SecurityFocus

Re: IpSwitch IMail Server <= ver 8.1 User Password Decryption 2004-08-17
Jérôme ATHIAS (jerome athias caramail com)

MDKSA-2004:083 - Updated rsync packages fix remotely-exploitable vulnerability 2004-08-17
Mandrake Linux Security Team (security linux-mandrake com)

Vulnerabilities in Merak Webmail Server. 2004-08-17
Criolabs (security criolabs net)

RE: [Full-Disclosure] IpSwitch IMail Server <= ver 8.1 User Password Decryption 2004-08-16
Bill Roemhild (broemhild positiveplace org)

Re: First vulnerabilities in the SP2 - XP ?... 2004-08-17
Oliver Schneider (Borbarad gmxpro net)

Re: First vulnerabilities in the SP2 - XP ?... 2004-08-17
Colin Alston (karnaugh karnaugh za net)

Re: IpSwitch IMail Server <= ver 8.1 User Password Decryption 2004-08-17
Dave Warren (dave warren devilsplayground net)

Cross-Site Scripting (XSS) in Php-Nuke 7.1.0 2004-08-17
Abu Lafy (off hotmail com)

[ GLSA 200408-18 ] xine-lib: VCD MRL buffer overflow 2004-08-17
Kurt Lieber (klieber gentoo org)

LNSA-#2004-0017: rsync (Aug, 17 2004) 2004-08-17
Vincenzo Ciaglia (ciaglia netwosix org)

[NGSEC-2004-6] IPD, local system denial of service. 2004-08-17
labs@NGSEC (labs ngsec com)

Opera Local File/Directory Detection (GM#009-OP) 2004-08-17
GreyMagic Software (security greymagic com)

vpopmail <= 5.4.2 (sybase vulnerability) 2004-08-17
Jérôme ATHIAS (jerome athias caramail com)

[ GLSA 200408-17 ] rsync: Potential information leakage 2004-08-17
Kurt Lieber (klieber gentoo org)

TSLSA-2004-0042 - rsync 2004-08-17
Trustix Security Advisor (tsl trustix org)

[SECURITY] [DSA 539-1] New kdelibs packages fix denial of service 2004-08-17
joey infodrom org (Martin Schulze)

Re: SQL Injection in CACTI 2004-08-17
Thomas Chiverton (thomas chiverton bluefinger com)

Third party cookie handling in Opera can lead to potential compromises in Servers relying on redirection 2004-08-17
Rohit Dube (rohit kritikalsolutions com)

[ GLSA 200408-16 ] glibc: Information leak with LD_DEBUG 2004-08-17
Kurt Lieber (klieber gentoo org)

[SECURITY] [DSA 538-1] New rsync packages fix unauthorised directory traversal and file access 2004-08-17
joey infodrom org (Martin Schulze)

SQL Injection in CACTI 2004-08-16
Fernando Quintero (nando altred net)

First vulnerabilities in the SP2 - XP ?... 2004-08-16
Jérôme ATHIAS (jerome athias caramail com)

IpSwitch IMail Server <= ver 8.1 User Password Decryption 2004-08-16
Adik (netninja hotmail kg)

Re: SpecificMAIL Technical Brief 2004-08-16
Skip Carter (skip taygeta com)

TSSA-2004-020-ES - rsync 2004-08-16
tinysofa Security Team (security tinysofa org)

pscript.de PFORUM XSS Vulnerability 2004-08-14
Christoph Jeschke (ponders bugtraq arcor de)

[ GLSA 200408-14 ] acroread: UUDecode filename buffer overflow 2004-08-15
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

NullyFake - Site Spoofing in MSIE 2004-08-15
Liu Die Yu (liudieyu umbrella name)

gv buffer overflows: here, there, and everywhere 2004-08-16
infamous41md hotpop com

SUSE Security Announcement: rsync (SUSE-SA:2004:026) 2004-08-16
Thomas Biege (thomas suse de)

[SECURITY] [DSA 537-1] New Ruby packages fix insecure CGI session management 2004-08-16
joey infodrom org (Martin Schulze)

[ GLSA 200408-15 ] Tomcat: Insecure Installation 2004-08-15
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

Re: [ GLSA 200408-10 ] gv: Exploitable Buffer Overflow 2004-08-14
Dan Margolis (krispykringle gentoo org)

Posible security bug in phpMyWebhosting 2004-08-14
Matias Neiff (matias neiff com ar)

RE: JS/Zerolin 2004-08-14
Thor Larholm (tlarholm pivx com)

SpecificMAIL Technical Brief 2004-08-14
Nick D. (ndebaggis verizon net)

QuiXplorer directory traversal 2004-08-14
Cyrille Barthelemy (cb-lse ifrance com)

SGI Advanced Linux Environment 2.4 security update #24 2004-08-13
SGI Security Coordinator (agent99 sgi com)

SGI Advanced Linux Environment 3 Security Update #9 2004-08-13
SGI Security Coordinator (agent99 sgi com)

Re: NETGEAR DG834G SPECIAL FEATURES 2004-08-13
Dave Paris (dparis w3works com)

Re: JS/Zerolin 2004-08-13
K-OTiK Security (Special-Alerts k-otik com)

Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues 2004-08-13
advisories (advisories corsaire com)

Re: NETGEAR DG834G SPECIAL FEATURES 2004-08-13
thanasonic hack gr

Re: JS/Zerolin 2004-08-13
Nicolas Gregoire (ngregoire exaprobe com)

Re: JS/Zerolin 2004-08-13
T.H. Haymore (bonk webchat chatsystems com)

RE: NETGEAR DG834G SPECIAL FEATURES 2004-08-13
Andre Lorbach (alorbach ro1 adiscon com)

Advanced usage of system() function. 2004-08-13
Adam Zabrocki (pi3ki31ny wp pl)

MDKSA-2004:082 - Updated mozilla packages fix multiple vulnerabilities 2004-08-13
Mandrake Linux Security Team (security linux-mandrake com)

Re: NETGEAR DG834G SPECIAL FEATURES 2004-08-13
Uday Moorjani (umoorjani wanadoo fr)

recent gaim advisory 2004-08-13
infamous41md hotpop com

MDKSA-2004:081 - Updated gaim packages fix remotely exploitable vulnerabilities 2004-08-13
Mandrake Linux Security Team (security linux-mandrake com)

New Paper: Microsoft Windows, a lower Total Cost of Ownership 2004-08-13
Dave Aitel (dave immunitysec com)

Re: SSC Advisory TSA-051 (T-mobile wireless and Verizon Northwest) 2004-08-12
Lance James (lancej securescience net)

NGSEC's response to Idefense overflow protections whitepaper. (PART II) 2004-08-12
lists@NGSEC (lists ngsec com)

Re: [ GLSA 200408-10 ] gv: Exploitable Buffer Overflow 2004-08-12
infamous41md hotpop com

Re: SSC Advisory TSA-051 (T-mobile wireless and Verizon Northwest) 2004-08-12
Brad Herbert (bherbert earthwastesystems com)

Re: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability 2004-08-12
High Pressure (pressure gmail com)

[ GLSA 200408-12 ] Gaim: MSN protocol parsing function buffer overflow 2004-08-12
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-12
Frank Nospam (fuy1 umbc edu)

[ GLSA 200408-13 ] kdebase, kdelibs: Multiple security issues 2004-08-12
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

JS/Zerolin 2004-08-12
T.H. Haymore (bonk webchat chatsystems com)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-12
3APA3A (3APA3A SECURITY NNOV RU)

NETGEAR DG834G SPECIAL FEATURES 2004-08-12
thanasonic hack gr

RE: NGSEC's response to Idefense overflow protections whitepaper. 2004-08-12
Richard Johnson (rjohnson iDefense com)

SUSE Security Announcement: gaim (SUSE-SA:2004:025) 2004-08-12
Thomas Biege (thomas suse de)

Re: SSC Advisory TSA-051 (T-mobile wireless and Verizon Northwest) 2004-08-12
Joe Eversole (jeversol gmail com)

[CLA-2004:858] Conectiva Security Announcement - squirrelmail 2004-08-12
Conectiva Updates (secure conectiva com br)

[ GLSA 200408-10 ] gv: Exploitable Buffer Overflow 2004-08-12
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

[ GLSA 200408-11 ] Nessus: "adduser" race condition vulnerability 2004-08-12
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

Metasploit Framework v2.2 2004-08-12
H D Moore (sflist digitaloffense net)

ISS BlackIce Server Protect Unprivileged User Attack 2004-08-11
Thomas Ryan (tommy providesecurity com)

RE: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability 2004-08-11
Thor Larholm (tlarholm pivx com)

SSC Advisory TSA-051 (T-mobile wireless and Verizon Northwest) 2004-08-11
Secure Science Corporation Advisory Notice (bugtraq securescience net)

[ GLSA 200408-09 ] Roundup filesystem access vulnerability 2004-08-11
Kurt Lieber (klieber gentoo org)

Re: Clearswift Mimesweeper Path Traversal Vulnerability 2004-08-11
Pete Simpson (pete simpson clearswift com)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Eddie Block (lists blocked org)

KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities 2004-08-11
Waldo Bastian (bastian kde org)

NGSEC's response to Idefense overflow protections whitepaper. 2004-08-11
lists@NGSEC (lists ngsec com)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Mike Pumford (mpumford mpc-data co uk)

RE: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Eggers, Bill A [LTD] (William A Eggers mail sprint com)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Steven Leikeim (steven enel ucalgary ca)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Christopher X. Candreva (chris westnet com)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Anthony Petito (anthonypetito gmail com)

Clearswift Mimesweeper Path Traversal Vulnerability 2004-08-11
Kroma Pierre (kroma syss de)

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Jack C (jack crepinc com)

EXPLOIT libpng 2004-08-10
infamous41md hotpop com

Re: Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Conor Byrne (conorb gmail com)

Re: Windows doesn't verify digital signature of CRL files 2004-08-11
Thomas Walpuski (thomas-bugtraq unproved org)

Windows doesn't verify digital signature of CRL files 2004-08-10
Michael Howard (mikehow microsoft com)

HTTP Response Splitting vulnerability in Microsoft Outlook Web Access for Exchange 5.5 2004-08-11
Amit Klein (amit klein sanctuminc com)

ptl-2004-03: WIDCOMM Bluetooth Connectivity Software Buffer Overflows 2004-08-11
Pentest Security Advisories (alerts pentest co uk)

BlackICE unprivileged local user attack 2004-08-11
Paul Craig - Pimp Industries (headpimp pimp-industries com)

Driver for display goes to a infinite loop by viewing a html! 2004-08-11
Bipin Gautam (visitbipin hotmail com)

AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability 2004-08-10
homicidal gmail com

Re: Windows doesn't verify digital signature of CRL files 2004-08-10
Thomas Walpuski (thomas-bugtraq unproved org)

Re: Windows doesn't verify digital signature of CRL files 2004-08-10
Jack Lloyd (lloyd randombit net)

Re: Windows doesn't verify digital signature of CRL files 2004-08-10
Valdis Kletnieks vt edu

Corsaire Security Advisory - Sygate Enforcer discovery packet DoS issue 2004-08-10
advisories (advisories corsaire com)

spamcop.net allows everyone to grab mail addresses and resetpasswords 2004-08-10
Henning Schmiedehausen (hps intermeta de)

Corsaire Security Advisory - Sygate Enforcer unauthenticated broadcast issue 2004-08-10
advisories (advisories corsaire com)