SecurityFocus

Re: [Fwd: Re: AIM Password theft] 2003-09-24
DarkKnight (mbuzz04 yahoo com)

Thread-IT Message Board XSS Vulnerability 2003-09-24
Bahaa Naamneh (b_naamneh hotmail com)

RE: [Fwd: Re: AIM Password theft] VU#865940 2003-09-24
Thor Larholm (thor pivx com)

RE: Does VeriSign's SiteFinder service violate the ECPA? 2003-09-24
Christopher Wagner (chrisw pacaids com)

NULLhttpd <= 0.5.1 XSS through Bad request 2003-09-24
Luigi Auriemma (aluigi altervista org)

NULLhttpd <= 0.5.1 remote resources consumption 2003-09-24
Luigi Auriemma (aluigi altervista org)

Re: AIM Password theft 2003-09-24
http-equiv@excite.com (1 malware com)

[CLA-2003:749] Conectiva Security Announcement - php4 2003-09-24
Conectiva Updates (secure conectiva com br)

Denial of Service against Gauntlet-Firewall / SQL-Gateway 2003-09-24
Oliver Heinz (heinz arago de)

Re: base64 2003-09-24
Seth Breidbart (sethb panix com)

Re: AIM Password theft 2003-09-24
Eric Joe (sysop tje1 com)

BRS WebWeaver: Anonymous Surfing 2003-09-24
euronymous (just-a-user yandex ru)

Re: AIM Password theft 2003-09-24
jelmer (jkuperus planet nl)

Re: Privacy leak in VeriSign's SiteFinder service #2 2003-09-24
der Mouse (mouse Rodents Montreal QC CA)

Re: base64 2003-09-24
MightyE (trash mightye org)

Re: base64 2003-09-24
der Mouse (mouse Rodents Montreal QC CA)

Re: base64 2003-09-24
David Wilson (David Wilson isode com)

Re: Privacy leak in VeriSign's SiteFinder service #2 2003-09-24
Marco Ivaldi (raptor 0xdeadbeef info)

GLSA: openssh (200309-14) 2003-09-23
aliz gentoo org (Daniel Ahlberg)

Privacy leak in VeriSign's SiteFinder service #2 2003-09-24
Mark Coleman (markc uniontown com)

FreeBSD Security Advisory FreeBSD-SA-03:14.arp 2003-09-24
FreeBSD Security Advisories (security-advisories freebsd org)

TCLHttpd Server - Multiple Vulnerabilities 2003-09-24
Phuong Nguyen (dphuong yahoo com)

[ESA-20030924-026] 'WebTool-userpass' passphrase disclosure vulnerability. 2003-09-24
EnGarde Secure Linux (security guardiandigital com)

Re: [Full-Disclosure] GLSA: openssh (200309-14) 2003-09-23
Ademar de Souza Reis Jr. (ademar conectiva com br)

Privacy leak in VeriSign's SiteFinder service 2003-09-23
Richard M. Smith (rms computerbytesman com)

RE: [Fwd: Re: AIM Password theft] 2003-09-23
Thor Larholm (thor pivx com)

Re: base64 2003-09-23
Lothar Kimmeringer (bugtraq kimmeringer de)

Re: AIM Password theft 2003-09-23
Brent Meshier (brent meshier com)

RE: [Fwd: Re: AIM Password theft] 2003-09-23
S G Masood (sgmasood yahoo com)

Re: base64 2003-09-24
Christian Vogel (chris obelix hedonism cx)

MondoSoft File Creation vulnerability 2003-09-24
Jens H. Christensen (jhc protego dk)

[slackware-security] WU-FTPD Security Advisory (SSA:2003-259-03) 2003-09-24
Slackware Security Team (security slackware com)

[slackware-security] New OpenSSH packages (SSA:2003-266-01) 2003-09-24
Slackware Security Team (security slackware com)

[slackware-security] ProFTPD Security Advisory (SSA:2003-259-02) 2003-09-24
Slackware Security Team (security slackware com)

OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : wu-ftpd fb_realpath() off-by-one bug 2003-09-24
security sco com

Re: base64 2003-09-23
Alexander Ogol (sanyok_nospam prophysoft org ua)

Re: base64 2003-09-23
"Ilya Teterin" (alienhard mail ru)

RE: Does VeriSign's SiteFinder service violate the ECPA? 2003-09-23
Michael Wojcik (Michael Wojcik microfocus com)

[Fwd: Re: AIM Password theft] 2003-09-23
Mark Coleman (markc uniontown com)

ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd) 2003-09-23
Dave Ahmad (da securityfocus com)

RE: Does VeriSign's SiteFinder service violate the ECPA? 2003-09-23
Kaplan Michael N NPRI (KaplanMN Npt NUWC Navy Mil)

Re: base64 2003-09-23
Birl (sbirl temple edu)

Re: Wu_ftpd all versions (not) vulnerability. 2003-09-22
Marcin Ulikowski (r3b00t tx pl)

RE: base64 2003-09-23
latte hushmail com

mpg123[v0.59r,v0.59s]: remote client-side heap corruption exploit. 2003-09-23
Vade 79 (v9 fakehalo deadpig org)

ColdFusion cross-site scripting security vulnerability of an error page 2003-09-23
Takashi Hara (pfh00062 nifty com)

Multiple PAM vulnerabilities in portable OpenSSH 2003-09-23
Damien Miller (djm cvs openbsd org)

VeriSign's SiteFinder VS Microsoft smart search 2003-09-22
urbn visi com

Re: base64 2003-09-23
Erwan David (Erwan David trusted-logic fr)

Portable OpenSSH 3.7.1p2 released 2003-09-23
Damien Miller (djm cvs openbsd org)

Re: Does VeriSign's SiteFinder service violate the ECPA? 2003-09-23
N407ER (n407er myrealbox com)

Moozatech: WZFTPD Denial Of Service 2003-09-23
Moran Zavdi (Security moozatech com)

[CLA-2003:748] Conectiva Security Announcement - wu-ftpd 2003-09-22
Conectiva Updates (secure conectiva com br)

Re: base64 2003-09-22
Bennett Todd (bet rahul net)

SpeakFreely for Win <= 7.6a remote crash through malformed GIF 2003-09-22
Luigi Auriemma (aluigi altervista org)

base64 2003-09-22
"Ilya Teterin" (alienhard mail ru)

Wu_ftpd all versions (not) vulnerability. 2003-09-22
Adam Zabrocki (pi3ki31ny wp pl)

SpeakFreely for Win <= 7.6a spoofed DoS 2003-09-22
Luigi Auriemma (aluigi altervista org)

Multiple Security Issues in Netup UTM 2003-09-20
Gleb Smirnoff (glebius cell sick ru)

How VeriSign's SiteFinder service breaks Outlook Express 2003-09-20
Richard M. Smith (rms computerbytesman com)

Does VeriSign's SiteFinder service violate the ECPA? 2003-09-20
Richard M. Smith (rms computerbytesman com)

How Verisign's SiteFinder service breaks Windows networking utilities 2003-09-20
Richard M. Smith (rms computerbytesman com)

Fw: 0x333hztty => hztty 2.0 local root exploit 2003-09-21
c0wboy@0x333 (c0wboy tiscali it)

[SECURITY] [DSA-383-2] OpenSSH buffer management fix 2003-09-21
Wichert Akkerman (wichert wiggy net)

Snort not backdoored, Sourcefire not compromised 2003-09-22
Martin Roesch (roesch sourcefire com)

[SECURITY] [DSA-382-3] OpenSSH buffer management fix 2003-09-21
Wichert Akkerman (wichert wiggy net)

[RHSA-2003:256-01] Updated Perl packages fix security issues. 2003-09-22
bugzilla redhat com

[RHSA-2003:243-01] Updated Apache and mod_ssl packages fix security vulnerabilities 2003-09-22
bugzilla redhat com

Denial of service vulnerability in Xitami Open Source Web Server 2003-09-22
Oliver Karow (Oliver karow gmx de)

Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror 2003-09-21
Patrick J. Volkerding (security slackware com)

SuSE Security Announcement: sendmail, sendmail-tls (SuSE-SA:2003:040) 2003-09-20
Roman Drahtmueller (draht suse de)

Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror 2003-09-21
Robert Jaroszuk (zim iq pl)

[SECURITY] [DSA-389-1] New ipmasq packages fix insecure packet filtering rules 2003-09-20
Matt Zimmerman (mdz debian org)

Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror 2003-09-21
Martin Östlund (martin lemonlime se)

<Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror 2003-09-20
Piermark (bugs84 libero it)

LSH: Buffer overrun and remote root compromise in lshd 2003-09-20
nisse lysator liu se (Niels Möller)

The Analysis of RPC Long Filename Heap Overflow AND a Way to Write Universal Heap Overflow of Windows 2003-09-20
flashsky fangxing (flashsky xfocus org)

[SECURITY] [DSA-388-1] New kdebase packages fix multiple vulnerabilites in KDM 2003-09-20
Matt Zimmerman (mdz debian org)

Vulnrability in myPHPnuke 1.8.8 2003-09-20
Lifo Fifo (lifofifo20 yahoo com)

Admin Access Vulnerability in Community Wizard 2003-09-19
Bahaa Naamneh (b_naamneh hotmail com)

[Advisory] Powerslave 4.3 Information Leak Vuln. 2003-09-19
Enrico Kern (phantom h07 org)

[CLA-2003:747] Conectiva Security Announcement - kde 2003-09-19
Conectiva Updates (secure conectiva com br)

MDKSA-2003:094 - Updated MySQL packages fix buffer overflow vulnerability 2003-09-19
Mandrake Linux Security Team (security linux-mandrake com)

RE: Wave of fake Official Microsoft Advisory 2003-09-19
Lee Evans (lee vital co uk)

MDKSA-2003:093 - Updated gtkhtml packages fix vulnerability 2003-09-19
Mandrake Linux Security Team (security linux-mandrake com)

[CLA-2003:743] Conectiva Security Announcement - MySQL 2003-09-18
Conectiva Updates (secure conectiva com br)

Knox Arkeia Pro v5.1.12 remote root exploit 2003-09-18
A. C. (bugtraq_vuln yahoo com)

[SECURITY] [DSA-386-1] New libmailtools-perl packages fix input validation bug 2003-09-19
Matt Zimmerman (mdz debian org)

[SECURITY] [DSA-387-1] New gopher packages fix buffer overflows 2003-09-19
Matt Zimmerman (mdz debian org)

AppSecInc Security Alert: Denial of Service Vulnerability in DB2 Discovery Service 2003-09-19
Aaron C. Newman (aaron newman-family com)

[SECURITY] [DSA-385-1] New hztty packages fix buffer overflows 2003-09-18
Matt Zimmerman (mdz debian org)

Mambo 4.0.14 Stable Bugs 2003-09-19
Lifo Fifo (lifofifo20 yahoo com)

uninitialized buffer in midnight commander 2003-09-19
"Ilya Teterin" (alienhard mail ru)

Wave of fake Official Microsoft Advisory 2003-09-19
Bruno Clermont (bruno gnome ca)

Remote root vuln in lsh 1.4.x 2003-09-19
Haggis (haggis learningshophull co uk)

[OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail) 2003-09-19
OpenPKG (openpkg openpkg org)

[ESA-20030918-025] 'MySQL' buffer overflow. 2003-09-18
EnGarde Secure Linux (security guardiandigital com)

SuSE Security Announcement: openssh (second release) (SuSE-SA:2003:039) 2003-09-18
Roman Drahtmueller (draht suse de)

Re: openssh 3.7.1 patched or not? 2003-09-18
Thomas Lotterer (thl dev de cw com)