Attend the Black Hat Briefings & Training USA, July 23-28, 2005 in Las
Vegas. World renowned security experts reveal tomorrow.s threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 29 hands-on training courses and 10 conference tracks, networking opportunities with over 2,000 delegates from 30+ nations.
------------------------------------------------------------------
I. FRONT AND CENTER
1. Where's the threat?
2. Software Firewalls: Made of Straw? Part 2 of 2
II. BUGTRAQ SUMMARY
1. Heimdal TelnetD Remote Buffer Overflow Vulnerability
2. Edgewall Software Trac Unauthorized File Upload/Download Vulnerability
3. Uapplication Ublog Reload Multiple SQL Injection Vulnerabilities
4. Cisco VPN Concentrator Groupname Enumeration Weakness
5. Todd Miller Sudo Local Race Condition Vulnerability
6. Uapplication Ublog Reload Trackback.ASP Cross-Site Scripting Vulnerability
7. RealVNC Server Remote Information Disclosure Vulnerability
8. cPanel User Parameter Cross-Site Scripting Vulnerability
9. Novell GroupWise GrpWise.EXE Authentication Credentials Persistence Weakness
10. PAFaq Database Unauthorized Access Vulnerability
11. I-Gallery Folder Argument Directory Traversal Vulnerability
12. PAFaq Question Cross-Site Scripting Vulnerability
13. I-Gallery Folder Argument Cross-Site Scripting Vulnerability
14. PAFaq Administrator Username SQL Injection Vulnerability
15. Fortibus CMS Multiple SQL Injection Vulnerabilities
16. Novell NetMail Patch Packaging Insecure File Permissions Vulnerability
17. NanoBlogger Arbitrary Command Execution Vulnerability
18. Microsoft Internet Explorer Dialog Box Origin Spoofing Vulnerability
19. Mozilla/Firefox Browsers Dialog Box Origin Spoofing Vulnerability
20. Opera Web Browser Dialog Box Origin Spoofing Vulnerability
21. ICab Web Browser Dialog Box Origin Spoofing Vulnerability
22. Apple Safari Dialog Box Origin Spoofing Vulnerability
23. Avant Browser Dialog Box Origin Spoofing Vulnerability
24. Enterasys Networks Vertical Horizon Default Backdoor Account Vulnerability
25. MercuryBoard Index.PHP Remote SQL Injection Vulnerability
26. Yukihiro Matsumoto Ruby XMLRPC Server Unspecified Command Execution Vulnerability
27. Enterasys Networks Vertical Horizon Remote Denial Of Service Vulnerability
28. Veritas Backup Exec/NetBackup Request Packet Denial Of Service Vulnerability
29. Veritas Backup Exec Server Remote Registry Access Vulnerability
30. Veritas Backup Exec Remote Agent Null Pointer Dereference Denial Of Service Vulnerability
31. Veritas Backup Exec Remote Agent for Windows Servers Authentication Buffer Overflow Vulnerability
32. Veritas Backup Exec Admin Plus Pack Option Remote Heap Overflow Vulnerability
33. Tor Arbitrary Memory Information Disclosure Vulnerability
34. Veritas Backup Exec Web Administration Console Remote Buffer Overflow Vulnerability
35. Veritas Backup Exec Remote Agent for Windows Servers Privilege Escalation Vulnerability
36. RaXnet Cacti Multiple SQL Injection Vulnerabilities
37. RaXnet Cacti Config_Settings.PHP Remote File Include Vulnerability
38. DUware DUportal Pro Multiple SQL Injection Vulnerabilities
39. RaXnet Cacti Top_Graph_Header.PHP Remote File Include Vulnerability
40. Asterisk Manager Interface Command Processing Remote Buffer Overflow Vulnerability
41. HP VCRM Proxy Server Potential Password Disclosure Vulnerability
42. DUware DUamazon Pro Multiple SQL Injection Vulnerabilities
43. DUware DUpaypal Pro Multiple SQL Injection Vulnerabilities
44. DUware DUforum Multiple SQL Injection Vulnerabilities
45. DUware DUclassmate Multiple SQL Injection Vulnerabilities
46. NetCaptor Browser Dialog Box Origin Spoofing Vulnerability
47. Slim Browser Dialog Box Origin Spoofing Vulnerability
48. Ipswitch WhatsUp Professional LOGIN.ASP SQL Injection Vulnerability
49. Linux Kernel Unauthorized SCSI Command Vulnerability
50. RaXnet Cacti Graph_Image.PHP Remote Command Execution Vulnerability
51. Simple Machines Msg Parameter SQL Injection Vulnerability
52. Whois.Cart Profile.PHP Cross-Site Scripting Vulnerability
53. CarLine Forum Russian Board Multiple Input Validation Vulnerabilities
54. Whois.Cart Index.PHP Directory Traversal Vulnerability
55. Sendmail Milter Remote Denial Of Service Weakness
56. Sun Solaris Traceroute Multiple Local Buffer Overflow Vulnerabilities
57. UBBCentral UBB.Threads Multiple Cross-Site Scripting Vulnerabilities
58. Linux Kernel 64 Bit AR-RSC Register Access Validation Vulnerability
59. UBBCentral UBB.Threads Multiple SQL Injection Vulnerabilities
60. UBBCentral UBB.Threads Multiple HTTP Response Splitting Vulnerabilities
61. Linux Kernel Subthread Exec Local Denial Of Service Vulnerability
62. UBBCentral UBB.Threads Local File Include Vulnerability
63. PHP-Nuke Avatar HTML Injection Vulnerability
64. IBM DB2 Universal Database Unspecified Authorization Bypass Vulnerability
65. Clam Anti-Virus ClamAV Unspecified Quantum Decompressor Denial Of Service Vulnerability
66. K-COLLECT CSV_DB.CGI/i_DB.CGI Remote Command Execution Vulnerability
67. Legal Case Management Log File Information Disclosure Vulnerability
III. SECURITYFOCUS NEWS
1. Open-source projects get free checkup by automated tools
2. Targeted Trojan-horse attacks hitting U.S., worldwide
3. MasterCard warns of massive credit-card breach
4. Phishers look to net small fry
5. £6.5m phishing duo jailed
6. NASA hacker jailed
7. Electronic forgery menaces humanity
8. Aussies prosecute first 'spammer'
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Quality Assurance, McLean
2. [SJ-JOB] Security Consultant, Aiken
3. [SJ-JOB] VP / Dir / Mgr engineering, Chesterfield
4. [SJ-JOB] Security Consultant, Chesterfield
5. [SJ-JOB] Security Auditor, Bridgewater
6. [SJ-JOB] Manager, Information Security, Herndon
7. [SJ-JOB] Sr. Security Analyst, Harrisburg
8. [SJ-JOB] Security Consultant, New York
9. [SJ-JOB] Manager, Information Security, St. Louis
10. [SJ-JOB] Security Consultant, Tampa
11. [SJ-JOB] Management, Tampa
12. [SJ-JOB] Director, Information Security, Indianapolis
13. [SJ-JOB] Manager, Information Security, Charlotte
14. [SJ-JOB] Manager, Information Security, Indianapolis
15. [SJ-JOB] Sr. Security Engineer, St. Louis
16. [SJ-JOB] Security Architect, North West England
17. [SJ-JOB] Account Manager, Chicago
18. [SJ-JOB] Security Engineer, S. San Francisco
19. [SJ-JOB] Security Engineer, Atlanta
20. [SJ-JOB] Sr. Security Engineer, Newark,NJ
21. [SJ-JOB] Manager, Information Security, London
22. [SJ-JOB] Security Auditor, Bay Area
23. [SJ-JOB] Sr. Security Analyst, Northampton
24. [SJ-JOB] Application Security Architect, Pune / Bangalore
25. [SJ-JOB] Sales Engineer, Various
26. [SJ-JOB] Security Engineer, Alexandria
27. [SJ-JOB] Security Product Manager, San Antonio, TX
28. [SJ-JOB] Security Engineer, Hampshire
29. [SJ-JOB] Sales Representative, Ipswich Suffolk
30. [SJ-JOB] Sr. Security Engineer, London and countrywide
31. [SJ-JOB] CSO, northern California
32. [SJ-JOB] Security Auditor, London and countrywide
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. PocketPC exploitation
VII. MICROSOFT FOCUS LIST SUMMARY
1. Local admin password
2. Windows firewall spontaneously changes profiles
3. disable shell: command on Windows 2000
4. ISA 2004 FTP SSL
5. Windows 98 autoupdate
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. Apache issue
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Where's the threat?
By Matthew Tanase
I'm sure everyone remembers the story of Goldilocks and the three bears
http://www.securityfocus.com/columnists/335
2. Software Firewalls: Made of Straw? Part 2 of 2
By Israel G. Lugo, Don Parker
In part two we look at how easily the firewall's operation can be circumvented by inserting a malicious Trojan into the network stack itself.
http://www.securityfocus.com/infocus/1840
II. BUGTRAQ SUMMARY
--------------------
1. Heimdal TelnetD Remote Buffer Overflow Vulnerability
BugTraq ID: 13989
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13989
Summary:
Heimdal telnetd is susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer.
This vulnerability may be exploited by remote attackers to influence the proper flow of execution of the application, resulting in attacker-supplied machine code being executed in the context of the affected network service.
2. Edgewall Software Trac Unauthorized File Upload/Download Vulnerability
BugTraq ID: 13990
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13990
Summary:
Trac is affected by an unauthorized file upload/download vulnerability.
This issue can lead to information disclosure and unauthorized remote access as an attacker can place and execute malicious PHP scripts on an affected computer.
Trac 0.8.3 and prior versions are affected by this issue.
3. Uapplication Ublog Reload Multiple SQL Injection Vulnerabilities
BugTraq ID: 13991
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13991
Summary:
Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
4. Cisco VPN Concentrator Groupname Enumeration Weakness
BugTraq ID: 13992
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13992
Summary:
Cisco VPN Concentrator is affected by a remote groupname enumeration weakness. This issue is due to a design error that could assist a remote attacker in enumerating groupnames.
Reportedly, once the attacker has verified a groupname they can obtain a password hash from an affected device and carry out bruteforce attacks against the password hash.
A valid groupname and password pair can allow the attacker to complete IKE Phase-1 authentication and carry out man-in-the-middle attacks against other users. This may ultimately allow the attacker to gain unauthorized access to the network.
All Cisco VPN Concentrator 3000 series products running groupname authentication are considered vulnerable to this issue.
5. Todd Miller Sudo Local Race Condition Vulnerability
BugTraq ID: 13993
Remote: No
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13993
Summary:
Sudo is prone to a local race condition vulnerability. The issue only manifests under certain conditions, specifically, when the sudoers configuration file contains a pseudo-command 'ALL' that directly follows a users sudoers entry.
When the aforementioned configuration exists, this issue may be leveraged by local attackers to execute arbitrary executables with escalated privileges. This may be accomplished by creating symbolic links to target files.
6. Uapplication Ublog Reload Trackback.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 13994
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13994
Summary:
Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
7. RealVNC Server Remote Information Disclosure Vulnerability
BugTraq ID: 13995
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13995
Summary:
RealVNC is affected by a remote information disclosure vulnerability.
An attacker may obtain the RealVNC version and the underlying operating system.
This information may aid in other attacks against an affected computer.
8. cPanel User Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 13996
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13996
Summary:
It is reported that cPanel is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to insufficient sanitization of user-supplied data via the 'user' parameter of the 'login' page.
Due to the possibility of attacker-specified HTML and script code being rendered in a victim's browser, it is possible to steal cookie-based authentication credentials from that user. Other attacks are possible as well.
9. Novell GroupWise GrpWise.EXE Authentication Credentials Persistence Weakness
BugTraq ID: 13997
Remote: No
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13997
Summary:
A problem with Novell GroupWise may allow the recovery of sensitive information.
Novell GroupWise 'grpWise.exe' does not safely handle authentication credential information. As a result, a local user may be able to recover authentication passwords.
10. PAFaq Database Unauthorized Access Vulnerability
BugTraq ID: 13999
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13999
Summary:
paFaq is prone to an unauthorized access vulnerability regarding the database. This issue is a result of the application failing to perform access validation on the 'backup.php' script. A remote unauthenticated user can invoke the script and retrieve a complete backup of the application database.
A remote attacker could exploit this vulnerability to authenticate to the application using a retrieved administrator username and password hash.
11. I-Gallery Folder Argument Directory Traversal Vulnerability
BugTraq ID: 14000
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14000
Summary:
i-Gallery is prone to a directory traversal vulnerability.
This could let remote attackers access files on the computer in the context of the Web server process.
12. PAFaq Question Cross-Site Scripting Vulnerability
BugTraq ID: 14001
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14001
Summary:
paFaq is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
13. I-Gallery Folder Argument Cross-Site Scripting Vulnerability
BugTraq ID: 14002
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14002
Summary:
i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp'.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site.
14. PAFaq Administrator Username SQL Injection Vulnerability
BugTraq ID: 14003
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14003
Summary:
paFaq is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
15. Fortibus CMS Multiple SQL Injection Vulnerabilities
BugTraq ID: 14004
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14004
Summary:
Fortibus CMS is prone to multiple SQL injection vulnerabilities.
These issues could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Fortibus CMS 4.0 is vulnerable to these issues.
16. Novell NetMail Patch Packaging Insecure File Permissions Vulnerability
BugTraq ID: 14005
Remote: No
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14005
Summary:
Novell NetMail is susceptible to an insecure file permissions vulnerability. This issue is due to a flaw in the patch packaging system used to update NetMail. This vulnerability only presents itself on Linux installations of NetMail.
This vulnerability allows local attackers to modify or replace NetMail binaries. This will result in the compromise of the NetMail account.
Computers running versions 3.52A, 3.52B, or 3.52C on Linux are affected by this issue.
17. NanoBlogger Arbitrary Command Execution Vulnerability
BugTraq ID: 14006
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14006
Summary:
NanoBlogger is affected by a vulnerability regarding the execution of arbitrary commands.
Successful exploitation of this issue results in command execution with the privileges of the affected application. This may lead to various attacks including unauthorized access to an affected computer.
The vendor has addressed this issue in NanoBlogger version 3.2.2 and later; earlier versions are reported vulnerable.
18. Microsoft Internet Explorer Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14007
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14007
Summary:
Microsoft Internet Explorer is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
19. Mozilla/Firefox Browsers Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14008
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14008
Summary:
Mozilla/Firefox browsers are prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
20. Opera Web Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14009
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14009
Summary:
Opera Web Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
21. ICab Web Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14010
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14010
Summary:
ICab Web Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
22. Apple Safari Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14011
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14011
Summary:
Apple Safari is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
23. Avant Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14012
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14012
Summary:
Avant Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
24. Enterasys Networks Vertical Horizon Default Backdoor Account Vulnerability
BugTraq ID: 14014
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14014
Summary:
Enterasys Networks Vertical Horizon switch firmware has a built-in administrative account that cannot be disabled.
This vulnerability reportedly allows remote attackers to gain unauthorized administrative access to a target switch.
25. MercuryBoard Index.PHP Remote SQL Injection Vulnerability
BugTraq ID: 14015
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14015
Summary:
MercuryBoard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
26. Yukihiro Matsumoto Ruby XMLRPC Server Unspecified Command Execution Vulnerability
BugTraq ID: 14016
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14016
Summary:
Ruby is affected by an unspecified command execution vulnerability. Reportedly, this issue affects the XMLRPC server.
It may be possible for an attacker to gain unauthorized access to an affected computer by exploiting this issue.
Ruby 1.8.2 is known to be vulnerable to this vulnerability, however, other versions may be affected as well.
27. Enterasys Networks Vertical Horizon Remote Denial Of Service Vulnerability
BugTraq ID: 14017
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14017
Summary:
The Enterasys Vertical Horizon switch has administrative access that cannot be disabled. Upon connecting to the Telnet administration interface as a guest user, an attacker may invoke debugging commands.
Exploitation of this issue will allow a remote attacker to deny service for other legitimate users that are connected to the switch.
28. Veritas Backup Exec/NetBackup Request Packet Denial Of Service Vulnerability
BugTraq ID: 14019
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14019
Summary:
VERITAS Backup Exec and NetBackup for NetWare Media Servers are prone to a denial of service vulnerability. A malformed request packet may cause a denial of service on the computer hosting the application.
29. Veritas Backup Exec Server Remote Registry Access Vulnerability
BugTraq ID: 14020
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14020
Summary:
VERITAS Backup Exec for Windows Servers is prone to an access validation vulnerability.
The issue may be leveraged by a remote attacker to gain 'Administrator' access to the vulnerable computer's registry. This access may be further leveraged to gain unfettered access to the target computer.
30. Veritas Backup Exec Remote Agent Null Pointer Dereference Denial Of Service Vulnerability
BugTraq ID: 14021
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14021
Summary:
VERITAS Backup Exec Remote Agent is prone to a remotely exploitable denial of service vulnerability. This could cause a denial of service on the computer hosting the application.
This issue only affects the application on Microsoft Windows platforms.
31. Veritas Backup Exec Remote Agent for Windows Servers Authentication Buffer Overflow Vulnerability
BugTraq ID: 14022
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14022
Summary:
VERITAS Backup Exec Remote Agent for Windows Servers is prone to a remotely exploitable buffer overflow vulnerability. This issue occurs when handling authentication requests.
Successful exploitation could result in arbitrary code execution.
32. Veritas Backup Exec Admin Plus Pack Option Remote Heap Overflow Vulnerability
BugTraq ID: 14023
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14023
Summary:
Veritas Backup Exec is affected by a remote heap overflow vulnerability.
This issue affects servers using the Admin Plus Pack Option. A remote attacker can exploit this issue by crafting and sending malicious data to the service and executing arbitrary code.
It is conjectured that successful exploitation may result in a superuser compromise.
This issue affects Backup Exec running on Microsoft Windows platforms.
33. Tor Arbitrary Memory Information Disclosure Vulnerability
BugTraq ID: 14024
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14024
Summary:
Tor is prone to an arbitrary memory information disclosure vulnerability.
A remote attacker could exploit this vulnerability to gain sensitive information, possibly private keys.
This issue is reported to affect Tor versions prior to 0.1.0.10.
34. Veritas Backup Exec Web Administration Console Remote Buffer Overflow Vulnerability
BugTraq ID: 14025
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14025
Summary:
VERITAS Backup Exec Web Administration Console is prone to a remote buffer overflow vulnerability.
An attacker can exploit this issue by crafting a malicious request. This request must contain excessive string data that triggers this issue, replacement memory addresses, and executable instructions. When the Web Administration Console processes this request, the attacker-supplied instructions may be executed on the vulnerable computer.
35. Veritas Backup Exec Remote Agent for Windows Servers Privilege Escalation Vulnerability
BugTraq ID: 14026
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14026
Summary:
Veritas Backup Exec Remote Agent for Windows Servers is affected by a privilege escalation vulnerability. This issue can allow remote users to gain elevated privileges and completely compromise an affected computer.
A successful attack allows non-privileged users to gain SYSTEM level privileges.
36. RaXnet Cacti Multiple SQL Injection Vulnerabilities
BugTraq ID: 14027
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14027
Summary:
Cacti is prone to multiple SQL injection vulnerabilities.
These issues could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker can obtain the administrative password by exploiting these issues.
Cacti versions prior to 0.8.6e are affected by these vulnerabilities.
37. RaXnet Cacti Config_Settings.PHP Remote File Include Vulnerability
BugTraq ID: 14028
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14028
Summary:
RaXnet Cacti is prone to a remote file include vulnerability.
The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'config_settings.php' script.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
38. DUware DUportal Pro Multiple SQL Injection Vulnerabilities
BugTraq ID: 14029
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14029
Summary:
DUportal Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Some of these issues may have previously been discussed in BID 13285 and BID 13288.
39. RaXnet Cacti Top_Graph_Header.PHP Remote File Include Vulnerability
BugTraq ID: 14030
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14030
Summary:
RaXnet Cacti is prone to a remote file include vulnerability.
The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'top_graph_header.php' script.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
40. Asterisk Manager Interface Command Processing Remote Buffer Overflow Vulnerability
BugTraq ID: 14031
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14031
Summary:
Asterisk manager interface is prone to a remote buffer overflow vulnerability. The issue manifests due to a lack of sufficient boundary checks performed by command line interface processing routines. Reports indicate that the issue may only be exploited if the manager interface is accessible and an attacker is able to write commands to the interface.
Under certain circumstances a remote attacker may exploit this issue to execute arbitrary code in the context of the affected software.
41. HP VCRM Proxy Server Potential Password Disclosure Vulnerability
BugTraq ID: 14032
Remote: No
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14032
Summary:
HP Version Control Repository Manager (VCRM) Proxy Server is affected by a vulnerability that may disclose user passwords to an adversary in close physical proximity to the victim.
This vulnerability could disclose a partial or complete password to an attacker, which may aid in other attacks or allow for unauthorized access to an affected computer.
VCRM versions prior to 2.1.1.730 are affected.
42. DUware DUamazon Pro Multiple SQL Injection Vulnerabilities
BugTraq ID: 14033
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14033
Summary:
DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
43. DUware DUpaypal Pro Multiple SQL Injection Vulnerabilities
BugTraq ID: 14034
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14034
Summary:
DUpaypal Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
44. DUware DUforum Multiple SQL Injection Vulnerabilities
BugTraq ID: 14035
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14035
Summary:
DUforum is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
45. DUware DUclassmate Multiple SQL Injection Vulnerabilities
BugTraq ID: 14036
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14036
Summary:
DUclassmate is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
46. NetCaptor Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14037
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14037
Summary:
NetCaptor Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
47. Slim Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14038
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14038
Summary:
Slim Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
48. Ipswitch WhatsUp Professional LOGIN.ASP SQL Injection Vulnerability
BugTraq ID: 14039
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14039
Summary:
WhatsUp Professional is prone to an SQL injection vulnerability affecting its Web-based front end. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. It should be noted that by supplying a 'or' value through the 'password' parameter, an attacker can gain unauthorized access to an affected site.
49. Linux Kernel Unauthorized SCSI Command Vulnerability
BugTraq ID: 14040
Remote: No
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14040
Summary:
Linux kernel is reported susceptible to an unauthorized SCSI command vulnerability.
Commands sent to a SCSI device may render the device's state inconsistent or change the drive parameters so that other users find the drive to be unusable.
It is possible that this issue is related to BID 11784 (SuSE Linux Kernel Unauthorized SCSI Command Vulnerability). This is not confirmed at the moment, however, this BID will be updated or the two BIDs will be combined into one when further analysis is completed.
50. RaXnet Cacti Graph_Image.PHP Remote Command Execution Vulnerability
BugTraq ID: 14042
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14042
Summary:
Cacti is prone to a remote command execution vulnerability.
User-supplied input to the 'graph_image.php' script is not properly sanitized and allows attackers to execute arbitrary commands in the context of the server.
This can facilitate various attacks including unauthorized access to an affected computer.
Cacti 0.8.6d and prior versions are reportedly affected.
51. Simple Machines Msg Parameter SQL Injection Vulnerability
BugTraq ID: 14043
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14043
Summary:
Simple Machines is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
This issue is reported to affect Simple Machines version 1.0.4; earlier versions may also be vulnerable.
52. Whois.Cart Profile.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14044
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14044
Summary:
Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
53. CarLine Forum Russian Board Multiple Input Validation Vulnerabilities
BugTraq ID: 14045
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14045
Summary:
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
Forum Russian Board 4.2 is reported to be affected.
54. Whois.Cart Index.PHP Directory Traversal Vulnerability
BugTraq ID: 14046
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14046
Summary:
Whois.Cart is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../'. Exploitation of this vulnerability could lead to a loss of confidentiality.
55. Sendmail Milter Remote Denial Of Service Weakness
BugTraq ID: 14047
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14047
Summary:
Sendmail is susceptible to a remote denial of service weakness in its milter interface. This issue is due to overly long default timeouts configured for milters.
This issue is demonstrated with ClamAV versions prior to 0.86. Any other milter that utilizes similar operating methods as the older ClamAV milter will also expose this vulnerability in Sendmail.
Depending on the configuration of the milter interface, attackers may either exploit this issue to bypass milters, or to deny further email delivery on affected sites.
56. Sun Solaris Traceroute Multiple Local Buffer Overflow Vulnerabilities
BugTraq ID: 14049
Remote: No
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14049
Summary:
Sun Solaris traceroute is affected by multiple local buffer overflow vulnerabilities.
These vulnerabilities present themselves when the application handles excessive data supplied through command line arguments.
These issue are reported to affect /usr/sbin/traceroute running on Sun Solaris 10.
Some reports indicate that this issue cannot be reproduced. It is also reported that this issue is only exploitable on the Solaris x86 platform.
57. UBBCentral UBB.Threads Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14050
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14050
Summary:
UBB.Threads is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
58. Linux Kernel 64 Bit AR-RSC Register Access Validation Vulnerability
BugTraq ID: 14051
Remote: No
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14051
Summary:
The Linux Kernel for 64 Bit architectures is prone to an access validation vulnerability. The issue manifests due to a failure to restrict access to the 'ar.rsc' register (register stack engine control register) by the 'restore_sigcontext' function.
Immediate consequences of exploitation would likely be a denial of service, other attacks are also possible.
59. UBBCentral UBB.Threads Multiple SQL Injection Vulnerabilities
BugTraq ID: 14052
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14052
Summary:
UBB.Threads is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
60. UBBCentral UBB.Threads Multiple HTTP Response Splitting Vulnerabilities
BugTraq ID: 14053
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14053
Summary:
UBB.Threads is prone to multiple HTTP response splitting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
A remote attacker may exploit any of these vulnerabilities to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
61. Linux Kernel Subthread Exec Local Denial Of Service Vulnerability
BugTraq ID: 14054
Remote: No
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14054
Summary:
The Linux kernel is prone to a local denial of service vulnerability. The issue manifests when a call to exec is made for a subthread that has a timer pending.
A local attacker may exploit this issue to crash the kernel effectively denying service for legitimate users.
62. UBBCentral UBB.Threads Local File Include Vulnerability
BugTraq ID: 14055
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14055
Summary:
UBB.Threads is prone to a local file include vulnerability.
The problem presents itself when an attacker passes the location of a potentially malicious local script through a parameter of the cookie.
An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web server process. This may potentially facilitate unauthorized access.
It should be noted that this issue may also be leveraged to read arbitrary files on an affected computer with the privileges of the Web server.
63. PHP-Nuke Avatar HTML Injection Vulnerability
BugTraq ID: 14056
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14056
Summary:
PHP-Nuke is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
This issue is reported to affect all versions of PHP-Nuke up to version 7.7, this has not been confirmed.
64. IBM DB2 Universal Database Unspecified Authorization Bypass Vulnerability
BugTraq ID: 14057
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14057
Summary:
IBM DB2 Universal Database is susceptible to an authorization bypass vulnerability. This issue is due to a failure of the application to properly enforce authorization restrictions for database users.
Users with SELECT privileges on in a database may bypass authorization checks to execute INSERT, UPDATE, or DELETE statements. Further details are not available at this time. This BID will be updated as more information is disclosed.
This vulnerability allows attackers to modify or destroy data without having proper authorization to do so.
65. Clam Anti-Virus ClamAV Unspecified Quantum Decompressor Denial Of Service Vulnerability
BugTraq ID: 14058
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14058
Summary:
ClamAV is prone to a denial of service vulnerability. The issue manifests in the Quantum decompressor, the exact cause of this issue is not known.
It is conjectured that a remote attacker may exploit this condition using a malicious file to crash a target ClamAV server.
66. K-COLLECT CSV_DB.CGI/i_DB.CGI Remote Command Execution Vulnerability
BugTraq ID: 14059
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14059
Summary:
CSV_DB.CGI/i_DB.CGI are affected by a remote command execution vulnerability.
Specifically, an attacker can supply arbitrary commands prefixed with the '|' character through the 'csv_db.cgi' script that will be executed in the context of the Web server running the application.
CSV-DB 1.00 is affected by this issue.
67. Legal Case Management Log File Information Disclosure Vulnerability
BugTraq ID: 14060
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14060
Summary:
Legal Case Management is prone to an information disclosure vulnerability. This issue is a result of the application not requiring authentication before granting access to the log files generated by LCM.
Information acquired from the log files may be used to aid in further attacks against the underlying system.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Open-source projects get free checkup by automated tools
By: Robert Lemos
The source code for the Unix-like operating systems FreeBSD is the latest community software to have coding problems flagged by an automated analysis tool.
http://www.securityfocus.com/news/11230
2. Targeted Trojan-horse attacks hitting U.S., worldwide
By: Robert Lemos
The U.K.'s incident response team warned of stealthy attacks aimed at that nation's businesses and government agencies, but security firms say the attacks have targeted companies and organizations across the globe, including the U.S.
http://www.securityfocus.com/news/11222
3. MasterCard warns of massive credit-card breach
By: Robert Lemos
Data thieves breached the systems of Atlanta, Georgia-based CardSystems Solutions, stealing data on as many as 40 million accounts affecting various credit-card brands, MasterCard says.
http://www.securityfocus.com/news/11219
4. Phishers look to net small fry
By: Robert Lemos
Online fraudsters are targeting the customers of small financial institutions, hoping to take advantage of less knowledgeable and more trusting consumers.
http://www.securityfocus.com/news/11214
5. £6.5m phishing duo jailed
By: John Leyden
An American who masterminded the UK part of a multi-million pound ID theft scam was yesterday jailed for six years.
http://www.securityfocus.com/news/11231
6. NASA hacker jailed
By: John Leyden
A US man was jailed for four months last week after he was convicted of hacking into US government computers and defacing web sites.
http://www.securityfocus.com/news/11232
7. Electronic forgery menaces humanity
By: John Leyden
Electronic forgery is becoming a greater risk as more company information is stored electronically. But many organisations are ignoring the issue.
http://www.securityfocus.com/news/11228
8. Aussies prosecute first 'spammer'
By: Drew Cullen
Australia is prosecuting the first alleged spammer under its new-ish Spam Act.
http://www.securityfocus.com/news/11229
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Quality Assurance, McLean
http://www.securityfocus.com/archive/77/403587
30. [SJ-JOB] Sr. Security Engineer, London and countrywide
http://www.securityfocus.com/archive/77/403208
31. [SJ-JOB] CSO, northern California
http://www.securityfocus.com/archive/77/403207
32. [SJ-JOB] Security Auditor, London and countrywide
http://www.securityfocus.com/archive/77/403206
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. PocketPC exploitation
http://www.securityfocus.com/archive/82/403422
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Local admin password
http://www.securityfocus.com/archive/88/403594
2. Windows firewall spontaneously changes profiles
http://www.securityfocus.com/archive/88/403542
3. disable shell: command on Windows 2000
http://www.securityfocus.com/archive/88/403498
4. ISA 2004 FTP SSL
http://www.securityfocus.com/archive/88/403301
5. Windows 98 autoupdate
http://www.securityfocus.com/archive/88/403192
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. Apache issue
http://www.securityfocus.com/archive/91/403019
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: Black Hat
Attend the Black Hat Briefings & Training USA, July 23-28, 2005 in Las
Vegas. World renowned security experts reveal tomorrow.s threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 29 hands-on training courses and 10 conference tracks, networking opportunities with over 2,000 delegates from 30+ nations.
----------------------------------------
This Issue is Sponsored By: Black Hat
Attend the Black Hat Briefings & Training USA, July 23-28, 2005 in Las
Vegas. World renowned security experts reveal tomorrow.s threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 29 hands-on training courses and 10 conference tracks, networking opportunities with over 2,000 delegates from 30+ nations.
http://www.securityfocus.com/sponsor/BlackHat_sf-news_050628
------------------------------------------------------------------
I. FRONT AND CENTER
1. Where's the threat?
2. Software Firewalls: Made of Straw? Part 2 of 2
II. BUGTRAQ SUMMARY
1. Heimdal TelnetD Remote Buffer Overflow Vulnerability
2. Edgewall Software Trac Unauthorized File Upload/Download Vulnerability
3. Uapplication Ublog Reload Multiple SQL Injection Vulnerabilities
4. Cisco VPN Concentrator Groupname Enumeration Weakness
5. Todd Miller Sudo Local Race Condition Vulnerability
6. Uapplication Ublog Reload Trackback.ASP Cross-Site Scripting Vulnerability
7. RealVNC Server Remote Information Disclosure Vulnerability
8. cPanel User Parameter Cross-Site Scripting Vulnerability
9. Novell GroupWise GrpWise.EXE Authentication Credentials Persistence Weakness
10. PAFaq Database Unauthorized Access Vulnerability
11. I-Gallery Folder Argument Directory Traversal Vulnerability
12. PAFaq Question Cross-Site Scripting Vulnerability
13. I-Gallery Folder Argument Cross-Site Scripting Vulnerability
14. PAFaq Administrator Username SQL Injection Vulnerability
15. Fortibus CMS Multiple SQL Injection Vulnerabilities
16. Novell NetMail Patch Packaging Insecure File Permissions Vulnerability
17. NanoBlogger Arbitrary Command Execution Vulnerability
18. Microsoft Internet Explorer Dialog Box Origin Spoofing Vulnerability
19. Mozilla/Firefox Browsers Dialog Box Origin Spoofing Vulnerability
20. Opera Web Browser Dialog Box Origin Spoofing Vulnerability
21. ICab Web Browser Dialog Box Origin Spoofing Vulnerability
22. Apple Safari Dialog Box Origin Spoofing Vulnerability
23. Avant Browser Dialog Box Origin Spoofing Vulnerability
24. Enterasys Networks Vertical Horizon Default Backdoor Account Vulnerability
25. MercuryBoard Index.PHP Remote SQL Injection Vulnerability
26. Yukihiro Matsumoto Ruby XMLRPC Server Unspecified Command Execution Vulnerability
27. Enterasys Networks Vertical Horizon Remote Denial Of Service Vulnerability
28. Veritas Backup Exec/NetBackup Request Packet Denial Of Service Vulnerability
29. Veritas Backup Exec Server Remote Registry Access Vulnerability
30. Veritas Backup Exec Remote Agent Null Pointer Dereference Denial Of Service Vulnerability
31. Veritas Backup Exec Remote Agent for Windows Servers Authentication Buffer Overflow Vulnerability
32. Veritas Backup Exec Admin Plus Pack Option Remote Heap Overflow Vulnerability
33. Tor Arbitrary Memory Information Disclosure Vulnerability
34. Veritas Backup Exec Web Administration Console Remote Buffer Overflow Vulnerability
35. Veritas Backup Exec Remote Agent for Windows Servers Privilege Escalation Vulnerability
36. RaXnet Cacti Multiple SQL Injection Vulnerabilities
37. RaXnet Cacti Config_Settings.PHP Remote File Include Vulnerability
38. DUware DUportal Pro Multiple SQL Injection Vulnerabilities
39. RaXnet Cacti Top_Graph_Header.PHP Remote File Include Vulnerability
40. Asterisk Manager Interface Command Processing Remote Buffer Overflow Vulnerability
41. HP VCRM Proxy Server Potential Password Disclosure Vulnerability
42. DUware DUamazon Pro Multiple SQL Injection Vulnerabilities
43. DUware DUpaypal Pro Multiple SQL Injection Vulnerabilities
44. DUware DUforum Multiple SQL Injection Vulnerabilities
45. DUware DUclassmate Multiple SQL Injection Vulnerabilities
46. NetCaptor Browser Dialog Box Origin Spoofing Vulnerability
47. Slim Browser Dialog Box Origin Spoofing Vulnerability
48. Ipswitch WhatsUp Professional LOGIN.ASP SQL Injection Vulnerability
49. Linux Kernel Unauthorized SCSI Command Vulnerability
50. RaXnet Cacti Graph_Image.PHP Remote Command Execution Vulnerability
51. Simple Machines Msg Parameter SQL Injection Vulnerability
52. Whois.Cart Profile.PHP Cross-Site Scripting Vulnerability
53. CarLine Forum Russian Board Multiple Input Validation Vulnerabilities
54. Whois.Cart Index.PHP Directory Traversal Vulnerability
55. Sendmail Milter Remote Denial Of Service Weakness
56. Sun Solaris Traceroute Multiple Local Buffer Overflow Vulnerabilities
57. UBBCentral UBB.Threads Multiple Cross-Site Scripting Vulnerabilities
58. Linux Kernel 64 Bit AR-RSC Register Access Validation Vulnerability
59. UBBCentral UBB.Threads Multiple SQL Injection Vulnerabilities
60. UBBCentral UBB.Threads Multiple HTTP Response Splitting Vulnerabilities
61. Linux Kernel Subthread Exec Local Denial Of Service Vulnerability
62. UBBCentral UBB.Threads Local File Include Vulnerability
63. PHP-Nuke Avatar HTML Injection Vulnerability
64. IBM DB2 Universal Database Unspecified Authorization Bypass Vulnerability
65. Clam Anti-Virus ClamAV Unspecified Quantum Decompressor Denial Of Service Vulnerability
66. K-COLLECT CSV_DB.CGI/i_DB.CGI Remote Command Execution Vulnerability
67. Legal Case Management Log File Information Disclosure Vulnerability
III. SECURITYFOCUS NEWS
1. Open-source projects get free checkup by automated tools
2. Targeted Trojan-horse attacks hitting U.S., worldwide
3. MasterCard warns of massive credit-card breach
4. Phishers look to net small fry
5. £6.5m phishing duo jailed
6. NASA hacker jailed
7. Electronic forgery menaces humanity
8. Aussies prosecute first 'spammer'
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Quality Assurance, McLean
2. [SJ-JOB] Security Consultant, Aiken
3. [SJ-JOB] VP / Dir / Mgr engineering, Chesterfield
4. [SJ-JOB] Security Consultant, Chesterfield
5. [SJ-JOB] Security Auditor, Bridgewater
6. [SJ-JOB] Manager, Information Security, Herndon
7. [SJ-JOB] Sr. Security Analyst, Harrisburg
8. [SJ-JOB] Security Consultant, New York
9. [SJ-JOB] Manager, Information Security, St. Louis
10. [SJ-JOB] Security Consultant, Tampa
11. [SJ-JOB] Management, Tampa
12. [SJ-JOB] Director, Information Security, Indianapolis
13. [SJ-JOB] Manager, Information Security, Charlotte
14. [SJ-JOB] Manager, Information Security, Indianapolis
15. [SJ-JOB] Sr. Security Engineer, St. Louis
16. [SJ-JOB] Security Architect, North West England
17. [SJ-JOB] Account Manager, Chicago
18. [SJ-JOB] Security Engineer, S. San Francisco
19. [SJ-JOB] Security Engineer, Atlanta
20. [SJ-JOB] Sr. Security Engineer, Newark,NJ
21. [SJ-JOB] Manager, Information Security, London
22. [SJ-JOB] Security Auditor, Bay Area
23. [SJ-JOB] Sr. Security Analyst, Northampton
24. [SJ-JOB] Application Security Architect, Pune / Bangalore
25. [SJ-JOB] Sales Engineer, Various
26. [SJ-JOB] Security Engineer, Alexandria
27. [SJ-JOB] Security Product Manager, San Antonio, TX
28. [SJ-JOB] Security Engineer, Hampshire
29. [SJ-JOB] Sales Representative, Ipswich Suffolk
30. [SJ-JOB] Sr. Security Engineer, London and countrywide
31. [SJ-JOB] CSO, northern California
32. [SJ-JOB] Security Auditor, London and countrywide
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. PocketPC exploitation
VII. MICROSOFT FOCUS LIST SUMMARY
1. Local admin password
2. Windows firewall spontaneously changes profiles
3. disable shell: command on Windows 2000
4. ISA 2004 FTP SSL
5. Windows 98 autoupdate
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. Apache issue
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Where's the threat?
By Matthew Tanase
I'm sure everyone remembers the story of Goldilocks and the three bears
http://www.securityfocus.com/columnists/335
2. Software Firewalls: Made of Straw? Part 2 of 2
By Israel G. Lugo, Don Parker
In part two we look at how easily the firewall's operation can be circumvented by inserting a malicious Trojan into the network stack itself.
http://www.securityfocus.com/infocus/1840
II. BUGTRAQ SUMMARY
--------------------
1. Heimdal TelnetD Remote Buffer Overflow Vulnerability
BugTraq ID: 13989
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13989
Summary:
Heimdal telnetd is susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer.
This vulnerability may be exploited by remote attackers to influence the proper flow of execution of the application, resulting in attacker-supplied machine code being executed in the context of the affected network service.
2. Edgewall Software Trac Unauthorized File Upload/Download Vulnerability
BugTraq ID: 13990
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13990
Summary:
Trac is affected by an unauthorized file upload/download vulnerability.
This issue can lead to information disclosure and unauthorized remote access as an attacker can place and execute malicious PHP scripts on an affected computer.
Trac 0.8.3 and prior versions are affected by this issue.
3. Uapplication Ublog Reload Multiple SQL Injection Vulnerabilities
BugTraq ID: 13991
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13991
Summary:
Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
4. Cisco VPN Concentrator Groupname Enumeration Weakness
BugTraq ID: 13992
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13992
Summary:
Cisco VPN Concentrator is affected by a remote groupname enumeration weakness. This issue is due to a design error that could assist a remote attacker in enumerating groupnames.
Reportedly, once the attacker has verified a groupname they can obtain a password hash from an affected device and carry out bruteforce attacks against the password hash.
A valid groupname and password pair can allow the attacker to complete IKE Phase-1 authentication and carry out man-in-the-middle attacks against other users. This may ultimately allow the attacker to gain unauthorized access to the network.
All Cisco VPN Concentrator 3000 series products running groupname authentication are considered vulnerable to this issue.
5. Todd Miller Sudo Local Race Condition Vulnerability
BugTraq ID: 13993
Remote: No
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13993
Summary:
Sudo is prone to a local race condition vulnerability. The issue only manifests under certain conditions, specifically, when the sudoers configuration file contains a pseudo-command 'ALL' that directly follows a users sudoers entry.
When the aforementioned configuration exists, this issue may be leveraged by local attackers to execute arbitrary executables with escalated privileges. This may be accomplished by creating symbolic links to target files.
6. Uapplication Ublog Reload Trackback.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 13994
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13994
Summary:
Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
7. RealVNC Server Remote Information Disclosure Vulnerability
BugTraq ID: 13995
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13995
Summary:
RealVNC is affected by a remote information disclosure vulnerability.
An attacker may obtain the RealVNC version and the underlying operating system.
This information may aid in other attacks against an affected computer.
8. cPanel User Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 13996
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13996
Summary:
It is reported that cPanel is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to insufficient sanitization of user-supplied data via the 'user' parameter of the 'login' page.
Due to the possibility of attacker-specified HTML and script code being rendered in a victim's browser, it is possible to steal cookie-based authentication credentials from that user. Other attacks are possible as well.
9. Novell GroupWise GrpWise.EXE Authentication Credentials Persistence Weakness
BugTraq ID: 13997
Remote: No
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13997
Summary:
A problem with Novell GroupWise may allow the recovery of sensitive information.
Novell GroupWise 'grpWise.exe' does not safely handle authentication credential information. As a result, a local user may be able to recover authentication passwords.
10. PAFaq Database Unauthorized Access Vulnerability
BugTraq ID: 13999
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/13999
Summary:
paFaq is prone to an unauthorized access vulnerability regarding the database. This issue is a result of the application failing to perform access validation on the 'backup.php' script. A remote unauthenticated user can invoke the script and retrieve a complete backup of the application database.
A remote attacker could exploit this vulnerability to authenticate to the application using a retrieved administrator username and password hash.
11. I-Gallery Folder Argument Directory Traversal Vulnerability
BugTraq ID: 14000
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14000
Summary:
i-Gallery is prone to a directory traversal vulnerability.
This could let remote attackers access files on the computer in the context of the Web server process.
12. PAFaq Question Cross-Site Scripting Vulnerability
BugTraq ID: 14001
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14001
Summary:
paFaq is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
13. I-Gallery Folder Argument Cross-Site Scripting Vulnerability
BugTraq ID: 14002
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14002
Summary:
i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp'.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site.
14. PAFaq Administrator Username SQL Injection Vulnerability
BugTraq ID: 14003
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14003
Summary:
paFaq is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
15. Fortibus CMS Multiple SQL Injection Vulnerabilities
BugTraq ID: 14004
Remote: Yes
Date Published: 2005-06-20
Relevant URL: http://www.securityfocus.com/bid/14004
Summary:
Fortibus CMS is prone to multiple SQL injection vulnerabilities.
These issues could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Fortibus CMS 4.0 is vulnerable to these issues.
16. Novell NetMail Patch Packaging Insecure File Permissions Vulnerability
BugTraq ID: 14005
Remote: No
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14005
Summary:
Novell NetMail is susceptible to an insecure file permissions vulnerability. This issue is due to a flaw in the patch packaging system used to update NetMail. This vulnerability only presents itself on Linux installations of NetMail.
This vulnerability allows local attackers to modify or replace NetMail binaries. This will result in the compromise of the NetMail account.
Computers running versions 3.52A, 3.52B, or 3.52C on Linux are affected by this issue.
17. NanoBlogger Arbitrary Command Execution Vulnerability
BugTraq ID: 14006
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14006
Summary:
NanoBlogger is affected by a vulnerability regarding the execution of arbitrary commands.
Successful exploitation of this issue results in command execution with the privileges of the affected application. This may lead to various attacks including unauthorized access to an affected computer.
The vendor has addressed this issue in NanoBlogger version 3.2.2 and later; earlier versions are reported vulnerable.
18. Microsoft Internet Explorer Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14007
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14007
Summary:
Microsoft Internet Explorer is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
19. Mozilla/Firefox Browsers Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14008
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14008
Summary:
Mozilla/Firefox browsers are prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
20. Opera Web Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14009
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14009
Summary:
Opera Web Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
21. ICab Web Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14010
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14010
Summary:
ICab Web Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
22. Apple Safari Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14011
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14011
Summary:
Apple Safari is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
23. Avant Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14012
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14012
Summary:
Avant Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
24. Enterasys Networks Vertical Horizon Default Backdoor Account Vulnerability
BugTraq ID: 14014
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14014
Summary:
Enterasys Networks Vertical Horizon switch firmware has a built-in administrative account that cannot be disabled.
This vulnerability reportedly allows remote attackers to gain unauthorized administrative access to a target switch.
25. MercuryBoard Index.PHP Remote SQL Injection Vulnerability
BugTraq ID: 14015
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14015
Summary:
MercuryBoard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
26. Yukihiro Matsumoto Ruby XMLRPC Server Unspecified Command Execution Vulnerability
BugTraq ID: 14016
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14016
Summary:
Ruby is affected by an unspecified command execution vulnerability. Reportedly, this issue affects the XMLRPC server.
It may be possible for an attacker to gain unauthorized access to an affected computer by exploiting this issue.
Ruby 1.8.2 is known to be vulnerable to this vulnerability, however, other versions may be affected as well.
27. Enterasys Networks Vertical Horizon Remote Denial Of Service Vulnerability
BugTraq ID: 14017
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14017
Summary:
The Enterasys Vertical Horizon switch has administrative access that cannot be disabled. Upon connecting to the Telnet administration interface as a guest user, an attacker may invoke debugging commands.
Exploitation of this issue will allow a remote attacker to deny service for other legitimate users that are connected to the switch.
28. Veritas Backup Exec/NetBackup Request Packet Denial Of Service Vulnerability
BugTraq ID: 14019
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14019
Summary:
VERITAS Backup Exec and NetBackup for NetWare Media Servers are prone to a denial of service vulnerability. A malformed request packet may cause a denial of service on the computer hosting the application.
29. Veritas Backup Exec Server Remote Registry Access Vulnerability
BugTraq ID: 14020
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14020
Summary:
VERITAS Backup Exec for Windows Servers is prone to an access validation vulnerability.
The issue may be leveraged by a remote attacker to gain 'Administrator' access to the vulnerable computer's registry. This access may be further leveraged to gain unfettered access to the target computer.
30. Veritas Backup Exec Remote Agent Null Pointer Dereference Denial Of Service Vulnerability
BugTraq ID: 14021
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14021
Summary:
VERITAS Backup Exec Remote Agent is prone to a remotely exploitable denial of service vulnerability. This could cause a denial of service on the computer hosting the application.
This issue only affects the application on Microsoft Windows platforms.
31. Veritas Backup Exec Remote Agent for Windows Servers Authentication Buffer Overflow Vulnerability
BugTraq ID: 14022
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14022
Summary:
VERITAS Backup Exec Remote Agent for Windows Servers is prone to a remotely exploitable buffer overflow vulnerability. This issue occurs when handling authentication requests.
Successful exploitation could result in arbitrary code execution.
32. Veritas Backup Exec Admin Plus Pack Option Remote Heap Overflow Vulnerability
BugTraq ID: 14023
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14023
Summary:
Veritas Backup Exec is affected by a remote heap overflow vulnerability.
This issue affects servers using the Admin Plus Pack Option. A remote attacker can exploit this issue by crafting and sending malicious data to the service and executing arbitrary code.
It is conjectured that successful exploitation may result in a superuser compromise.
This issue affects Backup Exec running on Microsoft Windows platforms.
33. Tor Arbitrary Memory Information Disclosure Vulnerability
BugTraq ID: 14024
Remote: Yes
Date Published: 2005-06-21
Relevant URL: http://www.securityfocus.com/bid/14024
Summary:
Tor is prone to an arbitrary memory information disclosure vulnerability.
A remote attacker could exploit this vulnerability to gain sensitive information, possibly private keys.
This issue is reported to affect Tor versions prior to 0.1.0.10.
34. Veritas Backup Exec Web Administration Console Remote Buffer Overflow Vulnerability
BugTraq ID: 14025
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14025
Summary:
VERITAS Backup Exec Web Administration Console is prone to a remote buffer overflow vulnerability.
An attacker can exploit this issue by crafting a malicious request. This request must contain excessive string data that triggers this issue, replacement memory addresses, and executable instructions. When the Web Administration Console processes this request, the attacker-supplied instructions may be executed on the vulnerable computer.
35. Veritas Backup Exec Remote Agent for Windows Servers Privilege Escalation Vulnerability
BugTraq ID: 14026
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14026
Summary:
Veritas Backup Exec Remote Agent for Windows Servers is affected by a privilege escalation vulnerability. This issue can allow remote users to gain elevated privileges and completely compromise an affected computer.
A successful attack allows non-privileged users to gain SYSTEM level privileges.
36. RaXnet Cacti Multiple SQL Injection Vulnerabilities
BugTraq ID: 14027
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14027
Summary:
Cacti is prone to multiple SQL injection vulnerabilities.
These issues could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker can obtain the administrative password by exploiting these issues.
Cacti versions prior to 0.8.6e are affected by these vulnerabilities.
37. RaXnet Cacti Config_Settings.PHP Remote File Include Vulnerability
BugTraq ID: 14028
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14028
Summary:
RaXnet Cacti is prone to a remote file include vulnerability.
The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'config_settings.php' script.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
38. DUware DUportal Pro Multiple SQL Injection Vulnerabilities
BugTraq ID: 14029
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14029
Summary:
DUportal Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Some of these issues may have previously been discussed in BID 13285 and BID 13288.
39. RaXnet Cacti Top_Graph_Header.PHP Remote File Include Vulnerability
BugTraq ID: 14030
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14030
Summary:
RaXnet Cacti is prone to a remote file include vulnerability.
The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'top_graph_header.php' script.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
40. Asterisk Manager Interface Command Processing Remote Buffer Overflow Vulnerability
BugTraq ID: 14031
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14031
Summary:
Asterisk manager interface is prone to a remote buffer overflow vulnerability. The issue manifests due to a lack of sufficient boundary checks performed by command line interface processing routines. Reports indicate that the issue may only be exploited if the manager interface is accessible and an attacker is able to write commands to the interface.
Under certain circumstances a remote attacker may exploit this issue to execute arbitrary code in the context of the affected software.
41. HP VCRM Proxy Server Potential Password Disclosure Vulnerability
BugTraq ID: 14032
Remote: No
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14032
Summary:
HP Version Control Repository Manager (VCRM) Proxy Server is affected by a vulnerability that may disclose user passwords to an adversary in close physical proximity to the victim.
This vulnerability could disclose a partial or complete password to an attacker, which may aid in other attacks or allow for unauthorized access to an affected computer.
VCRM versions prior to 2.1.1.730 are affected.
42. DUware DUamazon Pro Multiple SQL Injection Vulnerabilities
BugTraq ID: 14033
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14033
Summary:
DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
43. DUware DUpaypal Pro Multiple SQL Injection Vulnerabilities
BugTraq ID: 14034
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14034
Summary:
DUpaypal Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
44. DUware DUforum Multiple SQL Injection Vulnerabilities
BugTraq ID: 14035
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14035
Summary:
DUforum is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
45. DUware DUclassmate Multiple SQL Injection Vulnerabilities
BugTraq ID: 14036
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14036
Summary:
DUclassmate is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
46. NetCaptor Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14037
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14037
Summary:
NetCaptor Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
47. Slim Browser Dialog Box Origin Spoofing Vulnerability
BugTraq ID: 14038
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14038
Summary:
Slim Browser is prone to a dialog box origin spoofing vulnerability.
An attacker may exploit this vulnerability to spoof an interface of a trusted web site. This issue may allow a remote attacker to carry out phishing style attacks.
48. Ipswitch WhatsUp Professional LOGIN.ASP SQL Injection Vulnerability
BugTraq ID: 14039
Remote: Yes
Date Published: 2005-06-22
Relevant URL: http://www.securityfocus.com/bid/14039
Summary:
WhatsUp Professional is prone to an SQL injection vulnerability affecting its Web-based front end. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. It should be noted that by supplying a 'or' value through the 'password' parameter, an attacker can gain unauthorized access to an affected site.
49. Linux Kernel Unauthorized SCSI Command Vulnerability
BugTraq ID: 14040
Remote: No
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14040
Summary:
Linux kernel is reported susceptible to an unauthorized SCSI command vulnerability.
Commands sent to a SCSI device may render the device's state inconsistent or change the drive parameters so that other users find the drive to be unusable.
It is possible that this issue is related to BID 11784 (SuSE Linux Kernel Unauthorized SCSI Command Vulnerability). This is not confirmed at the moment, however, this BID will be updated or the two BIDs will be combined into one when further analysis is completed.
50. RaXnet Cacti Graph_Image.PHP Remote Command Execution Vulnerability
BugTraq ID: 14042
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14042
Summary:
Cacti is prone to a remote command execution vulnerability.
User-supplied input to the 'graph_image.php' script is not properly sanitized and allows attackers to execute arbitrary commands in the context of the server.
This can facilitate various attacks including unauthorized access to an affected computer.
Cacti 0.8.6d and prior versions are reportedly affected.
51. Simple Machines Msg Parameter SQL Injection Vulnerability
BugTraq ID: 14043
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14043
Summary:
Simple Machines is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
This issue is reported to affect Simple Machines version 1.0.4; earlier versions may also be vulnerable.
52. Whois.Cart Profile.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14044
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14044
Summary:
Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
53. CarLine Forum Russian Board Multiple Input Validation Vulnerabilities
BugTraq ID: 14045
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14045
Summary:
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
Forum Russian Board 4.2 is reported to be affected.
54. Whois.Cart Index.PHP Directory Traversal Vulnerability
BugTraq ID: 14046
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14046
Summary:
Whois.Cart is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../'. Exploitation of this vulnerability could lead to a loss of confidentiality.
55. Sendmail Milter Remote Denial Of Service Weakness
BugTraq ID: 14047
Remote: Yes
Date Published: 2005-06-23
Relevant URL: http://www.securityfocus.com/bid/14047
Summary:
Sendmail is susceptible to a remote denial of service weakness in its milter interface. This issue is due to overly long default timeouts configured for milters.
This issue is demonstrated with ClamAV versions prior to 0.86. Any other milter that utilizes similar operating methods as the older ClamAV milter will also expose this vulnerability in Sendmail.
Depending on the configuration of the milter interface, attackers may either exploit this issue to bypass milters, or to deny further email delivery on affected sites.
56. Sun Solaris Traceroute Multiple Local Buffer Overflow Vulnerabilities
BugTraq ID: 14049
Remote: No
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14049
Summary:
Sun Solaris traceroute is affected by multiple local buffer overflow vulnerabilities.
These vulnerabilities present themselves when the application handles excessive data supplied through command line arguments.
These issue are reported to affect /usr/sbin/traceroute running on Sun Solaris 10.
Some reports indicate that this issue cannot be reproduced. It is also reported that this issue is only exploitable on the Solaris x86 platform.
57. UBBCentral UBB.Threads Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14050
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14050
Summary:
UBB.Threads is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
58. Linux Kernel 64 Bit AR-RSC Register Access Validation Vulnerability
BugTraq ID: 14051
Remote: No
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14051
Summary:
The Linux Kernel for 64 Bit architectures is prone to an access validation vulnerability. The issue manifests due to a failure to restrict access to the 'ar.rsc' register (register stack engine control register) by the 'restore_sigcontext' function.
Immediate consequences of exploitation would likely be a denial of service, other attacks are also possible.
59. UBBCentral UBB.Threads Multiple SQL Injection Vulnerabilities
BugTraq ID: 14052
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14052
Summary:
UBB.Threads is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
60. UBBCentral UBB.Threads Multiple HTTP Response Splitting Vulnerabilities
BugTraq ID: 14053
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14053
Summary:
UBB.Threads is prone to multiple HTTP response splitting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
A remote attacker may exploit any of these vulnerabilities to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
61. Linux Kernel Subthread Exec Local Denial Of Service Vulnerability
BugTraq ID: 14054
Remote: No
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14054
Summary:
The Linux kernel is prone to a local denial of service vulnerability. The issue manifests when a call to exec is made for a subthread that has a timer pending.
A local attacker may exploit this issue to crash the kernel effectively denying service for legitimate users.
62. UBBCentral UBB.Threads Local File Include Vulnerability
BugTraq ID: 14055
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14055
Summary:
UBB.Threads is prone to a local file include vulnerability.
The problem presents itself when an attacker passes the location of a potentially malicious local script through a parameter of the cookie.
An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web server process. This may potentially facilitate unauthorized access.
It should be noted that this issue may also be leveraged to read arbitrary files on an affected computer with the privileges of the Web server.
63. PHP-Nuke Avatar HTML Injection Vulnerability
BugTraq ID: 14056
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14056
Summary:
PHP-Nuke is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
This issue is reported to affect all versions of PHP-Nuke up to version 7.7, this has not been confirmed.
64. IBM DB2 Universal Database Unspecified Authorization Bypass Vulnerability
BugTraq ID: 14057
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14057
Summary:
IBM DB2 Universal Database is susceptible to an authorization bypass vulnerability. This issue is due to a failure of the application to properly enforce authorization restrictions for database users.
Users with SELECT privileges on in a database may bypass authorization checks to execute INSERT, UPDATE, or DELETE statements. Further details are not available at this time. This BID will be updated as more information is disclosed.
This vulnerability allows attackers to modify or destroy data without having proper authorization to do so.
65. Clam Anti-Virus ClamAV Unspecified Quantum Decompressor Denial Of Service Vulnerability
BugTraq ID: 14058
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14058
Summary:
ClamAV is prone to a denial of service vulnerability. The issue manifests in the Quantum decompressor, the exact cause of this issue is not known.
It is conjectured that a remote attacker may exploit this condition using a malicious file to crash a target ClamAV server.
66. K-COLLECT CSV_DB.CGI/i_DB.CGI Remote Command Execution Vulnerability
BugTraq ID: 14059
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14059
Summary:
CSV_DB.CGI/i_DB.CGI are affected by a remote command execution vulnerability.
Specifically, an attacker can supply arbitrary commands prefixed with the '|' character through the 'csv_db.cgi' script that will be executed in the context of the Web server running the application.
CSV-DB 1.00 is affected by this issue.
67. Legal Case Management Log File Information Disclosure Vulnerability
BugTraq ID: 14060
Remote: Yes
Date Published: 2005-06-24
Relevant URL: http://www.securityfocus.com/bid/14060
Summary:
Legal Case Management is prone to an information disclosure vulnerability. This issue is a result of the application not requiring authentication before granting access to the log files generated by LCM.
Information acquired from the log files may be used to aid in further attacks against the underlying system.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Open-source projects get free checkup by automated tools
By: Robert Lemos
The source code for the Unix-like operating systems FreeBSD is the latest community software to have coding problems flagged by an automated analysis tool.
http://www.securityfocus.com/news/11230
2. Targeted Trojan-horse attacks hitting U.S., worldwide
By: Robert Lemos
The U.K.'s incident response team warned of stealthy attacks aimed at that nation's businesses and government agencies, but security firms say the attacks have targeted companies and organizations across the globe, including the U.S.
http://www.securityfocus.com/news/11222
3. MasterCard warns of massive credit-card breach
By: Robert Lemos
Data thieves breached the systems of Atlanta, Georgia-based CardSystems Solutions, stealing data on as many as 40 million accounts affecting various credit-card brands, MasterCard says.
http://www.securityfocus.com/news/11219
4. Phishers look to net small fry
By: Robert Lemos
Online fraudsters are targeting the customers of small financial institutions, hoping to take advantage of less knowledgeable and more trusting consumers.
http://www.securityfocus.com/news/11214
5. £6.5m phishing duo jailed
By: John Leyden
An American who masterminded the UK part of a multi-million pound ID theft scam was yesterday jailed for six years.
http://www.securityfocus.com/news/11231
6. NASA hacker jailed
By: John Leyden
A US man was jailed for four months last week after he was convicted of hacking into US government computers and defacing web sites.
http://www.securityfocus.com/news/11232
7. Electronic forgery menaces humanity
By: John Leyden
Electronic forgery is becoming a greater risk as more company information is stored electronically. But many organisations are ignoring the issue.
http://www.securityfocus.com/news/11228
8. Aussies prosecute first 'spammer'
By: Drew Cullen
Australia is prosecuting the first alleged spammer under its new-ish Spam Act.
http://www.securityfocus.com/news/11229
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Quality Assurance, McLean
http://www.securityfocus.com/archive/77/403587
2. [SJ-JOB] Security Consultant, Aiken
http://www.securityfocus.com/archive/77/403585
3. [SJ-JOB] VP / Dir / Mgr engineering, Chesterfield
http://www.securityfocus.com/archive/77/403584
4. [SJ-JOB] Security Consultant, Chesterfield
http://www.securityfocus.com/archive/77/403586
5. [SJ-JOB] Security Auditor, Bridgewater
http://www.securityfocus.com/archive/77/403588
6. [SJ-JOB] Manager, Information Security, Herndon
http://www.securityfocus.com/archive/77/403325
7. [SJ-JOB] Sr. Security Analyst, Harrisburg
http://www.securityfocus.com/archive/77/403328
8. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/403329
9. [SJ-JOB] Manager, Information Security, St. Louis
http://www.securityfocus.com/archive/77/403322
10. [SJ-JOB] Security Consultant, Tampa
http://www.securityfocus.com/archive/77/403327
11. [SJ-JOB] Management, Tampa
http://www.securityfocus.com/archive/77/403324
12. [SJ-JOB] Director, Information Security, Indianapolis
http://www.securityfocus.com/archive/77/403326
13. [SJ-JOB] Manager, Information Security, Charlotte
http://www.securityfocus.com/archive/77/403321
14. [SJ-JOB] Manager, Information Security, Indianapolis
http://www.securityfocus.com/archive/77/403320
15. [SJ-JOB] Sr. Security Engineer, St. Louis
http://www.securityfocus.com/archive/77/403323
16. [SJ-JOB] Security Architect, North West England
http://www.securityfocus.com/archive/77/403220
17. [SJ-JOB] Account Manager, Chicago
http://www.securityfocus.com/archive/77/403221
18. [SJ-JOB] Security Engineer, S. San Francisco
http://www.securityfocus.com/archive/77/403222
19. [SJ-JOB] Security Engineer, Atlanta
http://www.securityfocus.com/archive/77/403218
20. [SJ-JOB] Sr. Security Engineer, Newark,NJ
http://www.securityfocus.com/archive/77/403219
21. [SJ-JOB] Manager, Information Security, London
http://www.securityfocus.com/archive/77/403216
22. [SJ-JOB] Security Auditor, Bay Area
http://www.securityfocus.com/archive/77/403217
23. [SJ-JOB] Sr. Security Analyst, Northampton
http://www.securityfocus.com/archive/77/403212
24. [SJ-JOB] Application Security Architect, Pune / Bangalore
http://www.securityfocus.com/archive/77/403214
25. [SJ-JOB] Sales Engineer, Various
http://www.securityfocus.com/archive/77/403215
26. [SJ-JOB] Security Engineer, Alexandria
http://www.securityfocus.com/archive/77/403210
27. [SJ-JOB] Security Product Manager, San Antonio, TX
http://www.securityfocus.com/archive/77/403211
28. [SJ-JOB] Security Engineer, Hampshire
http://www.securityfocus.com/archive/77/403209
29. [SJ-JOB] Sales Representative, Ipswich Suffolk
http://www.securityfocus.com/archive/77/403213
30. [SJ-JOB] Sr. Security Engineer, London and countrywide
http://www.securityfocus.com/archive/77/403208
31. [SJ-JOB] CSO, northern California
http://www.securityfocus.com/archive/77/403207
32. [SJ-JOB] Security Auditor, London and countrywide
http://www.securityfocus.com/archive/77/403206
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. PocketPC exploitation
http://www.securityfocus.com/archive/82/403422
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Local admin password
http://www.securityfocus.com/archive/88/403594
2. Windows firewall spontaneously changes profiles
http://www.securityfocus.com/archive/88/403542
3. disable shell: command on Windows 2000
http://www.securityfocus.com/archive/88/403498
4. ISA 2004 FTP SSL
http://www.securityfocus.com/archive/88/403301
5. Windows 98 autoupdate
http://www.securityfocus.com/archive/88/403192
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. Apache issue
http://www.securityfocus.com/archive/91/403019
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: Black Hat
Attend the Black Hat Briefings & Training USA, July 23-28, 2005 in Las
Vegas. World renowned security experts reveal tomorrow.s threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 29 hands-on training courses and 10 conference tracks, networking opportunities with over 2,000 delegates from 30+ nations.
http://www.securityfocus.com/sponsor/BlackHat_sf-news_050628
[ reply ]