Movatterモバイル変換

Bugtraq: by thread

• RSS Feed
• About List
• All Lists

Previous period

Next period

470 messagesstarting Dec 01 04 andending Dec 31 04
Date index |Thread index |Author index

• Disclosure of file system information in Mozilla Firefox and Opera Browser:Giovanni Delvecchio (Dec 01)
  • Re: Disclosure of file system information in Mozilla Firefox and Opera Browser:Liu Die Yu (Dec 02)
  • <Possible follow-ups>
  • RE: Disclosure of file system information in Mozilla Firefox and Opera Browser:Thor Larholm (Dec 07)
• Invision Power Board 'Allow auto login' setting overrideHillel Himovich (Dec 01)
• Re: Winamp - Buffer Overflow In IN_CDDA.dllBlack Dot (Dec 01)
• SUSE Security Announcement: various kernel problems (SUSE-SA:2004:042)Marcus Meissner (Dec 01)
• Re: Pi3Web/2.0.0 File-Disclosure/Path Disclosure vulnHolger Zimmermann (Dec 01)
• [CLA-2004:904] Conectiva Security Announcement - cyrus-imapdConectiva Updates (Dec 01)
• Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003.Reed Arvin (Dec 01)
• [SECURITY] [DSA 603-1] New openssl packages fix insecure temporary file creationMartin Schulze (Dec 01)
• [USN-35-1] imagemagick vulnerabilitiesMartin Pitt (Dec 01)
• [USN-36-1] NFS statd vulnerabilityMartin Pitt (Dec 01)
• [USN-33-1] libgd vulnerabilitiesMartin Pitt (Dec 01)
• [ GLSA 200411-37 ] Open DC Hub: Remote code executionLuke Macken (Dec 01)
• [CLA-2004:902] Conectiva Security Announcement - abiwordConectiva Updates (Dec 01)
• [USN-34-1] OpenSSH information leakageMartin Pitt (Dec 01)
• [KA Advisory 0411291] IPCop Cross Site Scripting Vulnerability in"proxylog.dat"Kurczaba Associates advisories (Dec 02)
• Cisco Security Advisory: Cisco CNS Network Registrar Denial of Service VulnerabilityCisco Systems Product Security Incident Response Team (Dec 02)
• rssh and scponly arbitrary command executionJason Wies (Dec 02)
• Blog Torrent preview 0.8 - arbitary file downloadSteve Kemp (Dec 02)
• [USN-37-1] cyrus21-imapd vulnerabilityMartin Pitt (Dec 02)
• Official IFRAME patch - make sure it installs correctlyBerend-Jan Wever (Dec 02)
• Multiple vulnerabilities in Kreed 1.05Luigi Auriemma (Dec 02)
• Remote Mercury32 Imap exploitJohnH (Dec 02)
• [CLA-2004:905] Conectiva Security Announcement - squirrelmailConectiva Updates (Dec 02)
• FreeBSD Security Advisory FreeBSD-SA-04:17.procfsFreeBSD Security Advisories (Dec 02)
• Advanced GuestbookEmile van Elen (Dec 02)
  • <Possible follow-ups>
  • Re: Advanced GuestbookSpy Hat (Dec 06)
• [SECURITY] [DSA 604-1] New hpsockd packages fix denial of serviceMartin Schulze (Dec 03)
• [ GLSA 200412-01 ] rssh, scponly: Unrestricted command executionThierry Carrez (Dec 03)
• Opera 7.54 vulnerabilities again (still unfixed)Marc Schoenefeld (Dec 04)
• [ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF libraryLuke Macken (Dec 06)
• Hosting Controllermouse small (Dec 06)
• [SECURITY] [DSA 605-1] New viewcvs packages fix information leakMartin Schulze (Dec 06)
• Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ]Brett Moore (Dec 06)
• Multiple vulnerabilities in w3who ISAPI DLLNicolas Gregoire (Dec 06)
  • Re: [Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLLNicolas Gregoire (Dec 08)
• DoS leading to crash of client in Remote Execute 2.30headpimp (Dec 06)
• Web Application Security Consortium 'Guest Articles' Call for Papersrobert (Dec 06)
• Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux)madsys (Dec 07)
• Local root exploit on Mac OS X with Adobe Version Cuefintler (Dec 07)
  • Re: Local root exploit on Mac OS X with Adobe Version CueChet Ramey (Dec 07)
• MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of ServiceEvgeny Demidov (Dec 07)
• [ GLSA 200412-05 ] mirrorselect: Insecure temporary file creationLuke Macken (Dec 07)
• Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2Luigi Auriemma (Dec 07)
• MDKSA-2004:142 - Updated gzip packages fix temporary file vulnerabilityMandrake Linux Security Team (Dec 07)
• Multiple Vulnerabilities in paFileDB 3.1Ahmad Muammar (Dec 07)
  • Re: Multiple Vulnerabilities in paFileDB 3.1Rafael San Miguel Carrasco (Dec 09)
• Online Script DecoderGreyMagic Security (Dec 07)
  • Re: Online Script DecoderStefan Paletta (Dec 07)
• Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0John Bissell (Dec 07)
• MD5 To Be Considered Harmful SomedayDan Kaminsky (Dec 07)
  • Re: MD5 To Be Considered Harmful SomedayGandalf The White (Dec 07)
    • Re: MD5 To Be Considered Harmful SomedayTim (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayDragos Ruiu (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayDavid F. Skoll (Dec 08)
    • Re: MD5 To Be Considered Harmful SomedayJoel Maslak (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedaySteve Friedl (Dec 08)
    • RE: MD5 To Be Considered Harmful SomedayDavid Schwartz (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayGandalf The White (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayKeith Oxenrider (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayPaul Wouters (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayDan Kaminsky (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayPaul Wouters (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayAdam Shostack (Dec 09)
      • Re: MD5 To Be Considered Harmful SomedaySolar Designer (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayDan Kaminsky (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayPavel Kankovsky (Dec 09)
      • Re: MD5 To Be Considered Harmful SomedaySolar Designer (Dec 13)
      • Re: MD5 To Be Considered Harmful SomedayGeorge Georgalis (Dec 08)
      • Re: MD5 To Be Considered Harmful SomedayDan Kaminsky (Dec 08)
    • Re: MD5 To Be Considered Harmful SomedayRuth A. Kramer (Dec 08)
  • MD5 To Be Considered Harmful TodayPavel Machek (Dec 08)
    • Re: MD5 To Be Considered Harmful TodayDan Kaminsky (Dec 08)
      • Re: MD5 To Be Considered Harmful TodayPavel Machek (Dec 08)
      • Re: MD5 To Be Considered Harmful TodayDan Kaminsky (Dec 08)
  • Re: MD5 To Be Considered Harmful SomedayJoel Maslak (Dec 08)
    • Re: MD5 To Be Considered Harmful SomedayJack Lloyd (Dec 08)
    • Re: MD5 To Be Considered Harmful SomedayJack Lloyd (Dec 08)
  • <Possible follow-ups>
  • RE: MD5 To Be Considered Harmful SomedayRager, Anton (Anton) (Dec 08)
• MDKSA-2004:143 - Updated ImageMagick packages fix vulnerabilityMandrake Linux Security Team (Dec 07)
• Bypass personal firewall application protection . Again.offtopic (Dec 07)
  • Re: Bypass personal firewall application protection . Again.Chris Paget (Dec 08)
• Cleartext SMB passwords in Novell Desktop Linux using KDEMike DeMaria (Dec 07)
• 7a69Adv#16 - Konqueror FTP command injectionAlbert Puigsech Galicia (Dec 07)
  • Re: 7a69Adv#16 - Konqueror FTP command injectionAlbert Puigsech Galicia (Dec 08)
• zone transfers, a spammer's dream?Lode Vermeiren (Dec 07)
  • RE: zone transfers, a spammer's dream?Marcin Pacyna (Dec 13)
• Re: [Advisory] Mozilla Products Remote Crash VulnerabilityBerend-Jan Wever (Dec 07)
  • <Possible follow-ups>
  • [Advisory] Mozilla Products Remote Crash VulnerabilityNiek van der Maas (Dec 07)
• IE6 Vulnerability - Local File DetectionViPeR (Dec 07)
  • Re: IE6 Vulnerability - Local File DetectionRSnake (Dec 08)
• MDKSA-2004:147 - Updated openssl packages fix temporary file vulnerabilityMandrake Linux Security Team (Dec 07)
• MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerabilityMandrake Linux Security Team (Dec 07)
  • Re: MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerabilityDavid F. Skoll (Dec 08)
• [ GLSA 200412-04 ] Perl: Insecure temporary file creationLuke Macken (Dec 07)
• MDKSA-2004:146 - Updated nfs-utils packages fix remote DoS vulnerabilityMandrake Linux Security Team (Dec 07)
• MDKSA-2004:144 - Updated lvm1 packages fix temporary file vulnerabilityMandrake Linux Security Team (Dec 07)
• [ GLSA 200412-03 ] imlib: Buffer overflows in image decodingThierry Carrez (Dec 07)
• [SECURITY] [DSA 606-1] New nfs-utils packages fix denial of serviceMartin Schulze (Dec 08)
• Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6http-equiv () excite com (Dec 08)
• 7a69Adv#15 - Internet Explorer FTP command injectionAlbert Puigsech Galicia (Dec 08)
• TSLSA-2004-0064 - nfs-utilsTrustix Security Advisor (Dec 09)
• KDE Security Advisory: plain text password exposureDirk Mueller (Dec 09)
• KDE Security Advisory: kfax libtiff vulnerabilitiesDirk Mueller (Dec 09)
• F-Secure Policy Manager - physical path disclosureoliver (Dec 09)
• CodeCon CFP deadline nearingLen Sassaman (Dec 10)
• wget: Arbitrary file overwriting/appending/creating and other vulnerabilitiesJan Minar (Dec 10)
• In-game buffer-overflow in the Gamespy cd-key validation SDKLuigi Auriemma (Dec 10)
• [SECURITY] [DSA 607-1] New libxpm packages fix several vulnerabilitiesMartin Schulze (Dec 10)
• HOW TO BREAK XP SP2 POPUP BLOCKER: kick it in the nut !http-equiv () excite com (Dec 10)
• Local off-by-one in mtr versions 0.55 to 0.65venglin (Dec 11)
• SugarSales Multiple VulnerabilitiesDaniel Fabian (Dec 13)
• Citadel/UX <= v6.27 Remote Format String VulnerabilityCoKi (Dec 13)
  • Re: Citadel/UX <= v6.27 Remote Format String VulnerabilityMichael Hampton (Dec 14)
• Gadu-Gadu several vulnerabilitiesJaroslaw Sajko (Dec 13)
• Multiple vulnerabilities in phpMyAdminNicolas Gregoire (Dec 13)
• MS IE User's Authentication Details (userid/password) Sharing IssueDebasis Mohanty (Dec 13)
• KDE Security Advisory: Konqueror Window Injection VulnerabilityWaldo Bastian (Dec 13)
• iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerabilitycustomer service mailbox (Dec 13)
• [ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclienGiovanni Delvecchio (Dec 13)
• Winamp 5.07 (latest version) Remote Crash + other stupid shizleb0f www . b0f . net (Dec 13)
• Socket unreacheable in the Lithtech engine (new protocol)Luigi Auriemma (Dec 13)
• [ GLSA 200412-07 ] file: Arbitrary code executionMatthias Geerdsen (Dec 13)
• NetWare Screensaver Authentication Bypass From The Local ConsoleAdam Gray (Dec 13)
  • Re: NetWare Screensaver Authentication Bypass From The Local ConsoleBrad Bendily (Dec 14)
• [ GLSA 200412-06 ] PHProjekt: setup.php vulnerabilityThierry Carrez (Dec 13)
• Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate AdvisorySecure Network Operations, Inc. (Dec 13)
• What's "may have exploitable buffer overflows" mean in tcpdump?Dragos Ruiu (Dec 13)
• Linux kernel IGMP vulnerabilitiesPaul Starzetz (Dec 14)
  • Re: Linux kernel IGMP vulnerabilitiesPekka Savola (Dec 14)
  • Re: Linux kernel IGMP vulnerabilitiesstephen joseph butler (Dec 15)
    • Re: Linux kernel IGMP vulnerabilitiesPaul Starzetz (Dec 15)
      • Re: Linux kernel IGMP vulnerabilitiesmatthew-bugtraq (Dec 15)
      • RE: Linux kernel IGMP vulnerabilitiesWolfpaw - Dale Corse (Dec 16)
      • RE: Linux kernel IGMP vulnerabilitiesJirka Kosina (Dec 17)
• phpBB Attachment Mod Directory Traversal HTTP POST InjectionPaul Laudanski (Dec 14)
• Re: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisorysecure (Dec 14)
• Linux kernel scm_send local DoSPaul Starzetz (Dec 14)
  • Re: Linux kernel scm_send local DoSeven multiplexed (Dec 15)
    • Re: Linux kernel scm_send local DoSPaul Starzetz (Dec 15)
      • Re: Linux kernel scm_send local DoSeven multiplexed (Dec 15)
      • Re: Linux kernel scm_send local DoSgadgeteer (Dec 15)
      • Re: [Full-Disclosure] Re: Linux kernel scm_send local DoSValdis . Kletnieks (Dec 23)
  • Re: Linux kernel scm_send local DoSPavel Kankovsky (Dec 23)
• Re: [Full-Disclosure] [HV-LOW] Symantec LiveUpdate issues may cause DoSDan Margolis (Dec 14)
• [ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictionsGiovanni Delvecchio (Dec 14)
• iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerabilitycustomer service mailbox (Dec 14)
• MDKSA-2004:148 - Updated iproute2 packages fix temporary file vulnerabilityMandrake Linux Security Team (Dec 14)
• [SECURITY] [DSA 609-1] New atari800 packages fix local root exploitMartin Schulze (Dec 14)
• ASP Calendar Vulnerability <www.ashiyane.com>ali reza AcTiOnSpIdEr (Dec 14)
• [CAN-2004-1022] Insecure Credential Storage on Kerio SoftwareSecure Computer Group (Dec 14)
• RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerabilityHongzhen Zhou (Dec 14)
  • <Possible follow-ups>
  • Re: RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerabilityHongzhen Zhou (Dec 15)
• Possible local root vulnerability in Roxio Toast on Mac OS Xfintler (Dec 14)
• STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerabilityadvisory (Dec 14)
• [SECURITY] [DSA 608-1] New zgv packages fix arbitrary code executionMartin Schulze (Dec 14)
• [ GLSA 200412-08 ] nfs-utils: Multiple remote vulnerabilitiesLuke Macken (Dec 14)
• [CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio SoftwareSecure Computer Group (Dec 14)
• MDKSA-2004:149 - Updated postgresql packages fix temporary file vulnerabilityMandrake Linux Security Team (Dec 14)
• ASP-rider is vulnerable to sql injection attackshervin khaleghjou (Dec 14)
• iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerabilitycustomer service mailbox (Dec 14)
• iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerabilitycustomer service mailbox (Dec 14)
• [Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate AdvisorySecure Network Operations, Inc. (Dec 14)
• [USN-38-1] Linux kernel vulnerabilitiesMartin Pitt (Dec 14)
• HyperTerminal - Buffer Overflow In .ht FileBrett Moore (Dec 15)
• Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ]GulfTech Security (Dec 15)
• Asante FM2008 10/100 Ethernet switch backdoor loginJoe Philipps (Dec 15)
• Hotmail Cross-Site Scripting Vulnerability #1Rafel Ivgi (Dec 15)
  • <Possible follow-ups>
  • Hotmail Cross-Site Scripting Vulnerability #1Rafel Ivgi, The-Insider (Dec 16)
• Hotmail Cross Site Scripting Vulnerability #2Rafel Ivgi (Dec 15)
• Yahoo! Mail Cross-Site Scripting VulnerabilityRafel Ivgi (Dec 15)
  • <Possible follow-ups>
  • Yahoo! Mail Cross-Site Scripting VulnerabilityRafel Ivgi, The-Insider (Dec 16)
• *nix data wipe toolsThomas C. Greene (Dec 15)
  • Re: *nix data wipe toolsDavid Cannings (Dec 16)
    • Re: *nix data wipe toolsWietse Venema (Dec 17)
      • Re: *nix data wipe toolsCasper . Dik (Dec 17)
    • Re: *nix data wipe toolsThomas C. Greene (Dec 17)
    • Re: *nix data wipe toolsGeorge Georgalis (Dec 17)
• 3cdaemon tftp server DOS vulnerabilityWang Ning (Dec 15)
• Re: rpcl_icmpdos.cx90c (Dec 15)
• [ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmapThierry Carrez (Dec 15)
• MSIE DHTML Edit Control Cross Site Scripting VulnerabilityPaul (Dec 15)
• [OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim)OpenPKG (Dec 15)
• STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerabilityadvisory (Dec 15)
• [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelinesThierry Carrez (Dec 15)
  • Re: [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelinesAlexey I. Froloff (Dec 16)
• Security Advisory for CVS SlashJamie McCarthy (Dec 15)
• Advisory 01/2004: Multiple vulnerabilities in PHP 4/5Stefan Esser (Dec 15)
• Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly DetectorCisco Systems Product Security Incident Response Team (Dec 15)
• iwebnegar is vulnerable to all kind of sql injectionsshervin khaleghjou (Dec 15)
• Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default PasswordsCisco Systems Product Security Incident Response Team (Dec 15)
• STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWikiadvisory (Dec 15)
• CSS in phpBB 1.4.4SandI] (Dec 15)
  • <Possible follow-ups>
  • RE: CSS in phpBB 1.4.4Paul Owen (Dec 15)
• php unserializeMartin Eiszner (Dec 15)
  • Re: php unserializeStefan Esser (Dec 16)
• MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerabilityMandrake Linux Security Team (Dec 15)
• iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerabilitycustomer service mailbox (Dec 16)
• [SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9Gerald Carter (Dec 16)
• STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoardadvisory (Dec 16)
  • RE: STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoardRichard Stanway (Dec 16)
• STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Modadvisory (Dec 16)
• [MaxPatrol] SQL-injection in Ikonboard 3.1.xAlexander Anisimov (Dec 16)
• STG Security Advisory: [SSA-20041215-19] Vulnerability of uploading files with multiple extensions in MediaWikiadvisory (Dec 16)
• Multiple XSS Vulnerabilities in Wordpress 1.2.1Thomas Waldegger (Dec 16)
• DJB's students release 44 *nix software vulnerability advisoriesThor Larholm (Dec 16)
  • Re: DJB's students release 44 *nix software vulnerability advisoriesCrispin Cowan (Dec 17)
  • Re: DJB's students release 44 *nix software vulnerability advisoriescees-bart (Dec 17)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesMarcin Owsiany (Dec 20)
  • Re: DJB's students release 44 *nix software vulnerability advisoriessecurity curmudgeon (Dec 17)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesJulian T J Midgley (Dec 20)
  • <Possible follow-ups>
  • Re: DJB's students release 44 *nix software vulnerability advisoriesD. J. Bernstein (Dec 19)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesArtem Chuprina (Dec 21)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesStephen Samuel (Dec 21)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesD. J. Bernstein (Dec 22)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesDavid Eisner (Dec 22)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesCrispin Cowan (Dec 22)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesD. J. Bernstein (Dec 23)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesCrispin Cowan (Dec 24)
      • Message not available
      • Re: DJB's students release 44 *nix software vulnerability advisoriesCrispin Cowan (Dec 23)
  • Re: DJB's students release 44 *nix software vulnerability advisoriesJonathan T Rockway (Dec 21)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesmilw0rm Inc. (Dec 21)
      • Re: DJB's students release 44 *nix software vulnerabilityadvisoriesAntoine Martin (Dec 21)
      • Re: DJB's students release 44 *nix software vulnerabilityadvisoriesChris Paget (Dec 22)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesJack Lloyd (Dec 22)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesDave Holland (Dec 21)
      • Re: DJB's students release 44 *nix software vulnerability advisoriessean (Dec 22)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesThor (Dec 21)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesDavid F. Skoll (Dec 21)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesJonathan Rockway (Dec 22)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesCasper . Dik (Dec 22)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesMichal Zalewski (Dec 23)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesValdis . Kletnieks (Dec 22)
    • Re: DJB's students release 44 *nix software vulnerability advisorieslaffer1 (Dec 21)
      • Re: DJB's students release 44 *nix software vulnerability advisoriesJonathan Rockway (Dec 22)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesStephen Harris (Dec 21)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesRaymond M. Reskusich (Dec 21)
  • RE: DJB's students release 44 *nix software vulnerability advisoriesDevin Ganger (Dec 21)
  • Re: DJB's students release 44 *nix software vulnerability advisoriesSteven M. Christey (Dec 22)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesDavid Wagner (Dec 24)
  • Re: DJB's students release 44 *nix software vulnerability advisoriesSteven M. Christey (Dec 22)
    • Re: DJB's students release 44 *nix software vulnerability advisoriesCrispin Cowan (Dec 23)
  • RE: DJB's students release 44 *nix software vulnerability advisoriesManning, Robert (Mission Systems) (Dec 22)
  • RE: DJB's students release 44 *nix software vulnerability advisoriesPalmer, Paul (ISSAtlanta) (Dec 23)
• PHP Input Validation VulnerabilitiesDaniel Fabian (Dec 16)
• iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow VulnerabilityiDEFENSE Security Advisory (Dec 16)
• iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow VulnerabilityiDEFENSE Security Advisory (Dec 16)
• iDEFENSE Security Advisory 12.16.04: MPlayer Remote RTSP HeapOverflow VulnerabilityiDEFENSE Security Advisory (Dec 16)
• [USN-39-1] Linux amd64 kernel vulnerabilityMartin Pitt (Dec 16)
• [USN-40-1] PHP vulnerabilitiesMartin Pitt (Dec 16)
• iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow VulnerabilityiDEFENSE Security Advisory (Dec 16)
  • Re: iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow VulnerabilityHideki Yamane (Dec 17)
• iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow VulnerabilityiDEFENSE Security Advisory (Dec 16)
• Hotmail Cross-Site Scripting Vulnerability #2Rafel Ivgi, The-Insider (Dec 16)
• Discussion: Microsoft(R) PowerPoint �Action Settings� feature allows invocation of default browser pointed at arbitrary URL.Monte Ratzlaff (Dec 16)
• [OpenPKG-SA-2004.053] OpenPKG Security Advisory (php)OpenPKG (Dec 16)
• [ GLSA 200412-11 ] Cscope: Insecure creation of temporary filesLuke Macken (Dec 16)
• [SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilitieschewkeong (Dec 16)
• Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernelKatrina Tsipenyuk (Dec 17)
• [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba)OpenPKG (Dec 17)
• Gadu-Gadu, another two bugsJaroslaw Sajko (Dec 17)
  • Re: Gadu-Gadu, another two bugsPrzemyslaw Frasunek (Dec 20)
    • Re: [Full-Disclosure] Re: Gadu-Gadu, another two bugsMaciej Soltysiak (Dec 20)
• NetBSD Security Advisory 2004-010: Insufficient argument validation in compat codeNetBSD Security-Officer (Dec 17)
• phphpbb2 + php version < 4.3.10 unserialize() memory dump sql password from config.php exploitbad boy (Dec 17)
• [ GLSA 200412-12 ] Adobe Acrobat Reader: Buffer overflow vulnerabilityLuke Macken (Dec 17)
• 4 Vulnerabilities in GamePortamoXi Devilkin (Dec 17)
  • <Possible follow-ups>
  • 4 Vulnerabilities in GamePortamoXi Devilkin (Dec 17)
• NetBSD kernel local vulnerabilitiesEvgeny Demidov (Dec 17)
• [OpenPKG-SA-2004.056] OpenPKG Security Advisory (cvstrac)OpenPKG (Dec 17)
• Internet Explorer Code Execution Bypass Vulnerabilityaikon none (Dec 17)
  • <Possible follow-ups>
  • Re: Internet Explorer Code Execution Bypass Vulnerabilitycmthemc (Dec 20)
• [SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creationMartin Schulze (Dec 17)
• Bug in Crypt::ECB perl moduleBennett R. Samowich (Dec 17)
• [ GLSA 200412-13 ] Samba: Integer overflowSune Kloppenborg Jeppesen (Dec 17)
• Multiple Vulnerabilities In Kayako eSupport v2.xGulfTech Security (Dec 19)
• MS Windows Media Player 9 Vulns (2)Arman Nayyeri (Dec 19)
• MDKSA-2004:151 - Updated php packages fix multiple vulnerabilitiesMandrake Linux Security Team (Dec 20)
• Re: Patch available for multiple critical flaws in OracleMarc Bejarano (Dec 20)
• [USN-41-1] Samba vulnerabilityMartin Pitt (Dec 20)
• [SECURITY] [DSA 611-1] New htget packages fix arbitrary code executionMartin Schulze (Dec 20)
• Security Bulletin SSRT4687 rev.0 HP-UX newgrp(1) local privilege elevationBoren, Rich (SSRT) (Dec 20)
• [ GLSA 200412-14 ] PHP: Multiple vulnerabilitiesThierry Carrez (Dec 20)
• AIX 5.1/5.2/5.3 local root exploitscees-bart (Dec 20)
• PHP shmop.c module permits write of arbitrary memory.Stefano Di Paola (Dec 20)
• TSLSA-2004-0066 - multiTrustix Security Advisor (Dec 20)
• TSLSA-2004-0068 - kernelTrustix Security Advisor (Dec 20)
• [ GLSA 200412-15 ] Ethereal: Multiple vulnerabilitiesSune Kloppenborg Jeppesen (Dec 20)
• Crystal FTP Pro Client Buffer OverflowLuca Ercoli (Dec 20)
• Windows Explorer TGA CrashBill (Dec 20)
  • Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer.Berend-Jan Wever (Dec 21)
• KDE Security Advisory: Konqueror Java VulnerabilityWaldo Bastian (Dec 20)
• UPDATE: [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilitiesLuke Macken (Dec 20)
• Exploit for Ultrix 4.5 dxtermKristoffer Brånemyr (Dec 20)
• [ GLSA 200412-16 ] kdelibs, kdebase: Multiple vulnerabilitiesSune Kloppenborg Jeppesen (Dec 20)
• Internet Explorer Help ActiveX Control Local Zone Security Restriction Bypass Vulnerability (updated)Paul (Dec 20)
• [ GLSA 200412-17 ] kfax: Multiple overflows in the included TIFF librarySune Kloppenborg Jeppesen (Dec 20)
• [ GLSA 200412-20 ] NASM: Buffer overflow vulnerabilityLuke Macken (Dec 20)
• [ GLSA 200412-18 ] abcm2ps: Buffer overflow vulnerabilityLuke Macken (Dec 20)
• [ GLSA 200412-21 ] MPlayer: Multiple overflowsThierry Carrez (Dec 20)
• [USN-42-1] Xine library vulnerabilitiesMartin Pitt (Dec 20)
• [Full-Disclosure] [ GLSA 200412-19 ] phpMyAdmin: MultiplevulnerabilitiesSune Kloppenborg Jeppesen (Dec 20)
• Gadu-Gadu Remote DoS (all versions)Maciej Soltysiak (Dec 20)
• [SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command executionMartin Schulze (Dec 20)
• MDKSA-2004:153 - Updated aspell packages fix vulnerabilityMandrake Linux Security Team (Dec 20)
• MDKSA-2004:152 - Updated ethereal packages fix multiple vulnerabilitiesMandrake Linux Security Team (Dec 20)
• Updated: TSLSA-2004-0068 - kernelTrustix Security Advisor (Dec 20)
• [USN-43-1] groff utility vulnerabilitiesMartin Pitt (Dec 20)
• MITKRB5-SA-2004-004: heap overflow in libkadm5srvTom Yu (Dec 20)
• TSLSA-2004-0069 - kerberos5Trustix Security Advisor (Dec 21)
• [SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code executionMartin Schulze (Dec 21)
• Re: AIX 5.1/5.2/5.3 local root exploits (diag issue)Shiva Persaud (Dec 21)
• phpBB WormShannon Lee (Dec 21)
  • Re: phpBB WormRaymond Dijkxhoorn (Dec 21)
    • Re: phpBB WormSebastian Wiesinger (Dec 22)
      • Re: phpBB WormWilliam Geoghegan (Dec 23)
    • Re: phpBB WormAnders Henke (Dec 23)
  • RE: phpBB WormPaul Kurczaba (Dec 21)
  • Re: phpBB WormAlexander Klimov (Dec 22)
  • <Possible follow-ups>
  • Re: phpBB Wormycw1bh302 (Dec 22)
    • Re: phpBB WormAlvin Packard (Dec 23)
    • Re: phpBB WormAnders Henke (Dec 23)
  • RE: phpBB WormOfer Shezaf (Dec 23)
    • RE: phpBB WormChris Ess (Dec 25)
  • Re: phpBB Wormsteve (Dec 24)
    • Re: phpBB WormRaymond Dijkxhoorn (Dec 24)
      • new phpBB worm affects 2.0.11Herman Sheremetyev (Dec 25)
  • Re: phpBB WormZeljko Brajdic (Dec 25)
• Xprobe 0.2.1 Releasedbugtraq (Dec 21)
• SUSE Security Announcement: various kernel problems (SUSE-SA:2004:044)Marcus Meissner (Dec 21)
• iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerabilitycustomer service mailbox (Dec 21)
• iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler Negative Read Length Heap Overflow Vulnerabilitycustomer service mailbox (Dec 21)
• iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerabilitycustomer service mailbox (Dec 21)
• iDEFENSE Security Advisory 12.21.04: libtiff Directory Entry Count Integer Overflow Vulnerabilitycustomer service mailbox (Dec 21)
• iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerabilitycustomer service mailbox (Dec 21)
  • Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow VulnerabilityDmitry V. Levin (Dec 22)
  • Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow VulnerabilityMoritz Muehlenhoff (Dec 23)
  • Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow VulnerabilityMarcus Meissner (Dec 28)
• iDEFENSE Security Advisory 12.21.04: Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerabilitycustomer service mailbox (Dec 21)
• Re: Wordpress 1.2.2 is still vulnerableThomas Waldegger (Dec 21)
• WebWorm using PHPBB vulnerability in the wild!Niki Denev (Dec 21)
  • Re: WebWorm using PHPBB vulnerability in the wild!Nick Johnson (Dec 22)
• Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue)Shiva Persaud (Dec 21)
• [SECURITY] [DSA 613-1] New ethereal packages fix denial of serviceMartin Schulze (Dec 21)
• Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer.Berend-Jan Wever (Dec 21)
• SUSE Security Announcement: samba (SUSE-SA:2004:045)Sebastian Krahmer (Dec 22)
• [SECURITY] [DSA 615-1] New debmake package fixes insecure temporary directoriesMartin Schulze (Dec 22)
• Local versus remote security holesD. J. Bernstein (Dec 22)
  • Re: Local versus remote security holesAdam Shostack (Dec 22)
    • stick with "anonymous" or "authenticated" when describing attacksJonathan G. Lampe (Dec 22)
  • <Possible follow-ups>
  • RE: Local versus remote security holesDavid Brodbeck (Dec 23)
• MDKSA-2004:154 - Updated kdelibs packages fix multiple vulnerabilityMandrake Linux Security Team (Dec 22)
• Sybase ASE 12.5.2 vulnerabilitiesNGSSoftware Insight Security Research (Dec 22)
• MDKSA-2004:156 - Updated krb5 packages fix buffer overflow vulnerabilityMandrake Linux Security Team (Dec 22)
• malware effecting broadband users in IsraelGadi Evron (Dec 22)
• Java Runtime Environment Remote Denial-of-Service (DoS) VulnerabilityMarc Schoenefeld (Dec 22)
• possible local exploit via sendmail with procmail on solarisMichael Barnes (Dec 22)
  • Re: possible local exploit via sendmail with procmail on solarisJeff Damens (Dec 23)
• Permission problem in Skype BETA for linuxPeter Conrad (Dec 22)
• PHP v4.3.x exploit for Windows.The Warlock (Dec 22)
• Realone2.0 "pnxr3260.dll" Lets Remote Users IE Browser CrashWei Li (Dec 22)
• [ GLSA 200412-23 ] Zwiki: XSS vulnerabilityLuke Macken (Dec 22)
• MDKSA-2004:155 - Updated logcheck packages fix temporary file vulnerabilityMandrake Linux Security Team (Dec 22)
• Webmin BruteForce + Command execution - By Di42lo <DiAblo_2 () 012 net il>amit sides (Dec 22)
  • Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2 () 012 net il>Martin Mewes (Dec 23)
    • Re: [webmin-l] Re: Webmin BruteForce + Command execution - ByDi42lo <DiAblo_2 () 012 net il>Jamie Cameron (Dec 23)
• MDKSA-2004:157 - Updated mplayer packages fix multiple vulnerabilitiesMandrake Linux Security Team (Dec 22)
• 2Bgal : 2.4 & 2.5.1 SQL injection Vulnerabilityzib zib (Dec 22)
• Security Advisory for ALL forum services with client-set imagesJames Bandara (Dec 22)
  • Re: Security Advisory for ALL forum services with client-set imagesStefan Paletta (Dec 23)
  • Re: Security Advisory for ALL forum services with client-set imagesTim Jackson (Dec 23)
• SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2004:046)Marcus Meissner (Dec 22)
• Oracle Trigger Abuse (#NISR2122004I)NGSSoftware Insight Security Research (Dec 23)
• Oracle clear text passwords (#NISR2122004D)NGSSoftware Insight Security Research (Dec 23)
• Oracle ISQLPlus file access vulnerability (#NISR2122004E)NGSSoftware Insight Security Research (Dec 23)
• Oracle Character Conversion Bugs (#NISR2122004G)NGSSoftware Insight Security Research (Dec 23)
• Oracle extproc buffer overflow (#NISR23122004A)NGSSoftware Insight Security Research (Dec 23)
• Oracle extproc directory traversal (#NISR23122004B)NGSSoftware Insight Security Research (Dec 23)
• Oracle extproc local command execution (#NISR23122004C)NGSSoftware Insight Security Research (Dec 23)
• IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L)NGSSoftware Insight Security Research (Dec 23)
• Oracle TNS Listener DoS (#NISR2122004F)NGSSoftware Insight Security Research (Dec 23)
• Oracle wrapped procedure overflow (#NISR2122004J)NGSSoftware Insight Security Research (Dec 23)
• Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H)NGSSoftware Insight Security Research (Dec 23)
• [OpenPKG-SA-2004.055] OpenPKG Security Advisory (gettext)OpenPKG (Dec 23)
• IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J)NGSSoftware Insight Security Research (Dec 23)
• [SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code executionMartin Schulze (Dec 23)
• Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerabilityflashsky fangxing (Dec 23)
• Microsoft Windows LoadImage API Integer Buffer overflowflashsky fangxing (Dec 23)
  • Re: Microsoft Windows LoadImage API Integer Buffer overflowBrett Glass (Dec 25)
• SHOUTcast remote format string vulnerabilityDamian Put (Dec 23)
• Crystal FTP Pro 2.8 PoCcybertronic (Dec 23)
  • <Possible follow-ups>
  • RE: Crystal FTP Pro 2.8 PoCcybertronic (Dec 23)
• [USN-47-1] Linux kernel vulnerabilitiesMartin Pitt (Dec 23)
• Cross Site Scripting In PsychoStats 2.2.4 Beta && EarlierGulfTech Security (Dec 23)
• Re: stick with "anonymous" or "authenticated" when describingSteven M. Christey (Dec 23)
• Inexcusable weakness in Kmail / GnuPGThomas C. Greene (Dec 23)
  • Re: Inexcusable weakness in Kmail / GnuPGSimple Nomad (Dec 24)
• Microsoft Windows winhlp32.exe Heap Overflow Vulnerabilityflashsky fangxing (Dec 23)
• [USN-48-1] xpdf, tetex-bin vulnerabilitiesMartin Pitt (Dec 23)
• [USN-49-1] debmake vulnerabilityMartin Pitt (Dec 23)
• [USN-51-1] teTeX auxiliary script vulnerabilityMartin Pitt (Dec 23)
• [USN-52-1] vim vulnerabilityMartin Pitt (Dec 23)
  • Re: [USN-52-1] vim vulnerabilityLiu Die Yu (Dec 24)
• [ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increaseBoren, Rich (SSRT) (Dec 23)
• WPkontakt message parsing errorJaroslaw Sajko (Dec 23)
• [Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflowBoren, Rich (SSRT) (Dec 23)
• [Security Bulletin] SSRT4876 rev.0 HP Tru64 UNIX SWS (Apache) Secure Web Server RemoteBoren, Rich (SSRT) (Dec 23)
• Linux 2.6 Kernel Capability LSM Module Local Privilege Elevationflashsky fangxing (Dec 23)
• [Security Bulletin] SSRT4883 rev.3 HP-UX ftp and ftpd remote unauthorized accessBoren, Rich (SSRT) (Dec 23)
• [USN-50-1] CUPS vulnerabilitiesMartin Pitt (Dec 23)
• [Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS)Boren, Rich (SSRT) (Dec 23)
• raptor's xmas pack 2004Marco Ivaldi (Dec 23)
• [SECURITY] [DSA 618-1] New imlib packages fix arbitrary code executionMartin Schulze (Dec 24)
• [SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code executionMartin Schulze (Dec 24)
• STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoardadvisory (Dec 24)
• XSS in yacy 0.31Donato Ferrante (Dec 24)
• Final Call for Papers & Workshops - BCS Asia 2005Anthony.zboralski (Dec 24)
• CleanCache v2.19: False Sense of SecurityWBG Links (Dec 25)
• New Santy-Worm attacks *all* PHP-skriptsJuergen Schmidt (Dec 25)
• New Winhlp32.exe vulnbad_son (Dec 25)
• PHPBB worm in actionColin Keith (Dec 25)
• Re: New Santy-Worm attacks *all* PHP-skripts ( Santy.c ? )K-OTiK Security (Dec 25)
• Microsoft Internet Explorer SP2 Fully Automated Remote CompromisePaul (Dec 25)
• Multiple Vulnerabilities in MoodleBartek Nowotarski (Dec 28)
  • <Possible follow-ups>
  • Re: Multiple Vulnerabilities in MoodleMartin Dougiamas (Dec 30)
• MDKSA-2004:158 - Updated samba packages fix integer overflow vulnerabilitiesMandrake Linux Security Team (Dec 28)
• possible error in latest NGS realplayer advisoryMarc Bejarano (Dec 28)
• Did a 16-bit counter overflow shut down Comair?Richard M. Smith (Dec 28)
  • Re: Did a 16-bit counter overflow shut down Comair?Mike Nice (Dec 29)
  • Re: Did a 16-bit counter overflow shut down Comair?Avleen Vig (Dec 29)
• Multiple WHM Autopilot VulnerabilitiesGulfTech Security (Dec 28)
• Remote code execution with parameters withoutu ser interaction, even with XP SP2ShredderSub7 SecExpert (Dec 28)
• [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc includedHat-Squad Security Team (Dec 28)
  • Re: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc includedChris Wysopal (Dec 28)
• Netcat v1.11 For Windows , New fixed versionHat-Squad Security Team (Dec 28)
• XSA-2004-7: stack overflow in AIFF demultiplexerMichael Roitzsch (Dec 28)
• KDE Security Advisory: kpdf Buffer Overflow VulnerabilityDirk Mueller (Dec 28)
• Re: Microsoft Windows LoadImage API IntegerBuffer overflowBerend-Jan Wever (Dec 28)
• php-Calendar File Include Vulnerability [ Command Exec ]GulfTech Security (Dec 29)
• QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004]Julio Cesar Fort (Dec 29)
• Sanity Worm ConceptsAndy Fewtrell (Dec 29)
  • Re: Sanity Worm ConceptsPaul Laudanski (Dec 30)
• [CLA-2004:909] Conectiva Security Announcement - netpbmConectiva Updates (Dec 29)
• [ GLSA 200412-25 ] CUPS: Multiple vulnerabilitiesThierry Carrez (Dec 29)
• [ GLSA 200412-26 ] ViewCVS: Information leak and XSS vulnerabilitiesThierry Carrez (Dec 29)
• [ GLSA 200412-24 ] Xpdf, GPdf: New integer overflowsThierry Carrez (Dec 29)
• Heap overflow in Mozilla Browser <= 1.7.3 NNTP code.Maurycy Prodeus (Dec 29)
• [SECURITY] [DSA 620-1] New perl packages fix several vulnerabilitiesMartin Schulze (Dec 30)
• MDKSA-2004:160 - Updated kdelibs packages fix konqueror email vulnerabilityMandrake Linux Security Team (Dec 30)
• MDKSA-2004:161 - Updated xpdf packages fix buffer overflow vulnerabilityMandrake Linux Security Team (Dec 30)
• KorWeblog php injection VulnerabilityMin-sung Choi (Dec 30)
• NetCat V 1.11 Multiple BugsCorryL (Dec 30)
• [SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code executionMartin Schulze (Dec 30)
• MDKSA-2004:164 - Updated cups packages fix buffer overflow vulnerabilityMandrake Linux Security Team (Dec 30)
• MDKSA-2004:159 - Updated glibc packages fix temporary file vulnerabilityMandrake Linux Security Team (Dec 30)
• Strange Java Loaderduffbeer (Dec 30)
• MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerabilityMandrake Linux Security Team (Dec 30)
• MDKSA-2004:165 - Updated koffice packages fix multiple vulnerabilitiesMandrake Linux Security Team (Dec 30)
• Re: Strange Java Loader (not so strange - Trojan.ByteVerify)K-OTiK Security (Dec 30)
• MDKSA-2004:162 - Updated gpdf packages fix buffer overflow vulnerabilityMandrake Linux Security Team (Dec 30)
• MDKSA-2004:166 - Updated tetex packages fix multiple vulnerabilitiesMandrake Linux Security Team (Dec 30)
• SQL Injection Vulnerability In IBProArcademike bailey (Dec 31)
• [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoChouseofdabus HOD (Dec 31)
  • Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoCAlberto Garcia Hierro (Dec 31)
    • Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoCSteve Friedl (Dec 31)
• ArGoSoft FTP Server reveals valid usernames and allows for brute force attackssteven (Dec 31)
• [SECURITY] [DSA 621-1] New CUPS packages fix arbitrary code executionMartin Schulze (Dec 31)
• Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge)beniwiedmer (Dec 31)
• WHM AutoPilot Security Release [ Plus Upgrade Instructions ]GulfTech Security (Dec 31)

Previous period

Next period