CGIwrap b0f www . b0f . net
RE: Format strings vuln in CGIwrap Neulinger, Nathan
[SECURITY] [DSA 294-1] New gkrellm-newsticker packages fix DoS and arbitrary command execution Martin Schulze
Cisco Security Advisory: Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 293-1] New kdelibs packages fix arbitrary command execution Martin Schulze
Re: IE / Outlook / MS SHLWAPI Render - more trivial crash Berend-Jan Wever
Security problems in gkrellm-newsticker Martin Schulze
Re[2]: Authentication flaw in microsoft SMB protocol 3APA3A
Cracking preshared keys Michael Thumann
RE: [cgiwrap-users] RE: Format strings vuln in CGIwrap Neulinger, Nathan
Re: Cracking preshared keys Damir Rajnovic
[RHSA-2003:076-01] Updated ethereal packages fix security vulnerabilities bugzilla
Thursday, 24 April
Cisco Security Advisory: Cisco Catalyst Enable Password Bypass Vulnerability Cisco Systems Product Security Incident Response Team
SQL injection in BttlxeForum SecurityTracker
BRS WebWeaver: Ftpd Lockdown via RETR cmd euronymous
SuSE Security Announcement: KDE (SuSE-SA:2003:026) Sebastian Krahmer
Internet Explorer Plugin.ocx heap overflow (#NISR24042003) NGSSoftware Insight Security Research
RE: Nokia IPSO Vulnerability Jorge Merlino
Positive Technologies SA2003-0310: DoS-attack in VisNetic ActiveDefense Dmitry Maksimov
Re: Cracking preshared keys David Wagner
NSFOCUS SA2003-04 : Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS NSFOCUS Security Team
Re: Cracking preshared keys Derek
Nokia IPSO Vulnerability Jonas Eriksson
Permanent crash in Opera 7.10 David F. Madrid
An Implementation of a Birthday Attack in a DNS Spoofing Ramon Izaguirre
DNS vulnerabilities in shared host environments Chris Leishman
SRT2003-04-24-1532 - Options Parsing Tool library buffer overflows. KF
Re: Cracking preshared keys Michael Thumann
[RHSA-2003:142-01] Updated LPRng packages fix psbanner vulnerability bugzilla
Re: Nokia IPSO Vulnerability Damieon Stark
[RHSA-2003:112-01] Updated squirrelmail packages fix cross-site scripting vulnerabilities bugzilla
Re: Cracking preshared keys Gary Flynn
address for postini security Hamby, Charles D.
RE: Cracking preshared keys Rager, Anton (Anton)
Re: Nokia IPSO Vulnerability Shawn Duffy
Re: Cracking preshared keys Gary Flynn
RE: Nokia IPSO Vulnerability Jorge Merlino
RE: Nokia IPSO Vulnerability Miller, Rick
Re: Permanent crash in Opera 7.10 Dmitrij Lukasevic
Re: Nokia IPSO Vulnerability Valdis . Kletnieks
PHP-Nuke 6.5 FINAL Cross Site Scripting Frog Man
[RHSA-2003:118-01] Updated mICQ packages fix vulnerability bugzilla
RE: Nokia IPSO Vulnerability Iain.King
Re: DNS vulnerabilities in shared host environments Frank Tegtmeyer
Re: Cracking preshared keys Michael Thumann
Friday, 25 April
MDKSA-2003:051 - Updated ethereal packages fix remote vulnerability Mandrake Linux Security Team
Re: Cracking preshared keys Curt Sampson
[BUGZILLA] Security Advisory - XSS, insecure temporary filenames David Miller
Windows Server 2003 Security Guide available Michael Howard
SonicWall Pro DoS? Greg Smith
Unauthorized reading files on phpSysInfo Albert Puigsech Galicia
XOOPS MyTextSanitizer CSS 1.3x & 2.x magistrat
Multiple SQL injection on OpenBB forums Albert Puigsech Galicia
Multiple Vulnerabilities in BSD LPR Subsystem on IRIX update SGI Security Coordinator
Path disclosure and file access on WebAdmin David A . Pérez
Re: Exploit for PopPToP PPTP server - Working version blightninjas
Invision Power Board Plaintext Password Disclosure Vuln JeiAr
Microsoft IIS Integrated Authentication skybristol
Re: Cracking preshared keys hank
Re: Unauthorized reading files on phpSysInfo Wolter Kamphuis
Cross site scripting in Onecenter forum 4.0 David F. Madrid
Vulnerability in nsd LDAP Implementation on IRIX SGI Security Coordinator
Saturday, 26 April
Album.pl Vulnerability - Remote Command Execution aresu
Buffer overflow in Internet Explorer's HTTP parsing code Jouko Pynnonen
Re: Cracking preshared keys Stefan Laudat
Monday, 28 April
3com NBX IP Phone Call manager Denial of Service - Update Michael Scheidell
GLSA: mgetty (200304-09) Daniel Ahlberg
GLSA: snort (200304-06) Daniel Ahlberg
[Opera 7/6] Long File Extension Heap Buffer Overrun Vulnerability in Download. nesumin
IIS Security and Programming Countermeasures e-book Jason Coombs
GLSA: monkeyd (200304-07.1) Daniel Ahlberg
ATM on Linux Exploit Code Release (les, local) Angelo Rosiello
Qpopper v4.0.x poppassd local root exploit dong-h0un U
Buffer overflow in 3D-ftp Over_G
MDaemon SMTP/POP/IMAP server =>v.6.7.5: IMAP buffer overflow D4rkGr3y
[Opera 7] Yet Another Story of "Phantom of the Opera" nesumin
s0h: Remote/Local exploit and patch for regedit.exe. descript
GLSA: pptpd (200304-08) Daniel Ahlberg
MDaemon SMTP/POP/IMAP server: =>6.0.7: POP remote DoS D4rkGr3y
CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall CORE Security Technologies Advisories
Pi3Web 2.0.1 DoS aT4r InsaN3
Windows 2000 Security Hardening Guide Available Michael Howard
NII Advisory - Path Disclosure in Cold Fusion MX Server Network Intelligence India Pvt. Ltd.
RE: Windows Server 2003 Security Guide available Jason Coombs
RE: MDaemon SMTP/POP/IMAP server: =>6.0.7: POP remote DoS William Pratt
Tuesday, 29 April
Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) NGSSoftware Insight Security Research
[RHSA-2003:079-01] Updated zlib packages fix gzprintf buffer overflow vulnerability bugzilla
RE: Windows Server 2003 Security Guide available Jason Coombs
IdeaBox: Remote Command Execution euronymous
MDKSA-2003:052 - Updated snort packages fix remote vulnerability Mandrake Linux Security Team
"netscape navigator" is cracked. Liu Die Yu
RE: Windows Server 2003 Security Guide available paul
Re: PTNews v1.7.7 - Access to administrator functions without authentification Rui Pimenta
RE: Windows Server 2003 Security Guide available David F. Skoll
RE: Windows Server 2003 Security Guide available J.'LoneWolf' Mattsson
RE: Windows Server 2003 Security Guide available Frank Knobbe
Re: Microsoft IIS Integrated Authentication Michael . vonGlasow
Auerswald COMsuite/ Back Door Kroma Pierre
Coldfusion MX: Java in CFM causes Crash Marc Schoenefeld
[RHSA-2003:093-01] Updated MySQL packages fix vulnerabilities bugzilla
RE: RE : IE / Outlook / MS SHLWAPI Render - more trivial crash kajbaf
RE: Windows Server 2003 Security Guide available Uwe Betz
April appeared to be a month of IE bugs. Here's another one. ERRor
HPUX rexec buffer overflow vulnerability Davide Del Vecchio
Re: Windows Server 2003 Security Guide available Lucas Holt
Latest MS SQL Server vulnerabilities revealed Cesar
Wednesday, 30 April
GLSA: balsa (200304-10) Daniel Ahlberg
Cisco Security Advisory: Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Cisco Systems Product Security Incident Response Team
Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv) Damien Miller
RE: [Opera 7] Yet Another Story of "Phantom of the Opera" GreyMagic Software
OpenSSH/PAM timing attack allows remote users identification Marco Ivaldi
[SECURITY] [DSA 292-3] New mime-support packages really fix temporary file race conditions Martin Schulze
[CLA-2003:614] REVISED: Conectiva Security Announcement - sendmail Conectiva Updates
Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv) Valdis . Kletnieks
[ESA-20030430-013] 'snort' stream4 preprocessor integer overflow vulnerability EnGarde Secure Linux
[CLA-2003:632] Conectiva Security Announcement - apache Conectiva Updates
[CLA-2003:633] Conectiva Security Announcement - glibc Conectiva Updates