NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
------------------------------------------------------------------
I. FRONT AND CENTER
1. Identifying P2P users using traffic analysis
2. Interview with Dan Kaminsky on Microsoft's security
II. BUGTRAQ SUMMARY
1. Macromedia JRun Unauthorized Session Access Vulnerability
2. Oracle HTTP Server Unspecified Malformed Request Denial Of Service Vulnerability
3. Oracle HTTP Server MOD_OSSO Partner Application Cookie Expiration Weakness
4. Nullsoft Winamp Malformed ID3v2 Tag Buffer Overflow Vulnerability
5. Oracle HTTP Server MOD_ORADAV ORAALTPASSWORD Obfuscation Weakness
6. Clever Copy Calendar.PHP Cross-Site Scripting Vulnerability
7. Oracle Webcache SSL Encryption Downgrade Weakness
8. MooseGallery Display.PHP File Include Vulnerability
9. Oracle9i 9.0.1.5 FIPS Single Sign-On Server Unspecified Cross-Site Scripting Vulnerability
10. Microsoft Internet Explorer JPEG Image Rendering Unspecified Buffer Overflow Vulnerability
11. Hosting Controller Multiple Remote Vulnerabilities
12. Microsoft Internet Explorer JPEG Image Rendering CMP Fencepost Denial Of Service Vulnerability
13. Microsoft Internet Explorer JPEG Image Rendering Memory Consumption Denial Of Service Vulnerability
14. Microsoft Internet Explorer JPEG Image Rendering Unspecified Denial Of Service Vulnerability
15. Sybase EAServer Remote Buffer Overflow Vulnerability
16. Microsoft MSN Messenger / Internet Explorer Image ICC Profile Processing Vulnerability
17. Invision PowerBoard SQL Injection Privilege Escalation Vulnerability
18. PowerDNS LDAP Backend Query Escape Failure Vulnerability
19. PowerDNS Recursive Query Denial of Service Vulnerability
20. Shorewall MACLIST Firewall Rules Bypass Vulnerability
21. Skype Technologies Skype Insecure Temporary File Creation Vulnerability
22. OSCommerce Update.PHP Information Disclosure Vulnerability
23. VP-ASP Shopaddtocart.ASP SQL Injection Vulnerability
24. CaLogic Multiple Remote File Include Vulnerabilities
25. KDE Kate, KWrite Local Backup File Information Disclosure Vulnerability
26. Y.SAK Scripts Multiple Remote Arbitrary Command Execution Vulnerabilities
27. MRV Communications In-Reach Console Servers Access Control Bypass Vulnerability
28. e107 Website System Nested BBCode URL Tag Script Injection Vulnerability
29. Hosting Controller Multiple Remote Access Control and SQL Injection Vulnerabilities
30. tForum Member.PHP Cross-Site Scripting Vulnerability
31. ToCA Race Driver Multiple Remote Format String And Buffer Overflow Vulnerabilities
32. VP-ASP Shopproductselect.ASP SQL Injection Vulnerability
33. VP-ASP Shopaddtocartnodb.ASP SQL Injection Vulnerability
34. EKG Insecure Temporary File Creation Vulnerability
35. EKG Unspecified Command Execution Vulnerability
36. Oracle Reports Server DESName Remote File Overwrite Vulnerability
37. Novell GroupWise WebAccess HTML Injection Vulnerability
38. Oracle Reports Server XML File Disclosure Vulnerability
39. Oracle Reports Server Arbitrary File Disclosure Vulnerability
40. Oracle Reports Server Multiple Cross-Site Scripting Vulnerabilities
41. PHPPageProtect Admin.PHP Cross Site Scripting Vulnerability
42. Alt-N MDaemon IMAP Server CREATE Remote Buffer Overflow Vulnerability
43. Oracle Reports Server Unauthorized Report Execution Vulnerability
44. Alt-N MDaemon IMAP Server Authentication Routines Remote Buffer Overflow Vulnerability
45. PHPPageProtect Login.PHP Cross Site Scripting Vulnerability
46. Oracle Forms Services Unauthorized Form Execution Vulnerability
47. SEO-Board Smilies_popup.PHP Cross Site Scripting Vulnerability
48. Apple Mac OS X AirPort Card Automatic Network Association Vulnerability
49. PHPFinance Inc.login.PHP Authentication Bypass Vulnerability
50. Form Sender Processform.PHP3 Name Cross Site Scripting Vulnerability
51. Mozilla Firefox Weak Authentication Mechanism Vulnerability
52. Form Sender Processform.PHP3 Failed Cross Site Scripting Vulnerability
53. MediaWiki Unspecified Remote Cross-Site Scripting Vulnerability
54. CuteNews Search.PHP Cross-Site Scripting Vulnerability
55. PHP Surveyor Multiple Cross-Site Scripting Vulnerabilities
56. Oray PeanutHull Local Privilege Escalation Vulnerability
57. PHP Surveyor Multiple SQL Injection Vulnerabilities
58. PHP-Fusion BBcode Color Tag Code Injection Vulnerability
59. PHPNews Auth.PHP SQL Injection Vulnerability
60. FreeBSD Jail() Devfs Ruleset Bypass Vulnerability
61. ReviewPost Showproduct.PHP Sort SQL Injection Vulnerability
62. Greasemonkey Multiple Remote Information Disclosure Vulnerabilities
63. Website Generator Remote Code Execution Vulnerability
64. Website Generator Multiple Remote Cross Site Scripting Vulnerabilities
65. WhitSoft Development SlimFTPd Multiple Commands Remote Buffer Overflow Vulnerability
66. Zlib Compression Library Decompression Denial Of Service Vulnerability
67. DXXO Count Web Statistics Multiple SQL Injection Vulnerabilities
68. Alwil Software Avast! Antivirus Multiple Vulnerabilities
69. Pyrox Search Newsearch.PHP Whatdoreplace Cross-Site Scripting Vulnerability
70. PHPSiteSearch Search.PHP Query Cross-Site Scripting Vulnerability
71. EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities
72. CMSimple Index.PHP Search Cross-Site Scripting Vulnerability
73. Intruder Client Remote Denial of Service Vulnerability
74. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities
75. Fetchmail POP3 Client Buffer Overflow Vulnerability
76. Ultimate PHP Remote Injection Vulnerabilities
77. Sendcard Sendcard.PHP SQL Injection Vulnerability
78. Contrexx Multiple Input Validation Vulnerabilities
79. PHP TopSites Setup.PHP Authentication Bypass Vulnerability
80. Veritas NetBackup Access Violation Vulnerability
81. ASN Guestbook Multiple Cross-Site Scripting Vulnerabilities
III. SECURITYFOCUS NEWS
1. 3Com launches vulnerability-buying program
2. Oracle taken to task for time to fix vulnerabilities
3. Report: Squatters a major problem for credit-report site
4. Desktop port proliferation a security risk?
5. Spyware 'calling home' volumes soar
6. UK war driver fined £500
7. Dell rejects spyware charge
8. Phlooding attack could leave enterprises high and dry
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Technology Risk Consultant, Los Angeles
2. [SJ-JOB] Account Manager, Bay Area
3. [SJ-JOB] Account Manager, Plano / Dallas
4. [SJ-JOB] Application Security Architect, Bangalore
5. [SJ-JOB] Sales Engineer, Seattle
6. [SJ-JOB] Account Manager, New York
7. [SJ-JOB] Security Researcher, Chicago
8. [SJ-JOB] Account Manager, Munich and Frankfurt
9. [SJ-JOB] Account Manager, Maidenhead, Berkshire
10. [SJ-JOB] Forensics Engineer, Dubai
11. [SJ-JOB] Security System Administrator, Riverside
12. [SJ-JOB] Information Assurance Analyst, Rockville
13. [SJ-JOB] Security Product Marketing Manager, Santa Clara
14. [SJ-JOB] Manager, Information Security, Oklahoma CIty
15. [SJ-JOB] Sales Engineer, Atlanta
16. [SJ-JOB] Security Consultant, Manalapan
17. [SJ-JOB] Security Engineer, Cupertino
18. [SJ-JOB] Security Engineer, Cupertino
19. [SJ-JOB] Security Product Marketing Manager, Santa Clara
20. [SJ-JOB] Security Product Marketing Manager, Beaverton
21. [SJ-JOB] Security Engineer, Reston
22. [SJ-JOB] Security Architect, New York
23. [SJ-JOB] Security Researcher, Herndon
24. [SJ-JOB] Account Manager, Los Angeles
25. [SJ-JOB] Application Security Architect, Dulles
26. [SJ-JOB] Application Security Architect, Fairfax
27. [SJ-JOB] Sr. Security Analyst, Cranford
28. [SJ-JOB] Security Consultant, Mumbai/Bangalore
29. [SJ-JOB] Certification & Accreditation Engineer, DC
30. [SJ-JOB] Security Engineer, New York City
31. [SJ-JOB] Application Security Architect, Sunnyvale
32. [SJ-JOB] Security Researcher, Bangalore
33. [SJ-JOB] Security System Administrator, Sunnyvale
34. [SJ-JOB] Director, Information Security, Alexandria
35. [SJ-JOB] Channel / Business Development, San Diego
36. [SJ-JOB] Sr. Security Engineer, South San Francisco
37. [SJ-JOB] Security Engineer, Washington
38. [SJ-JOB] Security Engineer, Chicago
39. [SJ-JOB] Sales Engineer, New York
40. [SJ-JOB] Security Engineer, Boston
41. [SJ-JOB] VP of Regional Sales, London
42. [SJ-JOB] Security Architect, Seattle
43. [SJ-JOB] Account Manager, Mahwah
44. [SJ-JOB] Account Manager, UK Wide
45. [SJ-JOB] Account Manager, Sterling
46. [SJ-JOB] Jr. Security Analyst, Fort Lauderdale
47. [SJ-JOB] Sales Engineer, Charleston
48. [SJ-JOB] Information Assurance Engineer, Springfield
49. [SJ-JOB] Sales Engineer, Carlsbad
50. [SJ-JOB] Developer, WalnutCreek
51. [SJ-JOB] Developer, Hyderabad
52. [SJ-JOB] VP / Dir / Mgr engineering, WalnutCreek
53. [SJ-JOB] Security Engineer, Dallas
54. [SJ-JOB] Quality Assurance, Cupertino
55. [SJ-JOB] Manager, Information Security, Chicago
56. [SJ-JOB] Information Assurance Analyst, Chicago
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. CSR: challenge update...
VII. MICROSOFT FOCUS LIST SUMMARY
1. Disabling Microsoft FTP service banner.
2. Administrivia: IIS/AV thread
3. Should servers have anti--virus installed on them?
4. SecurityFocus Microsoft Newsletter #248
5. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
6. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Identifying P2P users using traffic analysis
By Yiming Gong
With the popularity of P2P and the bandwidth it consume, there is a growing need to identify P2P users within the network traffic.
http://www.securityfocus.com/infocus/1843
2. Interview with Dan Kaminsky on Microsoft's security
By Federico Biancuzzi
Could you introduce yourself?
http://www.securityfocus.com/columnists/342
II. BUGTRAQ SUMMARY
--------------------
1. Macromedia JRun Unauthorized Session Access Vulnerability
BugTraq ID: 14271
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14271
Summary:
Macromedia JRun is affected by a vulnerability that may allow a user's session to be shared with another user.
Under certain circumstances, two users may share the same session facilitating various attacks including a compromise of the user's account.
It should be noted that this issue cannot be triggered by an attacker and occurs rarely.
JRun 4.0, ColdFusion MX 7.0 Enterprise Multi-Server Edition, and ColdFusion MX 6.1 Enterprise with JRun are affected by this vulnerability.
2. Oracle HTTP Server Unspecified Malformed Request Denial Of Service Vulnerability
BugTraq ID: 14272
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14272
Summary:
Oracle HTTP Server is prone to a denial of service vulnerability.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this vulnerability.
3. Oracle HTTP Server MOD_OSSO Partner Application Cookie Expiration Weakness
BugTraq ID: 14273
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14273
Summary:
The Oracle HTTP Server mod_osso single sign-on module does not properly expire partner application cookies. This could present a security threat if a malicious user has a means to gain unauthorized access to partner application cookies. The expected behavior is that application cookies will expire.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this weakness. This issue could be related to vulnerability DB10 in the Critical Patch Update for July, though this has not been confirmed. This BID will be updated if further information is released.
4. Nullsoft Winamp Malformed ID3v2 Tag Buffer Overflow Vulnerability
BugTraq ID: 14276
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14276
Summary:
Winamp is susceptible to a buffer overflow vulnerability in its ID3v2 functionality. This issue is due to a failure of the application to properly bounds check input data prior to copying it into a fixed size memory buffer.
This issue will facilitate remote exploitation as an attacker may distribute malicious MP3 files and entice unsuspecting users to process them with the affected application.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.
Versions 5.03a, 5.09, and 5.091 are reported vulnerable to this issue. Other versions are also likely affected.
5. Oracle HTTP Server MOD_ORADAV ORAALTPASSWORD Obfuscation Weakness
BugTraq ID: 14277
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14277
Summary:
A security weakness exists in the Oracle HTTP Server mod_oradav module. The issue is that the ORAALTPASSWORD is obfuscated when it should be encrypted. A malicious user with access to the obfuscated password could easily decode it as a result.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this weakness.
6. Clever Copy Calendar.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14278
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14278
Summary:
A cross-site scripting vulnerability affects Clever Copy. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
7. Oracle Webcache SSL Encryption Downgrade Weakness
BugTraq ID: 14279
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14279
Summary:
A security weakness was reported in Oracle Webcache. The issue is that documents may be served with weaker SSL encryption than configured in Oracle HTTP Server.
This could result in a false sense of security.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this weakness.
8. MooseGallery Display.PHP File Include Vulnerability
BugTraq ID: 14280
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14280
Summary:
MooseGallery is susceptible to a remote PHP file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
9. Oracle9i 9.0.1.5 FIPS Single Sign-On Server Unspecified Cross-Site Scripting Vulnerability
BugTraq ID: 14281
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14281
Summary:
An unspecified cross-site scripting vulnerability exists in the Single Sign-On Server (SSO) for Oracle Database Server.
This issue could likely be exploited by enticing a victim to visit a malicious link that includes hostile HTML and script code. Theft of cookie-based authentication credentials from legitimate users could result from exploitation. Other attacks may also be possible.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this vulnerability.
10. Microsoft Internet Explorer JPEG Image Rendering Unspecified Buffer Overflow Vulnerability
BugTraq ID: 14282
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14282
Summary:
Microsoft Internet Explorer is prone to a buffer overflow vulnerability in the JPEG image rendering library used by the browser. This issue is due to a failure of the application to properly bounds check input data prior to copying it to a fixed size memory buffer.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation may result in execution of arbitrary code in the context of the user executing the affected browser.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
11. Hosting Controller Multiple Remote Vulnerabilities
BugTraq ID: 14283
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14283
Summary:
Hosting Controller is reported prone to multiple vulnerabilities. These issues can allow an attacker to carry out SQL injection attacks, gain unauthorized access to scripts, gain elevated privileges and carry out potential denial of service attacks.
Hosting Controller version 6.1 hotfix 2.1 is vulnerable to these issues.
12. Microsoft Internet Explorer JPEG Image Rendering CMP Fencepost Denial Of Service Vulnerability
BugTraq ID: 14284
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14284
Summary:
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue is reportedly similar to the one described in BID 14282.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation results in crashing the affected Web browser. It may be possible that execution of arbitrary code may also be achieved, but this has not been confirmed.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
13. Microsoft Internet Explorer JPEG Image Rendering Memory Consumption Denial Of Service Vulnerability
BugTraq ID: 14285
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14285
Summary:
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation results in crashing the affected Web browser by consuming excessive memory.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
14. Microsoft Internet Explorer JPEG Image Rendering Unspecified Denial Of Service Vulnerability
BugTraq ID: 14286
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14286
Summary:
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation results in crashing the affected Web browser. This vulnerability also reportedly consumes excessive CPU resources.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
15. Sybase EAServer Remote Buffer Overflow Vulnerability
BugTraq ID: 14287
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14287
Summary:
Sybase EAServer is affected by a remote buffer overflow vulnerability.
The vulnerability exists in the server's WebConsole. A successful attack can result in overflowing a finite sized buffer and ultimately leading to arbitrary code execution in the context of the 'jagsrv.exe' process. This may allow the attacker to gain elevated privileges.
It should be noted that an attacker needs to provide authentication credentials prior to carrying out this attack.
16. Microsoft MSN Messenger / Internet Explorer Image ICC Profile Processing Vulnerability
BugTraq ID: 14288
Remote: Yes
Date Published: 2005-07-16
Relevant URL: http://www.securityfocus.com/bid/14288
Summary:
It has been reported that both Microsoft Internet Explorer and MSN Instant Messenger can be crashed if image data with malformed embedded ICC profile data is processed. The condition is likely due to an integer handling error. The author has stated that the crash observed was due to an access violation on a memory read attempt, possibly due to an out-of-bounds array access. This means that the flaw is not immediately exploitable, though there may yet be a way to write data.
17. Invision PowerBoard SQL Injection Privilege Escalation Vulnerability
BugTraq ID: 14289
Remote: Yes
Date Published: 2005-07-16
Relevant URL: http://www.securityfocus.com/bid/14289
Summary:
A vulnerability in Invision PowerBoard has been reported. It is alleged that due to a SQL injection vulnerability, it is possible for attackers to hijack other user accounts. Proof of concept code has been supplied.
18. PowerDNS LDAP Backend Query Escape Failure Vulnerability
BugTraq ID: 14290
Remote: Yes
Date Published: 2005-07-17
Relevant URL: http://www.securityfocus.com/bid/14290
Summary:
The PowerDNS LDAP back-end did not adequately escape requests prior to version 2.9.18. As a result, it was possible for requests to fail without answering questions. This may have security implications in environments where PowerDNS and LDAP are used. The vendor has fixed this in version 2.9.18.
19. PowerDNS Recursive Query Denial of Service Vulnerability
BugTraq ID: 14291
Remote: Yes
Date Published: 2005-07-17
Relevant URL: http://www.securityfocus.com/bid/14291
Summary:
A denial of service vulnerability affects PowerDNS. The vulnerability allows for remote attackers from external networks to cause lookups for authorized hosts to fail. The technical details of this vulnerability are not yet available. The condition occurs when PowerDNS is configured to allow only hosts from specific IP address ranges to perform recursive queries.
20. Shorewall MACLIST Firewall Rules Bypass Vulnerability
BugTraq ID: 14292
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14292
Summary:
Shorewall is susceptible to a firewall rules bypass vulnerability. This issue is due to a failure of the software to properly implement expected firewall rules for MAC address-based filtering.
This issue arrises when 'MACLIST_TTL' is greater than 0, or 'MACLIST_DISPOSITION' is configured as 'ACCEPT'.
This vulnerability allows attackers to bypass firewall rules, letting them attack protected services and computers without further restriction.
This also issue leads to a false sense of security by firewall administrators.
21. Skype Technologies Skype Insecure Temporary File Creation Vulnerability
BugTraq ID: 14293
Remote: No
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14293
Summary:
Skype is affected by an insecure temporary file creation vulnerability.
Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.
Skype 1.1.0.20 and prior versions are affected.
22. OSCommerce Update.PHP Information Disclosure Vulnerability
BugTraq ID: 14294
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14294
Summary:
osCommerce is prone to an information disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the Web server process.
Successful exploitation would result in information disclosure. Information obtained could be used to aid in further attacks against the underlying system; other attacks are also possible.
This issue reportedly affects osCommerce version 2.2 milestone 2; other versions may also be vulnerable.
23. VP-ASP Shopaddtocart.ASP SQL Injection Vulnerability
BugTraq ID: 14295
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14295
Summary:
It is confirmed that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query.
It is possible for an attacker to disclose the user password hashes, or other sensitive information contained within the database by exploiting this issue.There is also the possibility of exploiting latent vulnerabilities in the underlying database implementation.
24. CaLogic Multiple Remote File Include Vulnerabilities
BugTraq ID: 14296
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14296
Summary:
CaLogic is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
These issues reportedly affect CaLogic version 1.2.2; other versions may also be affected.
25. KDE Kate, KWrite Local Backup File Information Disclosure Vulnerability
BugTraq ID: 14297
Remote: No
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14297
Summary:
KDE kate, and kwrite are susceptible to a local information disclosure vulnerability. This issue is due to a failure of the applications to maintain secure file permissions when creating backup files.
This vulnerability allows local attackers to gain access to the contents of potentially sensitive files.
Note: Since these applications are network-aware, under some unknown circumstances, this issue may not be restricted to local attackers.
26. Y.SAK Scripts Multiple Remote Arbitrary Command Execution Vulnerabilities
BugTraq ID: 14299
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14299
Summary:
Y.SAK Scripts are prone to multiple remote command execution vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These issues arise when user-specified data is supplied to the Perl open() routine without proper sanitation.
Successful exploitation of any of these issues may facilitate unauthorized remote access in the context of the Web server to the affected computer.
27. MRV Communications In-Reach Console Servers Access Control Bypass Vulnerability
BugTraq ID: 14300
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14300
Summary:
In-Reach console servers are affected by an access control bypass vulnerability.
Under certain circumstances, the vulnerable devices fail to verify port based access controls and allows a user to access any port or console.
This issue affects In-Reach LX-8000, 4000 and 1000 series devices running software version 3.5.0. Other models may be vulnerable as well.
28. e107 Website System Nested BBCode URL Tag Script Injection Vulnerability
BugTraq ID: 14301
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14301
Summary:
e107 Website System is prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
29. Hosting Controller Multiple Remote Access Control and SQL Injection Vulnerabilities
BugTraq ID: 14302
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14302
Summary:
Hosting Controller is prone to multiple vulnerabilities. These issues can allow an attacker to carry out SQL injection attacks and gain unauthorized access to scripts.
Hosting Controller version 6.1 hotfix 2.2 is vulnerable to these issues.
30. tForum Member.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14303
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14303
Summary:
tForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
31. ToCA Race Driver Multiple Remote Format String And Buffer Overflow Vulnerabilities
BugTraq ID: 14304
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14304
Summary:
ToCA Race Driver is susceptible to multiple remote buffer overflow and format string vulnerabilities. These issues both stem from the improper use of the 'sprintf()' function.
The game utilizes 'sprintf()' to build strings for visualizing text data for the player. The incorrect usage of this function is exploitable in the public chat, and in the in-game server browser. Other locations may also be affected.
These vulnerabilities allow remote attackers to execute arbitrary machine code in the context of affected client applications. This may occur in either a broadcast, or unicast fashion.
32. VP-ASP Shopproductselect.ASP SQL Injection Vulnerability
BugTraq ID: 14305
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14305
Summary:
It is confirmed that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query.
It is possible for an attacker to disclose the user password hashes, or other sensitive information contained within the database by exploiting this issue.There is also the possibility of exploiting latent vulnerabilities in the underlying database implementation.
33. VP-ASP Shopaddtocartnodb.ASP SQL Injection Vulnerability
BugTraq ID: 14306
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14306
Summary:
It is confirmed that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query.
It is possible for an attacker to disclose the user password hashes, or other sensitive information contained within the database by exploiting this issue.There is also the possibility of exploiting latent vulnerabilities in the underlying database implementation.
34. EKG Insecure Temporary File Creation Vulnerability
BugTraq ID: 14307
Remote: No
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14307
Summary:
ekg is reported prone to an unspecified insecure temporary file creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it.
The details available regarding this issue are not sufficient to provide an in depth technical description. This BID will be updated when more information becomes available.
An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application.
35. EKG Unspecified Command Execution Vulnerability
BugTraq ID: 14308
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14308
Summary:
ekg is affected by an unspecified command execution vulnerability.
A successful attack would involve executing shell commands in the context of the application. It may be possible for an attacker to gain unauthorized access to an affected computer by exploiting this issue.
36. Oracle Reports Server DESName Remote File Overwrite Vulnerability
BugTraq ID: 14309
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14309
Summary:
Oracle Reports Server is susceptible to an arbitrary file overwrite vulnerability in its Web interface.
On the Microsoft Windows platform, attackers may exploit this vulnerability to overwrite arbitrary files with System-level privileges. Attackers may overwrite critical system files, resulting in a system-level failures.
On other platforms, attackers may exploit this vulnerability to overwrite arbitrary files with the privileges of the Oracle Applications Server user. Attackers may overwrite critical Oracle files, resulting in an application-level failure.
Database failure, data destruction, and possibly other attacks are possible.
37. Novell GroupWise WebAccess HTML Injection Vulnerability
BugTraq ID: 14310
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14310
Summary:
Novell GroupWise WebAccess is prone to an HTML injection vulnerability. This may be used to inject hostile HTML and script code into the Web mail application. When a user opens an email containing the hostile code, it may be rendered in their browser.
Successful exploitation could potentially allow theft of cookie-based authentication. Other attacks are also possible.
38. Oracle Reports Server XML File Disclosure Vulnerability
BugTraq ID: 14311
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14311
Summary:
Oracle Reports Server may allow remote attackers to disclose parts of arbitrary XML files.
Reportedly, the server fails to restrict users from accessing parts of arbitrary XML files when handling specially crafted HTTP GET requests.
All versions of Oracle Reports Server are reported to be vulnerable to this issue.
39. Oracle Reports Server Arbitrary File Disclosure Vulnerability
BugTraq ID: 14312
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14312
Summary:
Oracle Reports Server may allow remote attackers to disclose parts of arbitrary files.
Reportedly, the server fails to restrict users from accessing parts of arbitrary files when handling specially crafted HTTP GET requests.
All versions of Oracle Reports Server are reported to be vulnerable to this issue.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Oracle Reports Server 9.0.2 with patchset 2 is reported to be vulnerable. Other versions may be affected as well.
41. PHPPageProtect Admin.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14314
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14314
Summary:
A cross-site scripting vulnerability affects PHPPageProtect. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
42. Alt-N MDaemon IMAP Server CREATE Remote Buffer Overflow Vulnerability
BugTraq ID: 14315
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14315
Summary:
Alt-N MDaemon IMAP Server is affected by a remote buffer overflow vulnerability.
This issue presents itself when an attacker submits excessive data through the CREATE command subsequent to authentication
This vulnerability may be leveraged to execute arbitrary code in the context of the server, facilitating unauthorized access to the affected computer.
Alt-N MDaemon 8.03 is reported to be vulnerable. Other versions are likely affected as well.
43. Oracle Reports Server Unauthorized Report Execution Vulnerability
BugTraq ID: 14316
Remote: No
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14316
Summary:
Oracle Reports Server is susceptible to an unauthorized report execution vulnerability.
By placing a report file in a globally accessible location, users can trigger the execution of the report by issuing an HTTP GET request to the affected servlet containing the full path of the file.
Attackers may exploit this vulnerability to execute arbitrary commands, or read/write arbitrary files with the privileges of the Oracle account under which the server is executing.
It should be noted that this issue may be remotely exploited if an attacker has means to write files to the serving computer (WebDAV, FTP, CIFS, etc.) without local access.
44. Alt-N MDaemon IMAP Server Authentication Routines Remote Buffer Overflow Vulnerability
BugTraq ID: 14317
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14317
Summary:
Alt-N MDaemon IMAP Server is affected by a remote buffer overflow vulnerability.
A specially crafted request can corrupt process memory and lead to an overflow condition.
This issue may be leveraged to execute arbitrary code in the context of the server. This may facilitate unauthorized access to the affected computer.
Alt-N MDaemon 8.03 is reported to be vulnerable. Other versions are likely affected as well.
45. PHPPageProtect Login.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14318
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14318
Summary:
A cross-site scripting vulnerability affects PHPPageProtect. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
46. Oracle Forms Services Unauthorized Form Execution Vulnerability
BugTraq ID: 14319
Remote: No
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14319
Summary:
Oracle Forms Services is susceptible to an unauthorized form execution vulnerability.
Attackers may exploit this vulnerability to execute arbitrary commands with the privileges of the Oracle account under which the server is executing.
It should be noted that this issue may be remotely exploited if an attacker has means to write files to the serving computer (WebDAV, FTP, CIFS, etc.) without local access.
47. SEO-Board Smilies_popup.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14320
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14320
Summary:
A cross-site scripting vulnerability affects SEO-Board. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
48. Apple Mac OS X AirPort Card Automatic Network Association Vulnerability
BugTraq ID: 14321
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14321
Summary:
Apple Mac OS X is affected by a vulnerability that may cause a computer to connect to a potentially malicious network without prior notification.
This can lead to various attacks against the affected computer.
This issue does not affect AirPort Extreme.
49. PHPFinance Inc.login.PHP Authentication Bypass Vulnerability
BugTraq ID: 14322
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14322
Summary:
PHPFinance is prone to an authentication bypass vulnerability. An error in the authentication mechanism can permit attackers to bypass authentication and gain access to the vulnerable application.
Once access has been achieved, the malicious user has full control of the application. This may aid in further attacks against the underlying system.
50. Form Sender Processform.PHP3 Name Cross Site Scripting Vulnerability
BugTraq ID: 14324
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14324
Summary:
A cross-site scripting vulnerability affects Form Sender. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
51. Mozilla Firefox Weak Authentication Mechanism Vulnerability
BugTraq ID: 14325
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14325
Summary:
Firefox is affected by a vulnerability that may result in sending authentication credentials across the network in plaintext format.
By default, the browser chooses basic authentication even if other authentication schemas such as Digest or NTLM are available from the server.
Mozilla Firefox 1.0.4 and 1.0.5 running on Windows are confirmed to be vulnerable. Other versions on different platforms may be affected as well.
52. Form Sender Processform.PHP3 Failed Cross Site Scripting Vulnerability
BugTraq ID: 14326
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14326
Summary:
A cross-site scripting vulnerability affects Form Sender. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
53. MediaWiki Unspecified Remote Cross-Site Scripting Vulnerability
BugTraq ID: 14327
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14327
Summary:
MediaWiki is prone to cross-site scripting attacks.
The specific scripts and parameters that are affected by this issue are currently unknown. This BID will be updated as more details are released.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
MediaWiki 1.4.6 and prior versions are affected.
54. CuteNews Search.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14328
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14328
Summary:
CuteNews is affected by a cross-site scripting vulnerability.
The problem presents itself when malicious HTML and script code is sent to the application through the 'search.php' script.
This issue may allow for theft of cookie-based authentication credentials or other attacks.
This vulnerability is reported to exist in version 1.3.6. Prior versions of CuteNews may be vulnerable as well.
55. PHP Surveyor Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14329
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14329
Summary:
PHP Surveyor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
56. Oray PeanutHull Local Privilege Escalation Vulnerability
BugTraq ID: 14330
Remote: No
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14330
Summary:
PeanutHull is affected by a local privilege escalation vulnerability.
The application allows local users to launch arbitrary executables with SYSTEM privileges.
PeanutHull 3.0 Beta 5 and prior versions are vulnerable to this issue.
57. PHP Surveyor Multiple SQL Injection Vulnerabilities
BugTraq ID: 14331
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14331
Summary:
PHP Surveyor is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
58. PHP-Fusion BBcode Color Tag Code Injection Vulnerability
BugTraq ID: 14332
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14332
Summary:
PHPFusion fails to properly sanitize BBCode '[color]' tags in message posts. This issue can be exploited to inject certain CSS (Cascading Style Sheet) code.
Exploitation of this vulnerability may allow an attacker to manipulate content or launch other attacks.
59. PHPNews Auth.PHP SQL Injection Vulnerability
BugTraq ID: 14333
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14333
Summary:
PHPNews is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
60. FreeBSD Jail() Devfs Ruleset Bypass Vulnerability
BugTraq ID: 14334
Remote: No
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14334
Summary:
FreeBSD is prone to a vulnerability that may allow local attackers to gain access to restricted resources on a computer.
This issue allows local attackers to access hidden device nodes on devfs file systems from within a jail. The attacker can create sensitive device nodes in the jail with default access permissions.
A successful attack can lead to information disclosure and privilege escalation.
61. ReviewPost Showproduct.PHP Sort SQL Injection Vulnerability
BugTraq ID: 14335
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14335
Summary:
ReviewPost is prone to a SQL injection vulnerability.
This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
62. Greasemonkey Multiple Remote Information Disclosure Vulnerabilities
BugTraq ID: 14336
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14336
Summary:
Greasemonkey is susceptible to multiple remote information disclosure vulnerabilities. These issues are due to a design error allowing insecure JavaScript functions to be executed by remote Web sites.
The specified issues exist in the 'GM_xmlhttpRequest()', 'GM_setValue()', and 'GM_scripts()' functions.
Other GM_* functions also likely to be affected, but the exact functions are not known at this time.
These vulnerabilities allow remote attackers to retrieve the contents of arbitrary files, retrieve directory listings from arbitrary locations, and retrieve the contents of various private Greasemonkey data structures. This aids them in further attacks.
63. Website Generator Remote Code Execution Vulnerability
BugTraq ID: 14337
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14337
Summary:
A remote script code execution vulnerability affects Website Generator. This is due to a failure of the application to properly sanitize input.
An attacker may be able to exploit this issue to execute arbitrary script code with the privileges of an unsuspecting user that activated the affected Web browser.
64. Website Generator Multiple Remote Cross Site Scripting Vulnerabilities
BugTraq ID: 14338
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14338
Summary:
Website Generator is prone to multiple cross-site scripting vulnerabilities.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
65. WhitSoft Development SlimFTPd Multiple Commands Remote Buffer Overflow Vulnerability
BugTraq ID: 14339
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14339
Summary:
A remote buffer overflow vulnerability affects WhitSoft Development SlimFTPd.
The problem presents itself when an authenticated user issues a command with excessive string values as parameters.
An attacker can leverage this issue to execute arbitrary machine code with the privileges of the affected FTP server, facilitating unauthorized access to the vulnerable computer.
66. Zlib Compression Library Decompression Denial Of Service Vulnerability
BugTraq ID: 14340
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14340
Summary:
Zlib is susceptible to a denial of service vulnerability. This issue is due to a failure of the library to properly handle unexpected input to its decompression routines.
Certain values used during decompression are incorrectly specified, allowing invalid inflate input to crash the library.
This vulnerability allows attackers to crash applications that utilize the affected library.
67. DXXO Count Web Statistics Multiple SQL Injection Vulnerabilities
BugTraq ID: 14341
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14341
Summary:
dxxo Count Web Statistics is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
68. Alwil Software Avast! Antivirus Multiple Vulnerabilities
BugTraq ID: 14342
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14342
Summary:
Avast! is affected by multiple remote vulnerabilities. These issues can allow an attacker to write files to arbitrary directories and exploit a remote buffer overflow to execute arbitrary code.
These issues can lead to a complete compromise of the vulnerable computer.
69. Pyrox Search Newsearch.PHP Whatdoreplace Cross-Site Scripting Vulnerability
BugTraq ID: 14343
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14343
Summary:
A cross-site scripting vulnerability affects Pyrox Search. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
70. PHPSiteSearch Search.PHP Query Cross-Site Scripting Vulnerability
BugTraq ID: 14344
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14344
Summary:
A cross-site scripting vulnerability affects PHPSiteSearch. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
71. EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities
BugTraq ID: 14345
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14345
Summary:
EKG libgadu is susceptible to multiple remote integer overflow vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input data prior to using it in memory allocation and copy operations.
Attackers may exploit these vulnerabilities to execute arbitrary machine code in the context of applications that utilize the affected library. Failed exploitation attempts likely result in crashed applications.
72. CMSimple Index.PHP Search Cross-Site Scripting Vulnerability
BugTraq ID: 14346
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14346
Summary:
A cross-site scripting vulnerability affects CMSimple. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
73. Intruder Client Remote Denial of Service Vulnerability
BugTraq ID: 14347
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14347
Summary:
Intruder is prone to a remote denial of service vulnerability. This issue is due to a failure in the application to handle exceptional conditions.
The application fails to deal with data received in a proper manner. An attacker can exploit this vulnerability by sending malicious data to the affected application and crash it, denying service to legitimate users. Reports indicate an attacker can also rename arbitrary files on the affected machine; other attacks may also be possible.
74. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14348
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14348
Summary:
A cross-site scripting vulnerability affects Ultimate PHP Board. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
75. Fetchmail POP3 Client Buffer Overflow Vulnerability
BugTraq ID: 14349
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14349
Summary:
Fetchmail POP3 client is prone to a buffer overflow vulnerability. This issue presents itself because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers. This includes POP variants such as APOP, and others.
A successful attack can result in overflowing a finite sized buffer and ultimately leading to arbitrary code execution in the context of the fetchmail process. This may allow the attacker to gain elevated privileges.
76. Ultimate PHP Remote Injection Vulnerabilities
BugTraq ID: 14350
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14350
Summary:
Ultimate PHP is prone to multiple HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
77. Sendcard Sendcard.PHP SQL Injection Vulnerability
BugTraq ID: 14351
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14351
Summary:
Sendcard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
This issue reportedly affects Sendcard version 3.2.3; other versions may also be vulnerable.
78. Contrexx Multiple Input Validation Vulnerabilities
BugTraq ID: 14352
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14352
Summary:
Contrexx is affected by multiple input validation vulnerabilities. These issues can allow an attacker to carry out HTML injection, SQL injection and information disclosure attacks.
Contrexx versions prior to 1.0.5 are affected.
79. PHP TopSites Setup.PHP Authentication Bypass Vulnerability
BugTraq ID: 14353
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14353
Summary:
PHP TopSites is prone to an authentication bypass wulnerbility. An attacker may bypass authentication and gain access to the vulnerable application.
Once access has been achieved, the malicious user has full control of the application. This may aid in further attacks against the underlying system.
80. Veritas NetBackup Access Violation Vulnerability
BugTraq ID: 14355
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14355
Summary:
Veritas NetBackup may be prone to an access violation error.
It is conjectured that this issue may arise due to NULL pointer dereference, although this is not confirmed. An attacker may disclose potentially sensitive data or crash the application by exploiting this vulnerability.
Veritas NetBackup 5.1 running on Microsoft Windows platform is reported to be vulnerable to this issue.
81. ASN Guestbook Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14356
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14356
Summary:
Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. 3Com launches vulnerability-buying program
By: Robert Lemos
UPDATE: Under the Zero Day Initiative, 3Com plans to pay security researchers for information on vulnerabilities and award bonuses to prolific flaw finders.
http://www.securityfocus.com/news/11253
2. Oracle taken to task for time to fix vulnerabilities
By: Robert Lemos
Claiming the company failed to fix six flaws despite having more than 650 days to issue a patch, security researchers at Red Database publish details of the vulnerabilities.
http://www.securityfocus.com/news/11252
3. Report: Squatters a major problem for credit-report site
By: Robert Lemos
For consumers looking to get free credit reports at the government-created AnnualCreditReport.com site, misspellings can mean lost money or even lost privacy, a reports charges.
http://www.securityfocus.com/news/11251
4. Desktop port proliferation a security risk?
By: Robert Lemos
Peer-to-peer software applications that require users to open ports in their firewalls are becoming more popular. The effect on desktop security is still uncertain, however.
http://www.securityfocus.com/news/11248
5. Spyware 'calling home' volumes soar
By: John Leyden
Outbound spyware transmissions from infested machines accounted for up to eight per cent of total outbound web traffic in pilot tests of a new managed spyware screening service.
http://www.securityfocus.com/news/11254
6. UK war driver fined £500
By: John Leyden
A man was last week fined £500 after a British jury found him guilty of using a neighborhood wireless broadband connection without permission.
http://www.securityfocus.com/news/11255
7. Dell rejects spyware charge
By: John Leyden
Dell has rejected allegations that its PCs come pre-loaded with an intrusive application that spies on users' surfing habits.
http://www.securityfocus.com/news/11250
8. Phlooding attack could leave enterprises high and dry
By: John Leyden
You've got to hand it to the IT security industry for its ability to coin new and impressive sounding terms for security threats.
http://www.securityfocus.com/news/11249
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Technology Risk Consultant, Los Angeles
http://www.securityfocus.com/archive/77/406432
2. [SJ-JOB] Account Manager, Bay Area
http://www.securityfocus.com/archive/77/406433
3. [SJ-JOB] Account Manager, Plano / Dallas
http://www.securityfocus.com/archive/77/406429
55. [SJ-JOB] Manager, Information Security, Chicago
http://www.securityfocus.com/archive/77/405624
56. [SJ-JOB] Information Assurance Analyst, Chicago
http://www.securityfocus.com/archive/77/405625
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. CSR: challenge update...
http://www.securityfocus.com/archive/82/406418
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Disabling Microsoft FTP service banner.
http://www.securityfocus.com/archive/88/406235
3. Should servers have anti--virus installed on them?
http://www.securityfocus.com/archive/88/405896
4. SecurityFocus Microsoft Newsletter #248
http://www.securityfocus.com/archive/88/405798
5. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
http://www.securityfocus.com/archive/88/405749
6. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
http://www.securityfocus.com/archive/88/405648
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: CrossTec
NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
----------------------------------------
This Issue is Sponsored By: CrossTec
NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
http://www.securityfocus.com/sponsor/CrossTec_sf-news_050726
------------------------------------------------------------------
I. FRONT AND CENTER
1. Identifying P2P users using traffic analysis
2. Interview with Dan Kaminsky on Microsoft's security
II. BUGTRAQ SUMMARY
1. Macromedia JRun Unauthorized Session Access Vulnerability
2. Oracle HTTP Server Unspecified Malformed Request Denial Of Service Vulnerability
3. Oracle HTTP Server MOD_OSSO Partner Application Cookie Expiration Weakness
4. Nullsoft Winamp Malformed ID3v2 Tag Buffer Overflow Vulnerability
5. Oracle HTTP Server MOD_ORADAV ORAALTPASSWORD Obfuscation Weakness
6. Clever Copy Calendar.PHP Cross-Site Scripting Vulnerability
7. Oracle Webcache SSL Encryption Downgrade Weakness
8. MooseGallery Display.PHP File Include Vulnerability
9. Oracle9i 9.0.1.5 FIPS Single Sign-On Server Unspecified Cross-Site Scripting Vulnerability
10. Microsoft Internet Explorer JPEG Image Rendering Unspecified Buffer Overflow Vulnerability
11. Hosting Controller Multiple Remote Vulnerabilities
12. Microsoft Internet Explorer JPEG Image Rendering CMP Fencepost Denial Of Service Vulnerability
13. Microsoft Internet Explorer JPEG Image Rendering Memory Consumption Denial Of Service Vulnerability
14. Microsoft Internet Explorer JPEG Image Rendering Unspecified Denial Of Service Vulnerability
15. Sybase EAServer Remote Buffer Overflow Vulnerability
16. Microsoft MSN Messenger / Internet Explorer Image ICC Profile Processing Vulnerability
17. Invision PowerBoard SQL Injection Privilege Escalation Vulnerability
18. PowerDNS LDAP Backend Query Escape Failure Vulnerability
19. PowerDNS Recursive Query Denial of Service Vulnerability
20. Shorewall MACLIST Firewall Rules Bypass Vulnerability
21. Skype Technologies Skype Insecure Temporary File Creation Vulnerability
22. OSCommerce Update.PHP Information Disclosure Vulnerability
23. VP-ASP Shopaddtocart.ASP SQL Injection Vulnerability
24. CaLogic Multiple Remote File Include Vulnerabilities
25. KDE Kate, KWrite Local Backup File Information Disclosure Vulnerability
26. Y.SAK Scripts Multiple Remote Arbitrary Command Execution Vulnerabilities
27. MRV Communications In-Reach Console Servers Access Control Bypass Vulnerability
28. e107 Website System Nested BBCode URL Tag Script Injection Vulnerability
29. Hosting Controller Multiple Remote Access Control and SQL Injection Vulnerabilities
30. tForum Member.PHP Cross-Site Scripting Vulnerability
31. ToCA Race Driver Multiple Remote Format String And Buffer Overflow Vulnerabilities
32. VP-ASP Shopproductselect.ASP SQL Injection Vulnerability
33. VP-ASP Shopaddtocartnodb.ASP SQL Injection Vulnerability
34. EKG Insecure Temporary File Creation Vulnerability
35. EKG Unspecified Command Execution Vulnerability
36. Oracle Reports Server DESName Remote File Overwrite Vulnerability
37. Novell GroupWise WebAccess HTML Injection Vulnerability
38. Oracle Reports Server XML File Disclosure Vulnerability
39. Oracle Reports Server Arbitrary File Disclosure Vulnerability
40. Oracle Reports Server Multiple Cross-Site Scripting Vulnerabilities
41. PHPPageProtect Admin.PHP Cross Site Scripting Vulnerability
42. Alt-N MDaemon IMAP Server CREATE Remote Buffer Overflow Vulnerability
43. Oracle Reports Server Unauthorized Report Execution Vulnerability
44. Alt-N MDaemon IMAP Server Authentication Routines Remote Buffer Overflow Vulnerability
45. PHPPageProtect Login.PHP Cross Site Scripting Vulnerability
46. Oracle Forms Services Unauthorized Form Execution Vulnerability
47. SEO-Board Smilies_popup.PHP Cross Site Scripting Vulnerability
48. Apple Mac OS X AirPort Card Automatic Network Association Vulnerability
49. PHPFinance Inc.login.PHP Authentication Bypass Vulnerability
50. Form Sender Processform.PHP3 Name Cross Site Scripting Vulnerability
51. Mozilla Firefox Weak Authentication Mechanism Vulnerability
52. Form Sender Processform.PHP3 Failed Cross Site Scripting Vulnerability
53. MediaWiki Unspecified Remote Cross-Site Scripting Vulnerability
54. CuteNews Search.PHP Cross-Site Scripting Vulnerability
55. PHP Surveyor Multiple Cross-Site Scripting Vulnerabilities
56. Oray PeanutHull Local Privilege Escalation Vulnerability
57. PHP Surveyor Multiple SQL Injection Vulnerabilities
58. PHP-Fusion BBcode Color Tag Code Injection Vulnerability
59. PHPNews Auth.PHP SQL Injection Vulnerability
60. FreeBSD Jail() Devfs Ruleset Bypass Vulnerability
61. ReviewPost Showproduct.PHP Sort SQL Injection Vulnerability
62. Greasemonkey Multiple Remote Information Disclosure Vulnerabilities
63. Website Generator Remote Code Execution Vulnerability
64. Website Generator Multiple Remote Cross Site Scripting Vulnerabilities
65. WhitSoft Development SlimFTPd Multiple Commands Remote Buffer Overflow Vulnerability
66. Zlib Compression Library Decompression Denial Of Service Vulnerability
67. DXXO Count Web Statistics Multiple SQL Injection Vulnerabilities
68. Alwil Software Avast! Antivirus Multiple Vulnerabilities
69. Pyrox Search Newsearch.PHP Whatdoreplace Cross-Site Scripting Vulnerability
70. PHPSiteSearch Search.PHP Query Cross-Site Scripting Vulnerability
71. EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities
72. CMSimple Index.PHP Search Cross-Site Scripting Vulnerability
73. Intruder Client Remote Denial of Service Vulnerability
74. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities
75. Fetchmail POP3 Client Buffer Overflow Vulnerability
76. Ultimate PHP Remote Injection Vulnerabilities
77. Sendcard Sendcard.PHP SQL Injection Vulnerability
78. Contrexx Multiple Input Validation Vulnerabilities
79. PHP TopSites Setup.PHP Authentication Bypass Vulnerability
80. Veritas NetBackup Access Violation Vulnerability
81. ASN Guestbook Multiple Cross-Site Scripting Vulnerabilities
III. SECURITYFOCUS NEWS
1. 3Com launches vulnerability-buying program
2. Oracle taken to task for time to fix vulnerabilities
3. Report: Squatters a major problem for credit-report site
4. Desktop port proliferation a security risk?
5. Spyware 'calling home' volumes soar
6. UK war driver fined £500
7. Dell rejects spyware charge
8. Phlooding attack could leave enterprises high and dry
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Technology Risk Consultant, Los Angeles
2. [SJ-JOB] Account Manager, Bay Area
3. [SJ-JOB] Account Manager, Plano / Dallas
4. [SJ-JOB] Application Security Architect, Bangalore
5. [SJ-JOB] Sales Engineer, Seattle
6. [SJ-JOB] Account Manager, New York
7. [SJ-JOB] Security Researcher, Chicago
8. [SJ-JOB] Account Manager, Munich and Frankfurt
9. [SJ-JOB] Account Manager, Maidenhead, Berkshire
10. [SJ-JOB] Forensics Engineer, Dubai
11. [SJ-JOB] Security System Administrator, Riverside
12. [SJ-JOB] Information Assurance Analyst, Rockville
13. [SJ-JOB] Security Product Marketing Manager, Santa Clara
14. [SJ-JOB] Manager, Information Security, Oklahoma CIty
15. [SJ-JOB] Sales Engineer, Atlanta
16. [SJ-JOB] Security Consultant, Manalapan
17. [SJ-JOB] Security Engineer, Cupertino
18. [SJ-JOB] Security Engineer, Cupertino
19. [SJ-JOB] Security Product Marketing Manager, Santa Clara
20. [SJ-JOB] Security Product Marketing Manager, Beaverton
21. [SJ-JOB] Security Engineer, Reston
22. [SJ-JOB] Security Architect, New York
23. [SJ-JOB] Security Researcher, Herndon
24. [SJ-JOB] Account Manager, Los Angeles
25. [SJ-JOB] Application Security Architect, Dulles
26. [SJ-JOB] Application Security Architect, Fairfax
27. [SJ-JOB] Sr. Security Analyst, Cranford
28. [SJ-JOB] Security Consultant, Mumbai/Bangalore
29. [SJ-JOB] Certification & Accreditation Engineer, DC
30. [SJ-JOB] Security Engineer, New York City
31. [SJ-JOB] Application Security Architect, Sunnyvale
32. [SJ-JOB] Security Researcher, Bangalore
33. [SJ-JOB] Security System Administrator, Sunnyvale
34. [SJ-JOB] Director, Information Security, Alexandria
35. [SJ-JOB] Channel / Business Development, San Diego
36. [SJ-JOB] Sr. Security Engineer, South San Francisco
37. [SJ-JOB] Security Engineer, Washington
38. [SJ-JOB] Security Engineer, Chicago
39. [SJ-JOB] Sales Engineer, New York
40. [SJ-JOB] Security Engineer, Boston
41. [SJ-JOB] VP of Regional Sales, London
42. [SJ-JOB] Security Architect, Seattle
43. [SJ-JOB] Account Manager, Mahwah
44. [SJ-JOB] Account Manager, UK Wide
45. [SJ-JOB] Account Manager, Sterling
46. [SJ-JOB] Jr. Security Analyst, Fort Lauderdale
47. [SJ-JOB] Sales Engineer, Charleston
48. [SJ-JOB] Information Assurance Engineer, Springfield
49. [SJ-JOB] Sales Engineer, Carlsbad
50. [SJ-JOB] Developer, WalnutCreek
51. [SJ-JOB] Developer, Hyderabad
52. [SJ-JOB] VP / Dir / Mgr engineering, WalnutCreek
53. [SJ-JOB] Security Engineer, Dallas
54. [SJ-JOB] Quality Assurance, Cupertino
55. [SJ-JOB] Manager, Information Security, Chicago
56. [SJ-JOB] Information Assurance Analyst, Chicago
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. CSR: challenge update...
VII. MICROSOFT FOCUS LIST SUMMARY
1. Disabling Microsoft FTP service banner.
2. Administrivia: IIS/AV thread
3. Should servers have anti--virus installed on them?
4. SecurityFocus Microsoft Newsletter #248
5. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
6. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Identifying P2P users using traffic analysis
By Yiming Gong
With the popularity of P2P and the bandwidth it consume, there is a growing need to identify P2P users within the network traffic.
http://www.securityfocus.com/infocus/1843
2. Interview with Dan Kaminsky on Microsoft's security
By Federico Biancuzzi
Could you introduce yourself?
http://www.securityfocus.com/columnists/342
II. BUGTRAQ SUMMARY
--------------------
1. Macromedia JRun Unauthorized Session Access Vulnerability
BugTraq ID: 14271
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14271
Summary:
Macromedia JRun is affected by a vulnerability that may allow a user's session to be shared with another user.
Under certain circumstances, two users may share the same session facilitating various attacks including a compromise of the user's account.
It should be noted that this issue cannot be triggered by an attacker and occurs rarely.
JRun 4.0, ColdFusion MX 7.0 Enterprise Multi-Server Edition, and ColdFusion MX 6.1 Enterprise with JRun are affected by this vulnerability.
2. Oracle HTTP Server Unspecified Malformed Request Denial Of Service Vulnerability
BugTraq ID: 14272
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14272
Summary:
Oracle HTTP Server is prone to a denial of service vulnerability.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this vulnerability.
3. Oracle HTTP Server MOD_OSSO Partner Application Cookie Expiration Weakness
BugTraq ID: 14273
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14273
Summary:
The Oracle HTTP Server mod_osso single sign-on module does not properly expire partner application cookies. This could present a security threat if a malicious user has a means to gain unauthorized access to partner application cookies. The expected behavior is that application cookies will expire.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this weakness. This issue could be related to vulnerability DB10 in the Critical Patch Update for July, though this has not been confirmed. This BID will be updated if further information is released.
4. Nullsoft Winamp Malformed ID3v2 Tag Buffer Overflow Vulnerability
BugTraq ID: 14276
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14276
Summary:
Winamp is susceptible to a buffer overflow vulnerability in its ID3v2 functionality. This issue is due to a failure of the application to properly bounds check input data prior to copying it into a fixed size memory buffer.
This issue will facilitate remote exploitation as an attacker may distribute malicious MP3 files and entice unsuspecting users to process them with the affected application.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.
Versions 5.03a, 5.09, and 5.091 are reported vulnerable to this issue. Other versions are also likely affected.
5. Oracle HTTP Server MOD_ORADAV ORAALTPASSWORD Obfuscation Weakness
BugTraq ID: 14277
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14277
Summary:
A security weakness exists in the Oracle HTTP Server mod_oradav module. The issue is that the ORAALTPASSWORD is obfuscated when it should be encrypted. A malicious user with access to the obfuscated password could easily decode it as a result.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this weakness.
6. Clever Copy Calendar.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14278
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14278
Summary:
A cross-site scripting vulnerability affects Clever Copy. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
7. Oracle Webcache SSL Encryption Downgrade Weakness
BugTraq ID: 14279
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14279
Summary:
A security weakness was reported in Oracle Webcache. The issue is that documents may be served with weaker SSL encryption than configured in Oracle HTTP Server.
This could result in a false sense of security.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this weakness.
8. MooseGallery Display.PHP File Include Vulnerability
BugTraq ID: 14280
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14280
Summary:
MooseGallery is susceptible to a remote PHP file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
9. Oracle9i 9.0.1.5 FIPS Single Sign-On Server Unspecified Cross-Site Scripting Vulnerability
BugTraq ID: 14281
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14281
Summary:
An unspecified cross-site scripting vulnerability exists in the Single Sign-On Server (SSO) for Oracle Database Server.
This issue could likely be exploited by enticing a victim to visit a malicious link that includes hostile HTML and script code. Theft of cookie-based authentication credentials from legitimate users could result from exploitation. Other attacks may also be possible.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. Oracle has not released any further information about this vulnerability.
10. Microsoft Internet Explorer JPEG Image Rendering Unspecified Buffer Overflow Vulnerability
BugTraq ID: 14282
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14282
Summary:
Microsoft Internet Explorer is prone to a buffer overflow vulnerability in the JPEG image rendering library used by the browser. This issue is due to a failure of the application to properly bounds check input data prior to copying it to a fixed size memory buffer.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation may result in execution of arbitrary code in the context of the user executing the affected browser.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
11. Hosting Controller Multiple Remote Vulnerabilities
BugTraq ID: 14283
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14283
Summary:
Hosting Controller is reported prone to multiple vulnerabilities. These issues can allow an attacker to carry out SQL injection attacks, gain unauthorized access to scripts, gain elevated privileges and carry out potential denial of service attacks.
Hosting Controller version 6.1 hotfix 2.1 is vulnerable to these issues.
12. Microsoft Internet Explorer JPEG Image Rendering CMP Fencepost Denial Of Service Vulnerability
BugTraq ID: 14284
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14284
Summary:
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue is reportedly similar to the one described in BID 14282.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation results in crashing the affected Web browser. It may be possible that execution of arbitrary code may also be achieved, but this has not been confirmed.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
13. Microsoft Internet Explorer JPEG Image Rendering Memory Consumption Denial Of Service Vulnerability
BugTraq ID: 14285
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14285
Summary:
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation results in crashing the affected Web browser by consuming excessive memory.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
14. Microsoft Internet Explorer JPEG Image Rendering Unspecified Denial Of Service Vulnerability
BugTraq ID: 14286
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14286
Summary:
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser.
This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed.
Successful exploitation results in crashing the affected Web browser. This vulnerability also reportedly consumes excessive CPU resources.
This issue was reported in Internet Explorer 6 SP2. Previous versions may also be affected.
15. Sybase EAServer Remote Buffer Overflow Vulnerability
BugTraq ID: 14287
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14287
Summary:
Sybase EAServer is affected by a remote buffer overflow vulnerability.
The vulnerability exists in the server's WebConsole. A successful attack can result in overflowing a finite sized buffer and ultimately leading to arbitrary code execution in the context of the 'jagsrv.exe' process. This may allow the attacker to gain elevated privileges.
It should be noted that an attacker needs to provide authentication credentials prior to carrying out this attack.
16. Microsoft MSN Messenger / Internet Explorer Image ICC Profile Processing Vulnerability
BugTraq ID: 14288
Remote: Yes
Date Published: 2005-07-16
Relevant URL: http://www.securityfocus.com/bid/14288
Summary:
It has been reported that both Microsoft Internet Explorer and MSN Instant Messenger can be crashed if image data with malformed embedded ICC profile data is processed. The condition is likely due to an integer handling error. The author has stated that the crash observed was due to an access violation on a memory read attempt, possibly due to an out-of-bounds array access. This means that the flaw is not immediately exploitable, though there may yet be a way to write data.
17. Invision PowerBoard SQL Injection Privilege Escalation Vulnerability
BugTraq ID: 14289
Remote: Yes
Date Published: 2005-07-16
Relevant URL: http://www.securityfocus.com/bid/14289
Summary:
A vulnerability in Invision PowerBoard has been reported. It is alleged that due to a SQL injection vulnerability, it is possible for attackers to hijack other user accounts. Proof of concept code has been supplied.
18. PowerDNS LDAP Backend Query Escape Failure Vulnerability
BugTraq ID: 14290
Remote: Yes
Date Published: 2005-07-17
Relevant URL: http://www.securityfocus.com/bid/14290
Summary:
The PowerDNS LDAP back-end did not adequately escape requests prior to version 2.9.18. As a result, it was possible for requests to fail without answering questions. This may have security implications in environments where PowerDNS and LDAP are used. The vendor has fixed this in version 2.9.18.
19. PowerDNS Recursive Query Denial of Service Vulnerability
BugTraq ID: 14291
Remote: Yes
Date Published: 2005-07-17
Relevant URL: http://www.securityfocus.com/bid/14291
Summary:
A denial of service vulnerability affects PowerDNS. The vulnerability allows for remote attackers from external networks to cause lookups for authorized hosts to fail. The technical details of this vulnerability are not yet available. The condition occurs when PowerDNS is configured to allow only hosts from specific IP address ranges to perform recursive queries.
20. Shorewall MACLIST Firewall Rules Bypass Vulnerability
BugTraq ID: 14292
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14292
Summary:
Shorewall is susceptible to a firewall rules bypass vulnerability. This issue is due to a failure of the software to properly implement expected firewall rules for MAC address-based filtering.
This issue arrises when 'MACLIST_TTL' is greater than 0, or 'MACLIST_DISPOSITION' is configured as 'ACCEPT'.
This vulnerability allows attackers to bypass firewall rules, letting them attack protected services and computers without further restriction.
This also issue leads to a false sense of security by firewall administrators.
21. Skype Technologies Skype Insecure Temporary File Creation Vulnerability
BugTraq ID: 14293
Remote: No
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14293
Summary:
Skype is affected by an insecure temporary file creation vulnerability.
Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.
Skype 1.1.0.20 and prior versions are affected.
22. OSCommerce Update.PHP Information Disclosure Vulnerability
BugTraq ID: 14294
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14294
Summary:
osCommerce is prone to an information disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the Web server process.
Successful exploitation would result in information disclosure. Information obtained could be used to aid in further attacks against the underlying system; other attacks are also possible.
This issue reportedly affects osCommerce version 2.2 milestone 2; other versions may also be vulnerable.
23. VP-ASP Shopaddtocart.ASP SQL Injection Vulnerability
BugTraq ID: 14295
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14295
Summary:
It is confirmed that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query.
It is possible for an attacker to disclose the user password hashes, or other sensitive information contained within the database by exploiting this issue.There is also the possibility of exploiting latent vulnerabilities in the underlying database implementation.
24. CaLogic Multiple Remote File Include Vulnerabilities
BugTraq ID: 14296
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14296
Summary:
CaLogic is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
These issues reportedly affect CaLogic version 1.2.2; other versions may also be affected.
25. KDE Kate, KWrite Local Backup File Information Disclosure Vulnerability
BugTraq ID: 14297
Remote: No
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14297
Summary:
KDE kate, and kwrite are susceptible to a local information disclosure vulnerability. This issue is due to a failure of the applications to maintain secure file permissions when creating backup files.
This vulnerability allows local attackers to gain access to the contents of potentially sensitive files.
Note: Since these applications are network-aware, under some unknown circumstances, this issue may not be restricted to local attackers.
26. Y.SAK Scripts Multiple Remote Arbitrary Command Execution Vulnerabilities
BugTraq ID: 14299
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14299
Summary:
Y.SAK Scripts are prone to multiple remote command execution vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These issues arise when user-specified data is supplied to the Perl open() routine without proper sanitation.
Successful exploitation of any of these issues may facilitate unauthorized remote access in the context of the Web server to the affected computer.
27. MRV Communications In-Reach Console Servers Access Control Bypass Vulnerability
BugTraq ID: 14300
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14300
Summary:
In-Reach console servers are affected by an access control bypass vulnerability.
Under certain circumstances, the vulnerable devices fail to verify port based access controls and allows a user to access any port or console.
This issue affects In-Reach LX-8000, 4000 and 1000 series devices running software version 3.5.0. Other models may be vulnerable as well.
28. e107 Website System Nested BBCode URL Tag Script Injection Vulnerability
BugTraq ID: 14301
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14301
Summary:
e107 Website System is prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
29. Hosting Controller Multiple Remote Access Control and SQL Injection Vulnerabilities
BugTraq ID: 14302
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14302
Summary:
Hosting Controller is prone to multiple vulnerabilities. These issues can allow an attacker to carry out SQL injection attacks and gain unauthorized access to scripts.
Hosting Controller version 6.1 hotfix 2.2 is vulnerable to these issues.
30. tForum Member.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14303
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14303
Summary:
tForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
31. ToCA Race Driver Multiple Remote Format String And Buffer Overflow Vulnerabilities
BugTraq ID: 14304
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14304
Summary:
ToCA Race Driver is susceptible to multiple remote buffer overflow and format string vulnerabilities. These issues both stem from the improper use of the 'sprintf()' function.
The game utilizes 'sprintf()' to build strings for visualizing text data for the player. The incorrect usage of this function is exploitable in the public chat, and in the in-game server browser. Other locations may also be affected.
These vulnerabilities allow remote attackers to execute arbitrary machine code in the context of affected client applications. This may occur in either a broadcast, or unicast fashion.
32. VP-ASP Shopproductselect.ASP SQL Injection Vulnerability
BugTraq ID: 14305
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14305
Summary:
It is confirmed that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query.
It is possible for an attacker to disclose the user password hashes, or other sensitive information contained within the database by exploiting this issue.There is also the possibility of exploiting latent vulnerabilities in the underlying database implementation.
33. VP-ASP Shopaddtocartnodb.ASP SQL Injection Vulnerability
BugTraq ID: 14306
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14306
Summary:
It is confirmed that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query.
It is possible for an attacker to disclose the user password hashes, or other sensitive information contained within the database by exploiting this issue.There is also the possibility of exploiting latent vulnerabilities in the underlying database implementation.
34. EKG Insecure Temporary File Creation Vulnerability
BugTraq ID: 14307
Remote: No
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14307
Summary:
ekg is reported prone to an unspecified insecure temporary file creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it.
The details available regarding this issue are not sufficient to provide an in depth technical description. This BID will be updated when more information becomes available.
An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application.
35. EKG Unspecified Command Execution Vulnerability
BugTraq ID: 14308
Remote: Yes
Date Published: 2005-07-18
Relevant URL: http://www.securityfocus.com/bid/14308
Summary:
ekg is affected by an unspecified command execution vulnerability.
A successful attack would involve executing shell commands in the context of the application. It may be possible for an attacker to gain unauthorized access to an affected computer by exploiting this issue.
36. Oracle Reports Server DESName Remote File Overwrite Vulnerability
BugTraq ID: 14309
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14309
Summary:
Oracle Reports Server is susceptible to an arbitrary file overwrite vulnerability in its Web interface.
On the Microsoft Windows platform, attackers may exploit this vulnerability to overwrite arbitrary files with System-level privileges. Attackers may overwrite critical system files, resulting in a system-level failures.
On other platforms, attackers may exploit this vulnerability to overwrite arbitrary files with the privileges of the Oracle Applications Server user. Attackers may overwrite critical Oracle files, resulting in an application-level failure.
Database failure, data destruction, and possibly other attacks are possible.
37. Novell GroupWise WebAccess HTML Injection Vulnerability
BugTraq ID: 14310
Remote: Yes
Date Published: 2005-07-15
Relevant URL: http://www.securityfocus.com/bid/14310
Summary:
Novell GroupWise WebAccess is prone to an HTML injection vulnerability. This may be used to inject hostile HTML and script code into the Web mail application. When a user opens an email containing the hostile code, it may be rendered in their browser.
Successful exploitation could potentially allow theft of cookie-based authentication. Other attacks are also possible.
38. Oracle Reports Server XML File Disclosure Vulnerability
BugTraq ID: 14311
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14311
Summary:
Oracle Reports Server may allow remote attackers to disclose parts of arbitrary XML files.
Reportedly, the server fails to restrict users from accessing parts of arbitrary XML files when handling specially crafted HTTP GET requests.
All versions of Oracle Reports Server are reported to be vulnerable to this issue.
39. Oracle Reports Server Arbitrary File Disclosure Vulnerability
BugTraq ID: 14312
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14312
Summary:
Oracle Reports Server may allow remote attackers to disclose parts of arbitrary files.
Reportedly, the server fails to restrict users from accessing parts of arbitrary files when handling specially crafted HTTP GET requests.
All versions of Oracle Reports Server are reported to be vulnerable to this issue.
40. Oracle Reports Server Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14313
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14313
Summary:
Multiple remote cross-site scripting vulnerabilities affect Oracle Reports Server.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Oracle Reports Server 9.0.2 with patchset 2 is reported to be vulnerable. Other versions may be affected as well.
41. PHPPageProtect Admin.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14314
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14314
Summary:
A cross-site scripting vulnerability affects PHPPageProtect. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
42. Alt-N MDaemon IMAP Server CREATE Remote Buffer Overflow Vulnerability
BugTraq ID: 14315
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14315
Summary:
Alt-N MDaemon IMAP Server is affected by a remote buffer overflow vulnerability.
This issue presents itself when an attacker submits excessive data through the CREATE command subsequent to authentication
This vulnerability may be leveraged to execute arbitrary code in the context of the server, facilitating unauthorized access to the affected computer.
Alt-N MDaemon 8.03 is reported to be vulnerable. Other versions are likely affected as well.
43. Oracle Reports Server Unauthorized Report Execution Vulnerability
BugTraq ID: 14316
Remote: No
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14316
Summary:
Oracle Reports Server is susceptible to an unauthorized report execution vulnerability.
By placing a report file in a globally accessible location, users can trigger the execution of the report by issuing an HTTP GET request to the affected servlet containing the full path of the file.
Attackers may exploit this vulnerability to execute arbitrary commands, or read/write arbitrary files with the privileges of the Oracle account under which the server is executing.
It should be noted that this issue may be remotely exploited if an attacker has means to write files to the serving computer (WebDAV, FTP, CIFS, etc.) without local access.
44. Alt-N MDaemon IMAP Server Authentication Routines Remote Buffer Overflow Vulnerability
BugTraq ID: 14317
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14317
Summary:
Alt-N MDaemon IMAP Server is affected by a remote buffer overflow vulnerability.
A specially crafted request can corrupt process memory and lead to an overflow condition.
This issue may be leveraged to execute arbitrary code in the context of the server. This may facilitate unauthorized access to the affected computer.
Alt-N MDaemon 8.03 is reported to be vulnerable. Other versions are likely affected as well.
45. PHPPageProtect Login.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14318
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14318
Summary:
A cross-site scripting vulnerability affects PHPPageProtect. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
46. Oracle Forms Services Unauthorized Form Execution Vulnerability
BugTraq ID: 14319
Remote: No
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14319
Summary:
Oracle Forms Services is susceptible to an unauthorized form execution vulnerability.
Attackers may exploit this vulnerability to execute arbitrary commands with the privileges of the Oracle account under which the server is executing.
It should be noted that this issue may be remotely exploited if an attacker has means to write files to the serving computer (WebDAV, FTP, CIFS, etc.) without local access.
47. SEO-Board Smilies_popup.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14320
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14320
Summary:
A cross-site scripting vulnerability affects SEO-Board. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
48. Apple Mac OS X AirPort Card Automatic Network Association Vulnerability
BugTraq ID: 14321
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14321
Summary:
Apple Mac OS X is affected by a vulnerability that may cause a computer to connect to a potentially malicious network without prior notification.
This can lead to various attacks against the affected computer.
This issue does not affect AirPort Extreme.
49. PHPFinance Inc.login.PHP Authentication Bypass Vulnerability
BugTraq ID: 14322
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14322
Summary:
PHPFinance is prone to an authentication bypass vulnerability. An error in the authentication mechanism can permit attackers to bypass authentication and gain access to the vulnerable application.
Once access has been achieved, the malicious user has full control of the application. This may aid in further attacks against the underlying system.
50. Form Sender Processform.PHP3 Name Cross Site Scripting Vulnerability
BugTraq ID: 14324
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14324
Summary:
A cross-site scripting vulnerability affects Form Sender. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
51. Mozilla Firefox Weak Authentication Mechanism Vulnerability
BugTraq ID: 14325
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14325
Summary:
Firefox is affected by a vulnerability that may result in sending authentication credentials across the network in plaintext format.
By default, the browser chooses basic authentication even if other authentication schemas such as Digest or NTLM are available from the server.
Mozilla Firefox 1.0.4 and 1.0.5 running on Windows are confirmed to be vulnerable. Other versions on different platforms may be affected as well.
52. Form Sender Processform.PHP3 Failed Cross Site Scripting Vulnerability
BugTraq ID: 14326
Remote: Yes
Date Published: 2005-07-19
Relevant URL: http://www.securityfocus.com/bid/14326
Summary:
A cross-site scripting vulnerability affects Form Sender. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
53. MediaWiki Unspecified Remote Cross-Site Scripting Vulnerability
BugTraq ID: 14327
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14327
Summary:
MediaWiki is prone to cross-site scripting attacks.
The specific scripts and parameters that are affected by this issue are currently unknown. This BID will be updated as more details are released.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
MediaWiki 1.4.6 and prior versions are affected.
54. CuteNews Search.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14328
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14328
Summary:
CuteNews is affected by a cross-site scripting vulnerability.
The problem presents itself when malicious HTML and script code is sent to the application through the 'search.php' script.
This issue may allow for theft of cookie-based authentication credentials or other attacks.
This vulnerability is reported to exist in version 1.3.6. Prior versions of CuteNews may be vulnerable as well.
55. PHP Surveyor Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14329
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14329
Summary:
PHP Surveyor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
56. Oray PeanutHull Local Privilege Escalation Vulnerability
BugTraq ID: 14330
Remote: No
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14330
Summary:
PeanutHull is affected by a local privilege escalation vulnerability.
The application allows local users to launch arbitrary executables with SYSTEM privileges.
PeanutHull 3.0 Beta 5 and prior versions are vulnerable to this issue.
57. PHP Surveyor Multiple SQL Injection Vulnerabilities
BugTraq ID: 14331
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14331
Summary:
PHP Surveyor is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
58. PHP-Fusion BBcode Color Tag Code Injection Vulnerability
BugTraq ID: 14332
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14332
Summary:
PHPFusion fails to properly sanitize BBCode '[color]' tags in message posts. This issue can be exploited to inject certain CSS (Cascading Style Sheet) code.
Exploitation of this vulnerability may allow an attacker to manipulate content or launch other attacks.
59. PHPNews Auth.PHP SQL Injection Vulnerability
BugTraq ID: 14333
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14333
Summary:
PHPNews is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
60. FreeBSD Jail() Devfs Ruleset Bypass Vulnerability
BugTraq ID: 14334
Remote: No
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14334
Summary:
FreeBSD is prone to a vulnerability that may allow local attackers to gain access to restricted resources on a computer.
This issue allows local attackers to access hidden device nodes on devfs file systems from within a jail. The attacker can create sensitive device nodes in the jail with default access permissions.
A successful attack can lead to information disclosure and privilege escalation.
61. ReviewPost Showproduct.PHP Sort SQL Injection Vulnerability
BugTraq ID: 14335
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14335
Summary:
ReviewPost is prone to a SQL injection vulnerability.
This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
62. Greasemonkey Multiple Remote Information Disclosure Vulnerabilities
BugTraq ID: 14336
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14336
Summary:
Greasemonkey is susceptible to multiple remote information disclosure vulnerabilities. These issues are due to a design error allowing insecure JavaScript functions to be executed by remote Web sites.
The specified issues exist in the 'GM_xmlhttpRequest()', 'GM_setValue()', and 'GM_scripts()' functions.
Other GM_* functions also likely to be affected, but the exact functions are not known at this time.
These vulnerabilities allow remote attackers to retrieve the contents of arbitrary files, retrieve directory listings from arbitrary locations, and retrieve the contents of various private Greasemonkey data structures. This aids them in further attacks.
63. Website Generator Remote Code Execution Vulnerability
BugTraq ID: 14337
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14337
Summary:
A remote script code execution vulnerability affects Website Generator. This is due to a failure of the application to properly sanitize input.
An attacker may be able to exploit this issue to execute arbitrary script code with the privileges of an unsuspecting user that activated the affected Web browser.
64. Website Generator Multiple Remote Cross Site Scripting Vulnerabilities
BugTraq ID: 14338
Remote: Yes
Date Published: 2005-07-20
Relevant URL: http://www.securityfocus.com/bid/14338
Summary:
Website Generator is prone to multiple cross-site scripting vulnerabilities.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
65. WhitSoft Development SlimFTPd Multiple Commands Remote Buffer Overflow Vulnerability
BugTraq ID: 14339
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14339
Summary:
A remote buffer overflow vulnerability affects WhitSoft Development SlimFTPd.
The problem presents itself when an authenticated user issues a command with excessive string values as parameters.
An attacker can leverage this issue to execute arbitrary machine code with the privileges of the affected FTP server, facilitating unauthorized access to the vulnerable computer.
66. Zlib Compression Library Decompression Denial Of Service Vulnerability
BugTraq ID: 14340
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14340
Summary:
Zlib is susceptible to a denial of service vulnerability. This issue is due to a failure of the library to properly handle unexpected input to its decompression routines.
Certain values used during decompression are incorrectly specified, allowing invalid inflate input to crash the library.
This vulnerability allows attackers to crash applications that utilize the affected library.
67. DXXO Count Web Statistics Multiple SQL Injection Vulnerabilities
BugTraq ID: 14341
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14341
Summary:
dxxo Count Web Statistics is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
68. Alwil Software Avast! Antivirus Multiple Vulnerabilities
BugTraq ID: 14342
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14342
Summary:
Avast! is affected by multiple remote vulnerabilities. These issues can allow an attacker to write files to arbitrary directories and exploit a remote buffer overflow to execute arbitrary code.
These issues can lead to a complete compromise of the vulnerable computer.
69. Pyrox Search Newsearch.PHP Whatdoreplace Cross-Site Scripting Vulnerability
BugTraq ID: 14343
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14343
Summary:
A cross-site scripting vulnerability affects Pyrox Search. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
70. PHPSiteSearch Search.PHP Query Cross-Site Scripting Vulnerability
BugTraq ID: 14344
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14344
Summary:
A cross-site scripting vulnerability affects PHPSiteSearch. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
71. EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities
BugTraq ID: 14345
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14345
Summary:
EKG libgadu is susceptible to multiple remote integer overflow vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input data prior to using it in memory allocation and copy operations.
Attackers may exploit these vulnerabilities to execute arbitrary machine code in the context of applications that utilize the affected library. Failed exploitation attempts likely result in crashed applications.
72. CMSimple Index.PHP Search Cross-Site Scripting Vulnerability
BugTraq ID: 14346
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14346
Summary:
A cross-site scripting vulnerability affects CMSimple. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
73. Intruder Client Remote Denial of Service Vulnerability
BugTraq ID: 14347
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14347
Summary:
Intruder is prone to a remote denial of service vulnerability. This issue is due to a failure in the application to handle exceptional conditions.
The application fails to deal with data received in a proper manner. An attacker can exploit this vulnerability by sending malicious data to the affected application and crash it, denying service to legitimate users. Reports indicate an attacker can also rename arbitrary files on the affected machine; other attacks may also be possible.
74. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14348
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14348
Summary:
A cross-site scripting vulnerability affects Ultimate PHP Board. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
75. Fetchmail POP3 Client Buffer Overflow Vulnerability
BugTraq ID: 14349
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14349
Summary:
Fetchmail POP3 client is prone to a buffer overflow vulnerability. This issue presents itself because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers. This includes POP variants such as APOP, and others.
A successful attack can result in overflowing a finite sized buffer and ultimately leading to arbitrary code execution in the context of the fetchmail process. This may allow the attacker to gain elevated privileges.
76. Ultimate PHP Remote Injection Vulnerabilities
BugTraq ID: 14350
Remote: Yes
Date Published: 2005-07-21
Relevant URL: http://www.securityfocus.com/bid/14350
Summary:
Ultimate PHP is prone to multiple HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
77. Sendcard Sendcard.PHP SQL Injection Vulnerability
BugTraq ID: 14351
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14351
Summary:
Sendcard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
This issue reportedly affects Sendcard version 3.2.3; other versions may also be vulnerable.
78. Contrexx Multiple Input Validation Vulnerabilities
BugTraq ID: 14352
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14352
Summary:
Contrexx is affected by multiple input validation vulnerabilities. These issues can allow an attacker to carry out HTML injection, SQL injection and information disclosure attacks.
Contrexx versions prior to 1.0.5 are affected.
79. PHP TopSites Setup.PHP Authentication Bypass Vulnerability
BugTraq ID: 14353
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14353
Summary:
PHP TopSites is prone to an authentication bypass wulnerbility. An attacker may bypass authentication and gain access to the vulnerable application.
Once access has been achieved, the malicious user has full control of the application. This may aid in further attacks against the underlying system.
80. Veritas NetBackup Access Violation Vulnerability
BugTraq ID: 14355
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14355
Summary:
Veritas NetBackup may be prone to an access violation error.
It is conjectured that this issue may arise due to NULL pointer dereference, although this is not confirmed. An attacker may disclose potentially sensitive data or crash the application by exploiting this vulnerability.
Veritas NetBackup 5.1 running on Microsoft Windows platform is reported to be vulnerable to this issue.
81. ASN Guestbook Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14356
Remote: Yes
Date Published: 2005-07-22
Relevant URL: http://www.securityfocus.com/bid/14356
Summary:
Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. 3Com launches vulnerability-buying program
By: Robert Lemos
UPDATE: Under the Zero Day Initiative, 3Com plans to pay security researchers for information on vulnerabilities and award bonuses to prolific flaw finders.
http://www.securityfocus.com/news/11253
2. Oracle taken to task for time to fix vulnerabilities
By: Robert Lemos
Claiming the company failed to fix six flaws despite having more than 650 days to issue a patch, security researchers at Red Database publish details of the vulnerabilities.
http://www.securityfocus.com/news/11252
3. Report: Squatters a major problem for credit-report site
By: Robert Lemos
For consumers looking to get free credit reports at the government-created AnnualCreditReport.com site, misspellings can mean lost money or even lost privacy, a reports charges.
http://www.securityfocus.com/news/11251
4. Desktop port proliferation a security risk?
By: Robert Lemos
Peer-to-peer software applications that require users to open ports in their firewalls are becoming more popular. The effect on desktop security is still uncertain, however.
http://www.securityfocus.com/news/11248
5. Spyware 'calling home' volumes soar
By: John Leyden
Outbound spyware transmissions from infested machines accounted for up to eight per cent of total outbound web traffic in pilot tests of a new managed spyware screening service.
http://www.securityfocus.com/news/11254
6. UK war driver fined £500
By: John Leyden
A man was last week fined £500 after a British jury found him guilty of using a neighborhood wireless broadband connection without permission.
http://www.securityfocus.com/news/11255
7. Dell rejects spyware charge
By: John Leyden
Dell has rejected allegations that its PCs come pre-loaded with an intrusive application that spies on users' surfing habits.
http://www.securityfocus.com/news/11250
8. Phlooding attack could leave enterprises high and dry
By: John Leyden
You've got to hand it to the IT security industry for its ability to coin new and impressive sounding terms for security threats.
http://www.securityfocus.com/news/11249
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Technology Risk Consultant, Los Angeles
http://www.securityfocus.com/archive/77/406432
2. [SJ-JOB] Account Manager, Bay Area
http://www.securityfocus.com/archive/77/406433
3. [SJ-JOB] Account Manager, Plano / Dallas
http://www.securityfocus.com/archive/77/406429
4. [SJ-JOB] Application Security Architect, Bangalore
http://www.securityfocus.com/archive/77/406430
5. [SJ-JOB] Sales Engineer, Seattle
http://www.securityfocus.com/archive/77/406431
6. [SJ-JOB] Account Manager, New York
http://www.securityfocus.com/archive/77/406425
7. [SJ-JOB] Security Researcher, Chicago
http://www.securityfocus.com/archive/77/406426
8. [SJ-JOB] Account Manager, Munich and Frankfurt
http://www.securityfocus.com/archive/77/406427
9. [SJ-JOB] Account Manager, Maidenhead, Berkshire
http://www.securityfocus.com/archive/77/406423
10. [SJ-JOB] Forensics Engineer, Dubai
http://www.securityfocus.com/archive/77/406424
11. [SJ-JOB] Security System Administrator, Riverside
http://www.securityfocus.com/archive/77/406393
12. [SJ-JOB] Information Assurance Analyst, Rockville
http://www.securityfocus.com/archive/77/406394
13. [SJ-JOB] Security Product Marketing Manager, Santa Clara
http://www.securityfocus.com/archive/77/406395
14. [SJ-JOB] Manager, Information Security, Oklahoma CIty
http://www.securityfocus.com/archive/77/406390
15. [SJ-JOB] Sales Engineer, Atlanta
http://www.securityfocus.com/archive/77/406392
16. [SJ-JOB] Security Consultant, Manalapan
http://www.securityfocus.com/archive/77/406236
17. [SJ-JOB] Security Engineer, Cupertino
http://www.securityfocus.com/archive/77/406237
18. [SJ-JOB] Security Engineer, Cupertino
http://www.securityfocus.com/archive/77/406242
19. [SJ-JOB] Security Product Marketing Manager, Santa Clara
http://www.securityfocus.com/archive/77/406240
20. [SJ-JOB] Security Product Marketing Manager, Beaverton
http://www.securityfocus.com/archive/77/406241
21. [SJ-JOB] Security Engineer, Reston
http://www.securityfocus.com/archive/77/406191
22. [SJ-JOB] Security Architect, New York
http://www.securityfocus.com/archive/77/406188
23. [SJ-JOB] Security Researcher, Herndon
http://www.securityfocus.com/archive/77/406189
24. [SJ-JOB] Account Manager, Los Angeles
http://www.securityfocus.com/archive/77/406190
25. [SJ-JOB] Application Security Architect, Dulles
http://www.securityfocus.com/archive/77/406187
26. [SJ-JOB] Application Security Architect, Fairfax
http://www.securityfocus.com/archive/77/406088
27. [SJ-JOB] Sr. Security Analyst, Cranford
http://www.securityfocus.com/archive/77/406142
28. [SJ-JOB] Security Consultant, Mumbai/Bangalore
http://www.securityfocus.com/archive/77/406089
29. [SJ-JOB] Certification & Accreditation Engineer, DC
http://www.securityfocus.com/archive/77/406145
30. [SJ-JOB] Security Engineer, New York City
http://www.securityfocus.com/archive/77/406147
31. [SJ-JOB] Application Security Architect, Sunnyvale
http://www.securityfocus.com/archive/77/406136
32. [SJ-JOB] Security Researcher, Bangalore
http://www.securityfocus.com/archive/77/406140
33. [SJ-JOB] Security System Administrator, Sunnyvale
http://www.securityfocus.com/archive/77/406137
34. [SJ-JOB] Director, Information Security, Alexandria
http://www.securityfocus.com/archive/77/406139
35. [SJ-JOB] Channel / Business Development, San Diego
http://www.securityfocus.com/archive/77/406141
36. [SJ-JOB] Sr. Security Engineer, South San Francisco
http://www.securityfocus.com/archive/77/406138
37. [SJ-JOB] Security Engineer, Washington
http://www.securityfocus.com/archive/77/406047
38. [SJ-JOB] Security Engineer, Chicago
http://www.securityfocus.com/archive/77/406050
39. [SJ-JOB] Sales Engineer, New York
http://www.securityfocus.com/archive/77/406051
40. [SJ-JOB] Security Engineer, Boston
http://www.securityfocus.com/archive/77/406055
41. [SJ-JOB] VP of Regional Sales, London
http://www.securityfocus.com/archive/77/406057
42. [SJ-JOB] Security Architect, Seattle
http://www.securityfocus.com/archive/77/406072
43. [SJ-JOB] Account Manager, Mahwah
http://www.securityfocus.com/archive/77/405980
44. [SJ-JOB] Account Manager, UK Wide
http://www.securityfocus.com/archive/77/405981
45. [SJ-JOB] Account Manager, Sterling
http://www.securityfocus.com/archive/77/405986
46. [SJ-JOB] Jr. Security Analyst, Fort Lauderdale
http://www.securityfocus.com/archive/77/405979
47. [SJ-JOB] Sales Engineer, Charleston
http://www.securityfocus.com/archive/77/405990
48. [SJ-JOB] Information Assurance Engineer, Springfield
http://www.securityfocus.com/archive/77/406014
49. [SJ-JOB] Sales Engineer, Carlsbad
http://www.securityfocus.com/archive/77/406004
50. [SJ-JOB] Developer, WalnutCreek
http://www.securityfocus.com/archive/77/406005
51. [SJ-JOB] Developer, Hyderabad
http://www.securityfocus.com/archive/77/406013
52. [SJ-JOB] VP / Dir / Mgr engineering, WalnutCreek
http://www.securityfocus.com/archive/77/406040
53. [SJ-JOB] Security Engineer, Dallas
http://www.securityfocus.com/archive/77/405623
54. [SJ-JOB] Quality Assurance, Cupertino
http://www.securityfocus.com/archive/77/405626
55. [SJ-JOB] Manager, Information Security, Chicago
http://www.securityfocus.com/archive/77/405624
56. [SJ-JOB] Information Assurance Analyst, Chicago
http://www.securityfocus.com/archive/77/405625
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. CSR: challenge update...
http://www.securityfocus.com/archive/82/406418
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Disabling Microsoft FTP service banner.
http://www.securityfocus.com/archive/88/406235
2. Administrivia: IIS/AV thread
http://www.securityfocus.com/archive/88/406177
3. Should servers have anti--virus installed on them?
http://www.securityfocus.com/archive/88/405896
4. SecurityFocus Microsoft Newsletter #248
http://www.securityfocus.com/archive/88/405798
5. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
http://www.securityfocus.com/archive/88/405749
6. R: Should webservers, eg. IIS 6 have anti--virus installed on them?
http://www.securityfocus.com/archive/88/405648
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: CrossTec
NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
http://www.securityfocus.com/sponsor/CrossTec_sf-news_050726
[ reply ]