Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
------------------------------------------------------------------
I. FRONT AND CENTER
1. Exploiting Cisco with FX
2. A changing landscape
3. A new way to bypass Windows heap protections
II. BUGTRAQ SUMMARY
1. PHPMyAdmin Cookie.Auth.Lib.PHP HTML Injection Vulnerability
2. PHPMyAdmin Error.PHP Cross-Site Scripting Vulnerability
3. SqWebMail HTML Email IMG Tag Script Injection Vulnerability
4. Land Down Under Signature HTML Injection Vulnerability
5. FUDforum Avatar Upload Arbitrary Script Upload Vulnerability
6. PHPWebNotes Api.PHP Remote File Include Vulnerability
7. Simple PHP Blog Comment_Delete_CGI.PHP Directory Traversal Vulnerability
8. MyBB Member.PHP SQL Injection Vulnerability
9. Land Down Under Multiple SQL Injection Vulnerabilities
10. AutoLinks Pro Al_initialize.PHP Remote File Include Vulnerability
11. PHP-Fusion BBCode URL Tag Script Injection Vulnerability
12. Cosmoshop Multiple SQL Injection Vulnerabilities
13. BFCommand & Control Server Manager Multiple Remote Vulnerabilities
14. Hesk Admin.PHP Authentication Bypass Vulnerability
15. UMN Gopher Client Remote Buffer Overflow Vulnerability
16. PHPLDAPAdmin Unauthorized Access Vulnerability
17. PHPLDAPAdmin Welcome.PHP Multiple Vulnerabilities
18. Maildrop Lockmail Local Privilege Escalation Vulnerability
19. BlueWhaleCRM AccountID SQL Injection Vulnerability
20. FreeStyle Wiki Arbitrary Perl Command Execution Vulnerability
21. e107 Forum_post.PHP Arbitrary Post Creation Vulnerability
22. BNBT EasyTracker Remote Denial Of Service Vulnerability
23. Novell Netware CIFS.NLM Denial of Service Vulnerability
24. FlatNuke ID Parameter Directory Traversal Vulnerability
25. Greymatter Gm.CGI HTML Injection Vulnerability
26. FlatNuke USR Parameter Cross-Site Scripting Vulnerability
27. Indiatimes Messenger Remote Buffer Overflow Vulnerability
28. DameWare Mini Remote Control Server Pre-Authentication Username Buffer Overflow Vulnerability
29. Symantec LiveUpdate Client Local Information Disclosure Vulnerability
30. CMS Made Simple Lang.PHP Remote File Include Vulnerability
31. Barracuda Spam Firewall IMG.PL Remote Directory Traversal Vulnerability
32. Frox Arbitrary Configuration File Access Vulnerability
33. Barracuda Spam Firewall IMG.PL Remote Command Execution Vulnerability
34. DownFile Multiple Cross-Site Scripting Vulnerabilities
35. DownFile Administrator Unauthorized Access Vulnerability
36. 3Com Network Supervisor Directory Traversal Vulnerability
37. SILC Server Insecure Temporary File Creation Vulnerability
38. Multiple Vendor Web Vulnerability Scanners HTML Injection Vulnerability
39. Novell NetMail Remote IMAP Heap Buffer Overflow Vulnerability
40. Linux Kernel ZLib Local Null Pointer Dereference Denial of Service Vulnerability
41. Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
42. PolyGen Local Denial of Service Vulnerability
43. WhitSoft Development SlimFTPd Remote Denial of Service Vulnerability
44. GBook Multiple Unspecified Cross-Site Scripting Vulnerabilities
45. OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
46. PBLang Bulletin Board System Multiple Remote Vulnerabilities
47. OpenSSH GSSAPI Credential Disclosure Vulnerability
48. FileZilla FTP Client Hard-Coded Cipher Key Vulnerability
49. Squid Proxy SSLConnectTimeout Remote Denial Of Service Vulnerability
50. Plain Black Software WebGUI Remote Perl Command Execution Vulnerabilities
III. SECURITYFOCUS NEWS
1. Big debate over small packets
2. Katrina's destruction attracts online fraudsters
3. Hidden-code flaw in Windows renews worries over stealthly malware
4. Zotob suspects arrested in Turkey and Morocco
5. E-banking security provokes fear or indifference
6. Trusted Computing standards won't apply to Vista - Schneier
7. Hi-tech no panacea for ID theft woes
8. HP warns over OpenView flaw
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] VP of Regional Sales, Washington
2. [SJ-JOB] VP of Regional Sales, Washington
3. [SJ-JOB] Security Consultant, Princeton
4. [SJ-JOB] Account Manager, Mississauga
5. [SJ-JOB] Security System Administrator, Islandia
6. [SJ-JOB] Security Consultant, Tampa
7. [SJ-JOB] Security Consultant, Tampa
8. [SJ-JOB] Security Architect, Herndon
9. [SJ-JOB] Application Security Architect, Any Location
10. [SJ-JOB] Regional Channel Manager, Austin
11. [SJ-JOB] Security System Administrator, Marlborough
12. [SJ-JOB] Security System Administrator, Islandia
13. [SJ-JOB] Security Consultant, Herndon
14. [SJ-JOB] Security System Administrator, New York
15. [SJ-JOB] Sales Engineer, Atlanta
16. [SJ-JOB] Account Manager, Austin
17. [SJ-JOB] Sales Engineer, NYC
18. [SJ-JOB] Sales Engineer, San Francisco
19. [SJ-JOB] Sales Engineer, National
20. [SJ-JOB] Security Consultant, Middletown
21. [SJ-JOB] Security Consultant, Chicago
22. [SJ-JOB] Sales Engineer, Toronto
23. [SJ-JOB] Sales Engineer, Minneapolis
24. [SJ-JOB] Sales Engineer, Reston
25. [SJ-JOB] Security Consultant, National
26. [SJ-JOB] Account Manager, Chicago
27. [SJ-JOB] Sales Engineer, Bay Area
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Linux free software auditing
VII. MICROSOFT FOCUS LIST SUMMARY
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. scanning for windows spywear with linux
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Exploiting Cisco with FX
By Federico Biancuzzi
This interview with FX discusses Cisco IOS exploitation, Michael Lynn's work, and what FX believes can be done when hacking IOS.
http://www.securityfocus.com/columnists/351
2. A changing landscape
By Rohyt Belani
In 2004, I came across an empirical study published by the CERT/CC that indicated a diminishing correlation between the number of vendor-issued vulnerabilities and the number of reported security incidents.
http://www.securityfocus.com/columnists/352
3. A new way to bypass Windows heap protections
By Nicolas Falliere
Windows heap overflows have become increasingly popular over the last couple of years.
http://www.securityfocus.com/infocus/1846
II. BUGTRAQ SUMMARY
--------------------
1. PHPMyAdmin Cookie.Auth.Lib.PHP HTML Injection Vulnerability
BugTraq ID: 14674
Remote: Yes
Date Published: 2005-08-28
Relevant URL: http://www.securityfocus.com/bid/14674
Summary:
phpMyAdmin is prone to an HTML injection vulnerability.
This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Other attacks are also possible as this issue may let an attack inject arbitrary content into the site hosting the software.
2. PHPMyAdmin Error.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14675
Remote: Yes
Date Published: 2005-08-28
Relevant URL: http://www.securityfocus.com/bid/14675
Summary:
phpMyAdmin is prone to a cross-site scripting vulnerability.
This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack would require that the victim follows a malicious link that includes hostile HTML and script code.
3. SqWebMail HTML Email IMG Tag Script Injection Vulnerability
BugTraq ID: 14676
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14676
Summary:
SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser.
This may allow for various attacks including session hijacking due to the theft of user credentials.
SqWebMail 5.0.4 is reportedly vulnerable to this issue. It is possible that other versions are affected as well.
4. Land Down Under Signature HTML Injection Vulnerability
BugTraq ID: 14677
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14677
Summary:
Land Down Under is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
5. FUDforum Avatar Upload Arbitrary Script Upload Vulnerability
BugTraq ID: 14678
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14678
Summary:
FUDforum is prone to a remote arbitrary PHP file upload vulnerability.
An attacker can merge an image file with a script file and upload it to an affected server.
This issue can facilitate unauthorized remote access.
FUDforum versions prior to 2.7.1 are reported to be affected. Currently Symantec cannot confirm if version 2.7.1 is affected as well.
6. PHPWebNotes Api.PHP Remote File Include Vulnerability
BugTraq ID: 14679
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14679
Summary:
phpWebNotes is prone to a remote file include vulnerability.
hpWebNotes is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
7. Simple PHP Blog Comment_Delete_CGI.PHP Directory Traversal Vulnerability
BugTraq ID: 14681
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14681
Summary:
Simple PHP Blog is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit this issue to delete arbitrary files on the affected system in the context of the Web server process.
8. MyBB Member.PHP SQL Injection Vulnerability
BugTraq ID: 14684
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14684
Summary:
MyBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
9. Land Down Under Multiple SQL Injection Vulnerabilities
BugTraq ID: 14685
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14685
Summary:
Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
10. AutoLinks Pro Al_initialize.PHP Remote File Include Vulnerability
BugTraq ID: 14686
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14686
Summary:
AutoLinks Pro is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
11. PHP-Fusion BBCode URL Tag Script Injection Vulnerability
BugTraq ID: 14688
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14688
Summary:
PHP-Fusion is prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
12. Cosmoshop Multiple SQL Injection Vulnerabilities
BugTraq ID: 14689
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14689
Summary:
Cosmoshop is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of properly sanitized input to several CGI scipts.
An attacker may compromise this application by using SQL injection techniques to bypass the admin login process. Successful exploitation results in gaining full administrative access within the context of the affected application.
13. BFCommand & Control Server Manager Multiple Remote Vulnerabilities
BugTraq ID: 14690
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14690
Summary:
BFCC and BFVCC server managers are vulnerable to multiple remote vulnerabilities.
The first two issues are login bypass vulnerabilities. These issues allow remote, anonymous attackers to gain access to the affected server process.
The third issue is a design error whereby the server application implements access controls, privileges, and other commands in the client-side of the connection. This allows remote attackers to gain full administrative access to the affected application.
The fourth issue is a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle multiple connections.
These vulnerabilities allow remote attackers to gain administrative access in the affected server application, and to deny further access to the application.
14. Hesk Admin.PHP Authentication Bypass Vulnerability
BugTraq ID: 14692
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14692
Summary:
Hesk is prone to an authentication bypass vulnerability.
The application does not properly validate username and password pairs, and subsequently allows administrative access without a password.
This can lead to unauthorized access of sensitive data, modification of helpdesk data and program code, and other types of attacks.
15. UMN Gopher Client Remote Buffer Overflow Vulnerability
BugTraq ID: 14693
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14693
Summary:
Gopher is prone to a remote buffer overflow vulnerability.
The vulnerability presents itself when the client handles a malformed '+VIEWS:' reply from a server.
A remote attacker may gain unauthorized access in the context of the user running the application.
Gopher version 3.0.9 is reported to be affected by this vulnerability, however, other versions may be vulnerable as well.
16. PHPLDAPAdmin Unauthorized Access Vulnerability
BugTraq ID: 14694
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14694
Summary:
phpldapadmin is prone to an unauthorized access vulnerability. This issue is due to a failure in the application to properly validate user credentials before granting access to LDAP administrative functions.
An attacker can exploit this vulnerability to login to the server anonymously, and utilize administrative functions to modify the LDAP database.
17. PHPLDAPAdmin Welcome.PHP Multiple Vulnerabilities
BugTraq ID: 14695
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14695
Summary:
phpldapadmin is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
phpldapadmin is prone to a directory traversal vulnerability. An attacker can exploit this vulnerability to retrieve arbitrary files on the vulnerable system in the security context of the Web server process. Information obtained may aid in further attacks against the underlying system; other attacks are also possible.
phpldapadmin is prone to a remote file include vulnerability. An attacker can exploit this vulnerability to execute arbitrary PHP script code in the security context of the Web server process.
phpldapadmin is also prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
18. Maildrop Lockmail Local Privilege Escalation Vulnerability
BugTraq ID: 14696
Remote: No
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14696
Summary:
Lockmail is affected by a local privilege escalation vulnerability.
A local attacker can execute arbitrary commands with group mail privileges.
Maildrop 1.5.3 is affected by this issue. Other versions may be vulnerable as well.
19. BlueWhaleCRM AccountID SQL Injection Vulnerability
BugTraq ID: 14697
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14697
Summary:
BlueWhaleCRM is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
20. FreeStyle Wiki Arbitrary Perl Command Execution Vulnerability
BugTraq ID: 14698
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14698
Summary:
FreeStyle Wiki is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to execute arbitrary Perl commands in the context of the affected application.
21. e107 Forum_post.PHP Arbitrary Post Creation Vulnerability
BugTraq ID: 14699
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14699
Summary:
e107 is prone to an input validation vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
Successful exploitation of this issue will permit an attacker to create arbitrary forum message posts.
22. BNBT EasyTracker Remote Denial Of Service Vulnerability
BugTraq ID: 14700
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14700
Summary:
BNBT EasyTracker contains a denial of service vulnerability in its HTTP parser code. This issue is due to a failure of the application to properly handle malformed HTTP requests.
If an attacker sends a malformed HTTP request to the application, reports indicate that the affected application will terminate unexpectedly.
A remote attacker is able to terminate the application, denying service to legitimate users.
23. Novell Netware CIFS.NLM Denial of Service Vulnerability
BugTraq ID: 14701
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14701
Summary:
Netware CIFS.NLM is reportedly prone to a remote denial of service vulnerability.
Reportedly, the W32.Randex.CCC worm can trigger this issue resulting in a denial of service condition due to an ABEND.
NetWare 5.1, 6.0, 6.5 SP2 and 6.5 SP3 are vulnerable to this issue.
24. FlatNuke ID Parameter Directory Traversal Vulnerability
BugTraq ID: 14702
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14702
Summary:
FlatNuke is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An unauthorized user can retrieve arbitrary files by supplying directory traversal strings '../' to the vulnerable parameter.
Exploitation of this vulnerability could lead to a loss of confidentiality. Information obtained may aid in further attacks against the underlying system; other attacks are also possible.
25. Greymatter Gm.CGI HTML Injection Vulnerability
BugTraq ID: 14703
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14703
Summary:
GreyMatter is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
26. FlatNuke USR Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 14704
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14704
Summary:
FlatNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
27. Indiatimes Messenger Remote Buffer Overflow Vulnerability
BugTraq ID: 14705
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14705
Summary:
Indiatimes Messenger is reported prone to a remote buffer overflow vulnerability.
A successful attack may trigger a crash in the client or lead to arbitrary code execution. The attacker may then gain unauthorized remote access in the context of the user running the application.
Indiatimes Messenger 6.0 is affected by this issue.
28. DameWare Mini Remote Control Server Pre-Authentication Username Buffer Overflow Vulnerability
BugTraq ID: 14707
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14707
Summary:
DameWare Mini Remote Control Server is affected by a remote buffer overflow vulnerability. This issue presents itself because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers.
Remote attackers may execute arbitrary machine code in the context of the affected server process, facilitating system compromise.
This issue is similar to the one described in BID 9213 (DameWare Mini Remote Control Server Pre-Authentication Buffer Overflow Vulnerability). This issue may be related, or possibly a regression in the affected application.
29. Symantec LiveUpdate Client Local Information Disclosure Vulnerability
BugTraq ID: 14708
Remote: No
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14708
Summary:
Symantec LiveUpdate Client is susceptible to a local information disclosure vulnerability.
Sensitive information such as the server name, IP address, subnet, subnet mask, connection protocol, username and password to access the LiveUpdate server are logged in a plain text file.
A local attacker can subsequently access the file and disclose authentication credentials to access the server. This may lead to various attacks including the potential compromise of the server.
30. CMS Made Simple Lang.PHP Remote File Include Vulnerability
BugTraq ID: 14709
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14709
Summary:
CMS Made Simple is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
CMS Made Simple Version .10 and all prior versions are reported vulnerable.
31. Barracuda Spam Firewall IMG.PL Remote Directory Traversal Vulnerability
BugTraq ID: 14710
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14710
Summary:
Barracuda Spam Firewall is prone to a directory traversal vulnerability. This issue affects the Web interface of the appliance.
Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. Information obtained through this attack may aid in further attacks against the underlying system.
Barracuda Spam Firewall firmware 3.1.17 and prior versions are affected by this issue.
32. Frox Arbitrary Configuration File Access Vulnerability
BugTraq ID: 14711
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14711
Summary:
Frox is prone to a vulnerability that permits read access to arbitrary files.
Successful exploitation of this vulnerability will grant the attacker read access to arbitrary files on the system in the security context of the Frox process. Information obtained may aid in further attacks against the underlying system; other attacks are also possible.
It should be noted that this issue is only exploitable if Frox is installed with setuid or setgid privileges.
33. Barracuda Spam Firewall IMG.PL Remote Command Execution Vulnerability
BugTraq ID: 14712
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14712
Summary:
Barracuda Spam Firewall is prone to a remote arbitrary command execution vulnerability.
This issue arises when user-specified commands are supplied to the Web interface of the device.
An attacker can supply arbitrary commands and have them executed in the context of the server. This issue may facilitate unauthorized remote access.
Barracuda Spam Firewall firmware 3.1.17 and prior versions are affected by this issue.
34. DownFile Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14713
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14713
Summary:
DownFile is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
35. DownFile Administrator Unauthorized Access Vulnerability
BugTraq ID: 14714
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14714
Summary:
DownFile is prone to an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper authentication before granting access to administrative functions.
An attacker can exploit this vulnerability to gain access to administrative functions, this will result in an elevation of privileges.
36. 3Com Network Supervisor Directory Traversal Vulnerability
BugTraq ID: 14715
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14715
Summary:
Network Supervisor is prone to a directory traversal vulnerability.
The application fails to properly sanitize input supplied through HTTP GET requests.
Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. It should be noted that all files on the affected drive can be disclosed by a successful attack.
37. SILC Server Insecure Temporary File Creation Vulnerability
BugTraq ID: 14716
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14716
Summary:
SILC Server creates temporary files in an insecure manner. The issue exists in the 'silcd/silcd.c' file.
Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.
38. Multiple Vendor Web Vulnerability Scanners HTML Injection Vulnerability
BugTraq ID: 14717
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14717
Summary:
N-Stealth and Nikto, Web vulnerability scanners, are prone to an HTML injection vulnerability. This issue is due to a failure of the applications to properly sanitize user-supplied input before using it in dynamically generated content.
An attacker could exploit this vulnerability to execute arbitrary HTML or script code in the browser of an unsuspecting user.
39. Novell NetMail Remote IMAP Heap Buffer Overflow Vulnerability
BugTraq ID: 14718
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14718
Summary:
Novell NetMail is susceptible to a buffer overflow vulnerability in the IMAP command continuation function in the IMAP agent. This issue is due to a lack of proper boundary checks when copying user-supplied data to insufficiently-sized memory buffers.
This vulnerability allows remote attackers to execute arbitrary machine code in the context of the affected server process.
This issue was originally documented in BID 13926 (Novell NetMail Multiple Remote Vulnerabilities).
40. Linux Kernel ZLib Local Null Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 14720
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14720
Summary:
The Linux kernel is prone to a denial of service vulnerability. This issue is due to a failure in the application to properly handle malformed compressed files.
An attacker can exploit this vulnerability to cause a kernel crash, effectively denying service to legitimate users.
41. Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
BugTraq ID: 14721
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14721
Summary:
Apache 2.x mod_ssl is prone to a restriction bypass vulnerability. This issue presents itself when mod_ssl is configured to be used with the 'SSLVerifyClient' directive.
This issue allows attackers to bypass security policies to gain access to locations that are configured to be forbidden for clients without a valid client certificate.
42. PolyGen Local Denial of Service Vulnerability
BugTraq ID: 14722
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14722
Summary:
PolyGen is prone to a local denial of service vulnerability.
A local attacker can potentially cause a denial of service condition due to resource exhaustion.
PolyGen 1.0.6 is affected by this vulnerability.
43. WhitSoft Development SlimFTPd Remote Denial of Service Vulnerability
BugTraq ID: 14723
Remote: Yes
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14723
Summary:
SlimFTPd is prone to a remote denial of service vulnerability. This issue is due to a failure in the application to handle exceptional conditions.
The problem presents itself during login. The application fails to handle malicious input in a proper manner resulting in a crash of the server, thus denying service to legitimate users.
44. GBook Multiple Unspecified Cross-Site Scripting Vulnerabilities
BugTraq ID: 14725
Remote: Yes
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14725
Summary:
gBook is prone to multiple unspecified cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
45. OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
BugTraq ID: 14727
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14727
Summary:
OpenSSH is susceptible to a vulnerability that causes improper activation of the 'GatewayPorts' option, allowing unintended hosts to utilize the SSH SOCKS proxy.
Specifically, if the 'DynamicForward' option is activated, 'GatewayPorts' is also unconditionally enabled.
This vulnerability allows remote attackers to utilize the SOCKS proxy to make arbitrary TCP connections through the configured SSH session, allowing them to attack computers and services through a connection that was inappropriately thought to be secure.
This issue affects OpenSSH 4.0, and 4.1.
46. PBLang Bulletin Board System Multiple Remote Vulnerabilities
BugTraq ID: 14728
Remote: Yes
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14728
Summary:
PBLang is reported prone to multiple remote vulnerabilities.
Two access validation errors can allow an attacker to gain access to restricted content and delete arbitrary messages.
Another vulnerability allows an attacker to inject arbitrary script code into a site and create an administrative account.
PBLang versions prior to 4.66z are affected by these issues.
47. OpenSSH GSSAPI Credential Disclosure Vulnerability
BugTraq ID: 14729
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14729
Summary:
OpenSSH is susceptible to a GSSAPI credential delegation vulnerability.
Specifically, if a user has GSSAPI authentication configured, and 'GSSAPIDelegateCredentials' is enabled, their Kerberos credentials will be forwarded to remote hosts. This occurs even when the user uses authentication methods other than GSSAPI to connect, which is not what is usually expected.
This vulnerability allows remote attackers to improperly gain access to GSSAPI credentials, allowing them to utilize the credentials to access resources granted to the original principal.
This issue affects versions of OpenSSH prior to 4.2.
48. FileZilla FTP Client Hard-Coded Cipher Key Vulnerability
BugTraq ID: 14730
Remote: No
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14730
Summary:
FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers.
The application uses a hard-coded cipher key to decrypt the password, which is stored in an XML file or the Windows Registry.
This can allow the attacker to gain access to an FTP server with the privileges of the victim.
49. Squid Proxy SSLConnectTimeout Remote Denial Of Service Vulnerability
BugTraq ID: 14731
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14731
Summary:
A remote denial of service vulnerability affects the Squid Proxy. This issue is due to a failure of the application to properly handle exceptional network requests.
A remote attacker may leverage this issue to crash the affected Squid Proxy, denying service to legitimate users.
50. Plain Black Software WebGUI Remote Perl Command Execution Vulnerabilities
BugTraq ID: 14732
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14732
Summary:
WebGUI may be exploited to execute arbitrary Perl commands. This issue presents itself due to insufficient sanitization of user-supplied data.
Remote attackers may execute arbitrary Perl commands in the context of the Web server hosting the vulnerable application. This can facilitate unauthorized remote access.
Versions of WebGUI prior to 6.7.3 are vulnerable.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Big debate over small packets
By: Robert Lemos
After a summer of debate over whether flaws in ICMP are a serious threat, an Argentinian researcher continues to lobby the Internet's technical standards body to implement his proposal to fix the issues.
http://www.securityfocus.com/news/11306
2. Katrina's destruction attracts online fraudsters
By: Robert Lemos
From questionable charity sites to malicious code with a hurricane hook, people ready to take advantage of the natural disaster in New Orleans and the Gulf of Mexico have pursued their schemes on the Internet.
http://www.securityfocus.com/news/11302
3. Hidden-code flaw in Windows renews worries over stealthly malware
By: Robert Lemos
A flaw in the way that several security programs and systems utilities detect system changes can allow spyware to run surreptitiously, renewing worries about stealthier attack code.
http://www.securityfocus.com/news/11300
4. Zotob suspects arrested in Turkey and Morocco
By: Robert Lemos
UPDATE: Law enforcement arrested two men--one living in Turkey and the other in Morocco--in connection with the release of the recent Zotob worm.
http://www.securityfocus.com/news/11297
5. E-banking security provokes fear or indifference
By: John Leyden
A recent study by analyst Forrester Research has unearthed conflicting views about the safety or otherwise of online banking. The survey of 11,300 UK net users found that while many online banking consumers are complacent about security, a large minority have given up online banking as a direct result of security fears.
http://www.securityfocus.com/news/11305
6. Trusted Computing standards won't apply to Vista - Schneier
By: John Leyden
Microsoft is dragging its heels about applying guidelines it helped develop for trusted computing to the next version of Windows, according to noted crypto guru Bruce Schneier.
http://www.securityfocus.com/news/11303
7. Hi-tech no panacea for ID theft woes
By: John Leyden
Attempts to thwart identity theft and fraud through technology advances are likely to prove counterproductive, a British academic warns.
http://www.securityfocus.com/news/11304
8. HP warns over OpenView flaw
By: John Leyden
Enterprise users are been urged to apply workarounds following the discovery of a potentially troublesome vulnerability involving a component of HP's widely used network management suite, HP OpenView.
http://www.securityfocus.com/news/11301
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] VP of Regional Sales, Washington
http://www.securityfocus.com/archive/77/409816
2. [SJ-JOB] VP of Regional Sales, Washington
http://www.securityfocus.com/archive/77/409792
25. [SJ-JOB] Security Consultant, National
http://www.securityfocus.com/archive/77/409794
26. [SJ-JOB] Account Manager, Chicago
http://www.securityfocus.com/archive/77/409795
27. [SJ-JOB] Sales Engineer, Bay Area
http://www.securityfocus.com/archive/77/409793
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Linux free software auditing
http://www.securityfocus.com/archive/82/409755
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. scanning for windows spywear with linux
http://www.securityfocus.com/archive/91/409832
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
----------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------
I. FRONT AND CENTER
1. Exploiting Cisco with FX
2. A changing landscape
3. A new way to bypass Windows heap protections
II. BUGTRAQ SUMMARY
1. PHPMyAdmin Cookie.Auth.Lib.PHP HTML Injection Vulnerability
2. PHPMyAdmin Error.PHP Cross-Site Scripting Vulnerability
3. SqWebMail HTML Email IMG Tag Script Injection Vulnerability
4. Land Down Under Signature HTML Injection Vulnerability
5. FUDforum Avatar Upload Arbitrary Script Upload Vulnerability
6. PHPWebNotes Api.PHP Remote File Include Vulnerability
7. Simple PHP Blog Comment_Delete_CGI.PHP Directory Traversal Vulnerability
8. MyBB Member.PHP SQL Injection Vulnerability
9. Land Down Under Multiple SQL Injection Vulnerabilities
10. AutoLinks Pro Al_initialize.PHP Remote File Include Vulnerability
11. PHP-Fusion BBCode URL Tag Script Injection Vulnerability
12. Cosmoshop Multiple SQL Injection Vulnerabilities
13. BFCommand & Control Server Manager Multiple Remote Vulnerabilities
14. Hesk Admin.PHP Authentication Bypass Vulnerability
15. UMN Gopher Client Remote Buffer Overflow Vulnerability
16. PHPLDAPAdmin Unauthorized Access Vulnerability
17. PHPLDAPAdmin Welcome.PHP Multiple Vulnerabilities
18. Maildrop Lockmail Local Privilege Escalation Vulnerability
19. BlueWhaleCRM AccountID SQL Injection Vulnerability
20. FreeStyle Wiki Arbitrary Perl Command Execution Vulnerability
21. e107 Forum_post.PHP Arbitrary Post Creation Vulnerability
22. BNBT EasyTracker Remote Denial Of Service Vulnerability
23. Novell Netware CIFS.NLM Denial of Service Vulnerability
24. FlatNuke ID Parameter Directory Traversal Vulnerability
25. Greymatter Gm.CGI HTML Injection Vulnerability
26. FlatNuke USR Parameter Cross-Site Scripting Vulnerability
27. Indiatimes Messenger Remote Buffer Overflow Vulnerability
28. DameWare Mini Remote Control Server Pre-Authentication Username Buffer Overflow Vulnerability
29. Symantec LiveUpdate Client Local Information Disclosure Vulnerability
30. CMS Made Simple Lang.PHP Remote File Include Vulnerability
31. Barracuda Spam Firewall IMG.PL Remote Directory Traversal Vulnerability
32. Frox Arbitrary Configuration File Access Vulnerability
33. Barracuda Spam Firewall IMG.PL Remote Command Execution Vulnerability
34. DownFile Multiple Cross-Site Scripting Vulnerabilities
35. DownFile Administrator Unauthorized Access Vulnerability
36. 3Com Network Supervisor Directory Traversal Vulnerability
37. SILC Server Insecure Temporary File Creation Vulnerability
38. Multiple Vendor Web Vulnerability Scanners HTML Injection Vulnerability
39. Novell NetMail Remote IMAP Heap Buffer Overflow Vulnerability
40. Linux Kernel ZLib Local Null Pointer Dereference Denial of Service Vulnerability
41. Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
42. PolyGen Local Denial of Service Vulnerability
43. WhitSoft Development SlimFTPd Remote Denial of Service Vulnerability
44. GBook Multiple Unspecified Cross-Site Scripting Vulnerabilities
45. OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
46. PBLang Bulletin Board System Multiple Remote Vulnerabilities
47. OpenSSH GSSAPI Credential Disclosure Vulnerability
48. FileZilla FTP Client Hard-Coded Cipher Key Vulnerability
49. Squid Proxy SSLConnectTimeout Remote Denial Of Service Vulnerability
50. Plain Black Software WebGUI Remote Perl Command Execution Vulnerabilities
III. SECURITYFOCUS NEWS
1. Big debate over small packets
2. Katrina's destruction attracts online fraudsters
3. Hidden-code flaw in Windows renews worries over stealthly malware
4. Zotob suspects arrested in Turkey and Morocco
5. E-banking security provokes fear or indifference
6. Trusted Computing standards won't apply to Vista - Schneier
7. Hi-tech no panacea for ID theft woes
8. HP warns over OpenView flaw
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] VP of Regional Sales, Washington
2. [SJ-JOB] VP of Regional Sales, Washington
3. [SJ-JOB] Security Consultant, Princeton
4. [SJ-JOB] Account Manager, Mississauga
5. [SJ-JOB] Security System Administrator, Islandia
6. [SJ-JOB] Security Consultant, Tampa
7. [SJ-JOB] Security Consultant, Tampa
8. [SJ-JOB] Security Architect, Herndon
9. [SJ-JOB] Application Security Architect, Any Location
10. [SJ-JOB] Regional Channel Manager, Austin
11. [SJ-JOB] Security System Administrator, Marlborough
12. [SJ-JOB] Security System Administrator, Islandia
13. [SJ-JOB] Security Consultant, Herndon
14. [SJ-JOB] Security System Administrator, New York
15. [SJ-JOB] Sales Engineer, Atlanta
16. [SJ-JOB] Account Manager, Austin
17. [SJ-JOB] Sales Engineer, NYC
18. [SJ-JOB] Sales Engineer, San Francisco
19. [SJ-JOB] Sales Engineer, National
20. [SJ-JOB] Security Consultant, Middletown
21. [SJ-JOB] Security Consultant, Chicago
22. [SJ-JOB] Sales Engineer, Toronto
23. [SJ-JOB] Sales Engineer, Minneapolis
24. [SJ-JOB] Sales Engineer, Reston
25. [SJ-JOB] Security Consultant, National
26. [SJ-JOB] Account Manager, Chicago
27. [SJ-JOB] Sales Engineer, Bay Area
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Linux free software auditing
VII. MICROSOFT FOCUS LIST SUMMARY
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. scanning for windows spywear with linux
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Exploiting Cisco with FX
By Federico Biancuzzi
This interview with FX discusses Cisco IOS exploitation, Michael Lynn's work, and what FX believes can be done when hacking IOS.
http://www.securityfocus.com/columnists/351
2. A changing landscape
By Rohyt Belani
In 2004, I came across an empirical study published by the CERT/CC that indicated a diminishing correlation between the number of vendor-issued vulnerabilities and the number of reported security incidents.
http://www.securityfocus.com/columnists/352
3. A new way to bypass Windows heap protections
By Nicolas Falliere
Windows heap overflows have become increasingly popular over the last couple of years.
http://www.securityfocus.com/infocus/1846
II. BUGTRAQ SUMMARY
--------------------
1. PHPMyAdmin Cookie.Auth.Lib.PHP HTML Injection Vulnerability
BugTraq ID: 14674
Remote: Yes
Date Published: 2005-08-28
Relevant URL: http://www.securityfocus.com/bid/14674
Summary:
phpMyAdmin is prone to an HTML injection vulnerability.
This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Other attacks are also possible as this issue may let an attack inject arbitrary content into the site hosting the software.
2. PHPMyAdmin Error.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14675
Remote: Yes
Date Published: 2005-08-28
Relevant URL: http://www.securityfocus.com/bid/14675
Summary:
phpMyAdmin is prone to a cross-site scripting vulnerability.
This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack would require that the victim follows a malicious link that includes hostile HTML and script code.
3. SqWebMail HTML Email IMG Tag Script Injection Vulnerability
BugTraq ID: 14676
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14676
Summary:
SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser.
This may allow for various attacks including session hijacking due to the theft of user credentials.
SqWebMail 5.0.4 is reportedly vulnerable to this issue. It is possible that other versions are affected as well.
4. Land Down Under Signature HTML Injection Vulnerability
BugTraq ID: 14677
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14677
Summary:
Land Down Under is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
5. FUDforum Avatar Upload Arbitrary Script Upload Vulnerability
BugTraq ID: 14678
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14678
Summary:
FUDforum is prone to a remote arbitrary PHP file upload vulnerability.
An attacker can merge an image file with a script file and upload it to an affected server.
This issue can facilitate unauthorized remote access.
FUDforum versions prior to 2.7.1 are reported to be affected. Currently Symantec cannot confirm if version 2.7.1 is affected as well.
6. PHPWebNotes Api.PHP Remote File Include Vulnerability
BugTraq ID: 14679
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14679
Summary:
phpWebNotes is prone to a remote file include vulnerability.
hpWebNotes is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
7. Simple PHP Blog Comment_Delete_CGI.PHP Directory Traversal Vulnerability
BugTraq ID: 14681
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14681
Summary:
Simple PHP Blog is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit this issue to delete arbitrary files on the affected system in the context of the Web server process.
8. MyBB Member.PHP SQL Injection Vulnerability
BugTraq ID: 14684
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14684
Summary:
MyBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
9. Land Down Under Multiple SQL Injection Vulnerabilities
BugTraq ID: 14685
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14685
Summary:
Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
10. AutoLinks Pro Al_initialize.PHP Remote File Include Vulnerability
BugTraq ID: 14686
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14686
Summary:
AutoLinks Pro is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
11. PHP-Fusion BBCode URL Tag Script Injection Vulnerability
BugTraq ID: 14688
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14688
Summary:
PHP-Fusion is prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
12. Cosmoshop Multiple SQL Injection Vulnerabilities
BugTraq ID: 14689
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14689
Summary:
Cosmoshop is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of properly sanitized input to several CGI scipts.
An attacker may compromise this application by using SQL injection techniques to bypass the admin login process. Successful exploitation results in gaining full administrative access within the context of the affected application.
13. BFCommand & Control Server Manager Multiple Remote Vulnerabilities
BugTraq ID: 14690
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14690
Summary:
BFCC and BFVCC server managers are vulnerable to multiple remote vulnerabilities.
The first two issues are login bypass vulnerabilities. These issues allow remote, anonymous attackers to gain access to the affected server process.
The third issue is a design error whereby the server application implements access controls, privileges, and other commands in the client-side of the connection. This allows remote attackers to gain full administrative access to the affected application.
The fourth issue is a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle multiple connections.
These vulnerabilities allow remote attackers to gain administrative access in the affected server application, and to deny further access to the application.
14. Hesk Admin.PHP Authentication Bypass Vulnerability
BugTraq ID: 14692
Remote: Yes
Date Published: 2005-08-29
Relevant URL: http://www.securityfocus.com/bid/14692
Summary:
Hesk is prone to an authentication bypass vulnerability.
The application does not properly validate username and password pairs, and subsequently allows administrative access without a password.
This can lead to unauthorized access of sensitive data, modification of helpdesk data and program code, and other types of attacks.
15. UMN Gopher Client Remote Buffer Overflow Vulnerability
BugTraq ID: 14693
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14693
Summary:
Gopher is prone to a remote buffer overflow vulnerability.
The vulnerability presents itself when the client handles a malformed '+VIEWS:' reply from a server.
A remote attacker may gain unauthorized access in the context of the user running the application.
Gopher version 3.0.9 is reported to be affected by this vulnerability, however, other versions may be vulnerable as well.
16. PHPLDAPAdmin Unauthorized Access Vulnerability
BugTraq ID: 14694
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14694
Summary:
phpldapadmin is prone to an unauthorized access vulnerability. This issue is due to a failure in the application to properly validate user credentials before granting access to LDAP administrative functions.
An attacker can exploit this vulnerability to login to the server anonymously, and utilize administrative functions to modify the LDAP database.
17. PHPLDAPAdmin Welcome.PHP Multiple Vulnerabilities
BugTraq ID: 14695
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14695
Summary:
phpldapadmin is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
phpldapadmin is prone to a directory traversal vulnerability. An attacker can exploit this vulnerability to retrieve arbitrary files on the vulnerable system in the security context of the Web server process. Information obtained may aid in further attacks against the underlying system; other attacks are also possible.
phpldapadmin is prone to a remote file include vulnerability. An attacker can exploit this vulnerability to execute arbitrary PHP script code in the security context of the Web server process.
phpldapadmin is also prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
18. Maildrop Lockmail Local Privilege Escalation Vulnerability
BugTraq ID: 14696
Remote: No
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14696
Summary:
Lockmail is affected by a local privilege escalation vulnerability.
A local attacker can execute arbitrary commands with group mail privileges.
Maildrop 1.5.3 is affected by this issue. Other versions may be vulnerable as well.
19. BlueWhaleCRM AccountID SQL Injection Vulnerability
BugTraq ID: 14697
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14697
Summary:
BlueWhaleCRM is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
20. FreeStyle Wiki Arbitrary Perl Command Execution Vulnerability
BugTraq ID: 14698
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14698
Summary:
FreeStyle Wiki is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to execute arbitrary Perl commands in the context of the affected application.
21. e107 Forum_post.PHP Arbitrary Post Creation Vulnerability
BugTraq ID: 14699
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14699
Summary:
e107 is prone to an input validation vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
Successful exploitation of this issue will permit an attacker to create arbitrary forum message posts.
22. BNBT EasyTracker Remote Denial Of Service Vulnerability
BugTraq ID: 14700
Remote: Yes
Date Published: 2005-08-30
Relevant URL: http://www.securityfocus.com/bid/14700
Summary:
BNBT EasyTracker contains a denial of service vulnerability in its HTTP parser code. This issue is due to a failure of the application to properly handle malformed HTTP requests.
If an attacker sends a malformed HTTP request to the application, reports indicate that the affected application will terminate unexpectedly.
A remote attacker is able to terminate the application, denying service to legitimate users.
23. Novell Netware CIFS.NLM Denial of Service Vulnerability
BugTraq ID: 14701
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14701
Summary:
Netware CIFS.NLM is reportedly prone to a remote denial of service vulnerability.
Reportedly, the W32.Randex.CCC worm can trigger this issue resulting in a denial of service condition due to an ABEND.
NetWare 5.1, 6.0, 6.5 SP2 and 6.5 SP3 are vulnerable to this issue.
24. FlatNuke ID Parameter Directory Traversal Vulnerability
BugTraq ID: 14702
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14702
Summary:
FlatNuke is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An unauthorized user can retrieve arbitrary files by supplying directory traversal strings '../' to the vulnerable parameter.
Exploitation of this vulnerability could lead to a loss of confidentiality. Information obtained may aid in further attacks against the underlying system; other attacks are also possible.
25. Greymatter Gm.CGI HTML Injection Vulnerability
BugTraq ID: 14703
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14703
Summary:
GreyMatter is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
26. FlatNuke USR Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 14704
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14704
Summary:
FlatNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
27. Indiatimes Messenger Remote Buffer Overflow Vulnerability
BugTraq ID: 14705
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14705
Summary:
Indiatimes Messenger is reported prone to a remote buffer overflow vulnerability.
A successful attack may trigger a crash in the client or lead to arbitrary code execution. The attacker may then gain unauthorized remote access in the context of the user running the application.
Indiatimes Messenger 6.0 is affected by this issue.
28. DameWare Mini Remote Control Server Pre-Authentication Username Buffer Overflow Vulnerability
BugTraq ID: 14707
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14707
Summary:
DameWare Mini Remote Control Server is affected by a remote buffer overflow vulnerability. This issue presents itself because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers.
Remote attackers may execute arbitrary machine code in the context of the affected server process, facilitating system compromise.
This issue is similar to the one described in BID 9213 (DameWare Mini Remote Control Server Pre-Authentication Buffer Overflow Vulnerability). This issue may be related, or possibly a regression in the affected application.
29. Symantec LiveUpdate Client Local Information Disclosure Vulnerability
BugTraq ID: 14708
Remote: No
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14708
Summary:
Symantec LiveUpdate Client is susceptible to a local information disclosure vulnerability.
Sensitive information such as the server name, IP address, subnet, subnet mask, connection protocol, username and password to access the LiveUpdate server are logged in a plain text file.
A local attacker can subsequently access the file and disclose authentication credentials to access the server. This may lead to various attacks including the potential compromise of the server.
30. CMS Made Simple Lang.PHP Remote File Include Vulnerability
BugTraq ID: 14709
Remote: Yes
Date Published: 2005-08-31
Relevant URL: http://www.securityfocus.com/bid/14709
Summary:
CMS Made Simple is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
CMS Made Simple Version .10 and all prior versions are reported vulnerable.
31. Barracuda Spam Firewall IMG.PL Remote Directory Traversal Vulnerability
BugTraq ID: 14710
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14710
Summary:
Barracuda Spam Firewall is prone to a directory traversal vulnerability. This issue affects the Web interface of the appliance.
Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. Information obtained through this attack may aid in further attacks against the underlying system.
Barracuda Spam Firewall firmware 3.1.17 and prior versions are affected by this issue.
32. Frox Arbitrary Configuration File Access Vulnerability
BugTraq ID: 14711
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14711
Summary:
Frox is prone to a vulnerability that permits read access to arbitrary files.
Successful exploitation of this vulnerability will grant the attacker read access to arbitrary files on the system in the security context of the Frox process. Information obtained may aid in further attacks against the underlying system; other attacks are also possible.
It should be noted that this issue is only exploitable if Frox is installed with setuid or setgid privileges.
33. Barracuda Spam Firewall IMG.PL Remote Command Execution Vulnerability
BugTraq ID: 14712
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14712
Summary:
Barracuda Spam Firewall is prone to a remote arbitrary command execution vulnerability.
This issue arises when user-specified commands are supplied to the Web interface of the device.
An attacker can supply arbitrary commands and have them executed in the context of the server. This issue may facilitate unauthorized remote access.
Barracuda Spam Firewall firmware 3.1.17 and prior versions are affected by this issue.
34. DownFile Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14713
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14713
Summary:
DownFile is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
35. DownFile Administrator Unauthorized Access Vulnerability
BugTraq ID: 14714
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14714
Summary:
DownFile is prone to an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper authentication before granting access to administrative functions.
An attacker can exploit this vulnerability to gain access to administrative functions, this will result in an elevation of privileges.
36. 3Com Network Supervisor Directory Traversal Vulnerability
BugTraq ID: 14715
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14715
Summary:
Network Supervisor is prone to a directory traversal vulnerability.
The application fails to properly sanitize input supplied through HTTP GET requests.
Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. It should be noted that all files on the affected drive can be disclosed by a successful attack.
37. SILC Server Insecure Temporary File Creation Vulnerability
BugTraq ID: 14716
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14716
Summary:
SILC Server creates temporary files in an insecure manner. The issue exists in the 'silcd/silcd.c' file.
Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.
38. Multiple Vendor Web Vulnerability Scanners HTML Injection Vulnerability
BugTraq ID: 14717
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14717
Summary:
N-Stealth and Nikto, Web vulnerability scanners, are prone to an HTML injection vulnerability. This issue is due to a failure of the applications to properly sanitize user-supplied input before using it in dynamically generated content.
An attacker could exploit this vulnerability to execute arbitrary HTML or script code in the browser of an unsuspecting user.
39. Novell NetMail Remote IMAP Heap Buffer Overflow Vulnerability
BugTraq ID: 14718
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14718
Summary:
Novell NetMail is susceptible to a buffer overflow vulnerability in the IMAP command continuation function in the IMAP agent. This issue is due to a lack of proper boundary checks when copying user-supplied data to insufficiently-sized memory buffers.
This vulnerability allows remote attackers to execute arbitrary machine code in the context of the affected server process.
This issue was originally documented in BID 13926 (Novell NetMail Multiple Remote Vulnerabilities).
40. Linux Kernel ZLib Local Null Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 14720
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14720
Summary:
The Linux kernel is prone to a denial of service vulnerability. This issue is due to a failure in the application to properly handle malformed compressed files.
An attacker can exploit this vulnerability to cause a kernel crash, effectively denying service to legitimate users.
41. Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
BugTraq ID: 14721
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14721
Summary:
Apache 2.x mod_ssl is prone to a restriction bypass vulnerability. This issue presents itself when mod_ssl is configured to be used with the 'SSLVerifyClient' directive.
This issue allows attackers to bypass security policies to gain access to locations that are configured to be forbidden for clients without a valid client certificate.
42. PolyGen Local Denial of Service Vulnerability
BugTraq ID: 14722
Remote: No
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14722
Summary:
PolyGen is prone to a local denial of service vulnerability.
A local attacker can potentially cause a denial of service condition due to resource exhaustion.
PolyGen 1.0.6 is affected by this vulnerability.
43. WhitSoft Development SlimFTPd Remote Denial of Service Vulnerability
BugTraq ID: 14723
Remote: Yes
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14723
Summary:
SlimFTPd is prone to a remote denial of service vulnerability. This issue is due to a failure in the application to handle exceptional conditions.
The problem presents itself during login. The application fails to handle malicious input in a proper manner resulting in a crash of the server, thus denying service to legitimate users.
44. GBook Multiple Unspecified Cross-Site Scripting Vulnerabilities
BugTraq ID: 14725
Remote: Yes
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14725
Summary:
gBook is prone to multiple unspecified cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
45. OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
BugTraq ID: 14727
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14727
Summary:
OpenSSH is susceptible to a vulnerability that causes improper activation of the 'GatewayPorts' option, allowing unintended hosts to utilize the SSH SOCKS proxy.
Specifically, if the 'DynamicForward' option is activated, 'GatewayPorts' is also unconditionally enabled.
This vulnerability allows remote attackers to utilize the SOCKS proxy to make arbitrary TCP connections through the configured SSH session, allowing them to attack computers and services through a connection that was inappropriately thought to be secure.
This issue affects OpenSSH 4.0, and 4.1.
46. PBLang Bulletin Board System Multiple Remote Vulnerabilities
BugTraq ID: 14728
Remote: Yes
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14728
Summary:
PBLang is reported prone to multiple remote vulnerabilities.
Two access validation errors can allow an attacker to gain access to restricted content and delete arbitrary messages.
Another vulnerability allows an attacker to inject arbitrary script code into a site and create an administrative account.
PBLang versions prior to 4.66z are affected by these issues.
47. OpenSSH GSSAPI Credential Disclosure Vulnerability
BugTraq ID: 14729
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14729
Summary:
OpenSSH is susceptible to a GSSAPI credential delegation vulnerability.
Specifically, if a user has GSSAPI authentication configured, and 'GSSAPIDelegateCredentials' is enabled, their Kerberos credentials will be forwarded to remote hosts. This occurs even when the user uses authentication methods other than GSSAPI to connect, which is not what is usually expected.
This vulnerability allows remote attackers to improperly gain access to GSSAPI credentials, allowing them to utilize the credentials to access resources granted to the original principal.
This issue affects versions of OpenSSH prior to 4.2.
48. FileZilla FTP Client Hard-Coded Cipher Key Vulnerability
BugTraq ID: 14730
Remote: No
Date Published: 2005-09-02
Relevant URL: http://www.securityfocus.com/bid/14730
Summary:
FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers.
The application uses a hard-coded cipher key to decrypt the password, which is stored in an XML file or the Windows Registry.
This can allow the attacker to gain access to an FTP server with the privileges of the victim.
49. Squid Proxy SSLConnectTimeout Remote Denial Of Service Vulnerability
BugTraq ID: 14731
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14731
Summary:
A remote denial of service vulnerability affects the Squid Proxy. This issue is due to a failure of the application to properly handle exceptional network requests.
A remote attacker may leverage this issue to crash the affected Squid Proxy, denying service to legitimate users.
50. Plain Black Software WebGUI Remote Perl Command Execution Vulnerabilities
BugTraq ID: 14732
Remote: Yes
Date Published: 2005-09-01
Relevant URL: http://www.securityfocus.com/bid/14732
Summary:
WebGUI may be exploited to execute arbitrary Perl commands. This issue presents itself due to insufficient sanitization of user-supplied data.
Remote attackers may execute arbitrary Perl commands in the context of the Web server hosting the vulnerable application. This can facilitate unauthorized remote access.
Versions of WebGUI prior to 6.7.3 are vulnerable.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Big debate over small packets
By: Robert Lemos
After a summer of debate over whether flaws in ICMP are a serious threat, an Argentinian researcher continues to lobby the Internet's technical standards body to implement his proposal to fix the issues.
http://www.securityfocus.com/news/11306
2. Katrina's destruction attracts online fraudsters
By: Robert Lemos
From questionable charity sites to malicious code with a hurricane hook, people ready to take advantage of the natural disaster in New Orleans and the Gulf of Mexico have pursued their schemes on the Internet.
http://www.securityfocus.com/news/11302
3. Hidden-code flaw in Windows renews worries over stealthly malware
By: Robert Lemos
A flaw in the way that several security programs and systems utilities detect system changes can allow spyware to run surreptitiously, renewing worries about stealthier attack code.
http://www.securityfocus.com/news/11300
4. Zotob suspects arrested in Turkey and Morocco
By: Robert Lemos
UPDATE: Law enforcement arrested two men--one living in Turkey and the other in Morocco--in connection with the release of the recent Zotob worm.
http://www.securityfocus.com/news/11297
5. E-banking security provokes fear or indifference
By: John Leyden
A recent study by analyst Forrester Research has unearthed conflicting views about the safety or otherwise of online banking. The survey of 11,300 UK net users found that while many online banking consumers are complacent about security, a large minority have given up online banking as a direct result of security fears.
http://www.securityfocus.com/news/11305
6. Trusted Computing standards won't apply to Vista - Schneier
By: John Leyden
Microsoft is dragging its heels about applying guidelines it helped develop for trusted computing to the next version of Windows, according to noted crypto guru Bruce Schneier.
http://www.securityfocus.com/news/11303
7. Hi-tech no panacea for ID theft woes
By: John Leyden
Attempts to thwart identity theft and fraud through technology advances are likely to prove counterproductive, a British academic warns.
http://www.securityfocus.com/news/11304
8. HP warns over OpenView flaw
By: John Leyden
Enterprise users are been urged to apply workarounds following the discovery of a potentially troublesome vulnerability involving a component of HP's widely used network management suite, HP OpenView.
http://www.securityfocus.com/news/11301
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] VP of Regional Sales, Washington
http://www.securityfocus.com/archive/77/409816
2. [SJ-JOB] VP of Regional Sales, Washington
http://www.securityfocus.com/archive/77/409792
3. [SJ-JOB] Security Consultant, Princeton
http://www.securityfocus.com/archive/77/409787
4. [SJ-JOB] Account Manager, Mississauga
http://www.securityfocus.com/archive/77/409768
5. [SJ-JOB] Security System Administrator, Islandia
http://www.securityfocus.com/archive/77/409810
6. [SJ-JOB] Security Consultant, Tampa
http://www.securityfocus.com/archive/77/409847
7. [SJ-JOB] Security Consultant, Tampa
http://www.securityfocus.com/archive/77/409892
8. [SJ-JOB] Security Architect, Herndon
http://www.securityfocus.com/archive/77/409845
9. [SJ-JOB] Application Security Architect, Any Location
http://www.securityfocus.com/archive/77/409846
10. [SJ-JOB] Regional Channel Manager, Austin
http://www.securityfocus.com/archive/77/409857
11. [SJ-JOB] Security System Administrator, Marlborough
http://www.securityfocus.com/archive/77/409740
12. [SJ-JOB] Security System Administrator, Islandia
http://www.securityfocus.com/archive/77/409750
13. [SJ-JOB] Security Consultant, Herndon
http://www.securityfocus.com/archive/77/409843
14. [SJ-JOB] Security System Administrator, New York
http://www.securityfocus.com/archive/77/409870
15. [SJ-JOB] Sales Engineer, Atlanta
http://www.securityfocus.com/archive/77/409840
16. [SJ-JOB] Account Manager, Austin
http://www.securityfocus.com/archive/77/409838
17. [SJ-JOB] Sales Engineer, NYC
http://www.securityfocus.com/archive/77/409869
18. [SJ-JOB] Sales Engineer, San Francisco
http://www.securityfocus.com/archive/77/409883
19. [SJ-JOB] Sales Engineer, National
http://www.securityfocus.com/archive/77/409836
20. [SJ-JOB] Security Consultant, Middletown
http://www.securityfocus.com/archive/77/409855
21. [SJ-JOB] Security Consultant, Chicago
http://www.securityfocus.com/archive/77/409841
22. [SJ-JOB] Sales Engineer, Toronto
http://www.securityfocus.com/archive/77/409860
23. [SJ-JOB] Sales Engineer, Minneapolis
http://www.securityfocus.com/archive/77/409864
24. [SJ-JOB] Sales Engineer, Reston
http://www.securityfocus.com/archive/77/409837
25. [SJ-JOB] Security Consultant, National
http://www.securityfocus.com/archive/77/409794
26. [SJ-JOB] Account Manager, Chicago
http://www.securityfocus.com/archive/77/409795
27. [SJ-JOB] Sales Engineer, Bay Area
http://www.securityfocus.com/archive/77/409793
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Linux free software auditing
http://www.securityfocus.com/archive/82/409755
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. scanning for windows spywear with linux
http://www.securityfocus.com/archive/91/409832
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
[ reply ]