Vulnwatch: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

66 messages starting Dec 13 04 and ending Oct 12 04
Date index | Thread index | Author index

Adam Gray

NetWare Screensaver Authentication Bypass From The Local Console Adam Gray (Dec 13)

advisories

Corsaire Security Advisory - Danware NetOp Host multiple information disclosure issues advisories (Nov 19)
Corsaire Security Advisory - Netopia Timbuktu remote buffer overflow issue advisories (Nov 19)

advisory

BindView Advisory: Memory Leak and DoS in NT4 RPC server advisory (Oct 13)

Brad Zimmerman

Veritas BackupExec Agent vulnerability Brad Zimmerman (Dec 17)

Carsten H. Eiram

Secunia Research: My Firewall Plus Privilege Escalation Vulnerability Carsten H. Eiram (Dec 21)
Secunia Research: Spy Sweeper Enterprise Client Privilege Escalation Carsten H. Eiram (Dec 21)

Chris Wysopal

Re: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc inside. Chris Wysopal (Dec 27)

class 101

[HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc inside. class 101 (Dec 27)

CORE Security Technologies Advisories

CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities CORE Security Technologies Advisories (Oct 12)

customer service mailbox

iDEFENSE Security Advisory 12.21.04: Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: libtiff Directory Entry Count Integer Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler Negative Read Length Heap Overflow Vulnerability customer service mailbox (Dec 22)
iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerability customer service mailbox (Dec 22)

Daniel Milisic

Norton AntiVirus 2004/2005 Scripting Vulnerability Pt.3 (Includes PoC VBScript Code) Daniel Milisic (Nov 11)

Dragos Ruiu

pacsec.jp advisory: Firewire/IEEE 1394 Considered Harmful to Physical Security Dragos Ruiu (Oct 18)

GreyMagic Security

Regression in IE: Accessing remote/local content in IE (GM#009-IE) GreyMagic Security (Oct 12)
Online Script Decoder GreyMagic Security (Dec 07)

GuidoZ

Quick JPEG/GDI test & fix (timesaver) GuidoZ (Oct 06)
UPDATED: Quick JPEG/GDI test & fix (timesaver) GuidoZ (Oct 07)

Hans Ulrich Niedermann

TWiki search function allows arbitrary shell command execution Hans Ulrich Niedermann (Nov 12)

Jakob Balle

Secunia Research: Multiple Browsers Tabbed Browsing Vulnerabilities Jakob Balle (Oct 20)

Matthias Andree

bogofilter-SA-2004-01: RFC 2047 Denial-of-service in 0.17.4 <= bogofilter <= 0.92.7 Matthias Andree (Oct 30)

Michael Evanchik

Re: YET AGAIN Automatic remote compromise of Internet Explorer Service Pack 2 XP SP2 Michael Evanchik (Dec 27)
re: How to Break Windows XP SP2 + Internet Explorer 6 SP2 Michael Evanchik (Oct 25)
Re: YET AGAIN Automatic remote compromise of Internet Explorer Service Pack 2 XP SP2 Michael Evanchik (Dec 27)

Microsoft Security Response Center

New Microsoft Security Response Center PGP Key [pgp] Microsoft Security Response Center (Oct 05)

NGSSoftware Insight Security Research

Patch available for multiple high risk vulnerabilities in RealPlayer NGSSoftware Insight Security Research (Oct 06)
Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H) NGSSoftware Insight Security Research (Dec 23)
Oracle wrapped procedure overflow (#NISR2122004J) NGSSoftware Insight Security Research (Dec 23)
Oracle TNS Listener DoS (#NISR2122004F) NGSSoftware Insight Security Research (Dec 23)
Oracle Character Conversion Bugs (#NISR2122004G) NGSSoftware Insight Security Research (Dec 23)
Oracle extproc local command execution (#NISR23122004C) NGSSoftware Insight Security Research (Dec 23)
Oracle Trigger Abuse (#NISR2122004I) NGSSoftware Insight Security Research (Dec 23)
IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J) NGSSoftware Insight Security Research (Dec 23)
Oracle clear text passwords (#NISR2122004D) NGSSoftware Insight Security Research (Dec 23)
Oracle ISQLPlus file access vulnerability (#NISR2122004E) NGSSoftware Insight Security Research (Dec 23)
Oracle extproc buffer overflow (#NISR23122004A) NGSSoftware Insight Security Research (Dec 23)
Patch available for high risk flaws in the AtHoc Toolbar NGSSoftware Insight Security Research (Oct 06)
Oracle extproc directory traversal (#NISR23122004B) NGSSoftware Insight Security Research (Dec 23)
IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L) NGSSoftware Insight Security Research (Dec 23)
Patch available for critical IBM DB2 Universal Database flaws NGSSoftware Insight Security Research (Oct 05)

Nicolas Gregoire

Re: [Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLL Nicolas Gregoire (Dec 08)
Multiple vulnerabilities in phpMyAdmin Nicolas Gregoire (Dec 13)
Multiple vulnerabilities in w3who ISAPI DLL Nicolas Gregoire (Dec 06)

Nicolas Waisman

Immunity, Inc. Advisor Nicolas Waisman (Nov 29)

NSFOCUS Security Team

NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability NSFOCUS Security Team (Oct 21)

Paul Laudanski

phpBB Attachment Mod Directory Traversal HTTP POST Injection Paul Laudanski (Dec 14)

Paul Starzetz

Linux kernel IGMP vulnerabilities Paul Starzetz (Dec 14)
Addendum, recent Linux <= 2.4.27 vulnerabilities Paul Starzetz (Nov 19)
Linux kernel scm_send local DoS Paul Starzetz (Dec 14)

Peter Kruse

Rendering large binary file as HTML makes Mozilla Firefox stop responding or crash Peter Kruse (Oct 25)

R00tCr4ck

Multiple Vulnerabilities in CoolPHP R00tCr4ck (Oct 17)
MS-DOS Device Name Denial Of Service Vulnerability in Abyss Web Server X1 for Windows R00tCr4ck (Oct 20)
Multiple Vulnerabilities in Web Forums Server R00tCr4ck (Nov 02)

Rafel Ivgi

Hotmail Cross Site Scripting Vulnerability #2 Rafel Ivgi (Dec 15)

Rafel Ivgi, The-Insider

Cross-Site-Scripting Vulnerability in Microsoft.com Rafel Ivgi, The-Insider (Nov 04)
Yahoo! Mail Cross-Site Scripting Vulnerability Rafel Ivgi, The-Insider (Dec 15)
Hotmail Cross-Site Scripting Vulnerability #1 Rafel Ivgi, The-Insider (Dec 15)

Secure Computer Group

[CAN-2004-1022] Insecure Credential Storage on Kerio Software Secure Computer Group (Dec 14)
[CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio Software Secure Computer Group (Dec 14)

Steve Shockley

Re: Online Script Decoder Steve Shockley (Dec 07)

Thomas Kristensen

[SA12981] Secunia Research: Opera Download Dialog Spoofing Vulnerability Thomas Kristensen (Dec 12)

wirepair

Re: CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities wirepair (Oct 12)

Previous period

Next period