NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NTBugtraq> 2004-q4

162 messages sorted by: [ author ] [ date ] [ thread ]

Starting: Wed Oct 06 2004 - 12:27:42 CDT
Ending: Fri Dec 24 2004 - 16:35:05 CST

3D-FTP vulnerable to DoS Attack
- Cybertrion Systems (Tue Oct 19 2004 - 19:17:50 CDT)
[SNS Advisory No.79] A Possibility of Cookie Overwrite in Microsoft Internet Explorer
- snsadv (Mon Nov 15 2004 - 03:01:07 CST)
[VulnWatch] CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities
- wirepair (Tue Oct 12 2004 - 19:43:38 CDT)
ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer
- ACROS Security (Wed Oct 13 2004 - 05:21:25 CDT)
ActiveFile, XP+SP2, file download does not work
- Bobby Ballard (Fri Oct 08 2004 - 14:30:57 CDT)
Address Bar Spoofing on Double Byte Character Set Locale Vulnerability (CAN-2004-0844) Patched in MS04-038
- Liu Die Yu (Sun Nov 28 2004 - 09:55:08 CST)
Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6
- http-equivexcite.com (Tue Dec 07 2004 - 18:20:20 CST)
Administrivia #29691: TruSecure Global Risk Index Survey
- Russ (Tue Oct 26 2004 - 15:03:02 CDT)
- Russ Cooper (Tue Oct 19 2004 - 14:04:15 CDT)
Alert: Microsoft Security Bulletin MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
- Drews, Jane E (Fri Oct 01 2004 - 09:55:26 CDT)
Alert: Microsoft Security Bulletin MS04-029 - Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
- Russ Cooper (Tue Oct 12 2004 - 12:23:19 CDT)
Alert: Microsoft Security Bulletin MS04-030 - Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151)
- Russ Cooper (Tue Oct 12 2004 - 12:23:28 CDT)
Alert: Microsoft Security Bulletin MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
- Russ Cooper (Tue Oct 12 2004 - 12:23:39 CDT)
Alert: Microsoft Security Bulletin MS04-032 - Security Update for Microsoft Windows (840987)
- Russ Cooper (Tue Oct 12 2004 - 12:23:52 CDT)
Alert: Microsoft Security Bulletin MS04-033 - Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)
- Russ Cooper (Tue Oct 12 2004 - 12:24:01 CDT)
Alert: Microsoft Security Bulletin MS04-034 - Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)
- Russ Cooper (Tue Oct 12 2004 - 12:24:08 CDT)
Alert: Microsoft Security Bulletin MS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881)
- Russ Cooper (Tue Oct 12 2004 - 12:24:15 CDT)
Alert: Microsoft Security Bulletin MS04-036 - Vulnerability in NNTP Could Allow Remote Code Execution (883935)
- Russ Cooper (Tue Oct 12 2004 - 12:24:27 CDT)
Alert: Microsoft Security Bulletin MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
- Russ Cooper (Tue Oct 12 2004 - 12:24:38 CDT)
Alert: Microsoft Security Bulletin MS04-038 - Cumulative Security Update for Internet Explorer (834707)
- Russ Cooper (Tue Oct 12 2004 - 12:24:53 CDT)
Alert: Microsoft Security Bulletin MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)
- Russ Cooper (Tue Nov 09 2004 - 11:53:56 CST)
Alert: Microsoft Security Bulletin MS04-040 - Cumulative Security Update for Internet Explorer (889293)
- Russ Cooper (Wed Dec 01 2004 - 13:17:42 CST)
Alert: Microsoft Security Bulletin MS04-041 - Vulnerability in WordPad Could Allow Code Execution (885836)
- Russ Cooper (Tue Dec 14 2004 - 12:26:22 CST)
Alert: Microsoft Security Bulletin MS04-042 - Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249)
- Russ Cooper (Tue Dec 14 2004 - 12:26:26 CST)
Alert: Microsoft Security Bulletin MS04-043 - Vulnerability in HyperTerminal Could Allow Code Execution (873339)
- Russ Cooper (Tue Dec 14 2004 - 12:26:35 CST)
Alert: Microsoft Security Bulletin MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)
- Russ Cooper (Tue Dec 14 2004 - 12:26:45 CST)
Alert: Microsoft Security Bulletin MS04-045 - Vulnerability in WINS Could Allow Remote Code Execution (870763)
- Russ Cooper (Tue Dec 14 2004 - 12:26:52 CST)
Any Authenticated User can Restart or Shutdown a Remote WinXP computer
- G. Dell'Abate (Fri Oct 22 2004 - 19:33:24 CDT)
AppInit_DLLs revisited
- Andrew Aronoff (Mon Dec 06 2004 - 13:06:18 CST)
ASP.Net vulnerability
- Russ (Fri Oct 08 2004 - 09:15:56 CDT)
- Brett Hill (Thu Oct 07 2004 - 10:34:01 CDT)
ASP.Net vulnerabillity
- Steve Shockley (Wed Oct 06 2004 - 10:57:24 CDT)
BHO KB Link - How to Disable Third-Party Tool Bands and Browser Helper Objects
- Duane Maurer II (Mon Oct 25 2004 - 11:07:56 CDT)
Black Hat CFPs now open: Europe and Asia
- Jeff Moss (Tue Nov 30 2004 - 01:20:52 CST)
Buffer Overflow In Microsoft Excel
- Brett Moore (Wed Oct 13 2004 - 17:00:55 CDT)
Call for Papers - Bellua Cyber Security Asia 2005
- Anthony Zboralski (Sun Nov 14 2004 - 17:36:51 CST)
- Anthony Zboralski (Sat Nov 13 2004 - 13:08:05 CST)
CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities
- CORE Security Technologies Advisories (Tue Oct 12 2004 - 13:48:49 CDT)
Cross-Site-Scripting Vulnerability in Microsoft.com
- Rafel Ivgi, The-Insider (Mon Oct 04 2004 - 11:36:46 CDT)
CWS = Crummy Windows Security
- Ron Parker (Fri Oct 08 2004 - 10:13:53 CDT)
- Bartlett,James D (Thu Oct 07 2004 - 17:18:55 CDT)
- Andrew Aronoff (Thu Oct 07 2004 - 14:23:17 CDT)
- Mark Tassin (Mon Oct 04 2004 - 08:26:26 CDT)
- Ron Parker (Fri Oct 01 2004 - 10:30:40 CDT)
- Ron Parker (Fri Oct 01 2004 - 09:59:03 CDT)
- Louis Solomon [SteelBytes] (Fri Oct 01 2004 - 21:27:26 CDT)
Darn if you do Darn if you don't.
- Brian S. Bergin (Wed Oct 06 2004 - 17:49:11 CDT)
- Castigliola, Angelo (Wed Oct 06 2004 - 11:58:15 CDT)
Desktop.ini file ignored by Windows Encryption...
- Adam Piggott (Mon Nov 08 2004 - 13:47:02 CST)
- Scott Lockington (Mon Nov 01 2004 - 14:55:15 CST)
Disclosure Debate - yet again
- Michael Watterson (Fri Oct 08 2004 - 17:34:19 CDT)
- Kurt (Fri Oct 08 2004 - 17:42:31 CDT)
- Patrick Trapp (Fri Oct 08 2004 - 16:34:42 CDT)
- Matthew Ramadanovic (Fri Oct 08 2004 - 16:31:28 CDT)
- Russ (Fri Oct 08 2004 - 15:57:24 CDT)
EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service
- Marc Maiffret (Tue Nov 09 2004 - 12:38:02 CST)
EEYE: RealPlayer pnen3260.dll Heap Overflow
- Marc Maiffret (Fri Oct 01 2004 - 12:38:10 CDT)
EEYE: RealPlayer Zipped Skin File Buffer Overflow
- Marc Maiffret (Wed Oct 27 2004 - 15:36:37 CDT)
EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability
- Derek Soeder (Tue Oct 12 2004 - 23:49:05 CDT)
EEYE: Windows VDM #UD Local Privilege Escalation
- Derek Soeder (Tue Oct 12 2004 - 23:45:53 CDT)
Eudora 6.2 attachment spoof
- Paul Szabo (Sat Nov 13 2004 - 12:23:28 CST)
Eudora 6.2.0.7 attachment spoof
- Paul Szabo (Sun Oct 10 2004 - 17:23:53 CDT)
Events from one domain logged on a different domain's DC
- Boris Yakubov (Tue Dec 07 2004 - 18:22:48 CST)
Flaws in SP2 security features, part II
- Juergen Schmidt (Tue Nov 16 2004 - 14:45:35 CST)
Fun with cached credentials!
- Firstname Lastname (Fri Dec 03 2004 - 14:01:57 CST)
FYI: New location for the MS Knowledgebase
- Russ (Tue Oct 12 2004 - 12:10:42 CDT)
Getting pop up
- Philip Walley (Fri Oct 22 2004 - 09:10:53 CDT)
High CPU = Poor disk I/O on Svr2003?
- Joe Pochedley (Wed Oct 06 2004 - 11:05:51 CDT)
How to Break Windows XP SP2 + Internet Explorer 6 SP2
- Tod Beardsley (Wed Oct 27 2004 - 10:38:52 CDT)
- Steve Boyce (Wed Oct 20 2004 - 10:52:07 CDT)
- http-equivexcite.com (Tue Oct 19 2004 - 22:35:44 CDT)
HOW TO BREAK XP SP2 POPUP BLOCKER: kick it in the nut !
- http-equivexcite.com (Fri Dec 10 2004 - 12:37:26 CST)
HyperTerminal - Buffer Overflow In .ht File
- Brett Moore (Tue Dec 14 2004 - 17:00:06 CST)
IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:05:53 CST)
IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 11:01:16 CST)
IISShield and ASP.NET canonicalization
- Tiago Halm (Wed Oct 13 2004 - 14:20:03 CDT)
Interesting thing about ICF and SP2
- Erik Pace Birkholz (Thu Oct 14 2004 - 14:03:31 CDT)
InUse Destroyer script
- Andrew Aronoff (Mon Dec 06 2004 - 13:16:32 CST)
Logon Hours and Local Admin Equivalence
- William Lowry (Tue Oct 26 2004 - 13:58:49 CDT)
MajorRev: v2.0 Microsoft Security Bulletin MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
- Russ Cooper (Tue Oct 12 2004 - 12:36:16 CDT)
MajorRev: v2.0 Microsoft Security Bulletin MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)
- Russ Cooper (Tue Nov 09 2004 - 20:31:11 CST)
MajorRev: v3.0 Microsoft Security Bulletin MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)
- Russ Cooper (Tue Nov 16 2004 - 12:30:07 CST)
Microsoft Internet Explorer 6 SP2 Vulnerabilities / FD vs. Security by Obscurity
- K-OTik Security (Fri Nov 19 2004 - 17:46:26 CST)
Microsoft Knowledge Base Article - 887459
- John Galt (Thu Oct 07 2004 - 08:04:50 CDT)
Microsoft Security Bulletin Advance Notification
- Turker Ugur Sokullu (Fri Nov 05 2004 - 14:28:19 CST)
Microsoft Security Bulletin MS04-038 - Cumulative Security Update for Internet Explorer (834707)
- Russ (Fri Oct 15 2004 - 08:49:47 CDT)
Microsoft Windows Huge Text Processing Instability
- Kaveh Mofidi (Sun Oct 17 2004 - 03:11:23 CDT)
MinorRev: Microsoft Security Bulletin MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
- Russ Cooper (Mon Oct 25 2004 - 18:58:33 CDT)
MonkeyShell: using XML-RPC for access to a remote shell
- Darryl Luff (Tue Oct 12 2004 - 00:56:35 CDT)
- Barry Dorrans (Mon Oct 11 2004 - 10:34:59 CDT)
- Abe Usher (Sun Oct 10 2004 - 21:38:50 CDT)
More details on ASP.NET vulnerability
- Mark Burnett (Thu Oct 07 2004 - 22:12:21 CDT)
Most Oct 2004 patches for NT won't install on Workstation
- Reed Darsey (Fri Oct 15 2004 - 17:56:54 CDT)
- Reed Darsey (Fri Oct 15 2004 - 08:09:28 CDT)
MS04-028 Enterprise Scanning Tool KB location
- Russ (Wed Oct 13 2004 - 08:03:06 CDT)
MSXML Service Packs
- Doug Neal (Tue Oct 26 2004 - 15:15:01 CDT)
- Joe Dance (Fri Oct 15 2004 - 15:36:15 CDT)
Need to purge vulnerable gdiplus.dll?
- Ben Conrad (Fri Oct 01 2004 - 09:23:38 CDT)
- Ben (Thu Sep 30 2004 - 03:30:45 CDT)
- Don Arthurs (Thu Sep 30 2004 - 02:24:57 CDT)
New Microsoft Security Response Center PGP Key [pgp]
- Microsoft Security Response Center (Tue Oct 05 2004 - 17:40:18 CDT)
New MyDoom variants exploiting unpatched IFRAME exploit
- Jeffrey Thomas (Tue Nov 09 2004 - 09:28:34 CST)
New URL spoofing bug in Microsoft Internet Explorer
- Martin Maher (Sun Oct 31 2004 - 14:17:03 CST)
- Russ (Mon Nov 01 2004 - 12:08:05 CST)
- Russ Thomas (Sun Oct 31 2004 - 04:21:00 CST)
- Marjolein Katsma (Sat Oct 30 2004 - 02:31:31 CDT)
- Yergeau, Tom (Fri Oct 29 2004 - 16:36:29 CDT)
- Angus Scott-Fleming (Fri Oct 29 2004 - 16:07:15 CDT)
- James C Slora Jr (Fri Oct 29 2004 - 15:33:30 CDT)
- Russ (Fri Oct 29 2004 - 15:19:03 CDT)
- Benjamin Franz (Thu Oct 28 2004 - 16:38:11 CDT)
New/old Trojan?
- nixsec (Sun Nov 21 2004 - 14:11:28 CST)
nmapbot: using instant messaging as a remote administration tool
- Abe Usher (Tue Oct 05 2004 - 00:04:24 CDT)
Online Script Decoder
- GreyMagic Security (Tue Dec 07 2004 - 11:13:30 CST)
Oracle Character Conversion Bugs (#NISR2122004G)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:31:16 CST)
Oracle clear text passwords (#NISR2122004D)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:34:40 CST)
Oracle extproc buffer overflow (#NISR23122004A)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:32:09 CST)
Oracle extproc directory traversal (#NISR23122004B)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:32:57 CST)
Oracle extproc local command execution (#NISR23122004C)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:33:51 CST)
Oracle ISQLPlus file access vulnerability (#NISR2122004E)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:35:28 CST)
Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:37:24 CST)
Oracle TNS Listener DoS (#NISR2122004F)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:36:09 CST)
Oracle Trigger Abuse (#NISR2122004I)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:29:32 CST)
Oracle wrapped procedure overflow (#NISR2122004J)
- NGSSoftware Insight Security Research (Thu Dec 23 2004 - 10:38:29 CST)
p h i s h i n g p h o r p h u n p h o r p h u q u e s a k e
- http-equivexcite.com (Sun Oct 31 2004 - 20:56:48 CST)
pacsec.jp advisory: Firewire/IEEE 1394 Considered Harmful to Physical Security
- Dragos Ruiu (Mon Oct 18 2004 - 03:59:59 CDT)
Patch available for critical IBM DB2 Universal Database flaws
- NGSSoftware Insight Security Research (Tue Oct 05 2004 - 09:15:52 CDT)
Patch available for high risk flaws in the AtHoc Toolbar
- NGSSoftware Insight Security Research (Wed Oct 06 2004 - 11:55:11 CDT)
Patch available for multiple high risk vulnerabilities in RealPlayer
- NGSSoftware Insight Security Research (Wed Oct 06 2004 - 05:26:21 CDT)
Possible new SP2 bug
- Mitch Stein (Fri Oct 01 2004 - 10:28:59 CDT)
possible regedit bulk key deletion vulnerability (Revised)
- Ron Parker (Tue Nov 16 2004 - 08:01:35 CST)
- k levinson (Tue Nov 16 2004 - 09:03:12 CST)
- supportmaedata.net (Mon Nov 15 2004 - 22:08:12 CST)
Presentation: Bypassing client application protection techniques with notepad
- 3APA3A (Thu Oct 28 2004 - 07:55:34 CDT)
Proactive desktop protection (need beta testers)
- Bill Stout (Mon Oct 18 2004 - 11:20:53 CDT)
Problems with MS04-032
- Russ (Thu Oct 28 2004 - 06:05:49 CDT)
RealPlayer vulnerabilities
- Matthew S. Cramer (Fri Oct 08 2004 - 15:43:43 CDT)
- Ernst Lopes Cardozo (Fri Oct 08 2004 - 15:06:23 CDT)
- David Kennedy CISSP (Fri Oct 08 2004 - 13:45:25 CDT)
- Martin Viktora (Fri Oct 08 2004 - 12:43:02 CDT)
- Tim Johnson (Fri Oct 08 2004 - 11:58:56 CDT)
- Drew Copley (Thu Oct 07 2004 - 14:38:23 CDT)
- Jason Coombs PivX Solutions (Thu Oct 07 2004 - 19:00:00 CDT)
- Martin Viktora (Thu Oct 07 2004 - 13:03:56 CDT)
Regression in IE: Accessing remote/local content in IE (GM#009-IE)
- GreyMagic Security (Tue Oct 12 2004 - 11:54:04 CDT)
Rendering large binary file as HTML makes Mozilla Firefox stop responding or crash
- Peter Kruse (Mon Oct 25 2004 - 04:00:25 CDT)
Scanner released to detect and repair MS04-028 infected JPEG files
- Wayne - diamondcs.com.au (Fri Oct 22 2004 - 12:48:05 CDT)
Secunia Research: Multiple Browsers Tabbed Browsing Vulnerabilities
- Jakob Balle (Wed Oct 20 2004 - 08:02:43 CDT)
SecureCRT - Remote Command Execution
- Brett Moore (Mon Nov 22 2004 - 18:33:54 CST)
SetWindowLong Shatter Attacks
- Brett Moore (Wed Oct 13 2004 - 18:13:50 CDT)
Sharepoint 2003 installation fails and account password revealed in setup log
- Alexander Fichman (Wed Dec 01 2004 - 14:28:20 CST)
Who needs Real Player?
- Bartlett,James D (Thu Oct 07 2004 - 17:42:13 CDT)
Win XP SP 2 update operations update
- Rob, grandpa of Ryan, Trevor, Devon & Hannah (Fri Oct 08 2004 - 20:28:32 CDT)
Winamp - Buffer Overflow In IN_CDDA.dll
- Brett Moore (Mon Nov 22 2004 - 18:14:13 CST)
Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ]
- Brett Moore (Sun Dec 05 2004 - 18:30:18 CST)
Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]
- Brett Moore (Tue Nov 23 2004 - 21:06:20 CST)
Windows file I/O not internationalized
- Liu Die Yu (Tue Oct 26 2004 - 20:34:47 CDT)
- Paul Szabo (Fri Oct 15 2004 - 15:46:12 CDT)
Windows Firewall update available
- Marc Bejarano (Tue Dec 14 2004 - 14:16:07 CST)
Windows Update Issue
- Russ (Thu Oct 14 2004 - 16:57:50 CDT)
- Daniel Goymer (Wed Oct 13 2004 - 16:06:19 CDT)
Workaround for Symantec/Windows Installer Program problems on XP SP2
- A. Wood (Sun Dec 05 2004 - 01:33:24 CST)

Last message date: Fri Dec 24 2004 - 16:35:05 CST
Archived on: Fri Dec 24 2004 - 16:35:05 CST

162 messages sorted by: [ author ] [ date ] [ thread ]