| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY8-F88CTr9rf3yXvE00005036@hotmail.com> From: curiositov at hotmail.com (Curious ByStander) Subject: Secunia is Missing Recent Microsoft Vulnerabilities On July 16th Microsoft issued three security bulletins: MS03-028: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack MS03-027: Unchecked Buffer in Windows Shell Could Enable System Compromise MS03-026: Buffer Overrun In RPC Interface Could Allow Code Execution On looking at Secunia's website at their historic advisories I see they have not published these vulnerabilities and its been 2 days!!! Our company was evaluating their paid-for service, but obvious they dont subscribe to the MS Security Maililing list - duh! 2003-07-18 - IBM U2 UniVerse "uvadmsh" Privilege Escalation Vulnerability - IBM U2 UniVerse "cci_dir" Privilege Escalation Vulnerability 2003-07-17 - eStore Path Disclosure and SQL Injection Vulnerabilities - Citadel/UX Multiple Vulnerabilities - E-mail System Database Download and SQL Injection Vulnerabil... - SGI IRIX scheme Privilege Escalation Vulnerability - SGI IRIX Name Service Daemon Multiple Vulnerabilities - Debian update for php4 - Conectiva update for phpgroupware - Cisco IOS IPv4 Packet Processing Denial of Service Vulnerabi... - Exceed Font Buffer Overflow Vulnerabilities 2003-07-16 - Windows RPC DCOM Interface Buffer Overflow Vulnerability - Windows SMTP Service Invalid Timestamp Denial of Service - .netCART Database Download Vulnerability - Synthigence Forum/Chat Database Download Vulnerability - Asus ADSL Routers Information Disclosure Vulnerabilities - Netscape Client Detection Tool Buffer Overflow Vulnerability - NeoModus Direct Connect Multiple Request Denial of Service - Mandrake update for kernel - Message Foundry Multiple Vulnerabilities - Polycom MGC-25 Control Port Denial of Service Vulnerability - Internet Explorer AutoScan Method Cross-Site Scripting Vulne... - Microsoft JET Database Engine Buffer Overflow Vulnerability - CyberShop ASP Database Download Vulnerability In there defence they tell us they work 5 days a week, 8 hours a day, European time - but 2 days late is not acceptable!!! _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
Powered by blists - more mailing lists