SecurityFocus

iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability 2004-12-16
iDEFENSE Security Advisory (customerservice idefense com)

iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow Vulnerability 2004-12-16
iDEFENSE Security Advisory (customerservice idefense com)

Re: [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines 2004-12-16
Alexey I. Froloff (raorn immo ru)

PHP Input Validation Vulnerabilities 2004-12-16
Daniel Fabian (research sec-consult com)

DJB's students release 44 *nix software vulnerability advisories 2004-12-16
Thor Larholm (thor pivx com)

Multiple XSS Vulnerabilities in Wordpress 1.2.1 2004-12-16
Thomas Waldegger (bugtraq morph3us org)

STG Security Advisory: [SSA-20041215-19] Vulnerability of uploading files with multiple extensions in MediaWiki 2004-12-16
advisory stgsecurity com

[MaxPatrol] SQL-injection in Ikonboard 3.1.x 2004-12-16
Alexander Anisimov (anisimov ptsecurity com)

[SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9 2004-12-16
Gerald Carter (jerry samba org)

STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod 2004-12-16
advisory stgsecurity com

iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability 2004-12-15
customer service mailbox (customerservice idefense com)

STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard 2004-12-16
advisory stgsecurity com

Re: php unserialize 2004-12-15
Stefan Esser (sesser php net)

Re: Linux kernel IGMP vulnerabilities 2004-12-15
matthew-bugtraq newtoncomputing co uk

RE: CSS in phpBB 1.4.4 2004-12-15
Paul Owen (paul ettanet com)

MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerability 2004-12-15
Mandrake Linux Security Team (security linux-mandrake com)

Re: Linux kernel scm_send local DoS 2004-12-15
gadgeteer elegantinnovations org

php unserialize 2004-12-15
Martin Eiszner (martin websec org)

Re: Linux kernel scm_send local DoS 2004-12-15
even multiplexed (Shadow333 gmx at)

CSS in phpBB 1.4.4 2004-12-15
SandI] (agent050 sama ru)

STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki 2004-12-15
advisory stgsecurity com

Re: Linux kernel IGMP vulnerabilities 2004-12-15
stephen joseph butler (stephen butler gmail com)

iwebnegar is vulnerable to all kind of sql injections 2004-12-15
shervin khaleghjou (oil_karchack yahoo com)

Re: Linux kernel IGMP vulnerabilities 2004-12-15
Paul Starzetz (ihaquer isec pl)

Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly Detector 2004-12-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default Passwords 2004-12-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Advisory 01/2004: Multiple vulnerabilities in PHP 4/5 2004-12-15
Stefan Esser (sesser php net)

STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability 2004-12-15
advisory stgsecurity com

Re: Linux kernel scm_send local DoS 2004-12-15
Paul Starzetz (ihaquer isec pl)

MSIE DHTML Edit Control Cross Site Scripting Vulnerability 2004-12-15
Paul (paul greyhats cjb net)

Re: Linux kernel scm_send local DoS 2004-12-15
even multiplexed (Shadow333 gmx at)

Re: rpcl_icmpdos.c 2004-12-15
x90c (jyj9782 kornet net)

[ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines 2004-12-15
Thierry Carrez (koon gentoo org)

[OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim) 2004-12-15
OpenPKG (openpkg openpkg org)

3cdaemon tftp server DOS vulnerability 2004-12-15
Wang Ning (nwang scn com cn)

[ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmap 2004-12-15
Thierry Carrez (koon gentoo org)

*nix data wipe tools 2004-12-15
Thomas C. Greene (thomas greene theregister co uk)

Re: RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability 2004-12-15
Hongzhen Zhou (felix__zhou hotmail com)

Security Advisory for CVS Slash 2004-12-15
Jamie McCarthy (jamie slashdot org)

Asante FM2008 10/100 Ethernet switch backdoor login 2004-12-15
Joe Philipps (secfocus joe philipps us)

Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ] 2004-12-15
GulfTech Security (security gulftech org)

HyperTerminal - Buffer Overflow In .ht File 2004-12-14
Brett Moore (brett moore security-assessment com)

[USN-38-1] Linux kernel vulnerabilities 2004-12-14
Martin Pitt (martin pitt canonical com)

[Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory 2004-12-14
Secure Network Operations, Inc. (advisory secnetops com)

Re: Linux kernel IGMP vulnerabilities 2004-12-14
Pekka Savola (pekkas netcore fi)

iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerability 2004-12-14
customer service mailbox (customerservice idefense com)

ASP-rider is vulnerable to sql injection attack 2004-12-15
shervin khaleghjou (oil_karchack yahoo com)

iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerability 2004-12-14
customer service mailbox (customerservice idefense com)

Re: NetWare Screensaver Authentication Bypass From The Local Console 2004-12-14
Brad Bendily (brad selu edu)

[CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio Software 2004-12-14
Secure Computer Group (scg udc es)

MDKSA-2004:149 - Updated postgresql packages fix temporary file vulnerability 2004-12-14
Mandrake Linux Security Team (security linux-mandrake com)

[SECURITY] [DSA 608-1] New zgv packages fix arbitrary code execution 2004-12-14
joey infodrom org (Martin Schulze)

RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability 2004-12-14
Hongzhen Zhou (felix__zhou hotmail com)

[CAN-2004-1022] Insecure Credential Storage on Kerio Software 2004-12-14
Secure Computer Group (scg udc es)

[ GLSA 200412-08 ] nfs-utils: Multiple remote vulnerabilities 2004-12-14
Luke Macken (lewk gentoo org)

ASP Calendar Vulnerability <www.ashiyane.com> 2004-12-14
ali reza AcTiOnSpIdEr (actionspider gmail com)

STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability 2004-12-14
advisory stgsecurity com

[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit 2004-12-14
joey infodrom org (Martin Schulze)

MDKSA-2004:148 - Updated iproute2 packages fix temporary file vulnerability 2004-12-14
Mandrake Linux Security Team (security linux-mandrake com)

Re: Citadel/UX <= v6.27 Remote Format String Vulnerability 2004-12-14
Michael Hampton (error10 gmail com)

iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerability 2004-12-14
customer service mailbox (customerservice idefense com)

[ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictions 2004-12-13
Giovanni Delvecchio (badpenguin79 hotmail com)

Re: [Full-Disclosure] [HV-LOW] Symantec LiveUpdate issues may cause DoS 2004-12-14
Dan Margolis (krispykringle gentoo org)

Linux kernel scm_send local DoS 2004-12-14
Paul Starzetz (ihaquer isec pl)

Re: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory 2004-12-13
secure symantec com

Possible local root vulnerability in Roxio Toast on Mac OS X 2004-12-14
fintler (fintler gmail com)

phpBB Attachment Mod Directory Traversal HTTP POST Injection 2004-12-14
Paul Laudanski (zx castlecops com)

Linux kernel IGMP vulnerabilities 2004-12-14
Paul Starzetz (ihaquer isec pl)

Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory 2004-12-13
Secure Network Operations, Inc. (advisory secnetops com)

NetWare Screensaver Authentication Bypass From The Local Console 2004-12-13
Adam Gray (agray novacoast com)

[ GLSA 200412-06 ] PHProjekt: setup.php vulnerability 2004-12-10
Thierry Carrez (koon gentoo org)

[ GLSA 200412-07 ] file: Arbitrary code execution 2004-12-13
Matthias Geerdsen (vorlon gentoo org)

What's "may have exploitable buffer overflows" mean in tcpdump? 2004-12-13
Dragos Ruiu (dr kyx net)

RE: zone transfers, a spammer's dream? 2004-12-13
Marcin Pacyna (mpacyna nexvision com)

Winamp 5.07 (latest version) Remote Crash + other stupid shizle 2004-12-13
b0f www.b0f.net (b0fnet yahoo com)

[ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien 2004-12-13
Giovanni Delvecchio (badpenguin79 hotmail com)

Socket unreacheable in the Lithtech engine (new protocol) 2004-12-13
Luigi Auriemma (aluigi autistici org)

iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability 2004-12-13
customer service mailbox (customerservice idefense com)

MS IE User's Authentication Details (userid/password) Sharing Issue 2004-12-12
Debasis Mohanty (mail hackingspirits com)

KDE Security Advisory: Konqueror Window Injection Vulnerability 2004-12-13
Waldo Bastian (bastian kde org)

Gadu-Gadu several vulnerabilities 2004-12-13
Jaroslaw Sajko (sloik man poznan pl)

Multiple vulnerabilities in phpMyAdmin 2004-12-13
Nicolas Gregoire (ngregoire exaprobe com)

SugarSales Multiple Vulnerabilities 2004-12-13
Daniel Fabian (research sec-consult com)

Re: MD5 To Be Considered Harmful Someday 2004-12-11
Solar Designer (solar openwall com)

Citadel/UX <= v6.27 Remote Format String Vulnerability 2004-12-13
CoKi (coki nosystem com ar)

Local off-by-one in mtr versions 0.55 to 0.65 2004-12-11
venglin freebsd lublin pl

HOW TO BREAK XP SP2 POPUP BLOCKER: kick it in the nut ! 2004-12-10
http-equiv@excite.com (1 malware com)

In-game buffer-overflow in the Gamespy cd-key validation SDK 2004-12-10
Luigi Auriemma (aluigi autistici org)

wget: Arbitrary file overwriting/appending/creating and other vulnerabilities 2004-12-09
Jan Minar (jjminar FastMail FM)

CodeCon CFP deadline nearing 2004-12-10
Len Sassaman (rabbi abditum com)

Re: Multiple Vulnerabilities in paFileDB 3.1 2004-12-09
Rafael San Miguel Carrasco (smcsoc yahoo es)

F-Secure Policy Manager - physical path disclosure 2004-12-09
oliver greyhat de

Re: MD5 To Be Considered Harmful Someday 2004-12-08
Adam Shostack (adam homeport org)

KDE Security Advisory: kfax libtiff vulnerabilities 2004-12-09
Dirk Mueller (mueller kde org)

KDE Security Advisory: plain text password exposure 2004-12-09
Dirk Mueller (mueller kde org)

Re: MD5 To Be Considered Harmful Someday 2004-12-09
Pavel Kankovsky (peak argo troja mff cuni cz)

TSLSA-2004-0064 - nfs-utils 2004-12-09
Trustix Security Advisor (tsl trustix org)

Re: MD5 To Be Considered Harmful Today 2004-12-08
Dan Kaminsky (dan doxpara com)

Re: MD5 To Be Considered Harmful Today 2004-12-08
Pavel Machek (pavel ucw cz)

Re: MD5 To Be Considered Harmful Today 2004-12-08
Dan Kaminsky (dan doxpara com)