SecurityFocus

Format string bug in Army Men RTS 2004-11-14
Luigi Auriemma (aluigi autistici org)

[SNS Advisory No.79] A Possibility of Cookie Overwrite in Microsoft Internet Explorer 2004-11-15
Jérôme ATHIAS (jerome athias fr)

Re: Security flaw in ALCATEL/THOMSON Speed Touch Pro ADSL modems 2004-11-13
3APA3A (3APA3A SECURITY NNOV RU)

Re: Security flaw in ALCATEL/THOMSON Speed Touch Pro ADSL modems 2004-11-13
Gregory Duchemin (c3rb3r sympatico ca)

Multiple XSS holes in TheFaceBook 2004-11-13
Alex Lanstein (alex lanstein gmail com)

SQL Injection in phpBT (bug.php) add project 2004-11-12
jessica soules (admin howdark com)

SQL Injection in phpBT (bug.php - Add) 2004-11-12
Jérôme ATHIAS (jerome athias fr)

IPSwitch-IMail-8.13 Stack Overflow in the DELETE Command 2004-11-12
Jérôme ATHIAS (jerome athias fr)

TWiki search function allows arbitrary shell command execution 2004-11-12
Hans Ulrich Niedermann (hun bawue de)

Eudora 6.2 attachment spoof 2004-11-13
psz maths usyd edu au (Paul Szabo)

phpBB Code EXEC (v2.0.10) 2004-11-13
jessica soules (admin howdark com)

SQL Injection in phpBT (bug.php) 2004-11-13
jessica soules (admin howdark com)

Crash in Secure Network Messenger 1.4.2 2004-11-12
Luigi Auriemma (aluigi autistici org)

Sudo version 1.6.8p2 now available (fwd) 2004-11-12
je sekure net

Re: Unsecure Ftpd on HP PSC 2510 Printer 2004-11-12
Lawrence MacIntyre (macintyrelp ornl gov)

Re: Unsecure Ftpd on HP PSC 2510 Printer 2004-11-12
KF_lists (kf_lists secnetops com)

Re: Unsecure Ftpd on HP PSC 2510 Printer 2004-11-12
Lawrence MacIntyre (macintyrelp ornl gov)

Re: Unsecure Ftpd on HP PSC 2510 Printer 2004-11-12
KF_lists (kf_lists secnetops com)

Vulnerability not with vBulletin 2004-11-12
Kier Darby (kier vbulletin com)

Re: Linux ELF loader vulnerabilities 2004-11-12
Jirka Kosina (jikos jikos cz)

[SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability 2004-11-12
joey infodrom org (Martin Schulze)

Security flaw in ALCATEL/THOMSON Speed Touch Pro ADSL modems 2004-11-12
Gregory Duchemin (c3rb3r sympatico ca)

[USN-24-1] openssl script vulnerability 2004-11-11
Martin Pitt (martin pitt canonical com)

[USN-23-1] apache2 vulnerability 2004-11-11
Martin Pitt (martin pitt canonical com)

[ GLSA 200411-21 ] Samba: Remote Denial of Service 2004-11-11
Matthias Geerdsen (vorlon gentoo org)

Unofficial Internet Explorer FRAME/IFRAME fix 2004-11-12
Thomas Rogg (tr-lists cherryware de)

Re: Unsecure Ftpd on HP PSC 2510 Printer 2004-11-11
Lawrence MacIntyre (macintyrelp ornl gov)

Contact in HP related to OpenView / Coda 2004-11-11
Noam Rathaus (noamr beyondsecurity com)

Re: Evidence Mounts that the Vote Was Hacked 2004-11-11
Jake Appelbaum (jacob appelbaum net)

[USN-22-1] samba vulnerability 2004-11-10
Martin Pitt (martin pitt canonical com)

RE: Evidence Mounts that the Vote Was Hacked 2004-11-11
David Hayden (dahayden clubhayden com)

RE: Norton AntiVirus Script Blocking Exploit -- Symantec's response 2004-11-11
Daniel Milisic (dmilisic myrealbox com)

[ GLSA 200411-22 ] Davfs2, lvm-user: Insecure tempfile handling 2004-11-11
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

Re: New URL spoofing bug in Microsoft Internet Explorer 2004-11-11
http-equiv@excite.com (1 malware com)

[ GLSA 200411-18 ] Apache 2.0: Denial of Service by memory consumption 2004-11-10
Matthias Geerdsen (vorlon gentoo org)

[USN-21-1] libgd vulnerabilities 2004-11-09
Martin Pitt (martin pitt canonical com)

[ GLSA 200411-19 ] Pavuk: Multiple buffer overflows 2004-11-10
Luke Macken (lewk gentoo org)

security hole (http response splitting) in phpwebsite 2004-11-11
Maestro De-Seguridad (maestrodeseguridad lycos com)

Zone Labs IMsecure Active Link Filter Bypass 2004-11-11
Kurczaba Associates advisories (advisories kurczaba com)

Re: Linux ELF loader vulnerabilities 2004-11-11
Pavel Kankovsky (peak argo troja mff cuni cz)

[waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions] 2004-11-12
Janek Vind (come2waraxe yahoo com)

[CLA-2004:889] Conectiva Security Announcement - sasl2 2004-11-11
Conectiva Updates (secure conectiva com br)

Cisco Security Advisory: Crafted Timed Attack Evades Cisco Security Agent Protections 2004-11-11
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[ GLSA 200411-20 ] ez-ipupdate: Format string vulnerability 2004-11-11
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

Re: [Full-Disclosure] Re: Linux ELF loader vulnerabilities 2004-11-11
Jirka Kosina (jikos jikos cz)

SQL injection in vBulletin forums (last10.php) 2004-11-11
Dr. Death (drdeath4ever hotmail com)

Re: Linux ELF loader vulnerabilities 2004-11-11
Ted Percival (ted mrphp com au)

Re: Evidence Mounts that the Vote Was Hacked 2004-11-10
Peter Conrad (conrad tivano de)

Re: Evidence Mounts that the Vote Was Hacked 2004-11-10
Atom 'Smasher' (atom suspicious org)

Re: Evidence Mounts that the Vote Was Hacked 2004-11-10
Rick Crelia (rick crelia oregonstate edu)

Hotfoon Ver 4.0 Highv Risk 2004-11-10
saudi linux (ksa2ksa yahoo com)

Re: Nortel Networks Contivity VPN Client information leakage vulnerability 2004-11-10
Quincy Jackson (qjacks0n yahoo com)

Unsecure Ftpd on HP PSC 2510 Printer 2004-11-10
Justin Rush (jrush scout wisc edu)

Re: Evidence Mounts that the Vote Was Hacked 2004-11-10
Jei (jei cc hut fi)

Re: Evidence Mounts that the Vote Was Hacked 2004-11-10
bkfsec (bkfsec sdf lonestar org)

Re: Evidence Mounts that the Vote Was Hacked 2004-11-10
Jay D. Dyson (jdyson treachery net)

04WebServer Three Vulnerabilities 2004-11-10
Jérôme ATHIAS (jerome athias fr)

Security Contact Info for IPSWITCH 2004-11-10
Tom (tommy providesecurity com)

Re: BoF in Windows 2000: ddeshare.exe 2004-11-10
J. S. Connell (ankh canuck gen nz)

BNC 2.8.9 remote buffer overflow 2004-11-10
LSS Security (exposed lss hr)

Nortel Networks Contivity VPN Client information leakage vulnerability 2004-11-10
Network Intelligence (I) Pvt. Ltd. (info nii co in)

Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service 2004-11-10
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SquirrelMail Security Advisory] Cross Site Scripting in encoded text 2004-11-10
Jonathan Angliss (jon squirrelmail org)

Multiple Vulnerabilities in WebCalendar 2004-11-09
Joxean Koret (joxeankoret yahoo es)

Linux ELF loader vulnerabilities 2004-11-10
Paul Starzetz (ihaquer isec pl)

[ GLSA 200411-16 ] zip: Path name buffer overflow 2004-11-09
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

Re: BoF in Windows 2000: ddeshare.exe 2004-11-09
Valdis Kletnieks vt edu

Re: Evidence Mounts that the Vote Was Hacked 2004-11-09
Jay D. Dyson (jdyson treachery net)

[ GLSA 200411-17 ] mtink: Insecure tempfile handling 2004-11-09
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service 2004-11-09
Marc Maiffret (mmaiffret eeye com)

[SECURITY] [DSA 591-1] New libgd2 packages fix arbitrary code execution 2004-11-09
joey infodrom org (Martin Schulze)

[SECURITY] [DSA 589-1] New libgd1 packages fix arbitrary code execution 2004-11-09
joey infodrom org (Martin Schulze)

Re: BoF in Windows 2000: ddeshare.exe 2004-11-09
Berend-Jan Wever (skylined edup tudelft nl)

Security Contact for T-Mobile? 2004-11-09
Jake Appelbaum (jacob appelbaum net)

[USN-20-1] Ruby CGI module vulnerability 2004-11-08
Martin Pitt (martin pitt canonical com)

Re: [HV-LOW] Symantec LiveUpdate issues may cause DoS 2004-11-09
secure symantec com

[SECURITY] [DSA 590-1] New gnats packages fix arbitrary code execution 2004-11-09
joey infodrom org (Martin Schulze)

Vulnerabilities in JAF CMS 2004-11-09
y3dips@www.securityfocus.com,[ echo|staff ]@securityfocus.com@www.securityfocus.com (y3dips echo or id)

Re: Update: Web browsers - a mini-farce (MSIE gives in) 2004-11-09
Heikki Kortti (hkortti codenomicon com)

BoF in Windows 2000: ddeshare.exe 2004-11-09
Jack C (jack crepinc com)

Re: New URL spoofing bug in Microsoft Internet Explorer 2004-11-08
roozbeh afrasiabi (roozbeh_afrasiabi yahoo com)

MDKSA-2004:128 - Updated ruby packages fix remote DoS vulnerability 2004-11-08
Mandrake Linux Security Team (security linux-mandrake com)

Evidence Mounts that the Vote Was Hacked 2004-11-08
Atom 'Smasher' (atom suspicious org)

[CLA-2004:886] Conectiva Security Announcement - xpdf 2004-11-08
Conectiva Updates (secure conectiva com br)

[CLA-2004:888] Conectiva Security Announcement - libtiff3 2004-11-08
Conectiva Updates (secure conectiva com br)

Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!)) 2004-11-08
Menashe Eliezer (menashe finjan com)

[SECURITY] [DSA 586-1] New ruby packages fix denial of service 2004-11-08
joey infodrom org (Martin Schulze)

[HV-LOW] Symantec LiveUpdate issues may cause DoS 2004-11-04
vuln hexview com

[ GLSA 200411-14 ] Kaffeine, gxine: Remotely exploitable bufferoverflow 2004-11-07
Luke Macken (lewk gentoo org)

[ GLSA 200411-12 ] zgv: Multiple buffer overflows 2004-11-07
Luke Macken (lewk gentoo org)

up-imapproxy DoS vulnerabilities 2004-11-07
Timo Sirainen (tss iki fi)

[ GLSA 200411-15 ] OpenSSL, Groff: Insecure tempfile handling 2004-11-08
Thierry Carrez (koon gentoo org)

Re: [Full-Disclosure] MSIE src&name property disclosure 2004-11-08
Michal Zalewski (lcamtuf coredump cx)

Re: [Full-Disclosure] MSIE src&name property disclosure 2004-11-08
Paul Schmehl (pauls utdallas edu)

Offline WPA-PSK auditing tool (coWPAtty) 2004-11-08
Joshua Wright (jwright hasborg com)

Re: [Full-Disclosure] MSIE src&name property disclosure 2004-11-08
Dave Aitel (dave immunitysec com)

[SECURITY] [DSA 588-1] New gzip packages fix insecure temporary files 2004-11-08
joey infodrom org (Martin Schulze)

[SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7 2004-11-08
Gerald (Jerry) Carter (jerry samba org)

DOS against Java JNDI/DNS 2004-11-08
Kurt Huwig (k huwig iku-ag de)

[SECURITY] [DSA 587-1] New freeam packages fix arbitrary code execution 2004-11-08
joey infodrom org (Martin Schulze)