Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
I. FRONT AND CENTER
1. Valuing Secure Access to Personal Information
2. Infected In Twenty Minutes
3. Using Libwhisker
II. BUGTRAQ SUMMARY
1. PHPMyWebHosting SQL Injection Vulnerability
2. Microsoft Internet Explorer Spoofed Address Bar Vulnerabilit...
3. GV Postscript and PDF Viewer Multiple Remote Buffer Overflow...
4. Yukihiro Matsumoto Ruby CGI Session Management Insecure File...
5. Adobe Acrobat/Acrobat Reader ActiveX Control URI Request Hea...
6. CuteNews 'show_archives.php' Cross-Site Scripting Vulnerabil...
7. QuiXplorer Item Parameter Directory Traversal Vulnerability
8. AWStats Rawlog Plugin Logfile Parameter Input Validation Vul...
9. Gentoo Linux Tomcat EBuild Insecure Install Permissions Vuln...
10. KDE Mcoputils Insecure Temporary File Creation Vulnerability
11. Xephyrus Java Simple Template Engine File Token Directory Tr...
12. PScript PForum User Profile HTML Injection Vulnerability
13. SpamAssassin Malformed Email Remote Denial Of Service Vulner...
14. MediaWiki Undisclosed Remote File Include Vulnerability
15. RXVT-Unicode Open File Descriptor Leakage Vulnerability
16. RaXnet Cacti Auth_Login.PHP SQL Injection Vulnerability
17. Opera Web Browser Resource Detection Weakness
18. Inter7 Vpopmail Vsybase.c Multiple Vulnerabilities
19. GNU GLibC LD_DEBUG Local Information Disclosure Vulnerabilit...
20. Pedestal Software Integrity Protection Driver Local Denial O...
21. Merak Mail Server Webmail Multiple Vulnerabilities
22. TNFTPD Multiple Signal Handler Remote Superuser Compromise V...
23. Gallery Remote Server-Side Script Execution Vulnerability
24. MySQL Mysqlhotcopy Script Insecure Temporary File Creation V...
25. Anton Raharja PlaySMS Valid Function SQL Injection Vulnerabi...
26. Cisco IOS OSPF Remote Denial Of Service Vulnerability
27. Microsoft Internet Explorer Drag And Drop File Installation ...
28. PHP-Fusion Database Backup Information Disclosure Vulnerabil...
29. GYach Enhanced Multiple Undisclosed Vulnerabilities
30. Courier-IMAP Remote Format String Vulnerability
31. Multiple Qt Image Handling Heap Overflow Vulnerabilities
32. Microsoft Internet Explorer MHTML Content-Location Cross Sec...
33. Microsoft NTP Time Synchronization Spoof Weakness
34. MySQL Mysql_real_connect Function Potential Remote Buffer Ov...
35. Zixforum ZixForum.mdb Database Disclosure Vulnerability
36. Working Resources BadBlue Webserver Denial Of Service Vulner...
37. British National Corpus SARA Remote Buffer Overflow Vulnerab...
38. XV Multiple Buffer Overflow and Integer Handling Vulnerabili...
39. Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' ...
40. Zone Labs ZoneAlarm/ZoneAlarm Pro Weak Default Permissions V...
41. Nihuo Web Log Analyzer HTML Injection Vulnerability
42. aGSM Half-Life Server Info Response Buffer Overflow Vulnerab...
43. Inter7 Vpopmail Multiple SQL Injection Vulnerabilities
III. SECURITYFOCUS NEWS ARTICLES
1. South Pole 'cyberterrorist' hack wasn't the first
2. Sluggish movement on power grid cyber security
3. U.S. tackles Emergency Alert System insecurity
4. Windows Upgrade Causing Campus Headaches
5. Meet the Peeping Tom worm
6. Slow-moving lawsuits over music downloads producing court tw...
IV. SECURITYFOCUS TOP 6 TOOLS
1. OpenSSH 3.9p1
2. K-MAC 1.0.0.4
3. Rootkit Hunter v1.1.6
4. Honeynet Security Console 1.1.1
5. Pads 1.1
6. IDS Policy Manager v1.4.1
V. SECURITYJOBS LIST SUMMARY
1. [SJ-JOB] Forensics Engineer, London or Edinburgh, GB (Thread)
2. [SJ-JOB] Sr. Security Engineer, Capital Federal, AR (Thread)
3. [SJ-JOB] Sr. Product Manager, Herndon, US (Thread)
4. [SJ-JOB] Security Architect, Rancho Cordova, US (Thread)
5. [SJ-JOB] Account Manager, Annapolis Junction, US (Thread)
6. [SJ-JOB] Security Consultant, Boston, US (Thread)
7. [SJ-JOB] Manager, Information Security, Reston, US (Thread)
8. [SJ-JOB] Security Engineer, Rancho Cordova, US (Thread)
9. [SJ-JOB] Security System Administrator, Frazer, US (Thread)
10. [SJ-JOB] Information Assurance Analyst, Washington D... (Thread)
11. [SJ-JOB] Security Auditor, Barcelona, ES (Thread)
12. [SJ-JOB] CHECK Team Leader, London or Edinburgh, GB (Thread)
13. [SJ-JOB] Management, Islandia, US (Thread)
14. [SJ-JOB] Account Manager, Arlington, US (Thread)
15. [SJ-JOB] Sales Engineer, Atlanta, US (Thread)
16. [SJ-JOB] Sales Engineer, Toronto, CA (Thread)
17. [SJ-JOB] Developer, Arlington, US (Thread)
18. [SJ-JOB] Jr. Security Analyst, Oklahoma City, US (Thread)
19. [SJ-JOB] Sales Engineer, Boston, US (Thread)
20. [SJ-JOB] Account Manager, San Rafael, US (Thread)
21. [SJ-JOB] Sr. Product Manager, San Jose, US (Thread)
22. [SJ-JOB] CHECK Team Leader, Milton Keynes, GB (Thread)
23. [SJ-JOB] Sr. Security Analyst, Seattle, US (Thread)
24. [SJ-JOB] Sales Engineer, New York, US (Thread)
25. [SJ-JOB] Application Security Engineer, London, GB (Thread)
26. [SJ-JOB] Account Manager, Atlanta, US (Thread)
27. [SJ-JOB] Account Manager, Boston, US (Thread)
28. [SJ-JOB] Sales Engineer, VA/DC area, US (Thread)
29. [SJ-JOB] Sales Engineer, Herndon, US (Thread)
30. [SJ-JOB] Manager, Information Security, London, GB (Thread)
31. [SJ-JOB] Security Engineer, Chicago, US (Thread)
32. [SJ-JOB] Security Engineer, NY, US (Thread)
33. [SJ-JOB] Account Manager, New York, US (Thread)
34. [SJ-JOB] Security Architect, Los Angeles, US (Thread)
35. [SJ-JOB] Security Engineer, Johnstown_Pa., US (Thread)
36. [SJ-JOB] Account Manager, Orange County, US (Thread)
37. [SJ-JOB] VP, Information Security, Mumbai, IN (Thread)
38. [SJ-JOB] Security Consultant, London, GB (Thread)
39. [SJ-JOB] Compliance Officer, Oklahoma City, US (Thread)
40. [SJ-JOB] VP / Dir / Mgr engineering, Mumbai, IN (Thread)
41. [SJ-JOB] Director, Computer Security, San Francisco,... (Thread)
42. [SJ-JOB] Security Consultant, Mumbai, IN (Thread)
43. [SJ-JOB] Security System Administrator, Oklahoma Cit... (Thread)
44. [SJ-JOB] Security Director, Mumbai, IN (Thread)
45. [SJ-JOB] Application Security Engineer, Newport News... (Thread)
46. [SJ-JOB] Sr. Security Analyst, Oklahoma City, US (Thread)
47. [SJ-JOB] VP of Regional Sales, Kirkland, US (Thread)
48. [SJ-JOB] Security Engineer, Bay Area, US (Thread)
49. [SJ-JOB] Sr. Security Analyst, Lincolnshire, US (Thread)
50. [SJ-JOB] Account Manager, Omaha, US (Thread)
51. [SJ-JOB] Security Consultant, Mountlake Terrace, US (Thread)
52. [SJ-JOB] Sr. Security Engineer, Mountlake Terrace, U... (Thread)
53. [SJ-JOB] Director, Information Security, Seattle, US (Thread)
54. [SJ-JOB] VP of Marketing, Oshkosh, US (Thread)
55. [SJ-JOB] Account Manager, Mumbai, IN (Thread)
56. [SJ-JOB] Application Security Engineer, Peninsula - ... (Thread)
57. [SJ-JOB] Sr. Product Manager, Fremont, US (Thread)
58. [SJ-JOB] Security Researcher, Boston, US (Thread)
59. [SJ-JOB] Sr. Security Engineer, Minneapolis, US (Thread)
60. [SJ-JOB] Manager, Information Security, Minneapolis,... (Thread)
61. [SJ-JOB] Application Security Engineer, Minneapolis,... (Thread)
62. [SJ-JOB] Security Engineer, Minneapolis, US (Thread)
63. [SJ-JOB] Sr. Security Engineer, San Marcos, US (Thread)
64. [SJ-JOB] Account Manager, Englewood, US (Thread)
65. [SJ-JOB] Account Manager, San Jose, US (Thread)
66. [SJ-JOB] Account Manager, San Francisco, US (Thread)
67. [SJ-JOB] Account Manager, New York City, US (Thread)
68. [SJ-JOB] Security Engineer, Wash_DC, US (Thread)
69. [SJ-JOB] Account Manager, Los Angeles, US (Thread)
70. [SJ-JOB] Security Engineer, new york, US (Thread)
71. [SJ-JOB] Security Researcher, Santa Clara, US (Thread)
72. [SJ-JOB] Sr. Security Engineer, Hyattesville, US (Thread)
73. [SJ-JOB] Quality Assurance, San Jose, US (Thread)
74. [SJ-JOB] Security Engineer, Westborough, US (Thread)
75. [SJ-JOB] Account Manager, Portland, US (Thread)
76. [SJ-JOB] Sales Engineer, Santa Clara, US (Thread)
77. [SJ-JOB] Security Engineer, Herndon, US (Thread)
78. [SJ-JOB] Developer, Palm Beach, US (Thread)
79. [SJ-JOB] Security Auditor, New York, US (Thread)
80. [SJ-JOB] Certification & Accreditation Engineer, Arl... (Thread)
81. [SJ-JOB] Security Consultant, Kirkland, US (Thread)
82. [SJ-JOB] Sales Engineer, New York City, US (Thread)
83. [SJ-JOB] Security Engineer, Ft. Lauderdale, US (Thread)
84. [SJ-JOB] Security Consultant, Milton, CA (Thread)
85. [SJ-JOB] Account Manager, Salt Lake City, US (Thread)
86. [SJ-JOB] Account Manager, Seattle, US (Thread)
87. [SJ-JOB] Account Manager, Phoenix, US (Thread)
VI. INCIDENTS LIST SUMMARY
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
VII. VULN-DEV RESEARCH LIST SUMMARY
1. app: protocol in Help Center and Support - allow run... (Thread)
2. [tool] (dum(b)ug) and ltrace for Windows (Thread)
3. GADU-GADU Instant messanger - long file name (Thread)
4. GADU-GADU - long file name... part 2 (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
1. COM+ with ASP web site on W2K3 (Thread)
2. MS binary integrity baseline (Thread)
3. Python Hash File Builder/Checker (Thread)
4. SecurityFocus Microsoft Newsletter #202 (Thread)
IX. SUN FOCUS LIST SUMMARY
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
X. LINUX FOCUS LIST SUMMARY
1. Attempts to push spam through apache (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Valuing Secure Access to Personal Information
By Ben Malisow
This article seeks to answer the question: is your personal data safe? Or
do you give it away during almost every transaction you make with
government or commercial entities?
http://www.securityfocus.com/infocus/1797
2. Infected In Twenty Minutes
By Scott Granneman
What normally happens within twenty minutes? That's how long your average
unprotected PC running Windows XP, fresh out of the box, will last once
it's connected to the Internet.
http://www.securityfocus.com/columnists/262
3. Using Libwhisker
By Neil Desai
This article discusses the use of Libwhisker, a PERL module which allows
for the creation of custom HTTP packets and can be used for penetration
testing various web applications.
http://www.securityfocus.com/infocus/1798
II. BUGTRAQ SUMMARY
-------------------
1. PHPMyWebHosting SQL Injection Vulnerability
BugTraq ID: 10942
Remote: Yes
Date Published: Aug 14 2004
Relevant URL: http://www.securityfocus.com/bid/10942
Summary:
It has been reported that PHPMyWebHosting is vulnerable to a SQL injection attack. The vulnerability is reportedly in the script "includes/functions/pmwh.php" and is the result of a SQL query constructed using inadequately sanitized HTML form variables. The most immediate concern is that this code appears to authenticate a remote client and does so in a way that may be trivially subverted with a vulnerability such as this one. Furthermore, as this is SQL injection, it may be possible for attackers to view or modify sensitive/confidential data in the database. It may also be possible for attackers to exploit the database server itself, potentially gaining access to the underlying host.
2. Microsoft Internet Explorer Spoofed Address Bar Vulnerabilit...
BugTraq ID: 10943
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10943
Summary:
Microsoft Internet Explorer may allow a malicious Web page to spoof the address bar of the browser. This could be used to lure Web users into a false sense of trust since a malicious or spoofed site may pose as a site that is trusted by the user. This could facilitate phishing attacks.
It may also be possible to exploit this issue through HTML email.
3. GV Postscript and PDF Viewer Multiple Remote Buffer Overflow...
BugTraq ID: 10944
Remote: Yes
Date Published: Aug 14 2004
Relevant URL: http://www.securityfocus.com/bid/10944
Summary:
gv is reported prone to multiple remote buffer overflow vulnerabilities. These issues exist due to insufficient checking performed by the application on file headers for PostScript and PDF documents.
These vulnerabilities exist in the 'psscan' function of the 'ps.c' file. The vulnerabilities include multiple stack and heap based buffer overflows. A number of the stack overflows have been specified, however, there are also a number of unspecified heap overflows.
Successful exploitation of these issues may result in an attacker executing arbitrary code on a vulnerable computer to gain unauthorized access. This would occur in the context of the vulnerable application.
It should be noted that applications such as Web browsers may use the software as an automatic handler for PostScript and PDF files.
4. Yukihiro Matsumoto Ruby CGI Session Management Insecure File...
BugTraq ID: 10946
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10946
Summary:
It is reported that Ruby is prone to an insecure file permissions vulnerability. This issue affects the CGI session management component of the application.
This issue may allow a local attacker with access to a vulnerable Web server to hijack a session.
Ruby versions prior to 1.6.7 and 1.8.1 are affected by the issue.
5. Adobe Acrobat/Acrobat Reader ActiveX Control URI Request Hea...
BugTraq ID: 10947
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10947
Summary:
Adobe Acrobat/Acrobat Reader ActiveX control (pdf.ocx) is reported prone to a heap-based buffer overrun vulnerability, the issue presents itself due to a lack of sufficient boundary checking performed on URI data of GET requests.
It is reported that Microsoft IIS and Netscape Enterprise servers employ NULL bytes as URI terminators and so these HTTP servers may be used to launch an attack.
When a malicious URI is followed, the URI is copied into heap-based memory of the affected software without sufficient boundary checks. This results in heap-based memory management chunks being trampled by attacker-supplied URI data.
Ultimately this vulnerability may be exploited by a remote attacker to execute arbitrary code in the context of the user who is running the vulnerable software.
6. CuteNews 'show_archives.php' Cross-Site Scripting Vulnerabil...
BugTraq ID: 10948
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10948
Summary:
It is reported that CuteNews is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input.
This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.
This vulnerability is reported to exist in version 1.3.1 of CuteNews. Other versions may also be affected.
7. QuiXplorer Item Parameter Directory Traversal Vulnerability
BugTraq ID: 10949
Remote: Yes
Date Published: Aug 14 2004
Relevant URL: http://www.securityfocus.com/bid/10949
Summary:
QuiXplorer is prone to a directory traversal vulnerability. The issue occurs if a remote attacker sends a request to the application for a file containing directory traversal character sequences through the 'item' parameter. If successful, the attacker can access arbitrary files on a vulnerable computer in the context of the affected server.
QuiXplorer versions 2.3 and prior are prone to this issue.
8. AWStats Rawlog Plugin Logfile Parameter Input Validation Vul...
BugTraq ID: 10950
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10950
Summary:
AWStats Rawlog Plugin is reported prone to an input validation vulnerability. The issue is reported to exist because user supplied 'logfile' URI data passed to the 'awstats.pl' script is not sanitized.
An attacker may exploit this condition to execute commands remotely or disclose contents of web server readable files.
It should be noted that although this vulnerability is reported to affect AWStats version 6.1, other versions might also be affected.
9. Gentoo Linux Tomcat EBuild Insecure Install Permissions Vuln...
BugTraq ID: 10951
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10951
Summary:
The Gentoo Linux Tomcat eBuild is reported prone to an insecure default install permission vulnerability. It is reported that certain Tomcat scripts are installed with permissions that allow members of the tomcat group to write to the file.
A local attacker that is a member of the Tomcat group may exploit this condition to escalate privileges.
10. KDE Mcoputils Insecure Temporary File Creation Vulnerability
BugTraq ID: 10952
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10952
Summary:
KDEs mcoputils is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames.
A local attacker may also possibly exploit this vulnerability to execute symbolic link file overwrite attacks. This may allow an attacker to overwrite arbitrary files with the privileges of the targeted user. Privilege escalation may also be possible using this method of attack.
11. Xephyrus Java Simple Template Engine File Token Directory Tr...
BugTraq ID: 10953
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10953
Summary:
Xephyrus Java Simple Template Engine is reported prone to a directory traversal vulnerability due to insufficient sanitization of user-supplied file-token data.
Xephyrus Java Simple Template Engine permits that files may be loaded into templates using a 'file-token'. However, 'file-token' values may be overridden by URI parameters that are specified in a request for the script that contains 'file-token' entries.
12. PScript PForum User Profile HTML Injection Vulnerability
BugTraq ID: 10954
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10954
Summary:
PScript PForum is reported prone to a HTML injection vulnerability. The vulnerability presents itself due to a lack of sufficient sanitization performed on data submitted through input fields of the PForum user profile form.
This could be exploited to steal cookie-based authentication credentials. It is also possible to use this type of vulnerability as an attack vector to exploit latent browser security flaws.
13. SpamAssassin Malformed Email Remote Denial Of Service Vulner...
BugTraq ID: 10957
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10957
Summary:
SpamAssassin is reported prone to a remote denial of service vulnerability. Full details regarding this vulnerability are not known.
A remote attacker may potentially exploit this vulnerability to deny service to a target SpamAssassin service.
SpamAssassin versions prior to 2.64 are reported vulnerable to this issue.
This BID will be updated as further details regarding this vulnerability are announced.
14. MediaWiki Undisclosed Remote File Include Vulnerability
BugTraq ID: 10958
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10958
Summary:
A new version of MediaWiki is available, addressing an undisclosed vulnerability that may allow a remote attacker to execute arbitrary code.
An attacker may be capable of causing a malicious PHP header file to be interpreted by a target system. Depending on the payload, this could potentially allow an attacker to gain unauthorized remote access to a vulnerable system.
15. RXVT-Unicode Open File Descriptor Leakage Vulnerability
BugTraq ID: 10959
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10959
Summary:
It is reported that RXVT-Unicode fails to properly close file descriptors when spawning new child terminal windows.
The child process could then potentially gain access to possibly sensitive information from the contents of the open file descriptors. Depending on the mode of the original file, and the privileges of the user that opened it, processes in the child window may exploit this vulnerability to take control of the parent process. Other attacks may also be possible.
An attacker requires local access to the RXVT-Unicode process window to exploit this vulnerability.
Versions prior to 3.6 are reported vulnerable to this issue.
16. RaXnet Cacti Auth_Login.PHP SQL Injection Vulnerability
BugTraq ID: 10960
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10960
Summary:
RaXnet Cacti is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the auth_login.php script due to a failure of the application to properly sanitize user-supplied "username" URI parameter input before using it in an SQL query.
It is demonstrated that an attacker may exploit this vulnerability in order to bypass the authentication interface used by Cacti.
17. Opera Web Browser Resource Detection Weakness
BugTraq ID: 10961
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10961
Summary:
Opera Web Browser is prone to a security weakness that may permit an attacker to determine the existence of resources on a vulnerable computer.
An attacker can use an IFRAME that is accessible within the same domain and change its URI to the location of a file or directory. The attacker can then determine the existence of the resource by the error message returned by Opera.
This weakness can then allow the attacker to carry out other attacks against a vulnerable computer.
Opera 7.53 and prior versions running Windows, Unix, and Apple platforms are reported vulnerable to this issue.
18. Inter7 Vpopmail Vsybase.c Multiple Vulnerabilities
BugTraq ID: 10962
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10962
Summary:
vpopmail is reported prone to multiple buffer overflow and a format string vulnerability. These issues are present in the 'vsybase.c' file. These issues exist due to the use of the sprintf() function.
It is conjectured that these issues may allow an attacker to execute arbitrary code to gain unauthorized access to a vulnerable computer. At the very least a denial of service condition may result.
vpopmail versions 5.4.2 and prior are affected by these issue.
19. GNU GLibC LD_DEBUG Local Information Disclosure Vulnerabilit...
BugTraq ID: 10963
Remote: No
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10963
Summary:
A local vulnerability is reported to exist in glibc, it is reported that LD_DEBUG is allowed on setuid binaries even though this should not be allowed. A local attacker may debug a setuid binary and may disclose sensitive information.
Information harvested in this manner may be employed to aid in further attacks that are launched against a vulnerable host.
20. Pedestal Software Integrity Protection Driver Local Denial O...
BugTraq ID: 10965
Remote: No
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10965
Summary:
IPD is reported prone to a local denial of service vulnerability. IPD installs Kernel hooks to implement system access controls. It is reported that some of these hooks do not properly validate data that is passed as arguments to hooked functions. As a result, a local attacker may trigger a denial of service.
21. Merak Mail Server Webmail Multiple Vulnerabilities
BugTraq ID: 10966
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10966
Summary:
The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities.
The vulnerabilities reported are:
- Multiple cross-site scripting vulnerabilities
- An HTML injection vulnerability
- A PHP source code disclosure vulnerability
- An SQL injection vulnerability
These vulnerabilities are reported to exist in versions prior to 7.5.2.
22. TNFTPD Multiple Signal Handler Remote Superuser Compromise V...
BugTraq ID: 10967
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10967
Summary:
It is reported that TNFTPD is susceptible to multiple remote superuser compromise vulnerabilities. These vulnerabilities are all derived from improper signal handler operations. Signals can be delivered to the vulnerable FTPD by a remote attacker via out-of-band TCP data (OOB).
These vulnerabilities may allow an anonymous remote attacker to gain superuser privileges on computer hosting the affected software.
TNFTPD versions prior to 10 Aug 2004 are reported vulnerable. All versions of Lukemftpd are reported vulnerable. NetBSD version 1.6.2 and prior, NetBSD-2.0 prior to 15 Aug 2004, as well as NetBSD-current prior to 10 Aug 2004 are reported vulnerable as well.
23. Gallery Remote Server-Side Script Execution Vulnerability
BugTraq ID: 10968
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10968
Summary:
A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the 'set_time_limit' function.
The issue presents itself becuase the 'set_time_limit' function forces the application to wait for 30-seconds before the verification and discarding of non-image files takes place. This allows for a window of opportunity for an attacker to execute a malicious script on a server.
Gallery 1.4.4 is reported prone to this issue, however, other versions may be affected as well.
24. MySQL Mysqlhotcopy Script Insecure Temporary File Creation V...
BugTraq ID: 10969
Remote: No
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10969
Summary:
mysqlhotcopy is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames. This issue presents itself when the 'scp' method is used with the script.
A local attacker may also possibly exploit this vulnerability to execute symbolic link file overwrite attacks.
It was confirmed that this issue exists in mysqlhotcopy shipped with MySQL 3.23.49 and 4.0.20. Other versions of MySQL are likely to be affected as well. This BID will be updated as more information becomes available.
25. Anton Raharja PlaySMS Valid Function SQL Injection Vulnerabi...
BugTraq ID: 10970
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10970
Summary:
An SQL injection vulnerability is identified in the application that may allow attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. This vulnerability exists due to insufficient sanitization of user-supplied input.
Specifically, user-supplied data from cookies is used in SQL queries without sanitization. This may allow a remote user to inject arbitrary SQL queries into the underlying database used by the application.
This issue is reported to exist in PlaySMS versions 0.7 and prior.
26. Cisco IOS OSPF Remote Denial Of Service Vulnerability
BugTraq ID: 10971
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10971
Summary:
Cisco IOS is reported prone to a remote denial of service vulnerability.
It is reported that the vulnerability manifests when a malformed Open Shortest Path First (OSPF) packet is handled by the vulnerable router.
A remote attacker may exploit this condition in multiple routers that reside on the same network segment as the attacker, to trigger a device reset. The attacker may continuously transmit malicious OSPF packets to the target routers in order to effectively deny network services to legitimate hosts.
27. Microsoft Internet Explorer Drag And Drop File Installation ...
BugTraq ID: 10973
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10973
Summary:
Microsoft Internet Explorer is reported prone to a vulnerability that may allow unauthorized installation of malicious executables. It is reported that drag and drop along with browser style functionality may be employed by an attacker to install a file into the startup folder on a victim's computer with some degree of user interaction.
An attacker may exploit this vulnerability to influence a target victim into unknowingly installing software on a target system. Since the malicious executable is placed in the startup folder, it will run when the system is restarted.
28. PHP-Fusion Database Backup Information Disclosure Vulnerabil...
BugTraq ID: 10974
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10974
Summary:
It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from the server. Authentication would not be required.
A remote attacker may exploit this vulnerability to download the full contents of the application database. The backup includes user information and password hashes. This information could then be used in further attacks against the application. Furthermore, since the database uses the MD5 hash of passwords for authentication, and the authentication cookie directly includes both the username and the MD5 password hash, an attacker would not need to bruteforce the retrieved password hashes.
Version 4.00 was reported vulnerable. Other versions are also likely affected.
Update:
This issue is being retired due to the fact that this is not a vulnerability in the application. Configuring the Web server to restrict access to sensitive files can prevent this problem.
29. GYach Enhanced Multiple Undisclosed Vulnerabilities
BugTraq ID: 10975
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10975
Summary:
GYach is reported prone to multiple undisclosed vulnerabilities. One of the flaws reported is a denial of service vulnerability. Few details are known in regard to the other reported issues.
A remote attacker may exploit these vulnerabilities to deny service to the vulnerable client, other types of security compromise may also be possible.
Details regarding these vulnerabilities are not available. This BID will be updated as further information regarding these vulnerabilities is announced.
30. Courier-IMAP Remote Format String Vulnerability
BugTraq ID: 10976
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10976
Summary:
Courier-IMAP is reported to be susceptible to a remote format string vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it as the format specifier in a formatted printing function.
Successful exploitation of this issue will allow an attacker to execute arbitrary code on the affected computer with the privileges of the user that the IMAP daemon runs as. This vulnerability is exploitable prior to authentication.
Courier-IMAP versions 1.6.0 through to 2.2.1 are reported vulnerable. Other versions may also be vulnerable.
31. Multiple Qt Image Handling Heap Overflow Vulnerabilities
BugTraq ID: 10977
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10977
Summary:
Multiple heap overflows have been reported to exist in the Qt QImage library. These issues may be triggered when handling malformed images of various types, potentially causing a denial of service in applications that use the library to render images. Remote code execution is also possible.
32. Microsoft Internet Explorer MHTML Content-Location Cross Sec...
BugTraq ID: 10979
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10979
Summary:
Microsoft Internet Explorer is reported prone to a cross security domain scripting vulnerability. The issue is reported to present itself when a malicious MHTML file is rendered.
A proof of concept for this issue employs Content-Location attributes in a MHTML file that are sufficient to trick Internet Explorer into executing script contained in the MHTML file in the intra-net security Zone.
This issue is reported to affect Microsoft Internet Explorer when it is installed on a computer that is running Microsoft Windows XP Service Pack 2.
This BID will be updated as further analysis of this vulnerability is completed.
33. Microsoft NTP Time Synchronization Spoof Weakness
BugTraq ID: 10980
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10980
Summary:
It is reported that the NTP implementation in Microsoft operating systems is vulnerable to time spoofing attacks.
An attacker may be able to alter the time on the domain controller, causing the entire domain to synchronize with the attacker specified time in Windows 2000 operating systems. With Windows XP and 2003 operating systems, an attacker may be able to create very large differences between server and workstation times.
This weakness may allow an attacker to deny service to legitimate users, as correct time is required for many operations, including domain authentication, X.509 certificate expiration times. Other attacks may also be possible.
This weakness is reported to exist in all versions of Microsoft operating systems that include Active Directory support.
34. MySQL Mysql_real_connect Function Potential Remote Buffer Ov...
BugTraq ID: 10981
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10981
Summary:
MySQL is prone to a potential remote buffer overflow vulnerability. This issue occurs due to insufficient boundary checks performed by the 'mysql_real_connect' function.
The 'mysql_real_connect' function does not verify the length of the IP address returned through a DNS response from a server. Immediate consequences of an attack may result in a denial of service condition. It is conjectured that this issue could allow for arbitrary code execution, however, this has not been confirmed.
It is also reported that the glibc library verifies the length of an IP address, however, other libraries may obtain the length from a DNS response packet. Computers using glibc on Linux and BSD platforms may not be vulnerable to this issue.
35. Zixforum ZixForum.mdb Database Disclosure Vulnerability
BugTraq ID: 10982
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10982
Summary:
Zixforum is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file ''ZixForum.mdb' and gain access to sensitive information including unencrypted authentication credentials.
All versions of Zixforum are considered vulnerable to this issue.
This issue is being retired due to the fact that this is not a vulnerability in the application. Configuring the Web server to restrict access to sensitive files can prevent this problem.
36. Working Resources BadBlue Webserver Denial Of Service Vulner...
BugTraq ID: 10983
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10983
Summary:
Working Resources BadBlue Webserver is intended to share various resources and is developed for Microsoft Windows environments.
It is reported that BadBlue Webserver is susceptible to a denial of service vulnerability.
This vulnerability allows an attacker to deny service to legitimate users, by causing the web server to deny all incoming HTTP requests.
Version 2.5 of the BadBlue Webserver is reportedly affected by this vulnerability. Other versions may also be affected.
37. British National Corpus SARA Remote Buffer Overflow Vulnerab...
BugTraq ID: 10984
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10984
Summary:
sarad is reported prone to a buffer overflow vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data.
A remote attacker can trigger the overflow condition by supplying a large string value to the application. Arbitrary code execution is possible in the context of the server.
In addition to this issue, it is reported that various other instances of potential buffer overflow and format string vulnerabilities exist throughout the application. These issues exist due to the use of strcpy() and sprintf functions. This BID will be updated upon further analysis.
38. XV Multiple Buffer Overflow and Integer Handling Vulnerabili...
BugTraq ID: 10985
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10985
Summary:
xv is an image manipulation utility for the X Window System.
xv is reported prone to multiple buffer overflow and integer overflow vulnerabilities. The following issues are reported:
A stack based buffer overflow exists in the 'xvbmp.c' source file. It is reported that a user-supplied value is employed to iterate a loop that copies data into a finite stack based buffer.
Multiple heap overflow vulnerabilities are reported to exist in the 'xviris.c' source file. The vulnerabilities are reported to exist due to integer handling problems. It is reported that an attacker may supply an integer value that is employed as a value during heap based memory allocation; this value may cause the allocation of an insufficient chunk of memory.
A heap overflow vulnerability is reported to exist in the 'xvpcx.c' source file. The vulnerability is reported to exist due to integer handling problems. It is reported that an attacker may supply an integer value that is employed as a value during heap based memory allocation; this value may cause the allocation of an insufficient chunk of memory.
An additional heap overflow vulnerability is reported to exist in the 'xvpm.c' source file. The vulnerability is again reported to exist due to integer handling problems. It is reported that an attacker may supply an integer value that is employed as a value during heap based memory allocation; this value may cause the allocation of an insufficient chunk of memory.
39. Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' ...
BugTraq ID: 10986
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10986
Summary:
It is reported that MySQL Backup Pro contains an undisclosed vulnerability in its getbackup() function.
This vulnerability may allow an attacker to retrieve potentially sensitive files, aiding them in further compromise.
This BID will be updated as further information is disclosed.
Versions prior to 1.0.8-pre1 are reported vulnerable.
40. Zone Labs ZoneAlarm/ZoneAlarm Pro Weak Default Permissions V...
BugTraq ID: 10987
Remote: No
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10987
Summary:
It is reported that ZoneLabs ZoneAlarm/ZoneAlarm Pro is affected by a weak default permissions vulnerability. It is reported that the folder used to store log and configuration files by ZoneAlarm is installed with weak permissions.
An attacker with local interactive access to a system may delete log entries to hide potentially malicious activities; other attacks may also be possible.
41. Nihuo Web Log Analyzer HTML Injection Vulnerability
BugTraq ID: 10988
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10988
Summary:
An HTML injection vulnerability is reported in Nihuo Web Log Analyzer. The problem occurs due to a lack of proper sanitization of user-supplied input data.
Attackers may potentially exploit this issue to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.
Version 1.6 was reported vulnerable to this issue. Other versions may also be affected.
42. aGSM Half-Life Server Info Response Buffer Overflow Vulnerab...
BugTraq ID: 10989
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10989
Summary:
aGSM is reported prone to a remote buffer overflow vulnerability. The issue presents itself in the aGSM server information parsing routines for Half-Life game servers. Due to a lack of sufficient bounds checking performed on the hostname parameter in a server reply to an info request, a malicious server may execute arbitrary code on an affected client.
It should be noted that although aGSM version 2.35c is reported prone to this vulnerability, other versions might also be affected.
43. Inter7 Vpopmail Multiple SQL Injection Vulnerabilities
BugTraq ID: 10990
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10990
Summary:
Vpopmail is reportedly susceptible to SQL injection vulnerabilities. This issue is due to a failure of the application to properly sanitize user-supplied input data before using it in an SQL query.
Vpopmail is only vulnerable if SQL servers are utilized by the application. Sites using the 'cdb' backend for data storage are not affected.
Successful exploitation could result in compromise of the application, disclosure or modification of data or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Vpopmail is reported vulnerable in versions prior to 5.4.6.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. South Pole 'cyberterrorist' hack wasn't the first
By: Kevin Poulsen
Internal reports show that Romanian cyber extortionists weren't the first to penetrate the South Pole Research Station, and cast doubt on a U.S. claim that life support systems were compromised in the attack.
http://www.securityfocus.com/news/9356
2. Sluggish movement on power grid cyber security
By: Kevin Poulsen
Industry cyber security standards fail to reach some of the most vulnerable components of the power grid.
http://www.securityfocus.com/news/9328
3. U.S. tackles Emergency Alert System insecurity
By: Kevin Poulsen
The FCC acknowledges that the government-mandated network that lets officials interrupt radio and television broadcasts in an emergency is vulnerable to electronic tampering.
http://www.securityfocus.com/news/9324
4. Windows Upgrade Causing Campus Headaches
By: Brian Krebs, Washington Post
Microsoft Corp.'s decision to release a major upgrade for its flagship operating system in the same month that hundreds of thousands of students are
reporting to college campuses across the nation is causing a major headache for the higher education community.
http://www.securityfocus.com/news/9378
5. Meet the Peeping Tom worm
By: John Leyden, The Register
A worm that has the capability to using webcams to spy on users is circulating across the Net.
http://www.securityfocus.com/news/9377
6. Slow-moving lawsuits over music downloads producing court tw...
By: Ted Bridis, The Associated Press
http://www.securityfocus.com/news/9374
IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. OpenSSH 3.9p1
By: OpenBSD Project
Relevant URL: http://www.openssh.com/
Platforms: UNIX
Summary:
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
2. K-MAC 1.0.0.4
By: M. Neset KABAKLI
Relevant URL: http://www.neset.com
Platforms: Windows 2000, Windows NT, Windows XP
Summary:
K-MAC is an ethernet MAC address changer for Windows. It's very useful for dealing with MAC filters and other MAC based controls.
Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for everyone to use.
4. Honeynet Security Console 1.1.1
By: Activeworx, Inc.
Relevant URL: http://www.activeworx.org
Platforms: Windows 2000, Windows XP
Summary:
Honeynet Security Console is an analysis tool to view events on your personal honeynet. It gives you the power to view events from Snort, TCPDump, Firewall, Syslog and Sebek logs. It also allows you to correlate events from each of these data types to have a full grasp of the attackers' actions.
5. Pads 1.1
By: Matt Shelton
Relevant URL: http://freshmeat.net/projects/pads/?branch_id=52504&release_id=169973
Platforms: Linux
Summary:
Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.
6. IDS Policy Manager v1.4.1
By: ActiveWorx
Relevant URL: http://www.activeworx.com/idspm/
Platforms: Windows 2000, Windows XP
Summary:
IDS Policy Manager - is a powerful way to modify the snort configuration and rule files. Some key features are: Graphical interface for easily manageability of snort rule and configuration files - Merge new official snort rules into existing rule files - Merge Whitehat (arachNIDS) rules into existing rule files - Make quick changes to snort rules - Easy to manage multiple sensors with multiple policy files - Upload policy files via FTP or SCP - Full support for all Snort 1.8 Preprocessors - Full support for all Snort 1.8 output processors - Easy to learn more information about a signature from popular databases such as - - - CVE, BugTraq, Mcafee, arachNIDS and custom URL's - Add rules easily by line, multiple lines or make your own custom signatures
V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Forensics Engineer, London or Edinburgh, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372758
2. [SJ-JOB] Sr. Security Engineer, Capital Federal, AR (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372719
3. [SJ-JOB] Sr. Product Manager, Herndon, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372715
4. [SJ-JOB] Security Architect, Rancho Cordova, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372694
5. [SJ-JOB] Account Manager, Annapolis Junction, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372688
6. [SJ-JOB] Security Consultant, Boston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372685
7. [SJ-JOB] Manager, Information Security, Reston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372683
8. [SJ-JOB] Security Engineer, Rancho Cordova, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372681
9. [SJ-JOB] Security System Administrator, Frazer, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372679
10. [SJ-JOB] Information Assurance Analyst, Washington D... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372676
11. [SJ-JOB] Security Auditor, Barcelona, ES (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372672
12. [SJ-JOB] CHECK Team Leader, London or Edinburgh, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372671
13. [SJ-JOB] Management, Islandia, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372669
14. [SJ-JOB] Account Manager, Arlington, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372665
15. [SJ-JOB] Sales Engineer, Atlanta, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372664
16. [SJ-JOB] Sales Engineer, Toronto, CA (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372663
17. [SJ-JOB] Developer, Arlington, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372656
18. [SJ-JOB] Jr. Security Analyst, Oklahoma City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372464
19. [SJ-JOB] Sales Engineer, Boston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372462
20. [SJ-JOB] Account Manager, San Rafael, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372460
21. [SJ-JOB] Sr. Product Manager, San Jose, US (Thread)
Relevant URL:
81. [SJ-JOB] Security Consultant, Kirkland, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371982
82. [SJ-JOB] Sales Engineer, New York City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371978
83. [SJ-JOB] Security Engineer, Ft. Lauderdale, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371971
84. [SJ-JOB] Security Consultant, Milton, CA (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371965
85. [SJ-JOB] Account Manager, Salt Lake City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371961
86. [SJ-JOB] Account Manager, Seattle, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371944
87. [SJ-JOB] Account Manager, Phoenix, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371938
VI. INCIDENTS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. app: protocol in Help Center and Support - allow run... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372704
2. [tool] (dum(b)ug) and ltrace for Windows (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372689
3. GADU-GADU Instant messanger - long file name (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372677
4. GADU-GADU - long file name... part 2 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372660
VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. COM+ with ASP web site on W2K3 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/372779
2. MS binary integrity baseline (Thread)
Relevant URL:
4. SecurityFocus Microsoft Newsletter #202 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/372252
IX. SUN FOCUS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
X. LINUX FOCUS LIST SUMMARY
---------------------------
1. Attempts to push spam through apache (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/372724
XI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
------------------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
http://www.securityfocus.com/rss/index.shtml
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Valuing Secure Access to Personal Information
2. Infected In Twenty Minutes
3. Using Libwhisker
II. BUGTRAQ SUMMARY
1. PHPMyWebHosting SQL Injection Vulnerability
2. Microsoft Internet Explorer Spoofed Address Bar Vulnerabilit...
3. GV Postscript and PDF Viewer Multiple Remote Buffer Overflow...
4. Yukihiro Matsumoto Ruby CGI Session Management Insecure File...
5. Adobe Acrobat/Acrobat Reader ActiveX Control URI Request Hea...
6. CuteNews 'show_archives.php' Cross-Site Scripting Vulnerabil...
7. QuiXplorer Item Parameter Directory Traversal Vulnerability
8. AWStats Rawlog Plugin Logfile Parameter Input Validation Vul...
9. Gentoo Linux Tomcat EBuild Insecure Install Permissions Vuln...
10. KDE Mcoputils Insecure Temporary File Creation Vulnerability
11. Xephyrus Java Simple Template Engine File Token Directory Tr...
12. PScript PForum User Profile HTML Injection Vulnerability
13. SpamAssassin Malformed Email Remote Denial Of Service Vulner...
14. MediaWiki Undisclosed Remote File Include Vulnerability
15. RXVT-Unicode Open File Descriptor Leakage Vulnerability
16. RaXnet Cacti Auth_Login.PHP SQL Injection Vulnerability
17. Opera Web Browser Resource Detection Weakness
18. Inter7 Vpopmail Vsybase.c Multiple Vulnerabilities
19. GNU GLibC LD_DEBUG Local Information Disclosure Vulnerabilit...
20. Pedestal Software Integrity Protection Driver Local Denial O...
21. Merak Mail Server Webmail Multiple Vulnerabilities
22. TNFTPD Multiple Signal Handler Remote Superuser Compromise V...
23. Gallery Remote Server-Side Script Execution Vulnerability
24. MySQL Mysqlhotcopy Script Insecure Temporary File Creation V...
25. Anton Raharja PlaySMS Valid Function SQL Injection Vulnerabi...
26. Cisco IOS OSPF Remote Denial Of Service Vulnerability
27. Microsoft Internet Explorer Drag And Drop File Installation ...
28. PHP-Fusion Database Backup Information Disclosure Vulnerabil...
29. GYach Enhanced Multiple Undisclosed Vulnerabilities
30. Courier-IMAP Remote Format String Vulnerability
31. Multiple Qt Image Handling Heap Overflow Vulnerabilities
32. Microsoft Internet Explorer MHTML Content-Location Cross Sec...
33. Microsoft NTP Time Synchronization Spoof Weakness
34. MySQL Mysql_real_connect Function Potential Remote Buffer Ov...
35. Zixforum ZixForum.mdb Database Disclosure Vulnerability
36. Working Resources BadBlue Webserver Denial Of Service Vulner...
37. British National Corpus SARA Remote Buffer Overflow Vulnerab...
38. XV Multiple Buffer Overflow and Integer Handling Vulnerabili...
39. Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' ...
40. Zone Labs ZoneAlarm/ZoneAlarm Pro Weak Default Permissions V...
41. Nihuo Web Log Analyzer HTML Injection Vulnerability
42. aGSM Half-Life Server Info Response Buffer Overflow Vulnerab...
43. Inter7 Vpopmail Multiple SQL Injection Vulnerabilities
III. SECURITYFOCUS NEWS ARTICLES
1. South Pole 'cyberterrorist' hack wasn't the first
2. Sluggish movement on power grid cyber security
3. U.S. tackles Emergency Alert System insecurity
4. Windows Upgrade Causing Campus Headaches
5. Meet the Peeping Tom worm
6. Slow-moving lawsuits over music downloads producing court tw...
IV. SECURITYFOCUS TOP 6 TOOLS
1. OpenSSH 3.9p1
2. K-MAC 1.0.0.4
3. Rootkit Hunter v1.1.6
4. Honeynet Security Console 1.1.1
5. Pads 1.1
6. IDS Policy Manager v1.4.1
V. SECURITYJOBS LIST SUMMARY
1. [SJ-JOB] Forensics Engineer, London or Edinburgh, GB (Thread)
2. [SJ-JOB] Sr. Security Engineer, Capital Federal, AR (Thread)
3. [SJ-JOB] Sr. Product Manager, Herndon, US (Thread)
4. [SJ-JOB] Security Architect, Rancho Cordova, US (Thread)
5. [SJ-JOB] Account Manager, Annapolis Junction, US (Thread)
6. [SJ-JOB] Security Consultant, Boston, US (Thread)
7. [SJ-JOB] Manager, Information Security, Reston, US (Thread)
8. [SJ-JOB] Security Engineer, Rancho Cordova, US (Thread)
9. [SJ-JOB] Security System Administrator, Frazer, US (Thread)
10. [SJ-JOB] Information Assurance Analyst, Washington D... (Thread)
11. [SJ-JOB] Security Auditor, Barcelona, ES (Thread)
12. [SJ-JOB] CHECK Team Leader, London or Edinburgh, GB (Thread)
13. [SJ-JOB] Management, Islandia, US (Thread)
14. [SJ-JOB] Account Manager, Arlington, US (Thread)
15. [SJ-JOB] Sales Engineer, Atlanta, US (Thread)
16. [SJ-JOB] Sales Engineer, Toronto, CA (Thread)
17. [SJ-JOB] Developer, Arlington, US (Thread)
18. [SJ-JOB] Jr. Security Analyst, Oklahoma City, US (Thread)
19. [SJ-JOB] Sales Engineer, Boston, US (Thread)
20. [SJ-JOB] Account Manager, San Rafael, US (Thread)
21. [SJ-JOB] Sr. Product Manager, San Jose, US (Thread)
22. [SJ-JOB] CHECK Team Leader, Milton Keynes, GB (Thread)
23. [SJ-JOB] Sr. Security Analyst, Seattle, US (Thread)
24. [SJ-JOB] Sales Engineer, New York, US (Thread)
25. [SJ-JOB] Application Security Engineer, London, GB (Thread)
26. [SJ-JOB] Account Manager, Atlanta, US (Thread)
27. [SJ-JOB] Account Manager, Boston, US (Thread)
28. [SJ-JOB] Sales Engineer, VA/DC area, US (Thread)
29. [SJ-JOB] Sales Engineer, Herndon, US (Thread)
30. [SJ-JOB] Manager, Information Security, London, GB (Thread)
31. [SJ-JOB] Security Engineer, Chicago, US (Thread)
32. [SJ-JOB] Security Engineer, NY, US (Thread)
33. [SJ-JOB] Account Manager, New York, US (Thread)
34. [SJ-JOB] Security Architect, Los Angeles, US (Thread)
35. [SJ-JOB] Security Engineer, Johnstown_Pa., US (Thread)
36. [SJ-JOB] Account Manager, Orange County, US (Thread)
37. [SJ-JOB] VP, Information Security, Mumbai, IN (Thread)
38. [SJ-JOB] Security Consultant, London, GB (Thread)
39. [SJ-JOB] Compliance Officer, Oklahoma City, US (Thread)
40. [SJ-JOB] VP / Dir / Mgr engineering, Mumbai, IN (Thread)
41. [SJ-JOB] Director, Computer Security, San Francisco,... (Thread)
42. [SJ-JOB] Security Consultant, Mumbai, IN (Thread)
43. [SJ-JOB] Security System Administrator, Oklahoma Cit... (Thread)
44. [SJ-JOB] Security Director, Mumbai, IN (Thread)
45. [SJ-JOB] Application Security Engineer, Newport News... (Thread)
46. [SJ-JOB] Sr. Security Analyst, Oklahoma City, US (Thread)
47. [SJ-JOB] VP of Regional Sales, Kirkland, US (Thread)
48. [SJ-JOB] Security Engineer, Bay Area, US (Thread)
49. [SJ-JOB] Sr. Security Analyst, Lincolnshire, US (Thread)
50. [SJ-JOB] Account Manager, Omaha, US (Thread)
51. [SJ-JOB] Security Consultant, Mountlake Terrace, US (Thread)
52. [SJ-JOB] Sr. Security Engineer, Mountlake Terrace, U... (Thread)
53. [SJ-JOB] Director, Information Security, Seattle, US (Thread)
54. [SJ-JOB] VP of Marketing, Oshkosh, US (Thread)
55. [SJ-JOB] Account Manager, Mumbai, IN (Thread)
56. [SJ-JOB] Application Security Engineer, Peninsula - ... (Thread)
57. [SJ-JOB] Sr. Product Manager, Fremont, US (Thread)
58. [SJ-JOB] Security Researcher, Boston, US (Thread)
59. [SJ-JOB] Sr. Security Engineer, Minneapolis, US (Thread)
60. [SJ-JOB] Manager, Information Security, Minneapolis,... (Thread)
61. [SJ-JOB] Application Security Engineer, Minneapolis,... (Thread)
62. [SJ-JOB] Security Engineer, Minneapolis, US (Thread)
63. [SJ-JOB] Sr. Security Engineer, San Marcos, US (Thread)
64. [SJ-JOB] Account Manager, Englewood, US (Thread)
65. [SJ-JOB] Account Manager, San Jose, US (Thread)
66. [SJ-JOB] Account Manager, San Francisco, US (Thread)
67. [SJ-JOB] Account Manager, New York City, US (Thread)
68. [SJ-JOB] Security Engineer, Wash_DC, US (Thread)
69. [SJ-JOB] Account Manager, Los Angeles, US (Thread)
70. [SJ-JOB] Security Engineer, new york, US (Thread)
71. [SJ-JOB] Security Researcher, Santa Clara, US (Thread)
72. [SJ-JOB] Sr. Security Engineer, Hyattesville, US (Thread)
73. [SJ-JOB] Quality Assurance, San Jose, US (Thread)
74. [SJ-JOB] Security Engineer, Westborough, US (Thread)
75. [SJ-JOB] Account Manager, Portland, US (Thread)
76. [SJ-JOB] Sales Engineer, Santa Clara, US (Thread)
77. [SJ-JOB] Security Engineer, Herndon, US (Thread)
78. [SJ-JOB] Developer, Palm Beach, US (Thread)
79. [SJ-JOB] Security Auditor, New York, US (Thread)
80. [SJ-JOB] Certification & Accreditation Engineer, Arl... (Thread)
81. [SJ-JOB] Security Consultant, Kirkland, US (Thread)
82. [SJ-JOB] Sales Engineer, New York City, US (Thread)
83. [SJ-JOB] Security Engineer, Ft. Lauderdale, US (Thread)
84. [SJ-JOB] Security Consultant, Milton, CA (Thread)
85. [SJ-JOB] Account Manager, Salt Lake City, US (Thread)
86. [SJ-JOB] Account Manager, Seattle, US (Thread)
87. [SJ-JOB] Account Manager, Phoenix, US (Thread)
VI. INCIDENTS LIST SUMMARY
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
VII. VULN-DEV RESEARCH LIST SUMMARY
1. app: protocol in Help Center and Support - allow run... (Thread)
2. [tool] (dum(b)ug) and ltrace for Windows (Thread)
3. GADU-GADU Instant messanger - long file name (Thread)
4. GADU-GADU - long file name... part 2 (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
1. COM+ with ASP web site on W2K3 (Thread)
2. MS binary integrity baseline (Thread)
3. Python Hash File Builder/Checker (Thread)
4. SecurityFocus Microsoft Newsletter #202 (Thread)
IX. SUN FOCUS LIST SUMMARY
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
X. LINUX FOCUS LIST SUMMARY
1. Attempts to push spam through apache (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Valuing Secure Access to Personal Information
By Ben Malisow
This article seeks to answer the question: is your personal data safe? Or
do you give it away during almost every transaction you make with
government or commercial entities?
http://www.securityfocus.com/infocus/1797
2. Infected In Twenty Minutes
By Scott Granneman
What normally happens within twenty minutes? That's how long your average
unprotected PC running Windows XP, fresh out of the box, will last once
it's connected to the Internet.
http://www.securityfocus.com/columnists/262
3. Using Libwhisker
By Neil Desai
This article discusses the use of Libwhisker, a PERL module which allows
for the creation of custom HTTP packets and can be used for penetration
testing various web applications.
http://www.securityfocus.com/infocus/1798
II. BUGTRAQ SUMMARY
-------------------
1. PHPMyWebHosting SQL Injection Vulnerability
BugTraq ID: 10942
Remote: Yes
Date Published: Aug 14 2004
Relevant URL: http://www.securityfocus.com/bid/10942
Summary:
It has been reported that PHPMyWebHosting is vulnerable to a SQL injection attack. The vulnerability is reportedly in the script "includes/functions/pmwh.php" and is the result of a SQL query constructed using inadequately sanitized HTML form variables. The most immediate concern is that this code appears to authenticate a remote client and does so in a way that may be trivially subverted with a vulnerability such as this one. Furthermore, as this is SQL injection, it may be possible for attackers to view or modify sensitive/confidential data in the database. It may also be possible for attackers to exploit the database server itself, potentially gaining access to the underlying host.
2. Microsoft Internet Explorer Spoofed Address Bar Vulnerabilit...
BugTraq ID: 10943
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10943
Summary:
Microsoft Internet Explorer may allow a malicious Web page to spoof the address bar of the browser. This could be used to lure Web users into a false sense of trust since a malicious or spoofed site may pose as a site that is trusted by the user. This could facilitate phishing attacks.
It may also be possible to exploit this issue through HTML email.
3. GV Postscript and PDF Viewer Multiple Remote Buffer Overflow...
BugTraq ID: 10944
Remote: Yes
Date Published: Aug 14 2004
Relevant URL: http://www.securityfocus.com/bid/10944
Summary:
gv is reported prone to multiple remote buffer overflow vulnerabilities. These issues exist due to insufficient checking performed by the application on file headers for PostScript and PDF documents.
These vulnerabilities exist in the 'psscan' function of the 'ps.c' file. The vulnerabilities include multiple stack and heap based buffer overflows. A number of the stack overflows have been specified, however, there are also a number of unspecified heap overflows.
Successful exploitation of these issues may result in an attacker executing arbitrary code on a vulnerable computer to gain unauthorized access. This would occur in the context of the vulnerable application.
It should be noted that applications such as Web browsers may use the software as an automatic handler for PostScript and PDF files.
4. Yukihiro Matsumoto Ruby CGI Session Management Insecure File...
BugTraq ID: 10946
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10946
Summary:
It is reported that Ruby is prone to an insecure file permissions vulnerability. This issue affects the CGI session management component of the application.
This issue may allow a local attacker with access to a vulnerable Web server to hijack a session.
Ruby versions prior to 1.6.7 and 1.8.1 are affected by the issue.
5. Adobe Acrobat/Acrobat Reader ActiveX Control URI Request Hea...
BugTraq ID: 10947
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10947
Summary:
Adobe Acrobat/Acrobat Reader ActiveX control (pdf.ocx) is reported prone to a heap-based buffer overrun vulnerability, the issue presents itself due to a lack of sufficient boundary checking performed on URI data of GET requests.
It is reported that Microsoft IIS and Netscape Enterprise servers employ NULL bytes as URI terminators and so these HTTP servers may be used to launch an attack.
When a malicious URI is followed, the URI is copied into heap-based memory of the affected software without sufficient boundary checks. This results in heap-based memory management chunks being trampled by attacker-supplied URI data.
Ultimately this vulnerability may be exploited by a remote attacker to execute arbitrary code in the context of the user who is running the vulnerable software.
6. CuteNews 'show_archives.php' Cross-Site Scripting Vulnerabil...
BugTraq ID: 10948
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10948
Summary:
It is reported that CuteNews is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input.
This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.
This vulnerability is reported to exist in version 1.3.1 of CuteNews. Other versions may also be affected.
7. QuiXplorer Item Parameter Directory Traversal Vulnerability
BugTraq ID: 10949
Remote: Yes
Date Published: Aug 14 2004
Relevant URL: http://www.securityfocus.com/bid/10949
Summary:
QuiXplorer is prone to a directory traversal vulnerability. The issue occurs if a remote attacker sends a request to the application for a file containing directory traversal character sequences through the 'item' parameter. If successful, the attacker can access arbitrary files on a vulnerable computer in the context of the affected server.
QuiXplorer versions 2.3 and prior are prone to this issue.
8. AWStats Rawlog Plugin Logfile Parameter Input Validation Vul...
BugTraq ID: 10950
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10950
Summary:
AWStats Rawlog Plugin is reported prone to an input validation vulnerability. The issue is reported to exist because user supplied 'logfile' URI data passed to the 'awstats.pl' script is not sanitized.
An attacker may exploit this condition to execute commands remotely or disclose contents of web server readable files.
It should be noted that although this vulnerability is reported to affect AWStats version 6.1, other versions might also be affected.
9. Gentoo Linux Tomcat EBuild Insecure Install Permissions Vuln...
BugTraq ID: 10951
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10951
Summary:
The Gentoo Linux Tomcat eBuild is reported prone to an insecure default install permission vulnerability. It is reported that certain Tomcat scripts are installed with permissions that allow members of the tomcat group to write to the file.
A local attacker that is a member of the Tomcat group may exploit this condition to escalate privileges.
10. KDE Mcoputils Insecure Temporary File Creation Vulnerability
BugTraq ID: 10952
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10952
Summary:
KDEs mcoputils is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames.
A local attacker may also possibly exploit this vulnerability to execute symbolic link file overwrite attacks. This may allow an attacker to overwrite arbitrary files with the privileges of the targeted user. Privilege escalation may also be possible using this method of attack.
11. Xephyrus Java Simple Template Engine File Token Directory Tr...
BugTraq ID: 10953
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10953
Summary:
Xephyrus Java Simple Template Engine is reported prone to a directory traversal vulnerability due to insufficient sanitization of user-supplied file-token data.
Xephyrus Java Simple Template Engine permits that files may be loaded into templates using a 'file-token'. However, 'file-token' values may be overridden by URI parameters that are specified in a request for the script that contains 'file-token' entries.
12. PScript PForum User Profile HTML Injection Vulnerability
BugTraq ID: 10954
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10954
Summary:
PScript PForum is reported prone to a HTML injection vulnerability. The vulnerability presents itself due to a lack of sufficient sanitization performed on data submitted through input fields of the PForum user profile form.
This could be exploited to steal cookie-based authentication credentials. It is also possible to use this type of vulnerability as an attack vector to exploit latent browser security flaws.
13. SpamAssassin Malformed Email Remote Denial Of Service Vulner...
BugTraq ID: 10957
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10957
Summary:
SpamAssassin is reported prone to a remote denial of service vulnerability. Full details regarding this vulnerability are not known.
A remote attacker may potentially exploit this vulnerability to deny service to a target SpamAssassin service.
SpamAssassin versions prior to 2.64 are reported vulnerable to this issue.
This BID will be updated as further details regarding this vulnerability are announced.
14. MediaWiki Undisclosed Remote File Include Vulnerability
BugTraq ID: 10958
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10958
Summary:
A new version of MediaWiki is available, addressing an undisclosed vulnerability that may allow a remote attacker to execute arbitrary code.
An attacker may be capable of causing a malicious PHP header file to be interpreted by a target system. Depending on the payload, this could potentially allow an attacker to gain unauthorized remote access to a vulnerable system.
15. RXVT-Unicode Open File Descriptor Leakage Vulnerability
BugTraq ID: 10959
Remote: No
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10959
Summary:
It is reported that RXVT-Unicode fails to properly close file descriptors when spawning new child terminal windows.
The child process could then potentially gain access to possibly sensitive information from the contents of the open file descriptors. Depending on the mode of the original file, and the privileges of the user that opened it, processes in the child window may exploit this vulnerability to take control of the parent process. Other attacks may also be possible.
An attacker requires local access to the RXVT-Unicode process window to exploit this vulnerability.
Versions prior to 3.6 are reported vulnerable to this issue.
16. RaXnet Cacti Auth_Login.PHP SQL Injection Vulnerability
BugTraq ID: 10960
Remote: Yes
Date Published: Aug 16 2004
Relevant URL: http://www.securityfocus.com/bid/10960
Summary:
RaXnet Cacti is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the auth_login.php script due to a failure of the application to properly sanitize user-supplied "username" URI parameter input before using it in an SQL query.
It is demonstrated that an attacker may exploit this vulnerability in order to bypass the authentication interface used by Cacti.
17. Opera Web Browser Resource Detection Weakness
BugTraq ID: 10961
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10961
Summary:
Opera Web Browser is prone to a security weakness that may permit an attacker to determine the existence of resources on a vulnerable computer.
An attacker can use an IFRAME that is accessible within the same domain and change its URI to the location of a file or directory. The attacker can then determine the existence of the resource by the error message returned by Opera.
This weakness can then allow the attacker to carry out other attacks against a vulnerable computer.
Opera 7.53 and prior versions running Windows, Unix, and Apple platforms are reported vulnerable to this issue.
18. Inter7 Vpopmail Vsybase.c Multiple Vulnerabilities
BugTraq ID: 10962
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10962
Summary:
vpopmail is reported prone to multiple buffer overflow and a format string vulnerability. These issues are present in the 'vsybase.c' file. These issues exist due to the use of the sprintf() function.
It is conjectured that these issues may allow an attacker to execute arbitrary code to gain unauthorized access to a vulnerable computer. At the very least a denial of service condition may result.
vpopmail versions 5.4.2 and prior are affected by these issue.
19. GNU GLibC LD_DEBUG Local Information Disclosure Vulnerabilit...
BugTraq ID: 10963
Remote: No
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10963
Summary:
A local vulnerability is reported to exist in glibc, it is reported that LD_DEBUG is allowed on setuid binaries even though this should not be allowed. A local attacker may debug a setuid binary and may disclose sensitive information.
Information harvested in this manner may be employed to aid in further attacks that are launched against a vulnerable host.
20. Pedestal Software Integrity Protection Driver Local Denial O...
BugTraq ID: 10965
Remote: No
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10965
Summary:
IPD is reported prone to a local denial of service vulnerability. IPD installs Kernel hooks to implement system access controls. It is reported that some of these hooks do not properly validate data that is passed as arguments to hooked functions. As a result, a local attacker may trigger a denial of service.
21. Merak Mail Server Webmail Multiple Vulnerabilities
BugTraq ID: 10966
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10966
Summary:
The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities.
The vulnerabilities reported are:
- Multiple cross-site scripting vulnerabilities
- An HTML injection vulnerability
- A PHP source code disclosure vulnerability
- An SQL injection vulnerability
These vulnerabilities are reported to exist in versions prior to 7.5.2.
22. TNFTPD Multiple Signal Handler Remote Superuser Compromise V...
BugTraq ID: 10967
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10967
Summary:
It is reported that TNFTPD is susceptible to multiple remote superuser compromise vulnerabilities. These vulnerabilities are all derived from improper signal handler operations. Signals can be delivered to the vulnerable FTPD by a remote attacker via out-of-band TCP data (OOB).
These vulnerabilities may allow an anonymous remote attacker to gain superuser privileges on computer hosting the affected software.
TNFTPD versions prior to 10 Aug 2004 are reported vulnerable. All versions of Lukemftpd are reported vulnerable. NetBSD version 1.6.2 and prior, NetBSD-2.0 prior to 15 Aug 2004, as well as NetBSD-current prior to 10 Aug 2004 are reported vulnerable as well.
23. Gallery Remote Server-Side Script Execution Vulnerability
BugTraq ID: 10968
Remote: Yes
Date Published: Aug 17 2004
Relevant URL: http://www.securityfocus.com/bid/10968
Summary:
A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the 'set_time_limit' function.
The issue presents itself becuase the 'set_time_limit' function forces the application to wait for 30-seconds before the verification and discarding of non-image files takes place. This allows for a window of opportunity for an attacker to execute a malicious script on a server.
Gallery 1.4.4 is reported prone to this issue, however, other versions may be affected as well.
24. MySQL Mysqlhotcopy Script Insecure Temporary File Creation V...
BugTraq ID: 10969
Remote: No
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10969
Summary:
mysqlhotcopy is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames. This issue presents itself when the 'scp' method is used with the script.
A local attacker may also possibly exploit this vulnerability to execute symbolic link file overwrite attacks.
It was confirmed that this issue exists in mysqlhotcopy shipped with MySQL 3.23.49 and 4.0.20. Other versions of MySQL are likely to be affected as well. This BID will be updated as more information becomes available.
25. Anton Raharja PlaySMS Valid Function SQL Injection Vulnerabi...
BugTraq ID: 10970
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10970
Summary:
An SQL injection vulnerability is identified in the application that may allow attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. This vulnerability exists due to insufficient sanitization of user-supplied input.
Specifically, user-supplied data from cookies is used in SQL queries without sanitization. This may allow a remote user to inject arbitrary SQL queries into the underlying database used by the application.
This issue is reported to exist in PlaySMS versions 0.7 and prior.
26. Cisco IOS OSPF Remote Denial Of Service Vulnerability
BugTraq ID: 10971
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10971
Summary:
Cisco IOS is reported prone to a remote denial of service vulnerability.
It is reported that the vulnerability manifests when a malformed Open Shortest Path First (OSPF) packet is handled by the vulnerable router.
A remote attacker may exploit this condition in multiple routers that reside on the same network segment as the attacker, to trigger a device reset. The attacker may continuously transmit malicious OSPF packets to the target routers in order to effectively deny network services to legitimate hosts.
27. Microsoft Internet Explorer Drag And Drop File Installation ...
BugTraq ID: 10973
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10973
Summary:
Microsoft Internet Explorer is reported prone to a vulnerability that may allow unauthorized installation of malicious executables. It is reported that drag and drop along with browser style functionality may be employed by an attacker to install a file into the startup folder on a victim's computer with some degree of user interaction.
An attacker may exploit this vulnerability to influence a target victim into unknowingly installing software on a target system. Since the malicious executable is placed in the startup folder, it will run when the system is restarted.
28. PHP-Fusion Database Backup Information Disclosure Vulnerabil...
BugTraq ID: 10974
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10974
Summary:
It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from the server. Authentication would not be required.
A remote attacker may exploit this vulnerability to download the full contents of the application database. The backup includes user information and password hashes. This information could then be used in further attacks against the application. Furthermore, since the database uses the MD5 hash of passwords for authentication, and the authentication cookie directly includes both the username and the MD5 password hash, an attacker would not need to bruteforce the retrieved password hashes.
Version 4.00 was reported vulnerable. Other versions are also likely affected.
Update:
This issue is being retired due to the fact that this is not a vulnerability in the application. Configuring the Web server to restrict access to sensitive files can prevent this problem.
29. GYach Enhanced Multiple Undisclosed Vulnerabilities
BugTraq ID: 10975
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10975
Summary:
GYach is reported prone to multiple undisclosed vulnerabilities. One of the flaws reported is a denial of service vulnerability. Few details are known in regard to the other reported issues.
A remote attacker may exploit these vulnerabilities to deny service to the vulnerable client, other types of security compromise may also be possible.
Details regarding these vulnerabilities are not available. This BID will be updated as further information regarding these vulnerabilities is announced.
30. Courier-IMAP Remote Format String Vulnerability
BugTraq ID: 10976
Remote: Yes
Date Published: Aug 18 2004
Relevant URL: http://www.securityfocus.com/bid/10976
Summary:
Courier-IMAP is reported to be susceptible to a remote format string vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it as the format specifier in a formatted printing function.
Successful exploitation of this issue will allow an attacker to execute arbitrary code on the affected computer with the privileges of the user that the IMAP daemon runs as. This vulnerability is exploitable prior to authentication.
Courier-IMAP versions 1.6.0 through to 2.2.1 are reported vulnerable. Other versions may also be vulnerable.
31. Multiple Qt Image Handling Heap Overflow Vulnerabilities
BugTraq ID: 10977
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10977
Summary:
Multiple heap overflows have been reported to exist in the Qt QImage library. These issues may be triggered when handling malformed images of various types, potentially causing a denial of service in applications that use the library to render images. Remote code execution is also possible.
32. Microsoft Internet Explorer MHTML Content-Location Cross Sec...
BugTraq ID: 10979
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10979
Summary:
Microsoft Internet Explorer is reported prone to a cross security domain scripting vulnerability. The issue is reported to present itself when a malicious MHTML file is rendered.
A proof of concept for this issue employs Content-Location attributes in a MHTML file that are sufficient to trick Internet Explorer into executing script contained in the MHTML file in the intra-net security Zone.
This issue is reported to affect Microsoft Internet Explorer when it is installed on a computer that is running Microsoft Windows XP Service Pack 2.
This BID will be updated as further analysis of this vulnerability is completed.
33. Microsoft NTP Time Synchronization Spoof Weakness
BugTraq ID: 10980
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10980
Summary:
It is reported that the NTP implementation in Microsoft operating systems is vulnerable to time spoofing attacks.
An attacker may be able to alter the time on the domain controller, causing the entire domain to synchronize with the attacker specified time in Windows 2000 operating systems. With Windows XP and 2003 operating systems, an attacker may be able to create very large differences between server and workstation times.
This weakness may allow an attacker to deny service to legitimate users, as correct time is required for many operations, including domain authentication, X.509 certificate expiration times. Other attacks may also be possible.
This weakness is reported to exist in all versions of Microsoft operating systems that include Active Directory support.
34. MySQL Mysql_real_connect Function Potential Remote Buffer Ov...
BugTraq ID: 10981
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10981
Summary:
MySQL is prone to a potential remote buffer overflow vulnerability. This issue occurs due to insufficient boundary checks performed by the 'mysql_real_connect' function.
The 'mysql_real_connect' function does not verify the length of the IP address returned through a DNS response from a server. Immediate consequences of an attack may result in a denial of service condition. It is conjectured that this issue could allow for arbitrary code execution, however, this has not been confirmed.
It is also reported that the glibc library verifies the length of an IP address, however, other libraries may obtain the length from a DNS response packet. Computers using glibc on Linux and BSD platforms may not be vulnerable to this issue.
35. Zixforum ZixForum.mdb Database Disclosure Vulnerability
BugTraq ID: 10982
Remote: Yes
Date Published: Aug 19 2004
Relevant URL: http://www.securityfocus.com/bid/10982
Summary:
Zixforum is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file ''ZixForum.mdb' and gain access to sensitive information including unencrypted authentication credentials.
All versions of Zixforum are considered vulnerable to this issue.
This issue is being retired due to the fact that this is not a vulnerability in the application. Configuring the Web server to restrict access to sensitive files can prevent this problem.
36. Working Resources BadBlue Webserver Denial Of Service Vulner...
BugTraq ID: 10983
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10983
Summary:
Working Resources BadBlue Webserver is intended to share various resources and is developed for Microsoft Windows environments.
It is reported that BadBlue Webserver is susceptible to a denial of service vulnerability.
This vulnerability allows an attacker to deny service to legitimate users, by causing the web server to deny all incoming HTTP requests.
Version 2.5 of the BadBlue Webserver is reportedly affected by this vulnerability. Other versions may also be affected.
37. British National Corpus SARA Remote Buffer Overflow Vulnerab...
BugTraq ID: 10984
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10984
Summary:
sarad is reported prone to a buffer overflow vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data.
A remote attacker can trigger the overflow condition by supplying a large string value to the application. Arbitrary code execution is possible in the context of the server.
In addition to this issue, it is reported that various other instances of potential buffer overflow and format string vulnerabilities exist throughout the application. These issues exist due to the use of strcpy() and sprintf functions. This BID will be updated upon further analysis.
38. XV Multiple Buffer Overflow and Integer Handling Vulnerabili...
BugTraq ID: 10985
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10985
Summary:
xv is an image manipulation utility for the X Window System.
xv is reported prone to multiple buffer overflow and integer overflow vulnerabilities. The following issues are reported:
A stack based buffer overflow exists in the 'xvbmp.c' source file. It is reported that a user-supplied value is employed to iterate a loop that copies data into a finite stack based buffer.
Multiple heap overflow vulnerabilities are reported to exist in the 'xviris.c' source file. The vulnerabilities are reported to exist due to integer handling problems. It is reported that an attacker may supply an integer value that is employed as a value during heap based memory allocation; this value may cause the allocation of an insufficient chunk of memory.
A heap overflow vulnerability is reported to exist in the 'xvpcx.c' source file. The vulnerability is reported to exist due to integer handling problems. It is reported that an attacker may supply an integer value that is employed as a value during heap based memory allocation; this value may cause the allocation of an insufficient chunk of memory.
An additional heap overflow vulnerability is reported to exist in the 'xvpm.c' source file. The vulnerability is again reported to exist due to integer handling problems. It is reported that an attacker may supply an integer value that is employed as a value during heap based memory allocation; this value may cause the allocation of an insufficient chunk of memory.
39. Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' ...
BugTraq ID: 10986
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10986
Summary:
It is reported that MySQL Backup Pro contains an undisclosed vulnerability in its getbackup() function.
This vulnerability may allow an attacker to retrieve potentially sensitive files, aiding them in further compromise.
This BID will be updated as further information is disclosed.
Versions prior to 1.0.8-pre1 are reported vulnerable.
40. Zone Labs ZoneAlarm/ZoneAlarm Pro Weak Default Permissions V...
BugTraq ID: 10987
Remote: No
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10987
Summary:
It is reported that ZoneLabs ZoneAlarm/ZoneAlarm Pro is affected by a weak default permissions vulnerability. It is reported that the folder used to store log and configuration files by ZoneAlarm is installed with weak permissions.
An attacker with local interactive access to a system may delete log entries to hide potentially malicious activities; other attacks may also be possible.
41. Nihuo Web Log Analyzer HTML Injection Vulnerability
BugTraq ID: 10988
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10988
Summary:
An HTML injection vulnerability is reported in Nihuo Web Log Analyzer. The problem occurs due to a lack of proper sanitization of user-supplied input data.
Attackers may potentially exploit this issue to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.
Version 1.6 was reported vulnerable to this issue. Other versions may also be affected.
42. aGSM Half-Life Server Info Response Buffer Overflow Vulnerab...
BugTraq ID: 10989
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10989
Summary:
aGSM is reported prone to a remote buffer overflow vulnerability. The issue presents itself in the aGSM server information parsing routines for Half-Life game servers. Due to a lack of sufficient bounds checking performed on the hostname parameter in a server reply to an info request, a malicious server may execute arbitrary code on an affected client.
It should be noted that although aGSM version 2.35c is reported prone to this vulnerability, other versions might also be affected.
43. Inter7 Vpopmail Multiple SQL Injection Vulnerabilities
BugTraq ID: 10990
Remote: Yes
Date Published: Aug 20 2004
Relevant URL: http://www.securityfocus.com/bid/10990
Summary:
Vpopmail is reportedly susceptible to SQL injection vulnerabilities. This issue is due to a failure of the application to properly sanitize user-supplied input data before using it in an SQL query.
Vpopmail is only vulnerable if SQL servers are utilized by the application. Sites using the 'cdb' backend for data storage are not affected.
Successful exploitation could result in compromise of the application, disclosure or modification of data or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Vpopmail is reported vulnerable in versions prior to 5.4.6.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. South Pole 'cyberterrorist' hack wasn't the first
By: Kevin Poulsen
Internal reports show that Romanian cyber extortionists weren't the first to penetrate the South Pole Research Station, and cast doubt on a U.S. claim that life support systems were compromised in the attack.
http://www.securityfocus.com/news/9356
2. Sluggish movement on power grid cyber security
By: Kevin Poulsen
Industry cyber security standards fail to reach some of the most vulnerable components of the power grid.
http://www.securityfocus.com/news/9328
3. U.S. tackles Emergency Alert System insecurity
By: Kevin Poulsen
The FCC acknowledges that the government-mandated network that lets officials interrupt radio and television broadcasts in an emergency is vulnerable to electronic tampering.
http://www.securityfocus.com/news/9324
4. Windows Upgrade Causing Campus Headaches
By: Brian Krebs, Washington Post
Microsoft Corp.'s decision to release a major upgrade for its flagship operating system in the same month that hundreds of thousands of students are
reporting to college campuses across the nation is causing a major headache for the higher education community.
http://www.securityfocus.com/news/9378
5. Meet the Peeping Tom worm
By: John Leyden, The Register
A worm that has the capability to using webcams to spy on users is circulating across the Net.
http://www.securityfocus.com/news/9377
6. Slow-moving lawsuits over music downloads producing court tw...
By: Ted Bridis, The Associated Press
http://www.securityfocus.com/news/9374
IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. OpenSSH 3.9p1
By: OpenBSD Project
Relevant URL: http://www.openssh.com/
Platforms: UNIX
Summary:
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
2. K-MAC 1.0.0.4
By: M. Neset KABAKLI
Relevant URL: http://www.neset.com
Platforms: Windows 2000, Windows NT, Windows XP
Summary:
K-MAC is an ethernet MAC address changer for Windows. It's very useful for dealing with MAC filters and other MAC based controls.
3. Rootkit Hunter v1.1.6
By: M. Boelen
Relevant URL: http://www.rootkit.nl/
Platforms: UNIX
Summary:
Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for everyone to use.
4. Honeynet Security Console 1.1.1
By: Activeworx, Inc.
Relevant URL: http://www.activeworx.org
Platforms: Windows 2000, Windows XP
Summary:
Honeynet Security Console is an analysis tool to view events on your personal honeynet. It gives you the power to view events from Snort, TCPDump, Firewall, Syslog and Sebek logs. It also allows you to correlate events from each of these data types to have a full grasp of the attackers' actions.
5. Pads 1.1
By: Matt Shelton
Relevant URL: http://freshmeat.net/projects/pads/?branch_id=52504&release_id=169973
Platforms: Linux
Summary:
Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.
6. IDS Policy Manager v1.4.1
By: ActiveWorx
Relevant URL: http://www.activeworx.com/idspm/
Platforms: Windows 2000, Windows XP
Summary:
IDS Policy Manager - is a powerful way to modify the snort configuration and rule files. Some key features are: Graphical interface for easily manageability of snort rule and configuration files - Merge new official snort rules into existing rule files - Merge Whitehat (arachNIDS) rules into existing rule files - Make quick changes to snort rules - Easy to manage multiple sensors with multiple policy files - Upload policy files via FTP or SCP - Full support for all Snort 1.8 Preprocessors - Full support for all Snort 1.8 output processors - Easy to learn more information about a signature from popular databases such as - - - CVE, BugTraq, Mcafee, arachNIDS and custom URL's - Add rules easily by line, multiple lines or make your own custom signatures
V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Forensics Engineer, London or Edinburgh, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372758
2. [SJ-JOB] Sr. Security Engineer, Capital Federal, AR (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372719
3. [SJ-JOB] Sr. Product Manager, Herndon, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372715
4. [SJ-JOB] Security Architect, Rancho Cordova, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372694
5. [SJ-JOB] Account Manager, Annapolis Junction, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372688
6. [SJ-JOB] Security Consultant, Boston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372685
7. [SJ-JOB] Manager, Information Security, Reston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372683
8. [SJ-JOB] Security Engineer, Rancho Cordova, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372681
9. [SJ-JOB] Security System Administrator, Frazer, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372679
10. [SJ-JOB] Information Assurance Analyst, Washington D... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372676
11. [SJ-JOB] Security Auditor, Barcelona, ES (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372672
12. [SJ-JOB] CHECK Team Leader, London or Edinburgh, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372671
13. [SJ-JOB] Management, Islandia, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372669
14. [SJ-JOB] Account Manager, Arlington, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372665
15. [SJ-JOB] Sales Engineer, Atlanta, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372664
16. [SJ-JOB] Sales Engineer, Toronto, CA (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372663
17. [SJ-JOB] Developer, Arlington, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372656
18. [SJ-JOB] Jr. Security Analyst, Oklahoma City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372464
19. [SJ-JOB] Sales Engineer, Boston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372462
20. [SJ-JOB] Account Manager, San Rafael, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372460
21. [SJ-JOB] Sr. Product Manager, San Jose, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372457
22. [SJ-JOB] CHECK Team Leader, Milton Keynes, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372451
23. [SJ-JOB] Sr. Security Analyst, Seattle, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372450
24. [SJ-JOB] Sales Engineer, New York, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372444
25. [SJ-JOB] Application Security Engineer, London, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372436
26. [SJ-JOB] Account Manager, Atlanta, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372429
27. [SJ-JOB] Account Manager, Boston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372424
28. [SJ-JOB] Sales Engineer, VA/DC area, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372422
29. [SJ-JOB] Sales Engineer, Herndon, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372416
30. [SJ-JOB] Manager, Information Security, London, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372414
31. [SJ-JOB] Security Engineer, Chicago, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372401
32. [SJ-JOB] Security Engineer, NY, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372384
33. [SJ-JOB] Account Manager, New York, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372371
34. [SJ-JOB] Security Architect, Los Angeles, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372369
35. [SJ-JOB] Security Engineer, Johnstown_Pa., US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372368
36. [SJ-JOB] Account Manager, Orange County, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372363
37. [SJ-JOB] VP, Information Security, Mumbai, IN (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372355
38. [SJ-JOB] Security Consultant, London, GB (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372292
39. [SJ-JOB] Compliance Officer, Oklahoma City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372290
40. [SJ-JOB] VP / Dir / Mgr engineering, Mumbai, IN (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372283
41. [SJ-JOB] Director, Computer Security, San Francisco,... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372268
42. [SJ-JOB] Security Consultant, Mumbai, IN (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372259
43. [SJ-JOB] Security System Administrator, Oklahoma Cit... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372251
44. [SJ-JOB] Security Director, Mumbai, IN (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372249
45. [SJ-JOB] Application Security Engineer, Newport News... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372245
46. [SJ-JOB] Sr. Security Analyst, Oklahoma City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372239
47. [SJ-JOB] VP of Regional Sales, Kirkland, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372216
48. [SJ-JOB] Security Engineer, Bay Area, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372213
49. [SJ-JOB] Sr. Security Analyst, Lincolnshire, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372212
50. [SJ-JOB] Account Manager, Omaha, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372210
51. [SJ-JOB] Security Consultant, Mountlake Terrace, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372206
52. [SJ-JOB] Sr. Security Engineer, Mountlake Terrace, U... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372200
53. [SJ-JOB] Director, Information Security, Seattle, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372198
54. [SJ-JOB] VP of Marketing, Oshkosh, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372196
55. [SJ-JOB] Account Manager, Mumbai, IN (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372192
56. [SJ-JOB] Application Security Engineer, Peninsula - ... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372187
57. [SJ-JOB] Sr. Product Manager, Fremont, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372180
58. [SJ-JOB] Security Researcher, Boston, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372179
59. [SJ-JOB] Sr. Security Engineer, Minneapolis, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372176
60. [SJ-JOB] Manager, Information Security, Minneapolis,... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372171
61. [SJ-JOB] Application Security Engineer, Minneapolis,... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372168
62. [SJ-JOB] Security Engineer, Minneapolis, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372154
63. [SJ-JOB] Sr. Security Engineer, San Marcos, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372142
64. [SJ-JOB] Account Manager, Englewood, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372132
65. [SJ-JOB] Account Manager, San Jose, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372131
66. [SJ-JOB] Account Manager, San Francisco, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372129
67. [SJ-JOB] Account Manager, New York City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372118
68. [SJ-JOB] Security Engineer, Wash_DC, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372105
69. [SJ-JOB] Account Manager, Los Angeles, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372088
70. [SJ-JOB] Security Engineer, new york, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372058
71. [SJ-JOB] Security Researcher, Santa Clara, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372049
72. [SJ-JOB] Sr. Security Engineer, Hyattesville, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372024
73. [SJ-JOB] Quality Assurance, San Jose, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372018
74. [SJ-JOB] Security Engineer, Westborough, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372013
75. [SJ-JOB] Account Manager, Portland, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/372009
76. [SJ-JOB] Sales Engineer, Santa Clara, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371988
77. [SJ-JOB] Security Engineer, Herndon, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371987
78. [SJ-JOB] Developer, Palm Beach, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371986
79. [SJ-JOB] Security Auditor, New York, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371984
80. [SJ-JOB] Certification & Accreditation Engineer, Arl... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371983
81. [SJ-JOB] Security Consultant, Kirkland, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371982
82. [SJ-JOB] Sales Engineer, New York City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371978
83. [SJ-JOB] Security Engineer, Ft. Lauderdale, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371971
84. [SJ-JOB] Security Consultant, Milton, CA (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371965
85. [SJ-JOB] Account Manager, Salt Lake City, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371961
86. [SJ-JOB] Account Manager, Seattle, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371944
87. [SJ-JOB] Account Manager, Phoenix, US (Thread)
Relevant URL:
http://www.securityfocus.com/archive/77/371938
VI. INCIDENTS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. app: protocol in Help Center and Support - allow run... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372704
2. [tool] (dum(b)ug) and ltrace for Windows (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372689
3. GADU-GADU Instant messanger - long file name (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372677
4. GADU-GADU - long file name... part 2 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/82/372660
VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. COM+ with ASP web site on W2K3 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/372779
2. MS binary integrity baseline (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/372594
3. Python Hash File Builder/Checker (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/372423
4. SecurityFocus Microsoft Newsletter #202 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/372252
IX. SUN FOCUS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2004-08-17 to 2004-08-24.
X. LINUX FOCUS LIST SUMMARY
---------------------------
1. Attempts to push spam through apache (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/372724
XI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
http://www.securityfocus.com/rss/index.shtml
------------------------------------------------------------------------
[ reply ]