NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
------------------------------------------------------------------
I. FRONT AND CENTER
1. Jose Nazario discusses worms
2. Packet forensics using TCP
II. BUGTRAQ SUMMARY
1. Acunetix Web Vulnerability Scanner Remote Denial of Service Vulnerability
2. PHP-Fusion Messages.PHP SQL Injection Vulnerability
3. SysCP Multiple Script Execution Vulnerabilities
4. Invision Power Board Attached File Cross-Site Scripting Vulnerability
5. PHPSiteStats Unspecified Authentication Bypass Vulnerability
6. OpenBB Multiple SQL Injection Vulnerabilities
7. E107 Website System Attached File Cross-Site Scripting Vulnerability
8. Wine WineLauncher.IN Local Insecure File Creation Vulnerability
9. Gravity Board X Login SQL Injection Vulnerability
10. DVBBS Multiple Cross Site Scripting Vulnerabilities
11. Gravity Board X DeleteThread.PHP Cross-Site Scripting Vulnerability
12. TDiary Cross-Site Request Forgery Vulnerability
13. FFTW Insecure Temporary File Creation Vulnerability
14. Gravity Board X CSS Template Unauthorized Access Vulnerability
15. MyFAQ Multiple SQL Injection Vulnerabilities
16. Calendar Express Multiple SQL Injection Vulnerabilities.
17. Calendar Express Search.PHP Cross-Site Scripting Vulnerability
18. Chipmunk CMS Fontcolor Cross Site Scripting Vulnerability
19. FunkBoard Multiple Cross-Site Scripting Vulnerabilities
20. E107 Submitted Link HTML Injection Vulnerability
21. MySQL User-Defined Function Buffer Overflow Vulnerability
22. Sun Solaris Printd Arbitrary File Deletion Vulnerability
23. Microsoft Internet Explorer COM Object Instantiation Buffer Overflow Vulnerability
24. Microsoft Internet Explorer Web Folder Behaviors Cross-Domain Scripting Vulnerability
25. Microsoft Windows Plug and Play Buffer Overflow Vulnerability
26. Microsoft Windows Print Spooler Buffer Overflow Vulnerability
27. Microsoft Internet Explorer Unspecified SharePoint Portal Services Log Sink ActiveX Vulnerability
28. TriggerTG TClanPortal Multiple SQL Injection Vulnerabilities
29. Linux Kernel Non-Zero Keyring Local Denial of Service Vulnerability
30. Microsoft Windows Telephony Service Buffer Overflow Vulnerability
31. Microsoft Windows Kerberos Denial Of Service Vulnerability
32. Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability
33. Linux Kernel Session Keyring Allocation Local Denial of Service Vulnerability
34. Inkscape Insecure Temporary File Creation Vulnerability
35. XMB Forum U2U.Inc.PHP SQL Injection Vulnerability
36. AWStats Referrer Arbitrary Command Execution Vulnerability
37. Mozilla Firefox And Thunderbird Long URI Obfuscation Weakness
38. Easy Software Products CUPS Denial of Service Vulnerability
39. Apple Safari Web Browser JavaScript Invalid Address Denial Of Service Vulnerability
40. XPDF Loca Table Verification Remote Denial of Service Vulnerability
41. AOL Client Software Local Privilege Escalation Vulnerability
42. Gaim AIM/ICQ Protocols Multiple Vulnerabilities
43. GNOME Evolution Multiple Format String Vulnerabilities
44. WordPress Cookie Data PHP Code Injection Vulnerability
45. EZUpload Multiple Remote File Include Vulnerabilities
46. PHPTB Topic Board Multiple SQL Injection Vulnerabilities
47. Wyse Winterm 1125SE Remote Denial of Service Vulnerability
48. PHlyMail Unspecified Authentication Bypass Vulnerability
49. VegaDNS Index.PHP Cross Site Scripting Vulnerability
50. Grandstream Budge Tone Denial Of Service Vulnerability
51. HP Proliant DL585 Server Unauthorized Remote Access Vulnerability
52. EQDKP Session.PHP Authorization Bypass Vulnerability
53. Nortel Contivity VPN Client Local Privilege Escalation Vulnerability
54. Lasso Professional Server Remote Authentication Bypass Vulnerability
55. MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability
56. Gallery PostNuke Integration Access Validation Vulnerability
57. Novell eDirectory Server iMonitor Buffer Overflow Vulnerability
58. McAfee ePolicy Orchestrator Local Information Disclosure Vulnerability
59. Veritas Backup Exec For Windows And NetWare Arbitrary File Download Vulnerability
60. MyBulletinBoard Multiple SQL Injection Vulnerabilities
61. Kaspersky Anti-Virus For Unix Local Insecure Default Permission Vulnerabilities
62. PHPBB BBCode IMG Tag Script Injection Vulnerability
63. FUDForum Tree View Access Validation Vulnerability
64. Mentor ADSL-FR4II Multiple Vulnerabilities
65. Isemarket JaguarControl ActiveX Control Buffer Overflow Vulnerability
III. SECURITYFOCUS NEWS
1. Worm spreading through Microsoft Plug-and-Play flaw
2. NIST, DHS add national vulnerability database to mix
3. Microsoft's "monkeys" find first zero-day exploit
4. Annual hacking game teaches security lessons
5. Apple patches OS X security flaws
6. IRC bot latches onto Plug-and-Play vuln
7. 180Solutions sues former affiliates over illegal tactics
8. Cabir mobile worm gives track fans the run around
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Security Engineer, McLean
2. [SJ-JOB] Security Product Manager, Santa Clara
3. [SJ-JOB] Security Engineer, Charlotte
4. [SJ-JOB] Sales Representative, Houston
5. [SJ-JOB] Forensics Engineer, washington
6. [SJ-JOB] Management, Palo Alto
7. [SJ-JOB] Director, Information Security, ST. PETERSBURG
8. [SJ-JOB] Manager, Information Security, ST. PETERSBURG
9. [SJ-JOB] Security Engineer, AMBLER
10. [SJ-JOB] Sr. Security Engineer, Irvine
11. [SJ-JOB] Security Auditor, Multiple Locations
12. [SJ-JOB] Security Architect, Redmond
13. [SJ-JOB] Security Architect, Boston
14. [SJ-JOB] Security Engineer, Austin
15. [SJ-JOB] Sr. Security Engineer, Chelmsford
16. [SJ-JOB] Security Consultant, Portsmouth
17. [SJ-JOB] Application Security Engineer, Montvale
18. [SJ-JOB] Application Security Engineer, Montvale
19. [SJ-JOB] Sr. Security Analyst, Austin
20. [SJ-JOB] Security Engineer, Denver
21. [SJ-JOB] Application Security Engineer, Boston
22. [SJ-JOB] Security Engineer, New York
23. [SJ-JOB] Security Engineer, New York
24. [SJ-JOB] Security Consultant, Washington D.C.
25. [SJ-JOB] Sales Engineer, Atlanta
26. [SJ-JOB] Sales Engineer, Detroit
27. [SJ-JOB] Sales Engineer, Washington or commutable
28. [SJ-JOB] Manager, Information Security, Washington
29. [SJ-JOB] Application Security Engineer, Washington
30. [SJ-JOB] Manager, Information Security, DC
31. [SJ-JOB] Security Consultant, South East
32. [SJ-JOB] Security Researcher, Columbia
33. [SJ-JOB] Sr. Security Engineer, Newark
34. [SJ-JOB] Security Architect, Ft. Lauderdale
35. [SJ-JOB] Application Security Architect, Ft Lauderdale
36. [SJ-JOB] Security Engineer, Warren, NJ
V. INCIDENTS LIST SUMMARY
1. DNS cache poisoning?
2. New Virus?
VI. VULN-DEV RESEARCH LIST SUMMARY
VII. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #251
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. Certifications
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Jose Nazario discusses worms
By Federico Biancuzzi
Federico Biancuzzi interviews Jose Nazario to discuss modern computer worms and the design goals behind them.
http://www.securityfocus.com/columnists/347
2. Packet forensics using TCP
By Don Parker and Mike Sues
This article looks at TCP packet forensics and examines why sequence and acknowledgement numbers can be useful during an investigation.
http://www.securityfocus.com/infocus/1845
II. BUGTRAQ SUMMARY
--------------------
1. Acunetix Web Vulnerability Scanner Remote Denial of Service Vulnerability
BugTraq ID: 14488
Remote: Yes
Date Published: 2005-08-06
Relevant URL: http://www.securityfocus.com/bid/14488
Summary:
Acunetix Web Vulnerability Scanner is affected by a remote denial of service vulnerability. This issue affects the Web sniffer component of the application.
An attacker can exploit this issue by gaining control of a server through some means or by sending spoofed traffic to the network. A successful attack can result in a denial of service condition due to resource exhaustion.
Acunetix Web Vulnerability Scanner version 2.0 is affected. Other versions may be vulnerable as well.
2. PHP-Fusion Messages.PHP SQL Injection Vulnerability
BugTraq ID: 14489
Remote: Yes
Date Published: 2005-08-06
Relevant URL: http://www.securityfocus.com/bid/14489
Summary:
PHP-Fusion is prone to an SQL injection vulnerability.
This issue is due to a failure in the application to properly sanitize user-supplied input to the 'messages.php' script before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
3. SysCP Multiple Script Execution Vulnerabilities
BugTraq ID: 14490
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14490
Summary:
SysCP is affected by multiple script execution vulnerabilities.
The following specific vulnerabilities were identified:
The application is affected by a remote file include vulnerability. An attacker can include remote script code and execute it in the context of an affected server.
Another script code execution vulnerability may allow an attacker to call arbitrary functions and scripts by bypassing a PHP eval() statement.
SysCP 1.2.10 and prior versions are prone to these vulnerabilities.
4. Invision Power Board Attached File Cross-Site Scripting Vulnerability
BugTraq ID: 14492
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14492
Summary:
Invision Power Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
This issue is reported to affect Invision Power Board 1.0.3; other 1.x versions of the application may also be affected. However, the 2.x versions of the application are reported not vulnerable to this issue.
5. PHPSiteStats Unspecified Authentication Bypass Vulnerability
BugTraq ID: 14493
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14493
Summary:
PHPSiteStats is prone to an unspecified authentication bypass vulnerability.
A successful attack can allow unauthorized attackers to bypass the authentication routines and gain access to the application. An attacker may then carry out other attacks against the vulnerable computer.
PHPSiteStats 1.0 is prone to this issue. Other versions may be vulnerable as well.
6. OpenBB Multiple SQL Injection Vulnerabilities
BugTraq ID: 14494
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14494
Summary:
OpenBB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
The consequences of these attacks may vary depending on the type of queries that can be influenced, and the implementation of the database.
7. E107 Website System Attached File Cross-Site Scripting Vulnerability
BugTraq ID: 14495
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14495
Summary:
e107 Website System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
8. Wine WineLauncher.IN Local Insecure File Creation Vulnerability
BugTraq ID: 14496
Remote: No
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14496
Summary:
A local insecure file creation vulnerability affects Wine. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it.
The details available regarding this issue are not sufficient to provide an in depth technical description. This BID will be updated when more information becomes available.
An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application.
This issue is reported in version 20050725; other version may also be affected.
9. Gravity Board X Login SQL Injection Vulnerability
BugTraq ID: 14497
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14497
Summary:
Gravity Board X (GBX) is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
10. DVBBS Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14498
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14498
Summary:
DVBBS is prone to multiple cross-site scripting vulnerabilities. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
11. Gravity Board X DeleteThread.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14499
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14499
Summary:
Gravity Board X (GBX) is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
12. TDiary Cross-Site Request Forgery Vulnerability
BugTraq ID: 14500
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14500
Summary:
tDiary is prone to a cross-site request forgery vulnerability. This issue may allow a remote attacker to delete data and configuration settings and potentially execute commands on an affected computer.
tDiary 2.0.1 and prior and tDiary 2.1.1 are affected by this issue.
13. FFTW Insecure Temporary File Creation Vulnerability
BugTraq ID: 14501
Remote: No
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14501
Summary:
FFTW creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to overwrite files in the context of the application. The vulnerability is due to the program creating temporary files with a predictable name in the '/tmp' directory.
A local attacker most likely takes advantage of this vulnerability by creating a malicious symbolic link in a directory where the temporary files will be created. When the program attempts to perform an operation on a temporary file, it will instead perform the operation on the file pointed to by the malicious symbolic link.
Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.
This issue is reported in version 3.0.1 of the FFTW library; other versions may also be affected.
14. Gravity Board X CSS Template Unauthorized Access Vulnerability
BugTraq ID: 14502
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14502
Summary:
Gravity Board X (GBX) is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions.
An attacker can exploit this vulnerability and modify an existing CSS template to include arbitrary PHP code. The attacker can then call the stored template and have the malicious PHP code executed in the context of the Web server process. This may aid the attacker in further attacks against the underlying system.
15. MyFAQ Multiple SQL Injection Vulnerabilities
BugTraq ID: 14503
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14503
Summary:
myFAQ is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
16. Calendar Express Multiple SQL Injection Vulnerabilities.
BugTraq ID: 14504
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14504
Summary:
Calendar Express is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
17. Calendar Express Search.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14505
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14505
Summary:
Calendar Express is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
18. Chipmunk CMS Fontcolor Cross Site Scripting Vulnerability
BugTraq ID: 14506
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14506
Summary:
Chipmunk CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to inject html and script code into the Web browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials. Other attacks are also possible.
19. FunkBoard Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14507
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14507
Summary:
FunkBoard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
20. E107 Submitted Link HTML Injection Vulnerability
BugTraq ID: 14508
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14508
Summary:
e107 is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
21. MySQL User-Defined Function Buffer Overflow Vulnerability
BugTraq ID: 14509
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14509
Summary:
MySQL is prone to a buffer overflow vulnerability. This issue is due to insufficient bounds checking of data supplied as an argument in a user-defined function.
This issue could be exploited by a database user with sufficient access to create a user-defined function. It may also be possible to exploit this issue trhough latent SQL injection vulnerabilities in third-party applications that use the database as a backend.
Successful exploitation will result in execution of arbitrary code in the context of the database server process.
22. Sun Solaris Printd Arbitrary File Deletion Vulnerability
BugTraq ID: 14510
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14510
Summary:
Sun Solaris printd is affected by an arbitrary file deletion vulnerability. It was reported that a remote or local attacker can delete arbitrary files on a computer with the privileges of printd.
If an attacker is able to delete sensitive files, this issue may lead to a denial of service condition.
23. Microsoft Internet Explorer COM Object Instantiation Buffer Overflow Vulnerability
BugTraq ID: 14511
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14511
Summary:
Microsoft Internet Explorer is prone to a buffer overflow vulnerability.
This issue is exposed when certain COM objects are instantiated as ActiveX controls. A malicious Web page could pass content to these objects that will trigger memory corruption.
Successful exploitation could let remote attackers execute arbitrary code in the context of the currently logged in user.
24. Microsoft Internet Explorer Web Folder Behaviors Cross-Domain Scripting Vulnerability
BugTraq ID: 14512
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14512
Summary:
Microsoft Internet Explorer is prone to a security vulnerability that may let a Web page execute malicious script code in the context of an arbitrary domain or browser security zone. This issue is the result of a security flaw in the browser security model when handling URIs when a Web folder view is rendered.
If exploited to access a foreign domain, this could allow script code embedded in a malicious Web page to access the properties of another site that the victim of the attack may trust. This would likely be exploited to steal credentials or sensitive information from the victim. The issue could also be exploited to execute arbitrary code by running malicious script code in a browser security zone with lowered security settings, such as the Local Machine, Trusted Sites or Intranet zone. Code execution would occur in the context of the currently logged in user.
25. Microsoft Windows Plug and Play Buffer Overflow Vulnerability
BugTraq ID: 14513
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14513
Summary:
Microsoft Windows Plug and Play is prone to a buffer overflow vulnerability.
This issue takes place when the PnP service handles malformed messages containing excessive data.
This vulnerability facilitates local privilege escalation and unauthorized remote access depending on the underlying operating system. A successful attack may result in arbitrary code execution resulting in an attacker gaining SYSTEM privileges.
26. Microsoft Windows Print Spooler Buffer Overflow Vulnerability
BugTraq ID: 14514
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14514
Summary:
Microsoft Windows Print Spooler service is prone to a buffer overflow vulnerability.
Specifically, this issue takes place when the Print Spooler service handles malformed messages containing excessive data.
This vulnerability facilitates local privilege escalation and unauthorized remote access depending on the underlying operating system. A successful attack may result in arbitrary code execution, which can allow an attacker to gain SYSTEM privileges.
27. Microsoft Internet Explorer Unspecified SharePoint Portal Services Log Sink ActiveX Vulnerability
BugTraq ID: 14515
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14515
Summary:
Microsoft Internet Explorer is prone to an unspecified vulnerability in the SharePoint Portal Service Log Sink ActiveX control.
The vendor has not released any further information about this vulnerability other than to state the "kill bit" has been set on unsupported versions of the control.
This issue may be related to BID 12646.
28. TriggerTG TClanPortal Multiple SQL Injection Vulnerabilities
BugTraq ID: 14516
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14516
Summary:
TClanPortal is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
29. Linux Kernel Non-Zero Keyring Local Denial of Service Vulnerability
BugTraq ID: 14517
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14517
Summary:
The Linux kernel is reported prone to a local denial of service vulnerability.
This issue arises if a user attempts to add a keyring that does not contain an empty payload.
A successful attack can allow a local attacker to deny service to legitimate users due to a kernel oops.
30. Microsoft Windows Telephony Service Buffer Overflow Vulnerability
BugTraq ID: 14518
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14518
Summary:
Microsoft Windows Telephony Service is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to perform proper bounds checking on user-supplied data.
A successful attack can result in overflowing a finite sized buffer and ultimately leading to arbitrary code execution in the context of the affected service. This may allow the attacker to execute arbitrary code remotely or locally to gain elevated privileges.
Remote code execution is only possible on Windows 2000 Server and Windows Server 2003; other vulnerable platforms the attacker must have local interactive access.
31. Microsoft Windows Kerberos Denial Of Service Vulnerability
BugTraq ID: 14519
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14519
Summary:
Microsoft Windows is susceptible to a remote Kerberos denial of service vulnerability. By sending unspecified packets to the Kerberos service on TCP or UDP port 88, attackers may cause the affected service to crash.
This vulnerability allows remote attackers to crash the affected authentication service, denying further domain authentication to legitimate users. It should be noted that exploitation requires that attackers have valid logon credentials.
32. Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability
BugTraq ID: 14520
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14520
Summary:
The PKINIT implementation in Microsoft Windows is susceptible to a man in the middle vulnerability. This issue is due to a failure of the software to properly validate network data. This issue is only exploitable by attackers that have access to valid logon credentials.
Attackers exploit this issue to spoof the domain controller/KDC during the initial authentication process. By spoofing the domain controller/KDC, attackers may gain access to the cleartext contents of encrypted network traffic in arbitrary Kerberos-enabled services. Other attacks may also be possible.
Microsoft implements draft 9 of the IETF PKINIT specification, and states that the vulnerability is in the protocol specification itself. Other implementations of PKINIT may therefore also be vulnerable to this issue.
33. Linux Kernel Session Keyring Allocation Local Denial of Service Vulnerability
BugTraq ID: 14521
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14521
Summary:
The Linux kernel is reported prone to a local denial of service vulnerability.
Specifically, the vulnerability presents itself when a user attempts to allocate a new session keyring and some exceptional conditions arise.
This can allow a local attacker to deny service to legitimate users.
34. Inkscape Insecure Temporary File Creation Vulnerability
BugTraq ID: 14522
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14522
Summary:
Inkscape creates temporary files in the '/tmp' directory in an insecure manner. An attacker with local access may overwrite or create files using symbolic link attacks.
This type of attack can result in denial of service or loss of data within the context of the affected application. Other attacks may be possible.
35. XMB Forum U2U.Inc.PHP SQL Injection Vulnerability
BugTraq ID: 14523
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14523
Summary:
XMB Forum is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
36. AWStats Referrer Arbitrary Command Execution Vulnerability
BugTraq ID: 14525
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14525
Summary:
AWStats is affected by an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
Successful exploitation of this vulnerability will permit an attacker to execute arbitrary Perl code on the system hosting the affected application in the security context of the Web server process. This may aid in further attacks against the underlying system; other attacks are also possible.
It should be noted this vulnerability is only possible if the affected application has at least one URLPlugin enabled.
37. Mozilla Firefox And Thunderbird Long URI Obfuscation Weakness
BugTraq ID: 14526
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14526
Summary:
A weakness is reported in Mozilla Firefox and Thunderbird that may allow an attacker to obfuscate the URI of a link. This could facilitate the impersonation of legitimate Web sites in order to steal sensitive information from unsuspecting users.
It is reported that the weakness exists when URIs presented to the vulnerable application are overly long. When a URI as described is displayed, it is reported that the text in the address bar goes completely white, making the URI invisible to the user.
This may facilitate other attacks by hiding the URI from the targeted user.
Mozilla Firefox 1.0.6, and Thunderbird 1.0 are affected by this issue. Other versions and products may also be affected.
38. Easy Software Products CUPS Denial of Service Vulnerability
BugTraq ID: 14527
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14527
Summary:
CUPS is affected by a denial of service vulnerability. This issue manifests when the application fails to do proper bounds checking when handling malformed PDF files.
An attacker can exploit this vulnerability by supplying a malformed PDF file to the affected application resulting in an endless loop, thus denying service to legitimate users.
39. Apple Safari Web Browser JavaScript Invalid Address Denial Of Service Vulnerability
BugTraq ID: 14528
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14528
Summary:
Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs certain JavaScript operations.
The exact cause of this issue is currently unknown. This BID will be updated as further information is disclosed.
This vulnerability allows remote attackers to crash affected Web browsers by causing an invalid memory access exception.
Safari version 1.3 is reported susceptible to this issue. Other versions may also be affected.
40. XPDF Loca Table Verification Remote Denial of Service Vulnerability
BugTraq ID: 14529
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14529
Summary:
XPDF is prone to a remote denial of service vulnerability.
The vulnerability presents itself when the application attempts to verify the validity of a malformed 'loca' table in PDF files.
This issue can result in disk consumption and ultimately lead to a denial of service condition.
kpdf, gpdf and CUPS are vulnerable to this issue as well.
41. AOL Client Software Local Privilege Escalation Vulnerability
BugTraq ID: 14530
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14530
Summary:
AOL client software is susceptible to a local privilege escalation vulnerability. This issue is due to a failure of the software to properly secure its installation path against local modifications.
This issue allows local users to replace the affected binary with an executable of their choice, allowing them to execute arbitrary code with SYSTEM privileges. This facilitates the complete compromise of the local computer.
AOL version 9.0 Security Edition is reported susceptible to this vulnerability; other versions may also be affected.
42. Gaim AIM/ICQ Protocols Multiple Vulnerabilities
BugTraq ID: 14531
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14531
Summary:
Gaim is prone to multiple vulnerabilities affecting the AIM and ICQ protocols. These issues may allow remote attackers to trigger a buffer overflow or a denial of service condition.
All versions of Gaim 1.x are considered to be vulnerable at the moment.
43. GNOME Evolution Multiple Format String Vulnerabilities
BugTraq ID: 14532
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14532
Summary:
Evolution is affected by multiple format string vulnerabilities.
These issues can allow remote attackers to execute arbitrary code in the context of the client.
Evolution versions 1.5 to 2.3.6.1 are affected.
44. WordPress Cookie Data PHP Code Injection Vulnerability
BugTraq ID: 14533
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14533
Summary:
WordPress is affected by a remote PHP code injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
45. EZUpload Multiple Remote File Include Vulnerabilities
BugTraq ID: 14534
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14534
Summary:
ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
46. PHPTB Topic Board Multiple SQL Injection Vulnerabilities
BugTraq ID: 14535
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14535
Summary:
PHPTB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
The consequences of this attack may vary depending on the type of queries that can be influenced, and the implementation of the database.
47. Wyse Winterm 1125SE Remote Denial of Service Vulnerability
BugTraq ID: 14536
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14536
Summary:
Winterm 1125SE is affected by a remote denial of service vulnerability. This issue is due to the application failing to handle exceptional conditions in a proper manner.
The problem occurs when processing packets with malformed IP headers. A successful attack causes the application to crash, denying service to legitimate users.
48. PHlyMail Unspecified Authentication Bypass Vulnerability
BugTraq ID: 14537
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14537
Summary:
PHlyMail is prone to an unspecified authentication bypass vulnerability. The cause of this issue was not specified.
A successful attack can allow unauthorized attackers to bypass the authentication routines and gain access to the application. An attacker may then carry out other attacks against the vulnerable computer.
49. VegaDNS Index.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14538
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14538
Summary:
VegaDNS is vulnerable to cross-site scripting attacks. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
50. Grandstream Budge Tone Denial Of Service Vulnerability
BugTraq ID: 14539
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14539
Summary:
Grandstream Budge Tone telephones are prone to a denial of service vulnerability.
This particular attack will cause a Grandstream Budge Tone telephone to malfunction by aborting any call currently in progress, rendering the display on the telephone inoperable, and causing the integrated HTTP server to stop responding. Switching the telephone off and on again will resume normal operation.
51. HP Proliant DL585 Server Unauthorized Remote Access Vulnerability
BugTraq ID: 14540
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14540
Summary:
HP Proliant DL585 Server is affected by an unauthorized access vulnerability.
When the server is powered down, a remote attacker can gain access to the server controls.
Very little information is available on this issue; this BID will be updated as more information becomes available.
52. EQDKP Session.PHP Authorization Bypass Vulnerability
BugTraq ID: 14541
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14541
Summary:
EQdkp is affected by an authorization bypass vulnerability.
EQdkp is affected by an authorization bypass vulnerability. A remote attacker may be able to exploit this vulnerability to bypass certain security restrictions.
The vendor has addressed this issue in EQdkp version 1.3.0; earlier versions are reportedly affected.
53. Nortel Contivity VPN Client Local Privilege Escalation Vulnerability
BugTraq ID: 14542
Remote: No
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14542
Summary:
Nortel Contivity VPN Client is susceptible to a local privilege escalation vulnerability. This issue is due to a failure of the application to properly lower the privileges of the running process when required.
Due to the nature of the affected application, it executes with SYSTEM privileges. When a local user opens a dialog box to select digital certificates, they may use it to launch arbitrary files.
Due to the failure of the application to properly revert to the users correct privileges, the executed file will be run with SYSTEM privileges.
This vulnerability allows local attackers to access and execute arbitrary files with SYSTEM privileges, facilitating the compromise of the local computer.
54. Lasso Professional Server Remote Authentication Bypass Vulnerability
BugTraq ID: 14543
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14543
Summary:
Lasso Professional Server is susceptible to a remote authentication bypass vulnerability. This issue is due to a failure of the application to properly enforce defined security constraints.
This vulnerability allows remote attackers to gain access to potentially sensitive information contained in Web pages they would normally be unable to see, potentially aiding them in further attacks. Depending on the contents and design of the targeted Web pages, attackers may possibly interact with the Web site to cause data alterations or destruction.
This issue is present in versions 8.0.4 and 8.0.5 of Lasso Professional Server.
55. MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability
BugTraq ID: 14544
Remote: Yes
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14544
Summary:
MidiCart ASP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
56. Gallery PostNuke Integration Access Validation Vulnerability
BugTraq ID: 14547
Remote: Yes
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14547
Summary:
Gallery is prone to an access validation issue when integrated with PostNuke. This issue could allow any user with any level of admin privileges in PostNuke to also have admin privileges over the entire Gallery.
This issue has been addressed in Gallery 1.5.1-RC2.
57. Novell eDirectory Server iMonitor Buffer Overflow Vulnerability
BugTraq ID: 14548
Remote: Yes
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14548
Summary:
The Novell eDirectory Server iMonitor is prone to a buffer overflow. Successful exploitation could allow arbitrary code execution with Local System privileges.
eDirectory 8.7.3 iMonitor is vulnerable to this issue. Earlier versions may also be affected.
58. McAfee ePolicy Orchestrator Local Information Disclosure Vulnerability
BugTraq ID: 14549
Remote: No
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14549
Summary:
Network Associates McAfee ePolicy Orchestrator is susceptible to a local information disclosure vulnerability. This issue is due to incorrectly configured directory permissions in the default installation process of the application.
This vulnerability allows local attackers to access arbitrary files located in the same partition as the affected directory with SYSTEM privileges. This will aid them in further attacks.
59. Veritas Backup Exec For Windows And NetWare Arbitrary File Download Vulnerability
BugTraq ID: 14551
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14551
Summary:
Veritas Backup Exec for Windows Servers, Veritas Backup Exec for NetWare Servers, NetBackup for NetWare Media Server Option, and Remote Agents for Windows, Unix/Linux, and NetWare servers are prone to a vulnerability regarding the unauthorized downloading of arbitrary files.
A remote attacker can exploit this vulnerability to download arbitrary files, aiding them in further attack.
A Metasploit Framework exploit is available and there are reports of this vulnerability currently being exploited in the wild.
60. MyBulletinBoard Multiple SQL Injection Vulnerabilities
BugTraq ID: 14553
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14553
Summary:
MyBulletinBoard is prone to multiple SQL injection vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Reports indicate an attacker can exploit at least one of these vulnerabilities to gain administrative access to the affected application.
61. Kaspersky Anti-Virus For Unix Local Insecure Default Permission Vulnerabilities
BugTraq ID: 14554
Remote: No
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14554
Summary:
Kaspersky Anti-Virus for Unix File Servers is susceptible to two local insecure default permission vulnerabilities. These issues are due to the application failing to secure newly created directories upon installation.
The first insecure directory is used by the 'kavmonitor' binary to log actions of the anti-virus scanner. Attackers may exploit this vulnerability to delete or alter log files to obscure attack traces, or use symbolic links to cause the affected utility to overwrite arbitrary files with superuser privileges.
The second insecure directory is used to hold licensing data for the product. Attackers may delete or alter the license key files, causing the 'keepup2date' utility to fail. This utility is used by the application to keep the anti-virus signatures updated.
These vulnerabilities are reported in version 5.5-2 of Kaspersky Anti-Virus for Unix. Other versions may also be affected.
62. PHPBB BBCode IMG Tag Script Injection Vulnerability
BugTraq ID: 14555
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14555
Summary:
phpBB is prone to a script injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input in bbcode '[IMG]' tags included in a user signature.
Successful exploitation of this vulnerability could permit the injection of arbitrary HTML or script code into the browser of an unsuspecting user in the context of the affected site.
This issue is reported to affect phpBB version 2.0.17; earlier versions may also be vulnerable.
63. FUDForum Tree View Access Validation Vulnerability
BugTraq ID: 14556
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14556
Summary:
FUDforum is prone to an access validation vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to private forums.
An attacker can exploit this vulnerability to obtain posts from private forums. This may result in a loss of confidentiality. Information obtained may also be used in further attacks.
This issue is reported to affect FUDforum version 2.6.15; earlier versions may also be vulnerable.
It should be noted this issue is only possible if the 'Tree View' feature is enabled.
64. Mentor ADSL-FR4II Multiple Vulnerabilities
BugTraq ID: 14557
Remote: Yes
Date Published: 2005-08-13
Relevant URL: http://www.securityfocus.com/bid/14557
Summary:
Mentor ADSL-FR4II is prone to multiple vulnerabilities which could allow unauthorized remote access or result in a denial of service.
Specifically, the backup configuration files downloaded from the device contain the administrator password in clear text.
The device is also prone to a denial of service when a number of connections to various ports on the device are made.
65. Isemarket JaguarControl ActiveX Control Buffer Overflow Vulnerability
BugTraq ID: 14558
Remote: Yes
Date Published: 2005-08-13
Relevant URL: http://www.securityfocus.com/bid/14558
Summary:
Isemarket JaguarControl ActiveX control is prone to a buffer overflow. This could result in a failure of the client application invoking the control or potentially execution of arbitrary code.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Worm spreading through Microsoft Plug-and-Play flaw
By: Robert Lemos
Dubbed Zotob, the worm infects computers using a flaw in the Windows operating system's Plug-and-Play functionality, but security experts believe that the attack won't be as significant as previous epidemics.
http://www.securityfocus.com/news/11281
2. NIST, DHS add national vulnerability database to mix
By: Robert Lemos
The National Institute of Standards and Technology has created a government-funded database of flaws. Will it bring more competition among vulnerability databases or just be a federally funded clone?
http://www.securityfocus.com/news/11278
3. Microsoft's "monkeys" find first zero-day exploit
By: Robert Lemos
The software giant continues its honeymonkey research, finding more than 750 exploits for Windows computers, including an attack using a vulnerability that had not been publicly disclosed.
http://www.securityfocus.com/news/11273
4. Annual hacking game teaches security lessons
By: Robert Lemos
At the DEF CON conference, the latest version of the weekend-long Capture the Flag game stresses code auditing as a measure of hacking skills, but also requires participants to think about balancing attack and defense as well as physical security.
http://www.securityfocus.com/news/11269
5. Apple patches OS X security flaws
By: Tony Smith
Apple has posted its latest Mac OS X security update, which addresses a number of potential vulnerabilities in the operating system.
http://www.securityfocus.com/news/11282
6. IRC bot latches onto Plug-and-Play vuln
By: John Leyden
The Microsoft Plug-and-Play vulnerability exploited by the ZoTob worm has been harnessed to create an IRC bot. IRCBot-ES uses the vulnerability to spread instead of more common vectors such as Windows RPC security vulns.
http://www.securityfocus.com/news/11283
7. 180Solutions sues former affiliates over illegal tactics
By: John Leyden
Adware maker 180solutions has sued seven former distributors for using networks of compromised computers to surreptitiously install its software on users' PCs.
http://www.securityfocus.com/news/11284
8. Cabir mobile worm gives track fans the run around
By: John Leyden
Phone-mad Finns are coping with a minor outbreak of the Cabir mobile virus at the Athletic's World Championship in Helsinki this week.
http://www.securityfocus.com/news/11279
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Security Engineer, McLean
http://www.securityfocus.com/archive/77/408281
2. [SJ-JOB] Security Product Manager, Santa Clara
http://www.securityfocus.com/archive/77/408279
3. [SJ-JOB] Security Engineer, Charlotte
http://www.securityfocus.com/archive/77/408280
V. INCIDENTS LIST SUMMARY
---------------------------
1. DNS cache poisoning?
http://www.securityfocus.com/archive/75/408225
2. New Virus?
http://www.securityfocus.com/archive/75/408163
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #251
http://www.securityfocus.com/archive/88/407760
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. Certifications
http://www.securityfocus.com/archive/91/408062
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: CrossTec
NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
----------------------------------------
This Issue is Sponsored By: CrossTec
NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
http://www.securityfocus.com/sponsor/CrossTec_sf-news_050816
------------------------------------------------------------------
I. FRONT AND CENTER
1. Jose Nazario discusses worms
2. Packet forensics using TCP
II. BUGTRAQ SUMMARY
1. Acunetix Web Vulnerability Scanner Remote Denial of Service Vulnerability
2. PHP-Fusion Messages.PHP SQL Injection Vulnerability
3. SysCP Multiple Script Execution Vulnerabilities
4. Invision Power Board Attached File Cross-Site Scripting Vulnerability
5. PHPSiteStats Unspecified Authentication Bypass Vulnerability
6. OpenBB Multiple SQL Injection Vulnerabilities
7. E107 Website System Attached File Cross-Site Scripting Vulnerability
8. Wine WineLauncher.IN Local Insecure File Creation Vulnerability
9. Gravity Board X Login SQL Injection Vulnerability
10. DVBBS Multiple Cross Site Scripting Vulnerabilities
11. Gravity Board X DeleteThread.PHP Cross-Site Scripting Vulnerability
12. TDiary Cross-Site Request Forgery Vulnerability
13. FFTW Insecure Temporary File Creation Vulnerability
14. Gravity Board X CSS Template Unauthorized Access Vulnerability
15. MyFAQ Multiple SQL Injection Vulnerabilities
16. Calendar Express Multiple SQL Injection Vulnerabilities.
17. Calendar Express Search.PHP Cross-Site Scripting Vulnerability
18. Chipmunk CMS Fontcolor Cross Site Scripting Vulnerability
19. FunkBoard Multiple Cross-Site Scripting Vulnerabilities
20. E107 Submitted Link HTML Injection Vulnerability
21. MySQL User-Defined Function Buffer Overflow Vulnerability
22. Sun Solaris Printd Arbitrary File Deletion Vulnerability
23. Microsoft Internet Explorer COM Object Instantiation Buffer Overflow Vulnerability
24. Microsoft Internet Explorer Web Folder Behaviors Cross-Domain Scripting Vulnerability
25. Microsoft Windows Plug and Play Buffer Overflow Vulnerability
26. Microsoft Windows Print Spooler Buffer Overflow Vulnerability
27. Microsoft Internet Explorer Unspecified SharePoint Portal Services Log Sink ActiveX Vulnerability
28. TriggerTG TClanPortal Multiple SQL Injection Vulnerabilities
29. Linux Kernel Non-Zero Keyring Local Denial of Service Vulnerability
30. Microsoft Windows Telephony Service Buffer Overflow Vulnerability
31. Microsoft Windows Kerberos Denial Of Service Vulnerability
32. Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability
33. Linux Kernel Session Keyring Allocation Local Denial of Service Vulnerability
34. Inkscape Insecure Temporary File Creation Vulnerability
35. XMB Forum U2U.Inc.PHP SQL Injection Vulnerability
36. AWStats Referrer Arbitrary Command Execution Vulnerability
37. Mozilla Firefox And Thunderbird Long URI Obfuscation Weakness
38. Easy Software Products CUPS Denial of Service Vulnerability
39. Apple Safari Web Browser JavaScript Invalid Address Denial Of Service Vulnerability
40. XPDF Loca Table Verification Remote Denial of Service Vulnerability
41. AOL Client Software Local Privilege Escalation Vulnerability
42. Gaim AIM/ICQ Protocols Multiple Vulnerabilities
43. GNOME Evolution Multiple Format String Vulnerabilities
44. WordPress Cookie Data PHP Code Injection Vulnerability
45. EZUpload Multiple Remote File Include Vulnerabilities
46. PHPTB Topic Board Multiple SQL Injection Vulnerabilities
47. Wyse Winterm 1125SE Remote Denial of Service Vulnerability
48. PHlyMail Unspecified Authentication Bypass Vulnerability
49. VegaDNS Index.PHP Cross Site Scripting Vulnerability
50. Grandstream Budge Tone Denial Of Service Vulnerability
51. HP Proliant DL585 Server Unauthorized Remote Access Vulnerability
52. EQDKP Session.PHP Authorization Bypass Vulnerability
53. Nortel Contivity VPN Client Local Privilege Escalation Vulnerability
54. Lasso Professional Server Remote Authentication Bypass Vulnerability
55. MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability
56. Gallery PostNuke Integration Access Validation Vulnerability
57. Novell eDirectory Server iMonitor Buffer Overflow Vulnerability
58. McAfee ePolicy Orchestrator Local Information Disclosure Vulnerability
59. Veritas Backup Exec For Windows And NetWare Arbitrary File Download Vulnerability
60. MyBulletinBoard Multiple SQL Injection Vulnerabilities
61. Kaspersky Anti-Virus For Unix Local Insecure Default Permission Vulnerabilities
62. PHPBB BBCode IMG Tag Script Injection Vulnerability
63. FUDForum Tree View Access Validation Vulnerability
64. Mentor ADSL-FR4II Multiple Vulnerabilities
65. Isemarket JaguarControl ActiveX Control Buffer Overflow Vulnerability
III. SECURITYFOCUS NEWS
1. Worm spreading through Microsoft Plug-and-Play flaw
2. NIST, DHS add national vulnerability database to mix
3. Microsoft's "monkeys" find first zero-day exploit
4. Annual hacking game teaches security lessons
5. Apple patches OS X security flaws
6. IRC bot latches onto Plug-and-Play vuln
7. 180Solutions sues former affiliates over illegal tactics
8. Cabir mobile worm gives track fans the run around
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Security Engineer, McLean
2. [SJ-JOB] Security Product Manager, Santa Clara
3. [SJ-JOB] Security Engineer, Charlotte
4. [SJ-JOB] Sales Representative, Houston
5. [SJ-JOB] Forensics Engineer, washington
6. [SJ-JOB] Management, Palo Alto
7. [SJ-JOB] Director, Information Security, ST. PETERSBURG
8. [SJ-JOB] Manager, Information Security, ST. PETERSBURG
9. [SJ-JOB] Security Engineer, AMBLER
10. [SJ-JOB] Sr. Security Engineer, Irvine
11. [SJ-JOB] Security Auditor, Multiple Locations
12. [SJ-JOB] Security Architect, Redmond
13. [SJ-JOB] Security Architect, Boston
14. [SJ-JOB] Security Engineer, Austin
15. [SJ-JOB] Sr. Security Engineer, Chelmsford
16. [SJ-JOB] Security Consultant, Portsmouth
17. [SJ-JOB] Application Security Engineer, Montvale
18. [SJ-JOB] Application Security Engineer, Montvale
19. [SJ-JOB] Sr. Security Analyst, Austin
20. [SJ-JOB] Security Engineer, Denver
21. [SJ-JOB] Application Security Engineer, Boston
22. [SJ-JOB] Security Engineer, New York
23. [SJ-JOB] Security Engineer, New York
24. [SJ-JOB] Security Consultant, Washington D.C.
25. [SJ-JOB] Sales Engineer, Atlanta
26. [SJ-JOB] Sales Engineer, Detroit
27. [SJ-JOB] Sales Engineer, Washington or commutable
28. [SJ-JOB] Manager, Information Security, Washington
29. [SJ-JOB] Application Security Engineer, Washington
30. [SJ-JOB] Manager, Information Security, DC
31. [SJ-JOB] Security Consultant, South East
32. [SJ-JOB] Security Researcher, Columbia
33. [SJ-JOB] Sr. Security Engineer, Newark
34. [SJ-JOB] Security Architect, Ft. Lauderdale
35. [SJ-JOB] Application Security Architect, Ft Lauderdale
36. [SJ-JOB] Security Engineer, Warren, NJ
V. INCIDENTS LIST SUMMARY
1. DNS cache poisoning?
2. New Virus?
VI. VULN-DEV RESEARCH LIST SUMMARY
VII. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #251
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. Certifications
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Jose Nazario discusses worms
By Federico Biancuzzi
Federico Biancuzzi interviews Jose Nazario to discuss modern computer worms and the design goals behind them.
http://www.securityfocus.com/columnists/347
2. Packet forensics using TCP
By Don Parker and Mike Sues
This article looks at TCP packet forensics and examines why sequence and acknowledgement numbers can be useful during an investigation.
http://www.securityfocus.com/infocus/1845
II. BUGTRAQ SUMMARY
--------------------
1. Acunetix Web Vulnerability Scanner Remote Denial of Service Vulnerability
BugTraq ID: 14488
Remote: Yes
Date Published: 2005-08-06
Relevant URL: http://www.securityfocus.com/bid/14488
Summary:
Acunetix Web Vulnerability Scanner is affected by a remote denial of service vulnerability. This issue affects the Web sniffer component of the application.
An attacker can exploit this issue by gaining control of a server through some means or by sending spoofed traffic to the network. A successful attack can result in a denial of service condition due to resource exhaustion.
Acunetix Web Vulnerability Scanner version 2.0 is affected. Other versions may be vulnerable as well.
2. PHP-Fusion Messages.PHP SQL Injection Vulnerability
BugTraq ID: 14489
Remote: Yes
Date Published: 2005-08-06
Relevant URL: http://www.securityfocus.com/bid/14489
Summary:
PHP-Fusion is prone to an SQL injection vulnerability.
This issue is due to a failure in the application to properly sanitize user-supplied input to the 'messages.php' script before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
3. SysCP Multiple Script Execution Vulnerabilities
BugTraq ID: 14490
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14490
Summary:
SysCP is affected by multiple script execution vulnerabilities.
The following specific vulnerabilities were identified:
The application is affected by a remote file include vulnerability. An attacker can include remote script code and execute it in the context of an affected server.
Another script code execution vulnerability may allow an attacker to call arbitrary functions and scripts by bypassing a PHP eval() statement.
SysCP 1.2.10 and prior versions are prone to these vulnerabilities.
4. Invision Power Board Attached File Cross-Site Scripting Vulnerability
BugTraq ID: 14492
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14492
Summary:
Invision Power Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
This issue is reported to affect Invision Power Board 1.0.3; other 1.x versions of the application may also be affected. However, the 2.x versions of the application are reported not vulnerable to this issue.
5. PHPSiteStats Unspecified Authentication Bypass Vulnerability
BugTraq ID: 14493
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14493
Summary:
PHPSiteStats is prone to an unspecified authentication bypass vulnerability.
A successful attack can allow unauthorized attackers to bypass the authentication routines and gain access to the application. An attacker may then carry out other attacks against the vulnerable computer.
PHPSiteStats 1.0 is prone to this issue. Other versions may be vulnerable as well.
6. OpenBB Multiple SQL Injection Vulnerabilities
BugTraq ID: 14494
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14494
Summary:
OpenBB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
The consequences of these attacks may vary depending on the type of queries that can be influenced, and the implementation of the database.
7. E107 Website System Attached File Cross-Site Scripting Vulnerability
BugTraq ID: 14495
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14495
Summary:
e107 Website System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
8. Wine WineLauncher.IN Local Insecure File Creation Vulnerability
BugTraq ID: 14496
Remote: No
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14496
Summary:
A local insecure file creation vulnerability affects Wine. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it.
The details available regarding this issue are not sufficient to provide an in depth technical description. This BID will be updated when more information becomes available.
An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application.
This issue is reported in version 20050725; other version may also be affected.
9. Gravity Board X Login SQL Injection Vulnerability
BugTraq ID: 14497
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14497
Summary:
Gravity Board X (GBX) is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
10. DVBBS Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14498
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14498
Summary:
DVBBS is prone to multiple cross-site scripting vulnerabilities. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
11. Gravity Board X DeleteThread.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14499
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14499
Summary:
Gravity Board X (GBX) is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
12. TDiary Cross-Site Request Forgery Vulnerability
BugTraq ID: 14500
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14500
Summary:
tDiary is prone to a cross-site request forgery vulnerability. This issue may allow a remote attacker to delete data and configuration settings and potentially execute commands on an affected computer.
tDiary 2.0.1 and prior and tDiary 2.1.1 are affected by this issue.
13. FFTW Insecure Temporary File Creation Vulnerability
BugTraq ID: 14501
Remote: No
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14501
Summary:
FFTW creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to overwrite files in the context of the application. The vulnerability is due to the program creating temporary files with a predictable name in the '/tmp' directory.
A local attacker most likely takes advantage of this vulnerability by creating a malicious symbolic link in a directory where the temporary files will be created. When the program attempts to perform an operation on a temporary file, it will instead perform the operation on the file pointed to by the malicious symbolic link.
Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.
This issue is reported in version 3.0.1 of the FFTW library; other versions may also be affected.
14. Gravity Board X CSS Template Unauthorized Access Vulnerability
BugTraq ID: 14502
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14502
Summary:
Gravity Board X (GBX) is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions.
An attacker can exploit this vulnerability and modify an existing CSS template to include arbitrary PHP code. The attacker can then call the stored template and have the malicious PHP code executed in the context of the Web server process. This may aid the attacker in further attacks against the underlying system.
15. MyFAQ Multiple SQL Injection Vulnerabilities
BugTraq ID: 14503
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14503
Summary:
myFAQ is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
16. Calendar Express Multiple SQL Injection Vulnerabilities.
BugTraq ID: 14504
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14504
Summary:
Calendar Express is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
17. Calendar Express Search.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14505
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14505
Summary:
Calendar Express is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
18. Chipmunk CMS Fontcolor Cross Site Scripting Vulnerability
BugTraq ID: 14506
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14506
Summary:
Chipmunk CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to inject html and script code into the Web browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials. Other attacks are also possible.
19. FunkBoard Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14507
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14507
Summary:
FunkBoard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
20. E107 Submitted Link HTML Injection Vulnerability
BugTraq ID: 14508
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14508
Summary:
e107 is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
21. MySQL User-Defined Function Buffer Overflow Vulnerability
BugTraq ID: 14509
Remote: Yes
Date Published: 2005-08-08
Relevant URL: http://www.securityfocus.com/bid/14509
Summary:
MySQL is prone to a buffer overflow vulnerability. This issue is due to insufficient bounds checking of data supplied as an argument in a user-defined function.
This issue could be exploited by a database user with sufficient access to create a user-defined function. It may also be possible to exploit this issue trhough latent SQL injection vulnerabilities in third-party applications that use the database as a backend.
Successful exploitation will result in execution of arbitrary code in the context of the database server process.
22. Sun Solaris Printd Arbitrary File Deletion Vulnerability
BugTraq ID: 14510
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14510
Summary:
Sun Solaris printd is affected by an arbitrary file deletion vulnerability. It was reported that a remote or local attacker can delete arbitrary files on a computer with the privileges of printd.
If an attacker is able to delete sensitive files, this issue may lead to a denial of service condition.
23. Microsoft Internet Explorer COM Object Instantiation Buffer Overflow Vulnerability
BugTraq ID: 14511
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14511
Summary:
Microsoft Internet Explorer is prone to a buffer overflow vulnerability.
This issue is exposed when certain COM objects are instantiated as ActiveX controls. A malicious Web page could pass content to these objects that will trigger memory corruption.
Successful exploitation could let remote attackers execute arbitrary code in the context of the currently logged in user.
24. Microsoft Internet Explorer Web Folder Behaviors Cross-Domain Scripting Vulnerability
BugTraq ID: 14512
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14512
Summary:
Microsoft Internet Explorer is prone to a security vulnerability that may let a Web page execute malicious script code in the context of an arbitrary domain or browser security zone. This issue is the result of a security flaw in the browser security model when handling URIs when a Web folder view is rendered.
If exploited to access a foreign domain, this could allow script code embedded in a malicious Web page to access the properties of another site that the victim of the attack may trust. This would likely be exploited to steal credentials or sensitive information from the victim. The issue could also be exploited to execute arbitrary code by running malicious script code in a browser security zone with lowered security settings, such as the Local Machine, Trusted Sites or Intranet zone. Code execution would occur in the context of the currently logged in user.
25. Microsoft Windows Plug and Play Buffer Overflow Vulnerability
BugTraq ID: 14513
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14513
Summary:
Microsoft Windows Plug and Play is prone to a buffer overflow vulnerability.
This issue takes place when the PnP service handles malformed messages containing excessive data.
This vulnerability facilitates local privilege escalation and unauthorized remote access depending on the underlying operating system. A successful attack may result in arbitrary code execution resulting in an attacker gaining SYSTEM privileges.
26. Microsoft Windows Print Spooler Buffer Overflow Vulnerability
BugTraq ID: 14514
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14514
Summary:
Microsoft Windows Print Spooler service is prone to a buffer overflow vulnerability.
Specifically, this issue takes place when the Print Spooler service handles malformed messages containing excessive data.
This vulnerability facilitates local privilege escalation and unauthorized remote access depending on the underlying operating system. A successful attack may result in arbitrary code execution, which can allow an attacker to gain SYSTEM privileges.
27. Microsoft Internet Explorer Unspecified SharePoint Portal Services Log Sink ActiveX Vulnerability
BugTraq ID: 14515
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14515
Summary:
Microsoft Internet Explorer is prone to an unspecified vulnerability in the SharePoint Portal Service Log Sink ActiveX control.
The vendor has not released any further information about this vulnerability other than to state the "kill bit" has been set on unsupported versions of the control.
This issue may be related to BID 12646.
28. TriggerTG TClanPortal Multiple SQL Injection Vulnerabilities
BugTraq ID: 14516
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14516
Summary:
TClanPortal is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
29. Linux Kernel Non-Zero Keyring Local Denial of Service Vulnerability
BugTraq ID: 14517
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14517
Summary:
The Linux kernel is reported prone to a local denial of service vulnerability.
This issue arises if a user attempts to add a keyring that does not contain an empty payload.
A successful attack can allow a local attacker to deny service to legitimate users due to a kernel oops.
30. Microsoft Windows Telephony Service Buffer Overflow Vulnerability
BugTraq ID: 14518
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14518
Summary:
Microsoft Windows Telephony Service is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to perform proper bounds checking on user-supplied data.
A successful attack can result in overflowing a finite sized buffer and ultimately leading to arbitrary code execution in the context of the affected service. This may allow the attacker to execute arbitrary code remotely or locally to gain elevated privileges.
Remote code execution is only possible on Windows 2000 Server and Windows Server 2003; other vulnerable platforms the attacker must have local interactive access.
31. Microsoft Windows Kerberos Denial Of Service Vulnerability
BugTraq ID: 14519
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14519
Summary:
Microsoft Windows is susceptible to a remote Kerberos denial of service vulnerability. By sending unspecified packets to the Kerberos service on TCP or UDP port 88, attackers may cause the affected service to crash.
This vulnerability allows remote attackers to crash the affected authentication service, denying further domain authentication to legitimate users. It should be noted that exploitation requires that attackers have valid logon credentials.
32. Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability
BugTraq ID: 14520
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14520
Summary:
The PKINIT implementation in Microsoft Windows is susceptible to a man in the middle vulnerability. This issue is due to a failure of the software to properly validate network data. This issue is only exploitable by attackers that have access to valid logon credentials.
Attackers exploit this issue to spoof the domain controller/KDC during the initial authentication process. By spoofing the domain controller/KDC, attackers may gain access to the cleartext contents of encrypted network traffic in arbitrary Kerberos-enabled services. Other attacks may also be possible.
Microsoft implements draft 9 of the IETF PKINIT specification, and states that the vulnerability is in the protocol specification itself. Other implementations of PKINIT may therefore also be vulnerable to this issue.
33. Linux Kernel Session Keyring Allocation Local Denial of Service Vulnerability
BugTraq ID: 14521
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14521
Summary:
The Linux kernel is reported prone to a local denial of service vulnerability.
Specifically, the vulnerability presents itself when a user attempts to allocate a new session keyring and some exceptional conditions arise.
This can allow a local attacker to deny service to legitimate users.
34. Inkscape Insecure Temporary File Creation Vulnerability
BugTraq ID: 14522
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14522
Summary:
Inkscape creates temporary files in the '/tmp' directory in an insecure manner. An attacker with local access may overwrite or create files using symbolic link attacks.
This type of attack can result in denial of service or loss of data within the context of the affected application. Other attacks may be possible.
35. XMB Forum U2U.Inc.PHP SQL Injection Vulnerability
BugTraq ID: 14523
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14523
Summary:
XMB Forum is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
36. AWStats Referrer Arbitrary Command Execution Vulnerability
BugTraq ID: 14525
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14525
Summary:
AWStats is affected by an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
Successful exploitation of this vulnerability will permit an attacker to execute arbitrary Perl code on the system hosting the affected application in the security context of the Web server process. This may aid in further attacks against the underlying system; other attacks are also possible.
It should be noted this vulnerability is only possible if the affected application has at least one URLPlugin enabled.
37. Mozilla Firefox And Thunderbird Long URI Obfuscation Weakness
BugTraq ID: 14526
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14526
Summary:
A weakness is reported in Mozilla Firefox and Thunderbird that may allow an attacker to obfuscate the URI of a link. This could facilitate the impersonation of legitimate Web sites in order to steal sensitive information from unsuspecting users.
It is reported that the weakness exists when URIs presented to the vulnerable application are overly long. When a URI as described is displayed, it is reported that the text in the address bar goes completely white, making the URI invisible to the user.
This may facilitate other attacks by hiding the URI from the targeted user.
Mozilla Firefox 1.0.6, and Thunderbird 1.0 are affected by this issue. Other versions and products may also be affected.
38. Easy Software Products CUPS Denial of Service Vulnerability
BugTraq ID: 14527
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14527
Summary:
CUPS is affected by a denial of service vulnerability. This issue manifests when the application fails to do proper bounds checking when handling malformed PDF files.
An attacker can exploit this vulnerability by supplying a malformed PDF file to the affected application resulting in an endless loop, thus denying service to legitimate users.
39. Apple Safari Web Browser JavaScript Invalid Address Denial Of Service Vulnerability
BugTraq ID: 14528
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14528
Summary:
Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs certain JavaScript operations.
The exact cause of this issue is currently unknown. This BID will be updated as further information is disclosed.
This vulnerability allows remote attackers to crash affected Web browsers by causing an invalid memory access exception.
Safari version 1.3 is reported susceptible to this issue. Other versions may also be affected.
40. XPDF Loca Table Verification Remote Denial of Service Vulnerability
BugTraq ID: 14529
Remote: Yes
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14529
Summary:
XPDF is prone to a remote denial of service vulnerability.
The vulnerability presents itself when the application attempts to verify the validity of a malformed 'loca' table in PDF files.
This issue can result in disk consumption and ultimately lead to a denial of service condition.
kpdf, gpdf and CUPS are vulnerable to this issue as well.
41. AOL Client Software Local Privilege Escalation Vulnerability
BugTraq ID: 14530
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14530
Summary:
AOL client software is susceptible to a local privilege escalation vulnerability. This issue is due to a failure of the software to properly secure its installation path against local modifications.
This issue allows local users to replace the affected binary with an executable of their choice, allowing them to execute arbitrary code with SYSTEM privileges. This facilitates the complete compromise of the local computer.
AOL version 9.0 Security Edition is reported susceptible to this vulnerability; other versions may also be affected.
42. Gaim AIM/ICQ Protocols Multiple Vulnerabilities
BugTraq ID: 14531
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14531
Summary:
Gaim is prone to multiple vulnerabilities affecting the AIM and ICQ protocols. These issues may allow remote attackers to trigger a buffer overflow or a denial of service condition.
All versions of Gaim 1.x are considered to be vulnerable at the moment.
43. GNOME Evolution Multiple Format String Vulnerabilities
BugTraq ID: 14532
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14532
Summary:
Evolution is affected by multiple format string vulnerabilities.
These issues can allow remote attackers to execute arbitrary code in the context of the client.
Evolution versions 1.5 to 2.3.6.1 are affected.
44. WordPress Cookie Data PHP Code Injection Vulnerability
BugTraq ID: 14533
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14533
Summary:
WordPress is affected by a remote PHP code injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
45. EZUpload Multiple Remote File Include Vulnerabilities
BugTraq ID: 14534
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14534
Summary:
ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
46. PHPTB Topic Board Multiple SQL Injection Vulnerabilities
BugTraq ID: 14535
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14535
Summary:
PHPTB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
The consequences of this attack may vary depending on the type of queries that can be influenced, and the implementation of the database.
47. Wyse Winterm 1125SE Remote Denial of Service Vulnerability
BugTraq ID: 14536
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14536
Summary:
Winterm 1125SE is affected by a remote denial of service vulnerability. This issue is due to the application failing to handle exceptional conditions in a proper manner.
The problem occurs when processing packets with malformed IP headers. A successful attack causes the application to crash, denying service to legitimate users.
48. PHlyMail Unspecified Authentication Bypass Vulnerability
BugTraq ID: 14537
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14537
Summary:
PHlyMail is prone to an unspecified authentication bypass vulnerability. The cause of this issue was not specified.
A successful attack can allow unauthorized attackers to bypass the authentication routines and gain access to the application. An attacker may then carry out other attacks against the vulnerable computer.
49. VegaDNS Index.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14538
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14538
Summary:
VegaDNS is vulnerable to cross-site scripting attacks. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
50. Grandstream Budge Tone Denial Of Service Vulnerability
BugTraq ID: 14539
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14539
Summary:
Grandstream Budge Tone telephones are prone to a denial of service vulnerability.
This particular attack will cause a Grandstream Budge Tone telephone to malfunction by aborting any call currently in progress, rendering the display on the telephone inoperable, and causing the integrated HTTP server to stop responding. Switching the telephone off and on again will resume normal operation.
51. HP Proliant DL585 Server Unauthorized Remote Access Vulnerability
BugTraq ID: 14540
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14540
Summary:
HP Proliant DL585 Server is affected by an unauthorized access vulnerability.
When the server is powered down, a remote attacker can gain access to the server controls.
Very little information is available on this issue; this BID will be updated as more information becomes available.
52. EQDKP Session.PHP Authorization Bypass Vulnerability
BugTraq ID: 14541
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14541
Summary:
EQdkp is affected by an authorization bypass vulnerability.
EQdkp is affected by an authorization bypass vulnerability. A remote attacker may be able to exploit this vulnerability to bypass certain security restrictions.
The vendor has addressed this issue in EQdkp version 1.3.0; earlier versions are reportedly affected.
53. Nortel Contivity VPN Client Local Privilege Escalation Vulnerability
BugTraq ID: 14542
Remote: No
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14542
Summary:
Nortel Contivity VPN Client is susceptible to a local privilege escalation vulnerability. This issue is due to a failure of the application to properly lower the privileges of the running process when required.
Due to the nature of the affected application, it executes with SYSTEM privileges. When a local user opens a dialog box to select digital certificates, they may use it to launch arbitrary files.
Due to the failure of the application to properly revert to the users correct privileges, the executed file will be run with SYSTEM privileges.
This vulnerability allows local attackers to access and execute arbitrary files with SYSTEM privileges, facilitating the compromise of the local computer.
54. Lasso Professional Server Remote Authentication Bypass Vulnerability
BugTraq ID: 14543
Remote: Yes
Date Published: 2005-08-10
Relevant URL: http://www.securityfocus.com/bid/14543
Summary:
Lasso Professional Server is susceptible to a remote authentication bypass vulnerability. This issue is due to a failure of the application to properly enforce defined security constraints.
This vulnerability allows remote attackers to gain access to potentially sensitive information contained in Web pages they would normally be unable to see, potentially aiding them in further attacks. Depending on the contents and design of the targeted Web pages, attackers may possibly interact with the Web site to cause data alterations or destruction.
This issue is present in versions 8.0.4 and 8.0.5 of Lasso Professional Server.
55. MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability
BugTraq ID: 14544
Remote: Yes
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14544
Summary:
MidiCart ASP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
56. Gallery PostNuke Integration Access Validation Vulnerability
BugTraq ID: 14547
Remote: Yes
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14547
Summary:
Gallery is prone to an access validation issue when integrated with PostNuke. This issue could allow any user with any level of admin privileges in PostNuke to also have admin privileges over the entire Gallery.
This issue has been addressed in Gallery 1.5.1-RC2.
57. Novell eDirectory Server iMonitor Buffer Overflow Vulnerability
BugTraq ID: 14548
Remote: Yes
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14548
Summary:
The Novell eDirectory Server iMonitor is prone to a buffer overflow. Successful exploitation could allow arbitrary code execution with Local System privileges.
eDirectory 8.7.3 iMonitor is vulnerable to this issue. Earlier versions may also be affected.
58. McAfee ePolicy Orchestrator Local Information Disclosure Vulnerability
BugTraq ID: 14549
Remote: No
Date Published: 2005-08-11
Relevant URL: http://www.securityfocus.com/bid/14549
Summary:
Network Associates McAfee ePolicy Orchestrator is susceptible to a local information disclosure vulnerability. This issue is due to incorrectly configured directory permissions in the default installation process of the application.
This vulnerability allows local attackers to access arbitrary files located in the same partition as the affected directory with SYSTEM privileges. This will aid them in further attacks.
59. Veritas Backup Exec For Windows And NetWare Arbitrary File Download Vulnerability
BugTraq ID: 14551
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14551
Summary:
Veritas Backup Exec for Windows Servers, Veritas Backup Exec for NetWare Servers, NetBackup for NetWare Media Server Option, and Remote Agents for Windows, Unix/Linux, and NetWare servers are prone to a vulnerability regarding the unauthorized downloading of arbitrary files.
A remote attacker can exploit this vulnerability to download arbitrary files, aiding them in further attack.
A Metasploit Framework exploit is available and there are reports of this vulnerability currently being exploited in the wild.
60. MyBulletinBoard Multiple SQL Injection Vulnerabilities
BugTraq ID: 14553
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14553
Summary:
MyBulletinBoard is prone to multiple SQL injection vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Reports indicate an attacker can exploit at least one of these vulnerabilities to gain administrative access to the affected application.
61. Kaspersky Anti-Virus For Unix Local Insecure Default Permission Vulnerabilities
BugTraq ID: 14554
Remote: No
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14554
Summary:
Kaspersky Anti-Virus for Unix File Servers is susceptible to two local insecure default permission vulnerabilities. These issues are due to the application failing to secure newly created directories upon installation.
The first insecure directory is used by the 'kavmonitor' binary to log actions of the anti-virus scanner. Attackers may exploit this vulnerability to delete or alter log files to obscure attack traces, or use symbolic links to cause the affected utility to overwrite arbitrary files with superuser privileges.
The second insecure directory is used to hold licensing data for the product. Attackers may delete or alter the license key files, causing the 'keepup2date' utility to fail. This utility is used by the application to keep the anti-virus signatures updated.
These vulnerabilities are reported in version 5.5-2 of Kaspersky Anti-Virus for Unix. Other versions may also be affected.
62. PHPBB BBCode IMG Tag Script Injection Vulnerability
BugTraq ID: 14555
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14555
Summary:
phpBB is prone to a script injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input in bbcode '[IMG]' tags included in a user signature.
Successful exploitation of this vulnerability could permit the injection of arbitrary HTML or script code into the browser of an unsuspecting user in the context of the affected site.
This issue is reported to affect phpBB version 2.0.17; earlier versions may also be vulnerable.
63. FUDForum Tree View Access Validation Vulnerability
BugTraq ID: 14556
Remote: Yes
Date Published: 2005-08-12
Relevant URL: http://www.securityfocus.com/bid/14556
Summary:
FUDforum is prone to an access validation vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to private forums.
An attacker can exploit this vulnerability to obtain posts from private forums. This may result in a loss of confidentiality. Information obtained may also be used in further attacks.
This issue is reported to affect FUDforum version 2.6.15; earlier versions may also be vulnerable.
It should be noted this issue is only possible if the 'Tree View' feature is enabled.
64. Mentor ADSL-FR4II Multiple Vulnerabilities
BugTraq ID: 14557
Remote: Yes
Date Published: 2005-08-13
Relevant URL: http://www.securityfocus.com/bid/14557
Summary:
Mentor ADSL-FR4II is prone to multiple vulnerabilities which could allow unauthorized remote access or result in a denial of service.
Specifically, the backup configuration files downloaded from the device contain the administrator password in clear text.
The device is also prone to a denial of service when a number of connections to various ports on the device are made.
65. Isemarket JaguarControl ActiveX Control Buffer Overflow Vulnerability
BugTraq ID: 14558
Remote: Yes
Date Published: 2005-08-13
Relevant URL: http://www.securityfocus.com/bid/14558
Summary:
Isemarket JaguarControl ActiveX control is prone to a buffer overflow. This could result in a failure of the client application invoking the control or potentially execution of arbitrary code.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Worm spreading through Microsoft Plug-and-Play flaw
By: Robert Lemos
Dubbed Zotob, the worm infects computers using a flaw in the Windows operating system's Plug-and-Play functionality, but security experts believe that the attack won't be as significant as previous epidemics.
http://www.securityfocus.com/news/11281
2. NIST, DHS add national vulnerability database to mix
By: Robert Lemos
The National Institute of Standards and Technology has created a government-funded database of flaws. Will it bring more competition among vulnerability databases or just be a federally funded clone?
http://www.securityfocus.com/news/11278
3. Microsoft's "monkeys" find first zero-day exploit
By: Robert Lemos
The software giant continues its honeymonkey research, finding more than 750 exploits for Windows computers, including an attack using a vulnerability that had not been publicly disclosed.
http://www.securityfocus.com/news/11273
4. Annual hacking game teaches security lessons
By: Robert Lemos
At the DEF CON conference, the latest version of the weekend-long Capture the Flag game stresses code auditing as a measure of hacking skills, but also requires participants to think about balancing attack and defense as well as physical security.
http://www.securityfocus.com/news/11269
5. Apple patches OS X security flaws
By: Tony Smith
Apple has posted its latest Mac OS X security update, which addresses a number of potential vulnerabilities in the operating system.
http://www.securityfocus.com/news/11282
6. IRC bot latches onto Plug-and-Play vuln
By: John Leyden
The Microsoft Plug-and-Play vulnerability exploited by the ZoTob worm has been harnessed to create an IRC bot. IRCBot-ES uses the vulnerability to spread instead of more common vectors such as Windows RPC security vulns.
http://www.securityfocus.com/news/11283
7. 180Solutions sues former affiliates over illegal tactics
By: John Leyden
Adware maker 180solutions has sued seven former distributors for using networks of compromised computers to surreptitiously install its software on users' PCs.
http://www.securityfocus.com/news/11284
8. Cabir mobile worm gives track fans the run around
By: John Leyden
Phone-mad Finns are coping with a minor outbreak of the Cabir mobile virus at the Athletic's World Championship in Helsinki this week.
http://www.securityfocus.com/news/11279
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Security Engineer, McLean
http://www.securityfocus.com/archive/77/408281
2. [SJ-JOB] Security Product Manager, Santa Clara
http://www.securityfocus.com/archive/77/408279
3. [SJ-JOB] Security Engineer, Charlotte
http://www.securityfocus.com/archive/77/408280
4. [SJ-JOB] Sales Representative, Houston
http://www.securityfocus.com/archive/77/408277
5. [SJ-JOB] Forensics Engineer, washington
http://www.securityfocus.com/archive/77/408278
6. [SJ-JOB] Management, Palo Alto
http://www.securityfocus.com/archive/77/408255
7. [SJ-JOB] Director, Information Security, ST. PETERSBURG
http://www.securityfocus.com/archive/77/408257
8. [SJ-JOB] Manager, Information Security, ST. PETERSBURG
http://www.securityfocus.com/archive/77/408259
9. [SJ-JOB] Security Engineer, AMBLER
http://www.securityfocus.com/archive/77/408253
10. [SJ-JOB] Sr. Security Engineer, Irvine
http://www.securityfocus.com/archive/77/408254
11. [SJ-JOB] Security Auditor, Multiple Locations
http://www.securityfocus.com/archive/77/408252
12. [SJ-JOB] Security Architect, Redmond
http://www.securityfocus.com/archive/77/408233
13. [SJ-JOB] Security Architect, Boston
http://www.securityfocus.com/archive/77/408236
14. [SJ-JOB] Security Engineer, Austin
http://www.securityfocus.com/archive/77/408234
15. [SJ-JOB] Sr. Security Engineer, Chelmsford
http://www.securityfocus.com/archive/77/408232
16. [SJ-JOB] Security Consultant, Portsmouth
http://www.securityfocus.com/archive/77/408231
17. [SJ-JOB] Application Security Engineer, Montvale
http://www.securityfocus.com/archive/77/407918
18. [SJ-JOB] Application Security Engineer, Montvale
http://www.securityfocus.com/archive/77/407908
19. [SJ-JOB] Sr. Security Analyst, Austin
http://www.securityfocus.com/archive/77/407910
20. [SJ-JOB] Security Engineer, Denver
http://www.securityfocus.com/archive/77/407911
21. [SJ-JOB] Application Security Engineer, Boston
http://www.securityfocus.com/archive/77/407906
22. [SJ-JOB] Security Engineer, New York
http://www.securityfocus.com/archive/77/407899
23. [SJ-JOB] Security Engineer, New York
http://www.securityfocus.com/archive/77/407900
24. [SJ-JOB] Security Consultant, Washington D.C.
http://www.securityfocus.com/archive/77/407901
25. [SJ-JOB] Sales Engineer, Atlanta
http://www.securityfocus.com/archive/77/407897
26. [SJ-JOB] Sales Engineer, Detroit
http://www.securityfocus.com/archive/77/407898
27. [SJ-JOB] Sales Engineer, Washington or commutable
http://www.securityfocus.com/archive/77/407871
28. [SJ-JOB] Manager, Information Security, Washington
http://www.securityfocus.com/archive/77/407876
29. [SJ-JOB] Application Security Engineer, Washington
http://www.securityfocus.com/archive/77/407877
30. [SJ-JOB] Manager, Information Security, DC
http://www.securityfocus.com/archive/77/407870
31. [SJ-JOB] Security Consultant, South East
http://www.securityfocus.com/archive/77/407872
32. [SJ-JOB] Security Researcher, Columbia
http://www.securityfocus.com/archive/77/407719
33. [SJ-JOB] Sr. Security Engineer, Newark
http://www.securityfocus.com/archive/77/407721
34. [SJ-JOB] Security Architect, Ft. Lauderdale
http://www.securityfocus.com/archive/77/407723
35. [SJ-JOB] Application Security Architect, Ft Lauderdale
http://www.securityfocus.com/archive/77/407718
36. [SJ-JOB] Security Engineer, Warren, NJ
http://www.securityfocus.com/archive/77/407720
V. INCIDENTS LIST SUMMARY
---------------------------
1. DNS cache poisoning?
http://www.securityfocus.com/archive/75/408225
2. New Virus?
http://www.securityfocus.com/archive/75/408163
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #251
http://www.securityfocus.com/archive/88/407760
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. Certifications
http://www.securityfocus.com/archive/91/408062
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: CrossTec
NetOp Desktop Firewall & Policy Server lets you centrally manage which applications can run on your enterprise PCs. NetOp's tiny driver-centric design prevents unauthorized programs and processes, including viruses, keyloggers, spyware and more from executing -- without slowing down your systems. The future of endpoint protection is available today. Try it FREE.
http://www.securityfocus.com/sponsor/CrossTec_sf-news_050816
[ reply ]