SecurityFocus

S21SEC-017 - Vignette /vgn/legacy/save SQL access 2003-05-26
S21SEC (vul-serv s21sec com)

BRS WebWeaver: POST and HEAD Overflaws 2003-05-27
euronymous (just-a-user yandex ru)

[CLA-2003:655] Conectiva Security Announcement - BitchX 2003-05-26
Conectiva Updates (secure conectiva com br)

S21SEC-019 - Vignette /vgn/style internal information leak 2003-05-26
S21SEC (vul-serv s21sec com)

S21SEC-021 - Vignette License access and modification 2003-05-26
S21SEC (vul-serv s21sec com)

SuSE Security Announcement: glibc (SuSE-SA:2003:027) 2003-05-27
Thomas Biege (thomas suse de)

S21SEC-016 - Vignette SSI Injection 2003-05-26
S21SEC (vul-serv s21sec com)

The PACKET 0' DEATH FastTrack network vulnerability 2003-05-26
random nut (random_nut yahoo com)

PalmVNC 1.40 Insecure Records 2003-05-26
flur (flur flurnet org)

[Priv8security Advisory] Batalla Naval remote overflow 2003-05-26
wsxz (wsxz terra com br)

Re: Eudora 5.2.1 attachment spoof 2003-05-27
psz maths usyd edu au (Paul Szabo)

NuxAcid#002 - Buffer Overflow in UpClient 2003-05-27
Gino Thomas (g thomas nux-acid org)

[RHSA-2003:171-01] Updated CUPS packages fix denial of service attack 2003-05-27
bugzilla redhat com

Re: uml_net bug 2003-05-26
3APA3A (3APA3A SECURITY NNOV RU)

ATM on linux Exploit(les,local) 2003-05-25
axis ph4nt0m (axis ph4nt0m net)

Possible XSS on iPlanet Messaging Server 2003-05-27
Hugo Vázquez Caramés (overclocking_a_la_abuela hotmail com)

Re: BEA WebLogic 2003-05-25
Helmut Springer (delta lug-s org)

PHP source code injection in BLNews 2003-05-22
Over_G (overg mail ru)

TextPortal Default Password Vulnerability 2003-05-23
bugtracklist.fm (bugtracklist freemail hu)

Some problems in Privatefirewall 3.0 2003-05-24
UkR security team? (cuctema ok ru)

UPB: Discussion Board/Web-Site Takeover 2003-05-24
euronymous (just-a-user yandex ru)

Re: Demarc Puresecure v1.6 - Plaintext password issue - 2003-05-24
Kurt Seifried (kurt seifried org)

PHP source code injection in BLNews 2003-05-24
Over_G (overg mail ru)

uml_net bug 2003-05-24
Ktha (ktha hushmail com)

ST FTP Service v3.0: directory traversal 2003-05-24
D4rkGr3y (grey_1999 mail ru)

Re: QuickTime/Darwin Streaming Server security issues 2003-05-23
Joe Testa (Joe_Testa rapid7 com)

bazarr CALL POLICE 2003-05-23
bazarr@ziplip.com (bazarr ziplip com)

Re: Demarc Puresecure v1.6 - Plaintext password issue - 2003-05-22
David Barroso (dbarroso s21sec com)

RE: Outlook Web Access authentication bypass 2003-05-23
Chris Robertson (Chris Robertson instill com)

Re: Options Parsing Tool library buffer overflows. 2003-05-23
Julien Lanthea (contact jlanthea net)

Eudora 5.2.1 buffer overflow DoS 2003-05-23
psz maths usyd edu au (Paul Szabo)

Outlook Web Access authentication bypass 2003-05-23
Chris Robertson (Chris Robertson instill com)

Prishtina FTP v.1.*: remote DoS 2003-05-22
D4rkGr3y (grey_1999 mail ru)

EServ/2.99: problems 2003-05-22
D4rkGr3y (grey_1999 mail ru)

iisPROTECT SQL injection in admin interface 2003-05-23
Gyrniff (frohn superbruger dk)

Magic Winmail Server v.2.*: format string 2003-05-24
D4rkGr3y (grey_1999 mail ru)

nessus NASL scripting engine security issues 2003-05-23
Sir Mordred (mordred s-mail com)

MDKSA-2003:061 - Updated gnupg packages fix validation bug 2003-05-22
Mandrake Linux Security Team (security linux-mandrake com)

Compaq Insight Manager - related to Bugtraq ID 2500 2003-05-21
Brewis, Mark (mark brewis eds com)

MDKSA-2003:060 - Updated LPRng packages fix insecure temporary file vulnerability 2003-05-21
Mandrake Linux Security Team (security linux-mandrake com)

Bug found in: Polymorph 0.4.0 2003-05-22
Ceq (ceq c-code net)

[slackware-security] REVISED quotacheck security fix in rc.M (SSA:2003-141-06a) 2003-05-22
Slackware Security Team (security slackware com)

XMB 1.8 Partagium cross site scripting vulnerability 2003-05-22
Marc Ruef (marc ruef computec ch)

Potential security vulnerability in Nessus 2003-05-22
je sekure net

Re: Restricted Zone: the OUTLOOK EXPRESS 2003-05-21
Jeff Beckley (beckley qualcomm com)

Eudora 5.2.1 attachment spoof 2003-05-22
psz maths usyd edu au (Paul Szabo)

[slackware-security] GnuPG key validation fix (SSA:2003-141-04) 2003-05-22
Slackware Security Team (security slackware com)

[slackware-security] glibc XDR overflow fix (SSA:2003-141-03) 2003-05-22
Slackware Security Team (security slackware com)

[slackware-security] EPIC4 security fixes (SSA:2003-141-01) 2003-05-22
Slackware Security Team (security slackware com)

[slackware-security] BitchX security fixes (SSA:2003-141-02) 2003-05-22
Slackware Security Team (security slackware com)

[slackware-security] mod_ssl RSA blinding fixes (SSA:2003-141-05) 2003-05-22
Slackware Security Team (security slackware com)

[slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06) 2003-05-22
Slackware Security Team (security slackware com)

Security advisory: LSF 5.1 local root exploit 2003-05-22
Tomasz Grabowski (cadence apollo aci com pl)

WsMp3d remote exploit. 2003-05-22
dong-h0un U (xploit hackermail com)

MDKSA-2003:058-1 - Updated cdrecord packages fix local root compromise 2003-05-21
Mandrake Linux Security Team (security linux-mandrake com)

Demarc Puresecure v1.6 - Plaintext password issue - 2003-05-21
Ryan Purita (ryan totally-connected com)

MDKSA-2003:059 - Updated lpr packages fix local root vulnerability 2003-05-21
Mandrake Linux Security Team (security linux-mandrake com)

[CLA-2003:653] Conectiva Security Announcement - bugzilla 2003-05-21
Conectiva Updates (secure conectiva com br)

Maelstrom bugfix (was Maelstrom Local Buffer Overflow Exploit, FreeBSD 4.8 edition) 2003-05-21
achurch achurch org (Andrew Church)

[RHSA-2003:175-01] Updated gnupg packages fix validation bug 2003-05-21
bugzilla redhat com

[AP] Owl Intranet Engine CSS Bug 2003-05-21
methodic libpcap net

Restricted Zone: the OUTLOOK EXPRESS 2003-05-21
http-equiv@excite.com (1 malware com)

[[ TH 026 Inc. ]] SA #4 - Blackmoon FTP Server cleartext passwords and User enumeration 2003-05-20
Daniel Nyström (exce netwinder nu)

[INetCop Security Advisory] Remote Heap Corruption Overflow vulnerability in WsMp3d. 2003-05-21
dong-h0un U (xploit hackermail com)

[INetCop Security Advisory] WsMP3d Directory Traversing Vulnerability. 2003-05-21
dong-h0un U (xploit hackermail com)

BadBlue Remote Administrative Interface Access Vulnerability 2003-05-20
mattmurphy@kc.rr.com (mattmurphy kc rr com)

Maelstrom Local Buffer Overflow Exploit, FreeBSD 4.8 edition 2003-05-20
Knud Erik Højgaard (kain ircop dk)

PHP-Nuke Denial of Service attack and more SQL Injections 2003-05-18
Lorenzo Manuel Hernandez Garcia-Hierro (security lorenzohgh com)

PHP-Nuke module PHP-Banner-Exchange path disclosure 2003-05-18
Lorenzo Manuel Hernandez Garcia-Hierro (security lorenzohgh com)

Blue screen in Windows 2003-05-20
David F. Madrid (idoru videosoft net uy)

More vulnerabilities in ttForum/ttCMS -> SQL injection 2003-05-20
ScriptSlave gmx net

Maelstrom Local Buffer Overflow Exploit 2003-05-20
akcess . (akcss linuxmail org)

Re: bazarr slocate 2003-05-19
Matt Zimmerman (mdz debian org)

[Fwd: 127 Research and Development: 127 Day!] 2003-05-20
northern snowfall (dbailey27 ameritech net)

Plaintext Password in Settings.ini of CesarFTP 2003-05-20
Andreas Constantinides (megahz megahz org)

Maelstrom exploit 2003-05-19
Claes Nyberg (md0claes mdstud chalmers se)

Maelstrom Buffer Overflow 2003-05-18
Luca Ercoli (luca ercoli inwind it)

[SECURITY] [DSA 306-1] New BitchX packages fix DoS and arbitrary code execution 2003-05-19
joey infodrom org (Martin Schulze)

RE: Hersmen Contact 2003-05-19
Simpelaar, Marco (msimpela foxboro com)

RE: PalmOS ICMP flood DoS. 2003-05-19
Jay D. Thomson (jdthomson mobile-secure com)

Security Vulnerabilities in MediaBase Apache and PHP on IRIX 2003-05-19
SGI Security Coordinator (agent99 sgi com)

bazarr slocate 2003-05-19
bazarr@ziplip.com (bazarr ziplip com)

Remote code execution in ttCMS <=v2.3 2003-05-17
ScriptSlave gmx net

Re: Path Disclosure in Turba of Horde 2003-05-17
Anil Madhavapeddy (anil recoil org)

Automatic Harvesting of AOL Instant Messenger Screen Names! 2003-05-16
cyber_flash hotmail com

Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-17
Mika Boström (bostik lut fi)

PHP-Nuke code injection in Yearly Stats at Statistics module 2003-05-17
Lorenzo Manuel Hernandez Garcia-Hierro (security lorenzohgh com)

Buffer overflow vulnerability found in MailMax version 5 2003-05-17
0x36 (release 0x36 org)

Path Disclosure in Turba of Horde 2003-05-17
Lorenzo Manuel Hernandez Garcia-Hierro (security lorenzohgh com)

Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-16
NetExpress (netexpress tiscali it)

Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-16
Damian Gerow (damian sentex net)

[SECURITY] [DSA-304-1] New lv packages fix local privilege escalation 2003-05-16
Matt Zimmerman (mdz debian org)

[OpenPKG-SA-2003.029] OpenPKG Security Advisory (gnupg) 2003-05-16
OpenPKG (openpkg openpkg org)

PDF Available: IIS Security and Programming Countermeasures e-book 2003-05-16
Jason Coombs (jasonc science org)

bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-16
NetExpress (netexpress tiscali it)

Snowblind Web Server: multiple issues 2003-05-16
euronymous (just-a-user yandex ru)

Immunix Secured OS 7+ fileutils update 2003-05-16
Immunix Security Team (security wirex com)

Venturi Client 2.1 confirmed as open relay [Verizon Wireless Mobile Office] 2003-05-16
Josh Steinhurst (j securityfocus steinhurst net)

Hersmen Contact 2003-05-16
Chris Knipe (cknipe megalan co za)

EzPublish Directory XSS Vulnerability 2003-05-16
Ferruh Mavituna (ferruh mavituna com)