Starting: Wed Oct 02 2002 - 22:07:56 CDT
Ending: Mon Dec 30 2002 - 14:34:41 CST

• 2 mistaken approvals to the list
  • Russ (Fri Dec 13 2002 - 02:37:12 CST)
• 2 mistaken approvals to the list - not viruses
  • Russ (Fri Dec 13 2002 - 09:22:34 CST)
• 3 Party Security Holes
  • Carboni, Mark (Tue Oct 15 2002 - 07:28:45 CDT)
• [A3SC] MS IIS out of process privilege elevation vulnerability(A3CRK-Vul-2002-06-002)
  • li0n (Mon Nov 04 2002 - 04:16:56 CST)
• [Full-Disclosure] NTmail (GMS) 8 filtering bug
  • Geo (Tue Nov 19 2002 - 13:04:14 CST)
• [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3
  • Kurt Seifried (Mon Oct 21 2002 - 16:35:19 CDT)
  • Kurt Seifried (Sat Oct 19 2002 - 03:08:53 CDT)
  • Dave Aitel (Fri Oct 18 2002 - 13:18:47 CDT)
• [SNS Advisory No.60] Windows XP Disclosure of Registered AP Information
  • Preston Hathaway (Thu Dec 05 2002 - 08:12:19 CST)
  • snsadv_at_LAC.CO.JP (Wed Dec 04 2002 - 19:03:20 CST)
• [TSMalcode] e-card follow-up no 6
  • Russ (Sun Nov 10 2002 - 17:56:06 CST)
• Additional info about Opaserv worm
  • Russ (Sat Oct 05 2002 - 10:36:30 CDT)
• Administrivia: Announcing the 5th Annual NTBugtraq Retreat
  • Russ (Tue Oct 22 2002 - 15:40:46 CDT)
• Administrivia: The 5th Annual NTBugtraq Retreat
  • Russ (Fri Nov 22 2002 - 08:11:20 CST)
• Administrivia: The 5th Annual NTBugtraq Retreat - Paypal now accepted
  • Russ (Wed Dec 18 2002 - 00:49:52 CST)
• Alert: Microsoft Security Bulletin - MS02-054
  • Russ (Wed Oct 02 2002 - 21:51:32 CDT)
• Alert: Microsoft Security Bulletin - MS02-055
  • Russ (Wed Oct 02 2002 - 21:51:34 CDT)
• Alert: Microsoft Security Bulletin - MS02-056
  • Russ (Wed Oct 02 2002 - 21:51:36 CDT)
• Alert: Microsoft Security Bulletin - MS02-057
  • Russ (Wed Oct 02 2002 - 22:35:50 CDT)
• Alert: Microsoft Security Bulletin - MS02-058
  • Russ (Thu Oct 10 2002 - 15:35:46 CDT)
• Alert: Microsoft Security Bulletin - MS02-059
  • Jeremy Epstein (Thu Oct 17 2002 - 08:33:03 CDT)
  • Russ (Wed Oct 16 2002 - 18:21:19 CDT)
• Alert: Microsoft Security Bulletin - MS02-060
  • Russ (Thu Oct 17 2002 - 07:25:24 CDT)
• Alert: Microsoft Security Bulletin - MS02-061
  • Bronek Kozicki (Fri Oct 18 2002 - 15:46:19 CDT)
  • Betka, Corey (Thu Oct 17 2002 - 14:52:25 CDT)
  • Russ (Wed Oct 16 2002 - 18:21:21 CDT)
• Alert: Microsoft Security Bulletin - MS02-062
  • Russ (Wed Oct 30 2002 - 23:10:46 CST)
• Alert: Microsoft Security Bulletin - MS02-063
  • Russ (Wed Oct 30 2002 - 23:10:46 CST)
• Alert: Microsoft Security Bulletin - MS02-064
  • Russ (Wed Oct 30 2002 - 23:10:47 CST)
• Alert: Microsoft Security Bulletin - MS02-065
  • Russ (Wed Nov 20 2002 - 11:30:40 CST)
• Alert: Microsoft Security Bulletin - MS02-066
  • Russ (Wed Nov 20 2002 - 17:50:55 CST)
• Alert: Microsoft Security Bulletin - MS02-067
  • Russ (Wed Dec 04 2002 - 15:40:31 CST)
• Alert: Microsoft Security Bulletin - MS02-068
  • Russ (Wed Dec 04 2002 - 15:40:31 CST)
• Alert: Microsoft Security Bulletin - MS02-069
  • Russ (Thu Dec 12 2002 - 00:50:59 CST)
• Alert: Microsoft Security Bulletin - MS02-070
  • Russ (Thu Dec 12 2002 - 00:51:00 CST)
• Alert: Microsoft Security Bulletin - MS02-071
  • Russ (Thu Dec 12 2002 - 00:51:00 CST)
• Alert: Microsoft Security Bulletin - MS02-072
  • Russ (Wed Dec 18 2002 - 17:11:11 CST)
• ASI Sybase Security Alert: Buffer overflow in DBCC CHECKVERIFY
  • Aaron C. Newman (Application Security, Inc.) (Wed Nov 27 2002 - 13:14:25 CST)
• ASI Sybase Security Alert: Buffer overflow in DROP DATABASE
  • Aaron C. Newman (Application Security, Inc.) (Wed Nov 27 2002 - 13:12:01 CST)
• ASI Sybase Security Alert: Buffer overflow in xp_freedll
  • Aaron C. Newman (Application Security, Inc.) (Wed Nov 27 2002 - 13:09:46 CST)
• Attachment blocking with Gordano Messaging Suite
  • John Stanners (Mon Dec 02 2002 - 11:02:07 CST)
• BearShare Directory Traversal Issue Resurfaces
  • Aviram Jenik (Thu Oct 03 2002 - 15:12:31 CDT)
• bind 8 info update regarding ISS
  • Georgi Guninski (Mon Nov 18 2002 - 12:44:41 CST)
• Buffer Overflow in IE/Outlook HTML Help
  • NGS Insight Security Research (Thu Oct 03 2002 - 09:21:10 CDT)
• Bug in EventSave
  • Frank Heyne (Fri Nov 01 2002 - 14:39:40 CST)
• Bypassing Integrity Protection Driver (time vulnerability)
  • Jan Rutkowski (Mon Dec 02 2002 - 13:47:55 CST)
• CA InoculateIT 6.0 Realtime Scanner may fail to detect vira.
  • Karsten H. (Fri Nov 29 2002 - 03:27:02 CST)
• Call For Papers Announcement: Black Hat Windows Security
  • Jeff Moss (Mon Oct 21 2002 - 23:34:03 CDT)
• CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS
  • http-equiv_at_excite.com (Sun Dec 29 2002 - 15:37:50 CST)
• Clarifications on Sybase Alerts
  • Aaron C. Newman (Application Security, Inc.) (Tue Dec 03 2002 - 18:47:30 CST)
• Classic Cross Site Scripting: Gibson Research Corporation
  • http-equiv_at_excite.com (Wed May 01 2002 - 11:34:47 CDT)
• How to disable Fortres 4.1
  • Ingmar Koecher (Wed Dec 04 2002 - 22:52:11 CST)
• IE allows universal Cross Site Scripting (TL#002)
  • GreyMagic Software (Wed Apr 17 2002 - 05:27:44 CDT)
• IE turing off proxy settings ...
  • Louis Solomon [SteelBytes] (Mon Oct 21 2002 - 23:08:06 CDT)
• IE6 and MS Certificate Services (standalone)
  • David Zazzo (Fri Oct 18 2002 - 11:10:13 CDT)
  • Yawns Security (Mon Oct 07 2002 - 09:16:03 CDT)
• IIS 5.0 and SSL
  • Viktor Sokol (Sat Oct 05 2002 - 12:33:02 CDT)
• IIS 5.0 Cross Site Scripting vulnerability
  • Roberto (Fri Sep 27 2002 - 11:03:25 CDT)
• Improper spanish translation of installation instructions for SQL 7.00.1078
  • GLM (Tue Oct 22 2002 - 07:07:58 CDT)
• Improvements to Microsoft Security Reponse Communications
  • Karan Mavai (Tue Nov 19 2002 - 02:15:41 CST)
• Internet Explorer : The D-Day
  • GreyMagic Software (Tue Oct 15 2002 - 10:19:20 CDT)
• ISA Spoofing Issue Using Second Firewall with One to One NAT
  • Geoff Craig (Mon Nov 04 2002 - 16:11:31 CST)
• ISS Irresponsible Disclosure of vulnerabilities in BIND
  • Russ (Wed Nov 13 2002 - 07:12:13 CST)
• Kerberos login sniffer and cracker for Windows 2000/XP
  • Frank O'Dwyer (Sun Dec 01 2002 - 05:23:20 CST)
  • Arne Vidstrom (Thu Nov 28 2002 - 00:04:15 CST)
• LOM: Multiple vulnerabilities in Macromedia Flash ActiveX
  • 3APA3A (Mon Nov 18 2002 - 11:58:23 CST)
• Macromedia Shockwave Flash Malformed Header Overflow #2
  • Marc Maiffret (Mon Dec 16 2002 - 19:27:13 CST)
• Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002)
  • NGSSoftware Insight Security Research (Thu Oct 31 2002 - 11:17:17 CST)
• Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)
  • David Litchfield (Thu Oct 17 2002 - 08:23:54 CDT)
• MS Remote Installation Service SP3 incompatibility
  • DeMersseman, Jonathan (Fri Dec 20 2002 - 09:38:18 CST)
• MS02-050 updated
  • Doug Wyatt (Thu Nov 21 2002 - 06:29:04 CST)
• MS02-066 - fixes, gaps and incorrect statements
  • GreyMagic Software (Mon Nov 25 2002 - 11:07:32 CST)
• MS02-071, shatter?
  • Sergey V. Gordeychik (Mon Dec 16 2002 - 02:47:51 CST)
  • Holmes, Ben (Mon Dec 16 2002 - 01:15:34 CST)
  • Greg Riedesel (Thu Dec 12 2002 - 08:34:35 CST)
• MSSQL HEllo bug
  • Chip Andrews (Thu Oct 03 2002 - 13:44:14 CDT)
  • Dave Aitel (Thu Oct 03 2002 - 11:18:36 CDT)
• Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002)
  • NGSSoftware Insight Security Research (Fri Nov 22 2002 - 11:48:39 CST)
• New Integrity Protection Driver (IPD) Available
  • Fernando Trias (Tue Dec 03 2002 - 12:13:34 CST)
• Notes on MS02-068, extensive downplaying of severity
  • Thor Larholm (Thu Dec 05 2002 - 07:42:08 CST)
• Notes on the SQL Cumulative patch
  • David Litchfield (Thu Oct 03 2002 - 09:56:37 CDT)
• OE DBX Exposure
  • Kaveh Mofidi (Sun Oct 27 2002 - 06:08:57 CST)
• Oracle iSQL*Plus buffer overflow vulnerability (#NISR04112002)
  • NGSSoftware Insight Security Research (Mon Nov 04 2002 - 11:48:17 CST)
• Outlook Express Remote Code Execution in Preview Pane (S/MIME)
  • Aviram Jenik (Thu Oct 10 2002 - 17:09:25 CDT)
• PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability
  • Marc Maiffret (Wed Dec 11 2002 - 18:17:23 CST)
• Possible security vulnerability after SP3 and password protected Iomega ZIPs
  • Luca Forattini (Mon Oct 21 2002 - 13:56:49 CDT)
• Problems applying MS02-058
  • Russ (Fri Oct 11 2002 - 12:14:44 CDT)
  • Russ (Thu Oct 10 2002 - 19:33:34 CDT)
• RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002)
  • NGSSoftware Insight Security Research (Fri Dec 20 2002 - 13:59:53 CST)
• Recent Postcard Sent To You
  • Thor Larholm (Sun Oct 27 2002 - 09:50:03 CST)
  • Chris Conley (Sat Oct 26 2002 - 12:26:31 CDT)
• Remote transmission of data when printing locally
  • Russ (Sat Nov 09 2002 - 06:06:27 CST)
• Revised: Microsoft Security Bulletin - MS02-066
  • Russ (Fri Dec 13 2002 - 14:00:43 CST)
  • Russ (Mon Nov 25 2002 - 17:48:48 CST)
  • Russ (Mon Nov 25 2002 - 12:40:44 CST)
• Revised: Microsoft Security Bulletin - MS02-068
  • Russ (Fri Dec 06 2002 - 17:00:52 CST)
• Revised: Microsoft Security Bulletin - MS02-069
  • Russ (Fri Dec 13 2002 - 11:57:48 CST)
  • Russ (Thu Dec 12 2002 - 15:11:09 CST)
• Revised: Microsoft Security Bulletin - MS02-070
  • Russ (Thu Dec 19 2002 - 20:07:20 CST)
• Revised: Microsoft Security Bulletin - MS02-071
  • Russ (Tue Dec 17 2002 - 20:32:04 CST)
• Security Paper: Session Fixation Vulnerability in Web-based Applications
  • Mitja Kolsek (ACROS Lists) (Wed Dec 18 2002 - 08:01:25 CST)
• securitybugware new network tool
  • Jitsu-Disk (Tue Oct 15 2002 - 05:01:38 CDT)
• Session Fixation Vulnerability in Web-based Applications
  • Steve Midgley (Thu Dec 19 2002 - 13:06:58 CST)
• SNMP fix in W2k SP3
  • Tod Beardsley (Wed Oct 30 2002 - 08:39:56 CST)
• Strange Permission problems that arise after SP3
  • Robert Connon (Tue Oct 22 2002 - 18:33:09 CDT)
• Technical information about unpatched MS Java vulnerabilities
  • Jouko Pynnonen (Fri Nov 08 2002 - 07:05:30 CST)
• Thor Larholm security advisory TL#004
  • Thor Larholm (Thu Oct 03 2002 - 14:53:20 CDT)
• Trojan in TCP Dump
  • Matthew Bukaty (Wed Nov 13 2002 - 13:08:14 CST)
• Undoing Novell's GINA
  • Nick Staff (Sun Oct 13 2002 - 23:28:43 CDT)
• Undoing Novell's GINA (and mt last post)
  • Nick Staff (Sat Oct 19 2002 - 02:20:40 CDT)
• Updated version of HFNetChk now available
  • Eric Schultze (Fri Nov 22 2002 - 18:15:22 CST)
• VisNetic WebSite Denial of Service
  • Peter Kruse (Fri Dec 13 2002 - 02:25:00 CST)
• Vulnerable cached objects in IE (9 advisories in 1)
  • Thor Larholm (Wed Oct 23 2002 - 08:49:50 CDT)
  • Holger Hasenstrauch (Wed Oct 23 2002 - 06:55:03 CDT)
  • GreyMagic Software (Tue Oct 22 2002 - 10:24:01 CDT)
• W2K SP3 & DNS name resolution: a problem with its solution !
  • Alain LOUBERT (Sat Oct 19 2002 - 07:51:14 CDT)
• Weak Password Encryption Scheme in MS SQL Server
  • K. K. Mookhey (Sat Nov 02 2002 - 01:38:33 CST)
• Windows File Protection Arbitrary Certificate Chain Vulnerability
  • FORENSICS.ORG Security Coordinator (Thu Dec 26 2002 - 05:11:32 CST)
• Windows File Protection Old Security Catalog Vulnerability
  • FORENSICS.ORG Security Coordinator (Thu Dec 26 2002 - 05:11:14 CST)
• windows update on XP Pro and MS02-013
  • Marc Bejarano (Wed Oct 30 2002 - 17:41:15 CST)
  • Russ (Wed Oct 30 2002 - 17:21:33 CST)
  • Marc Bejarano (Wed Oct 30 2002 - 12:52:28 CST)
  • Marc Bejarano (Fri Oct 25 2002 - 09:17:23 CDT)
• ZoneAlarm Pro 3.1 and 3.0 Denial of Service Vulnerability
  • doxical (Thu Oct 17 2002 - 06:40:53 CDT)

Last message date: Mon Dec 30 2002 - 14:34:41 CST
Archived on: Mon Dec 30 2002 - 14:34:41 CST