SecurityFocus

[SECURITY] [DSA 487-1] New neon packages fix format string vulnerabilities 2004-04-17
Matt Zimmerman (mdz debian org)

[SECURITY] [DSA 490-1] New Zope packages fix arbitrary code execution 2004-04-17
joey infodrom org (Martin Schulze)

MS04-011 SSL Remote DoS PoC 2004-04-17
David Barroso Berrueta (dbarroso s21sec com)

Squirrelmail Chpasswod bof 2004-04-17
Matias Neiff (matias neiff com ar)

Re: After Ms patches last Wed ... 2004-04-17
Andy Shaw (andy east no)

[SECURITY] [DSA 431-2] New perl packages fix information leak in suidperl 2004-04-17
Matt Zimmerman (mdz debian org)

[SCSA-028] Nuked-Klan Multiple Vulnerabilities 2004-04-17
advisory security-corporation com

Network Intelligence Advisory - Denial of Service Vulnerability in ColdFusion MX 2004-04-17
K. K. Mookhey (cto nii co in)

Internet Explorer XSS published unpatched in SP1 AND SP2 2004-04-17
Rafel Ivgi, The-Insider (theinsider 012 net il)

Re: After Ms patches last Wed ... 2004-04-17
Dan Harkless (bugtraq harkless org)

[SECURITY] [DSA 489-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) 2004-04-17
joey infodrom org (Martin Schulze)

[SECURITY] [DSA 486-1] New cvs packages fix multiple vulnerabilities 2004-04-17
Matt Zimmerman (mdz debian org)

NEW backdoor in X-Micro WLAN 11b Broadband Router 2004-04-16
RISKO Gergely (xmicro risko hu)

Norton AntiVirus nested file manual scan bypass..... 2004-04-17
Bipin Gautam (visitbipin hotmail com)

Re: After Ms patches last Wed ... 2004-04-16
phaser-X (px zeroday net)

void.at - neon format string bugs 2004-04-16
Thomas Wana (greuff void at)

[OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon) 2004-04-16
OpenPKG (openpkg openpkg org)

After Ms patches last Wed ... 2004-04-16
aborg mca org mt

"Delete anti-virus and firewall software" --Microsoft 2004-04-16
Kim Scarborough (kjs uchicago edu)

[securityzone (at) macromedia (dot) com [email concealed]: New Macromedia Security Zone Bulletin Posted] 2004-04-16
David Ahmad (da securityfocus com)

Re: ZA Security Hole 2004-04-16
Hugo van der Kooij (hvdkooij vanderkooij org)

Re: ZA Security Hole 2004-04-16
Samps (samps redjocks com)

[OpenPKG-SA-2004.015] OpenPKG Security Advisory (ethereal) 2004-04-16
OpenPKG (openpkg openpkg org)

TSLSA-2004-0020 - kernel 2004-04-16
Trustix Security Advisor (tsl trustix org)

Re: ZA Security Hole 2004-04-16
Pablo G. Sabbatella (pgs kerozene com ar)

Re: Backdoor in X-Micro WLAN 11b Broadband Router 2004-04-16
Mariano Firpo (marianofirpo x-micro com)

[Full-Disclosure] iDEFENSE Security Advisory 04.15.04: RealNetworks Helix Universal Server Denial of Service Vulnerability 2004-04-15
idlabs-advisories idefense com

SCT javascript execution vulnerability 2004-04-15
spiffomatic 64 (spiffomatic64 hotmail com)

FreeBSD Security Advisory FreeBSD-SA-04:07.cvs 2004-04-15
FreeBSD Security Advisories (security-advisories freebsd org)

Re: XSS, Admin Access via Cookie and File Upload vulnerability in NewsPHP. 2004-04-15
Manuel Lopez (mantra gulo org)

[OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql) 2004-04-14
OpenPKG (openpkg openpkg org)

ZA Security Hole 2004-04-14
Damjan Kreft (damjan kreft siol net)

US-CERT Technical Cyber Security Alert TA04-104A -- Multiple Vulnerabilities in Microsoft Products 2004-04-14
CERT Advisory (cert-advisory cert org)

Include vulnerability in GEMITEL v 3.50 2004-04-15
jaguar (webmaster wulab com)

Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability 2004-04-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[RHSA-2004:159-01] Updated Subversion packages fix security vulnerability in neon 2004-04-15
bugzilla redhat com

FW: [Unpatched] 4 new Microsoft patches, 4 old updated, 24 vulnerabilities 2004-04-14
Thor Larholm (thor pivx com)

[SECURITY] [DSA 479-2] New Linux 2.4.18 packages fix local root exploit (i386) 2004-04-14
joey infodrom org (Martin Schulze)

phpBugTracker 0.9.1 && Earlier Vulnerabilities 2004-04-15
JeiAr (security gulftech org)

[ GLSA 200404-13 ] CVS Server and Client Vulnerabilities 2004-04-14
Kurt Lieber (klieber gentoo org)

[SECURITY] [DSA 480-1] New Linux 2.4.17 and 2.4.18 packages fix local root exploit (hppa) 2004-04-14
joey infodrom org (Martin Schulze)

[RHSA-2004:154-01] Updated CVS packages fix security issue 2004-04-14
bugzilla redhat com

[SECURITY] [DSA 482-1] New Linux 2.4.17 packages fix local root exploit (source+powerpc/apus+s390) 2004-04-14
joey infodrom org (Martin Schulze)

4 new Microsoft patches to close 20 vulnerabilities 2004-04-13
Thor Larholm (thor pivx com)

SUSE Security Announcement: cvs (SuSE-SA:2004:008) 2004-04-14
krahmer suse de (Sebastian Krahmer)

[SECURITY] [DSA 483-1] New mysql packages fix insecure temporary file creation 2004-04-14
joey infodrom org (Martin Schulze)

[Full-Disclosure] iDEFENSE Security Advisory 04.13.04 - Microsoft Help and Support Center Argument Injection Vulnerability 2004-04-13
idlabs-advisories idefense com

EEYE: Windows Local Security Authority Service Remote Buffer Overflow 2004-04-13
Marc Maiffret (mmaiffret eeye com)

UPDATE: LCDproc Buffer Overflow and Format String Vulnerabilities 2004-04-13
Rene Wagner (reenoo gmx de)

EEYE: Windows Expand-Down Data Segment Local Privilege Escalation 2004-04-13
Marc Maiffret (mmaiffret eeye com)

[CLA-2004:839] Conectiva Security Announcement - apache 2004-04-13
Conectiva Updates (secure conectiva com br)

EEYE: Microsoft DCOM RPC Race Condition 2004-04-13
Marc Maiffret (mmaiffret eeye com)

Re: Fwd: [BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE)] 2004-04-13
des des no (Dag-Erling Smørgrav)

[KSA-005] Multiple vulnerabilities in Tutos 2004-04-13
François SORIN (francois sorin kereval com)

Re: Microsoft Internet Explorer BMP file memory DoS vulnerability 2004-04-13
Thilo Schulz (arny ats s bawue de)

Re: BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE) 2004-04-13
Damien Miller (djm mindrot org)

RE: Microsoft Outlook Express EML file Crash vulnerability 2004-04-13
Kamran Muzaffer (kmahmed cyber net pk)

Re: Microsoft Internet Explorer BMP file memory DoS vulnerability 2004-04-13
jeremy 33ad org

XSS, Admin Access via Cookie and File Upload vulnerability in NewsPHP. 2004-04-12
Manuel Lopez (mantra gulo org)

RE: Microsoft Internet Explorer BMP file memory DoS vulnerability 2004-04-13
Alan W. Rateliff, II (lists rateliff net)

Microsoft Internet Explorer BMP file memory DoS vulnerability 2004-04-11
Arman Nayyeri (arman-n Phreaker net)

RE: IPv4 fragmentation --> The Rose Attack 2004-04-12
Taylan Develioglu (percival devnull nl)

new strange worm 2004-04-12
Alex Gen (alexei h spray se)

[waraxe-2004-SA#016 - Cross-Site Scripting aka XSS in phpnuke 6.x-7.2 part 3] 2004-04-12
Janek Vind (come2waraxe yahoo com)

[CLA-2004:837] Conectiva Security Announcement - mod_python 2004-04-12
Conectiva Updates (secure conectiva com br)

Microsoft Outlook Express EML file Crash vulnerability 2004-04-11
Arman Nayyeri (arman-n Phreaker net)

[CLA-2004:838] Conectiva Security Announcement - squid 2004-04-12
Conectiva Updates (secure conectiva com br)

[waraxe-2004-SA#018 - Admin-level authentication bypass in phpnuke 6.x-7.2] 2004-04-12
Janek Vind (come2waraxe yahoo com)

Adobe Acrobat Reader PDF file DoS vulnerability 2004-04-11
Arman Nayyeri (arman-n Phreaker net)

BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE) 2004-04-12
Felipe Neuwald (felipe neuwald loreno com br)

eMule <= 0.42d Remote Exploit 2004-04-11
kcope (kingcope gmx net)

[waraxe-2004-SA#017 - User-level authentication bypass in phpnuke 6.x-7.2] 2004-04-12
Janek Vind (come2waraxe yahoo com)

IE 6 Print Without Prompt 2004-04-12
Ben Garvey (bengarvey comcast net)

Multiple Vulnerabilities In Tiki CMS/Groupware [ TikiWiki ] 2004-04-11
JeiAr (security gulftech org)

Gnome nautilus bug 2004-04-12
gsicht gsicht (nothing king firemail de)

UPDATE: Cisco Security Notice: Dictionary Attack on Cisco LEAP Vulnerability 2004-04-12
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Citadel/UX 6.20 fixes local permissions vulnerability 2004-04-12
error citadel org (IO ERROR)

Possible DoS on Linux kernel 2.4 and 2.6 using sigqueue overflow. 2004-04-12
Nikita V. Youshchenko (yoush cs msu su)

Monit <= 4.2 Remote Root Exploit 2004-04-11
Eye on Security India (eos-india linuxmail org)

Re: IPv4 fragmentation --> The Rose Attack 2004-04-10
gandalf digital net

Re: IPv4 fragmentation --> The Rose Attack 2004-04-09
gandalf digital net

Re: IPv4 fragmentation --> The Rose Attack 2004-04-10
Darren Reed (avalon caligula anu edu au)

Re: GNU Sharutils buffer overflow vulnerability. 2004-04-10
Dan Yefimov (dan D00M integrate com ru)

Backdoor in X-Micro WLAN 11b Broadband Router 2004-04-10
RISKO Gergely (xmicro risko hu)

RE: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) 2004-04-10
Amer Karim (amerk nautilis-sys com)

ANNOUNCE: SecLegal mailing list 2004-04-09
Thor Larholm (thor pivx com)

Re: IPv4 fragmentation --> The Rose Attack 2004-04-09
Darren Reed (avalon caligula anu edu au)

Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) 2004-04-09
Romain Francoise (romain orebokech com)

RE: Browser bugs [DoS] ... where will you draw a line? 2004-04-09
Drew Copley (dcopley eeye com)

Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) 2004-04-09
Chris Wysopal (cwysopal atstake com)

Re: DoS in Rsniff 1.0 2004-04-09
Luigi Auriemma (aluigi altervista org)

Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) 2004-04-09
Chris Johnson (johnson nmr mgh harvard edu)

Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) 2004-04-09
Geoffrey (esoteric 3times25 net)

RE: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) 2004-04-09
Richard M. Smith (rms computerbytesman com)

DoS in Rsniff 1.0 2004-04-09
Luigi Auriemma (aluigi altervista org)

[ GLSA 200404-09 ] Cross-realm trust vulnerability in Heimdal 2004-04-09
Kurt Lieber (klieber gentoo org)

Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) 2004-04-09
Chris Johnson (johnson nmr mgh harvard edu)

Browser bugs [DoS] ... where will you draw a line? 2004-04-09
Bipin Gautam (visitbipin hotmail com)

DoS in Crackalaka 1.0.8 2004-04-09
Donato Ferrante (fdonato autistici org)

[ GLSA 200404-12 ] Scorched 3D server chat box format string vulnerability 2004-04-09
Kurt Lieber (klieber gentoo org)