SecurityFocus

[Security Bulletin] SSRT4883 rev.3 HP-UX ftp and ftpd remote unauthorized access 2004-12-23
Boren, Rich (SSRT) (rich boren hp com)

[USN-50-1] CUPS vulnerabilities 2004-12-23
Martin Pitt (martin pitt canonical com)

Re: Security Advisory for ALL forum services with client-set images 2004-12-23
Tim Jackson (lists timj co uk)

Re: [Full-Disclosure] Re: Linux kernel scm_send local DoS 2004-12-23
Valdis Kletnieks vt edu

Re: phpBB Worm 2004-12-23
Anders Henke (anders schlund de)

[Security Bulletin] SSRT4876 rev.0 HP Tru64 UNIX SWS (Apache) Secure Web Server Remote 2004-12-23
Boren, Rich (SSRT) (rich boren hp com)

[Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflow 2004-12-23
Boren, Rich (SSRT) (rich boren hp com)

[ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increase 2004-12-23
Boren, Rich (SSRT) (rich boren hp com)

[USN-52-1] vim vulnerability 2004-12-23
Martin Pitt (martin pitt canonical com)

[USN-51-1] teTeX auxiliary script vulnerability 2004-12-23
Martin Pitt (martin pitt canonical com)

[USN-49-1] debmake vulnerability 2004-12-23
Martin Pitt (martin pitt canonical com)

RE: phpBB Worm 2004-12-23
Ofer Shezaf (Ofer Shezaf breach com)

[USN-48-1] xpdf, tetex-bin vulnerabilities 2004-12-23
Martin Pitt (martin pitt canonical com)

RE: Crystal FTP Pro 2.8 PoC 2004-12-24
cybertronic gmx net

RE: Local versus remote security holes 2004-12-22
David Brodbeck (DavidB mail interclean com)

WPkontakt message parsing error 2004-12-23
Jaroslaw Sajko (sloik man poznan pl)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
Crispin Cowan (crispin immunix com)

Re: phpBB Worm 2004-12-22
William Geoghegan (w geoghegan geotekcs co uk)

Inexcusable weakness in Kmail / GnuPG 2004-12-23
Thomas C. Greene (thomas greene theregister co uk)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-23
Crispin Cowan (crispin immunix com)

Re: Security Advisory for ALL forum services with client-set images 2004-12-23
Stefan Paletta (stefanp cabal1 com)

Re: [webmin-l] Re: Webmin BruteForce + Command execution - ByDi42lo <DiAblo_2 (at) 012.net (dot) il [email concealed]> 2004-12-23
Jamie Cameron (jcameron webmin com)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-23
Michal Zalewski (lcamtuf dione ids pl)

RE: DJB's students release 44 *nix software vulnerability advisories 2004-12-23
Palmer, Paul (ISSAtlanta) (PPalmer iss net)

Re: Linux kernel scm_send local DoS 2004-12-23
Pavel Kankovsky (peak argo troja mff cuni cz)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-23
D. J. Bernstein (djb cr yp to)

Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier 2004-12-23
GulfTech Security (security gulftech org)

[USN-47-1] Linux kernel vulnerabilities 2004-12-23
Martin Pitt (martin pitt canonical com)

Re: phpBB Worm 2004-12-23
Anders Henke (anders schlund de)

Crystal FTP Pro 2.8 PoC 2004-12-23
cybertronic gmx net

Re: phpBB Worm 2004-12-23
Alvin Packard (appredator gmail com)

SHOUTcast remote format string vulnerability 2004-12-23
Damian Put (pucik cc-team org)

Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability 2004-12-23
Moritz Muehlenhoff (muehlenhoff univention de)

Re: stick with "anonymous" or "authenticated" when describing 2004-12-23
Steven M. Christey (coley mitre org)

Microsoft Windows LoadImage API Integer Buffer overflow 2004-12-23
flashsky fangxing (flashsky xfocus org)

Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation 2004-12-23
flashsky fangxing (flashsky xfocus org)

Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability 2004-12-23
flashsky fangxing (flashsky xfocus org)

[SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code execution 2004-12-23
joey infodrom org (Martin Schulze)

Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Microsoft Windows winhlp32.exe Heap Overflow Vulnerability 2004-12-23
flashsky fangxing (flashsky xfocus org)

Oracle TNS Listener DoS (#NISR2122004F) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

[OpenPKG-SA-2004.055] OpenPKG Security Advisory (gettext) 2004-12-23
OpenPKG (openpkg openpkg org)

Oracle extproc local command execution (#NISR23122004C) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Oracle wrapped procedure overflow (#NISR2122004J) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Oracle extproc directory traversal (#NISR23122004B) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Oracle ISQLPlus file access vulnerability (#NISR2122004E) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Oracle clear text passwords (#NISR2122004D) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Oracle Character Conversion Bugs (#NISR2122004G) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Oracle extproc buffer overflow (#NISR23122004A) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Oracle Trigger Abuse (#NISR2122004I) 2004-12-23
NGSSoftware Insight Security Research (nisr nextgenss com)

Re: WebWorm using PHPBB vulnerability in the wild! 2004-12-22
Nick Johnson (arachnid notdot net)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
sean (infamous41md hotpop com)

Security Advisory for ALL forum services with client-set images 2004-12-22
James Bandara (jamez1 gmail com)

2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability 2004-12-22
zib zib (zibelette aol com)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
Jack Lloyd (lloyd randombit net)

Webmin BruteForce + Command execution - By Di42lo <DiAblo_2 (at) 012.net (dot) il [email concealed]> 2004-12-23
amit sides (DiAblo_2 012 net il)

stick with "anonymous" or "authenticated" when describing attacks 2004-12-22
Jonathan G. Lampe (jonathan lampe standardnetworks com)

MDKSA-2004:157 - Updated mplayer packages fix multiple vulnerabilities 2004-12-22
Mandrake Linux Security Team (security linux-mandrake com)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
Crispin Cowan (crispin immunix com)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
Casper Dik Sun COM

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
Steven M. Christey (coley mitre org)

PHP v4.3.x exploit for Windows. 2004-12-22
The Warlock (thewarlock 0xf org)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
David Eisner (cradle umd edu)

RE: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
Manning, Robert (Mission Systems) (Bob Manning ngc com)

Permission problem in Skype BETA for linux 2004-12-22
Peter Conrad (conrad tivano de)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
Steven M. Christey (coley mitre org)

Realone2.0 "pnxr3260.dll" Lets Remote Users IE Browser Crash 2004-12-22
Wei Li (pcocop hotmail com)

possible local exploit via sendmail with procmail on solaris 2004-12-21
Michael Barnes (mbarnes compsci wm edu)

[ GLSA 200412-23 ] Zwiki: XSS vulnerability 2004-12-21
Luke Macken (lewk gentoo org)

Re: Local versus remote security holes 2004-12-22
Adam Shostack (adam homeport org)

Re: phpBB Worm 2004-12-22
ycw1bh302 sneakemail com

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
Valdis Kletnieks vt edu

Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability 2004-12-22
Marc Schoenefeld (schonef uni-muenster de)

malware effecting broadband users in Israel 2004-12-22
Gadi Evron (gadi tehila gov il)

Re: phpBB Worm 2004-12-22
Alexander Klimov (alserkli inbox ru)

Re: phpBB Worm 2004-12-22
Sebastian Wiesinger (bofh fire-world de)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
Jonathan Rockway (jrockw2 uic edu)

Re: DJB's students release 44 *nix software vulnerabilityadvisories 2004-12-22
Chris Paget (ivegotta tombom co uk)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
Jonathan Rockway (jrockw2 uic edu)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-22
D. J. Bernstein (djb cr yp to)

Sybase ASE 12.5.2 vulnerabilities 2004-12-22
NGSSoftware Insight Security Research (nisr ngssoftware com)

MDKSA-2004:156 - Updated krb5 packages fix buffer overflow vulnerability 2004-12-22
Mandrake Linux Security Team (security linux-mandrake com)

Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability 2004-12-22
Dmitry V. Levin (ldv altlinux org)

MDKSA-2004:155 - Updated logcheck packages fix temporary file vulnerability 2004-12-22
Mandrake Linux Security Team (security linux-mandrake com)

Local versus remote security holes 2004-12-22
D. J. Bernstein (djb cr yp to)

SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2004:046) 2004-12-22
Marcus Meissner (meissner suse de)

[SECURITY] [DSA 615-1] New debmake package fixes insecure temporary directories 2004-12-22
joey infodrom org (Martin Schulze)

MDKSA-2004:154 - Updated kdelibs packages fix multiple vulnerability 2004-12-22
Mandrake Linux Security Team (security linux-mandrake com)

SUSE Security Announcement: samba (SUSE-SA:2004:045) 2004-12-22
krahmer suse de (Sebastian Krahmer)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
Raymond M. Reskusich (reskusic uiuc edu)

Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer. 2004-12-21
Berend-Jan Wever (skylined edup tudelft nl)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
laffer1 (laffer1 mail foolishgames com)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
Stephen Harris (bugtraq spuddy org)

[SECURITY] [DSA 613-1] New ethereal packages fix denial of service 2004-12-21
joey infodrom org (Martin Schulze)

RE: phpBB Worm 2004-12-21
Paul Kurczaba (paul myipis com)

WebWorm using PHPBB vulnerability in the wild! 2004-12-20
Niki Denev (nike_d cytexbg com)

Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue) 2004-12-21
Shiva Persaud (shivapd us ibm com)

Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-21
David F. Skoll (dfs roaringpenguin com)