SecurityFocus Microsoft Newsletter #256
----------------------------------------
This Issue is Sponsored By: AirDefense
FREE WHITE PAPER & SOFTWARE DOWNLOAD . Protect your Wi-Fi Laptops
Learn how wireless laptops can be compromised at public hotspots. This white
paper explores how Wi-Phishing works and what procedures and policies are
needed to secure the mobile workforce. Also download AirDefense Personal
software to protect your wireless laptop anywhere from hotspot phishing, Evil
Twin, hackers, misconfigurations.
Download the white paper and AirDefense Personal software at:
------------------------------------------------------------------
I. FRONT AND CENTER
1. Embedded market ripe for picking
2. Security lessons from Katrina
II. MICROSOFT VULNERABILITY SUMMARY
1. Rediff Bol Instant Messenger ActiveX Control Information Disclosure
Vulnerability
2. Microsoft Windows Keyboard Event Privilege Escalation Weakness
3. ALTools ALZip ACE Archive File Name Buffer Overflow Vulnerability
4. Microsoft IIS WebDAV HTTP Request Source Code Disclosure Vulnerability
5. Eset Software NOD32 Antivirus ARJ Archive Handling Remote Buffer
Overflow Vulnerability
6. Microsoft September Advance Notification Unspecified Security
Vulnerabilities
7. Mozilla/Netscape/Firefox Browsers Domain Name Remote Buffer Overflow
Vulnerability
8. Sun Java System Web Proxy Server Unspecified Remote Denial Of Service
Vulnerability
9. Ipswitch Whatsup Small Business 2004 File Disclosure Vulnerability
10. KillProcess Local Privilege Escalation Vulnerability
11. Zebedee Remote Denial Of Service Vulnerability
12. Ipswitch Whatsup Gold Map.ASP Cross-Site Scripting Vulnerability
13. Ipswitch Whatsup Gold Cross-Site Scripting Vulnerability
14. COOL! Remote Control Remote Denial Of Service Vulnerability
15. PunBB BBCode URL Tag HTML Injection Vulnerability
16. Snort PrintTcpOptions Remote Denial Of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. runas vs network connections etc etc....
2. SecurityFocus Microsoft Newsletter #255
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Embedded market ripe for picking
By Daniel Hanson
Perhaps an embedded version of windows in every device isn't such a bad thing
after all.
http://www.securityfocus.com/columnists/353
2. Security lessons from Katrina
By Mark Rasch
> From this disaster, there are a few lessons IT staff, and IT security staff,
> as well as senior management should learn.
http://www.securityfocus.com/columnists/354
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Rediff Bol Instant Messenger ActiveX Control Information Disclosure
Vulnerability
BugTraq ID: 14740
Remote: Yes
Date Published: 2005-09-05
Relevant URL: http://www.securityfocus.com/bid/14740
Summary:
Rediff Bol Instant Messenger is prone to an information disclosure
vulnerability. A malicious ActiveX control could allow an attacker to obtain
the contents of a vulnerable user's Windows Address Book.
2. Microsoft Windows Keyboard Event Privilege Escalation Weakness
BugTraq ID: 14743
Remote: No
Date Published: 2005-09-05
Relevant URL: http://www.securityfocus.com/bid/14743
Summary:
Microsoft Windows is prone to a privilege escalation weakness. This issue is
due to a design error when desktop applications handle keyboard events sent
through the keybd_event() function. The specific issue is that programs may
send keyboard events to higher privileged desktop applications.
This poses a local security risk as malicious keyboard events may be sent to a
desktop application such as 'explorer.exe' that is running as a higher
privileged user. These keyboard events will be interpreted in the context of
the target user. This issue could likely be abused after exploitation of a
latent remote code execution vulnerability in a service to elevate privileges.
In this scenario, a user with higher privileges than the service must be logged
into the desktop.
3. ALTools ALZip ACE Archive File Name Buffer Overflow Vulnerability
BugTraq ID: 14759
Remote: Yes
Date Published: 2005-09-07
Relevant URL: http://www.securityfocus.com/bid/14759
Summary:
ALTools ALZip is prone to a buffer overflow when handling ACE archives that
contain files with overly long names.
This may be exploited to execute arbitrary code in the context of the user who
is running the application. The vulnerability is considered remotely
exploitable in nature since malicious ACE archives will likely originate from
an external, untrusted source.
4. Microsoft IIS WebDAV HTTP Request Source Code Disclosure Vulnerability
BugTraq ID: 14764
Remote: Yes
Date Published: 2005-09-04
Relevant URL: http://www.securityfocus.com/bid/14764
Summary:
Microsoft IIS is reportedly affected by a remote script source disclosure
vulnerability.
A successful attack causes the Web server to present the requested file as a
plain text file and subsequently disclosing the source.
It should be noted that this issue only presents itself when the requested
files are stored on a FAT or FAT32 volume and does not arise if the script
files are stored on a NTFS volume.
Microsoft IIS 5.1 is vulnerable to this issue.
5. Eset Software NOD32 Antivirus ARJ Archive Handling Remote Buffer Overflow
Vulnerability
BugTraq ID: 14773
Remote: Yes
Date Published: 2005-09-08
Relevant URL: http://www.securityfocus.com/bid/14773
Summary:
NOD32 Antivirus is affected by a remote buffer overflow vulnerability when
handling ARJ archives.
An attacker may exploit this vulnerability to gain unauthorized remote access
with SYSTEM privileges.
NOD32 for Windows version 2.5 running nod32.002 version 1.033 build 1127 is
reportedly affected, however, it is possible that other versions are vulnerable
as well.
6. Microsoft September Advance Notification Unspecified Security
Vulnerabilities
BugTraq ID: 14780
Remote: Unknown
Date Published: 2005-09-08
Relevant URL: http://www.securityfocus.com/bid/14780
Summary:
Microsoft has released advanced notification for one security bulletin that
will be released on September 13, 2005.
This security bulletin affects Microsoft Windows.
Update: Microsoft reports there will no longer be any security updates on
September 13th as part of the September monthly bulletin release cycle.
7. Mozilla/Netscape/Firefox Browsers Domain Name Remote Buffer Overflow
Vulnerability
BugTraq ID: 14784
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14784
Summary:
Mozilla/Netscape/Firefox are reported prone to a remote buffer overflow
vulnerability when handling a malformed URI.
A successful attack may result in a crash or the execution of arbitrary code.
Firefox 1.0.6 and 1.5 Beta 1 are vulnerable to this issue. Mozilla 1.7.11 and
Netscape 8.0.3.3 and 7.2 are affected as well.
8. Sun Java System Web Proxy Server Unspecified Remote Denial Of Service
Vulnerability
BugTraq ID: 14788
Remote: Yes
Date Published: 2005-09-08
Relevant URL: http://www.securityfocus.com/bid/14788
Summary:
Sun Java System Web Proxy Server is prone to an unspecified remote denial of
service vulnerability. This issue allows remote attackers to cause the affected
service to fail to respond to further requests.
Successful exploitation will permit remote attackers to deny service to
legitimate users.
9. Ipswitch Whatsup Small Business 2004 File Disclosure Vulnerability
BugTraq ID: 14792
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14792
Summary:
Ipswitch Whatsup Small Business 2004 is prone to a file disclosure
vulnerability. This is due to a lack of proper sanitization of user-supplied
input.
A remote attacker may exploit this vulnerability to reveal files that contain
potentially sensitive information.
10. KillProcess Local Privilege Escalation Vulnerability
BugTraq ID: 14795
Remote: No
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14795
Summary:
KillProcess is prone to a local buffer overflow vulnerability.
A successful attack allows arbitrary machine code execution with the privileges
of the user running KillProcess.
KillProcess 2.20 and prior versions are vulnerable.
11. Zebedee Remote Denial Of Service Vulnerability
BugTraq ID: 14796
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14796
Summary:
A remote denial of service vulnerability affects Zebedee. This issue is due to
a failure of the application to properly handle exceptional network requests.
Specifically, Zebedee is unable to handle requests for connections that contain
a zero for the requested destination port.
A remote attacker may leverage this issue to crash the affected application,
denying service to legitimate users.
Zebedee version 2.4.1 is reported vulnerable to this issue; other versions may
also be affected.
12. Ipswitch Whatsup Gold Map.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 14797
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14797
Summary:
Ipswitch Whatsup Gold is prone to a cross-site scripting vulnerability. This
issue is due to a lack of proper sanitization of user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user in the context of the affected site. This
may facilitate the theft of cookie-based authentication credentials as well as
other attacks.
13. Ipswitch Whatsup Gold Cross-Site Scripting Vulnerability
BugTraq ID: 14799
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14799
Summary:
Ipswitch Whatsup Gold is prone to a file disclosure vulnerability. This is due
to a lack of proper sanitization of user-supplied input.
A remote attacker may exploit this vulnerability to reveal files that contain
potentially sensitive information. Information that is harvested in this manner
may then be used to aid in further attacks against the software and the
computer that is hosting the software.
14. COOL! Remote Control Remote Denial Of Service Vulnerability
BugTraq ID: 14802
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14802
Summary:
COOL! Remote Control is vulnerable to a remote denial of service vulnerability.
Successful exploitation will permit remote attackers to deny service to
legitimate users or cause the client to crash.
COOL! Remote Control 1.12 is affected by this issue. Other versions may be
vulnerable as well.
15. PunBB BBCode URL Tag HTML Injection Vulnerability
BugTraq ID: 14808
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14808
Summary:
PunBB is prone to an HTML injection vulnerability. This is due to a lack of
proper sanitization of user-supplied input.
Attacker-supplied HTML and script code would be executed in the context of the
affected Web site, potentially allowing for theft of cookie-based
authentication credentials. An attacker could also exploit this issue to
control how the site is rendered to the user; other attacks are also possible.
16. Snort PrintTcpOptions Remote Denial Of Service Vulnerability
BugTraq ID: 14811
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14811
Summary:
Snort is reported prone to a remote denial of service vulnerability. The
vulnerability is reported to exist in the 'PrintTcpOptions()' function of
'log.c', and is a result of a failure to sufficiently handle malicious TCP
packets.
A remote attacker may trigger this vulnerability to crash a remote Snort server
and in doing so may prevent subsequent malicious attacks from being detected.
It should be noted that the vulnerable code path is only executed when Snort is
run with the '-v' (verbose) flag. Due to the performance penalty of running the
Snort application in verbose mode, it is likely that most production
installations of the application are not vulnerable to this issue.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. runas vs network connections etc etc....
http://www.securityfocus.com/archive/88/410243
2. SecurityFocus Microsoft Newsletter #255
http://www.securityfocus.com/archive/88/409934
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The
contents of the subject or message body do not matter. You will receive a
confirmation request message to which you will have to answer. Alternatively
you can also visit http://www.securityfocus.com/newsletters and unsubscribe via
the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to
be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: AirDefense
FREE WHITE PAPER & SOFTWARE DOWNLOAD . Protect your Wi-Fi Laptops
Learn how wireless laptops can be compromised at public hotspots. This white
paper explores how Wi-Phishing works and what procedures and policies are
needed to secure the mobile workforce. Also download AirDefense Personal
software to protect your wireless laptop anywhere from hotspot phishing, Evil
Twin, hackers, misconfigurations.
Download the white paper and AirDefense Personal software at:
----------------------------------------
This Issue is Sponsored By: AirDefense
FREE WHITE PAPER & SOFTWARE DOWNLOAD . Protect your Wi-Fi Laptops
Learn how wireless laptops can be compromised at public hotspots. This white
paper explores how Wi-Phishing works and what procedures and policies are
needed to secure the mobile workforce. Also download AirDefense Personal
software to protect your wireless laptop anywhere from hotspot phishing, Evil
Twin, hackers, misconfigurations.
Download the white paper and AirDefense Personal software at:
http://www.securityfocus.com/sponsor/Airdefense_linux-secnews_050913
------------------------------------------------------------------
I. FRONT AND CENTER
1. Embedded market ripe for picking
2. Security lessons from Katrina
II. MICROSOFT VULNERABILITY SUMMARY
1. Rediff Bol Instant Messenger ActiveX Control Information Disclosure
Vulnerability
2. Microsoft Windows Keyboard Event Privilege Escalation Weakness
3. ALTools ALZip ACE Archive File Name Buffer Overflow Vulnerability
4. Microsoft IIS WebDAV HTTP Request Source Code Disclosure Vulnerability
5. Eset Software NOD32 Antivirus ARJ Archive Handling Remote Buffer
Overflow Vulnerability
6. Microsoft September Advance Notification Unspecified Security
Vulnerabilities
7. Mozilla/Netscape/Firefox Browsers Domain Name Remote Buffer Overflow
Vulnerability
8. Sun Java System Web Proxy Server Unspecified Remote Denial Of Service
Vulnerability
9. Ipswitch Whatsup Small Business 2004 File Disclosure Vulnerability
10. KillProcess Local Privilege Escalation Vulnerability
11. Zebedee Remote Denial Of Service Vulnerability
12. Ipswitch Whatsup Gold Map.ASP Cross-Site Scripting Vulnerability
13. Ipswitch Whatsup Gold Cross-Site Scripting Vulnerability
14. COOL! Remote Control Remote Denial Of Service Vulnerability
15. PunBB BBCode URL Tag HTML Injection Vulnerability
16. Snort PrintTcpOptions Remote Denial Of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. runas vs network connections etc etc....
2. SecurityFocus Microsoft Newsletter #255
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Embedded market ripe for picking
By Daniel Hanson
Perhaps an embedded version of windows in every device isn't such a bad thing
after all.
http://www.securityfocus.com/columnists/353
2. Security lessons from Katrina
By Mark Rasch
> From this disaster, there are a few lessons IT staff, and IT security staff,
> as well as senior management should learn.
http://www.securityfocus.com/columnists/354
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Rediff Bol Instant Messenger ActiveX Control Information Disclosure
Vulnerability
BugTraq ID: 14740
Remote: Yes
Date Published: 2005-09-05
Relevant URL: http://www.securityfocus.com/bid/14740
Summary:
Rediff Bol Instant Messenger is prone to an information disclosure
vulnerability. A malicious ActiveX control could allow an attacker to obtain
the contents of a vulnerable user's Windows Address Book.
2. Microsoft Windows Keyboard Event Privilege Escalation Weakness
BugTraq ID: 14743
Remote: No
Date Published: 2005-09-05
Relevant URL: http://www.securityfocus.com/bid/14743
Summary:
Microsoft Windows is prone to a privilege escalation weakness. This issue is
due to a design error when desktop applications handle keyboard events sent
through the keybd_event() function. The specific issue is that programs may
send keyboard events to higher privileged desktop applications.
This poses a local security risk as malicious keyboard events may be sent to a
desktop application such as 'explorer.exe' that is running as a higher
privileged user. These keyboard events will be interpreted in the context of
the target user. This issue could likely be abused after exploitation of a
latent remote code execution vulnerability in a service to elevate privileges.
In this scenario, a user with higher privileges than the service must be logged
into the desktop.
3. ALTools ALZip ACE Archive File Name Buffer Overflow Vulnerability
BugTraq ID: 14759
Remote: Yes
Date Published: 2005-09-07
Relevant URL: http://www.securityfocus.com/bid/14759
Summary:
ALTools ALZip is prone to a buffer overflow when handling ACE archives that
contain files with overly long names.
This may be exploited to execute arbitrary code in the context of the user who
is running the application. The vulnerability is considered remotely
exploitable in nature since malicious ACE archives will likely originate from
an external, untrusted source.
4. Microsoft IIS WebDAV HTTP Request Source Code Disclosure Vulnerability
BugTraq ID: 14764
Remote: Yes
Date Published: 2005-09-04
Relevant URL: http://www.securityfocus.com/bid/14764
Summary:
Microsoft IIS is reportedly affected by a remote script source disclosure
vulnerability.
A successful attack causes the Web server to present the requested file as a
plain text file and subsequently disclosing the source.
It should be noted that this issue only presents itself when the requested
files are stored on a FAT or FAT32 volume and does not arise if the script
files are stored on a NTFS volume.
Microsoft IIS 5.1 is vulnerable to this issue.
5. Eset Software NOD32 Antivirus ARJ Archive Handling Remote Buffer Overflow
Vulnerability
BugTraq ID: 14773
Remote: Yes
Date Published: 2005-09-08
Relevant URL: http://www.securityfocus.com/bid/14773
Summary:
NOD32 Antivirus is affected by a remote buffer overflow vulnerability when
handling ARJ archives.
An attacker may exploit this vulnerability to gain unauthorized remote access
with SYSTEM privileges.
NOD32 for Windows version 2.5 running nod32.002 version 1.033 build 1127 is
reportedly affected, however, it is possible that other versions are vulnerable
as well.
6. Microsoft September Advance Notification Unspecified Security
Vulnerabilities
BugTraq ID: 14780
Remote: Unknown
Date Published: 2005-09-08
Relevant URL: http://www.securityfocus.com/bid/14780
Summary:
Microsoft has released advanced notification for one security bulletin that
will be released on September 13, 2005.
This security bulletin affects Microsoft Windows.
Update: Microsoft reports there will no longer be any security updates on
September 13th as part of the September monthly bulletin release cycle.
7. Mozilla/Netscape/Firefox Browsers Domain Name Remote Buffer Overflow
Vulnerability
BugTraq ID: 14784
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14784
Summary:
Mozilla/Netscape/Firefox are reported prone to a remote buffer overflow
vulnerability when handling a malformed URI.
A successful attack may result in a crash or the execution of arbitrary code.
Firefox 1.0.6 and 1.5 Beta 1 are vulnerable to this issue. Mozilla 1.7.11 and
Netscape 8.0.3.3 and 7.2 are affected as well.
8. Sun Java System Web Proxy Server Unspecified Remote Denial Of Service
Vulnerability
BugTraq ID: 14788
Remote: Yes
Date Published: 2005-09-08
Relevant URL: http://www.securityfocus.com/bid/14788
Summary:
Sun Java System Web Proxy Server is prone to an unspecified remote denial of
service vulnerability. This issue allows remote attackers to cause the affected
service to fail to respond to further requests.
Successful exploitation will permit remote attackers to deny service to
legitimate users.
9. Ipswitch Whatsup Small Business 2004 File Disclosure Vulnerability
BugTraq ID: 14792
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14792
Summary:
Ipswitch Whatsup Small Business 2004 is prone to a file disclosure
vulnerability. This is due to a lack of proper sanitization of user-supplied
input.
A remote attacker may exploit this vulnerability to reveal files that contain
potentially sensitive information.
10. KillProcess Local Privilege Escalation Vulnerability
BugTraq ID: 14795
Remote: No
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14795
Summary:
KillProcess is prone to a local buffer overflow vulnerability.
A successful attack allows arbitrary machine code execution with the privileges
of the user running KillProcess.
KillProcess 2.20 and prior versions are vulnerable.
11. Zebedee Remote Denial Of Service Vulnerability
BugTraq ID: 14796
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14796
Summary:
A remote denial of service vulnerability affects Zebedee. This issue is due to
a failure of the application to properly handle exceptional network requests.
Specifically, Zebedee is unable to handle requests for connections that contain
a zero for the requested destination port.
A remote attacker may leverage this issue to crash the affected application,
denying service to legitimate users.
Zebedee version 2.4.1 is reported vulnerable to this issue; other versions may
also be affected.
12. Ipswitch Whatsup Gold Map.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 14797
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14797
Summary:
Ipswitch Whatsup Gold is prone to a cross-site scripting vulnerability. This
issue is due to a lack of proper sanitization of user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user in the context of the affected site. This
may facilitate the theft of cookie-based authentication credentials as well as
other attacks.
13. Ipswitch Whatsup Gold Cross-Site Scripting Vulnerability
BugTraq ID: 14799
Remote: Yes
Date Published: 2005-09-09
Relevant URL: http://www.securityfocus.com/bid/14799
Summary:
Ipswitch Whatsup Gold is prone to a file disclosure vulnerability. This is due
to a lack of proper sanitization of user-supplied input.
A remote attacker may exploit this vulnerability to reveal files that contain
potentially sensitive information. Information that is harvested in this manner
may then be used to aid in further attacks against the software and the
computer that is hosting the software.
14. COOL! Remote Control Remote Denial Of Service Vulnerability
BugTraq ID: 14802
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14802
Summary:
COOL! Remote Control is vulnerable to a remote denial of service vulnerability.
Successful exploitation will permit remote attackers to deny service to
legitimate users or cause the client to crash.
COOL! Remote Control 1.12 is affected by this issue. Other versions may be
vulnerable as well.
15. PunBB BBCode URL Tag HTML Injection Vulnerability
BugTraq ID: 14808
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14808
Summary:
PunBB is prone to an HTML injection vulnerability. This is due to a lack of
proper sanitization of user-supplied input.
Attacker-supplied HTML and script code would be executed in the context of the
affected Web site, potentially allowing for theft of cookie-based
authentication credentials. An attacker could also exploit this issue to
control how the site is rendered to the user; other attacks are also possible.
16. Snort PrintTcpOptions Remote Denial Of Service Vulnerability
BugTraq ID: 14811
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14811
Summary:
Snort is reported prone to a remote denial of service vulnerability. The
vulnerability is reported to exist in the 'PrintTcpOptions()' function of
'log.c', and is a result of a failure to sufficiently handle malicious TCP
packets.
A remote attacker may trigger this vulnerability to crash a remote Snort server
and in doing so may prevent subsequent malicious attacks from being detected.
It should be noted that the vulnerable code path is only executed when Snort is
run with the '-v' (verbose) flag. Due to the performance penalty of running the
Snort application in verbose mode, it is likely that most production
installations of the application are not vulnerable to this issue.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. runas vs network connections etc etc....
http://www.securityfocus.com/archive/88/410243
2. SecurityFocus Microsoft Newsletter #255
http://www.securityfocus.com/archive/88/409934
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The
contents of the subject or message body do not matter. You will receive a
confirmation request message to which you will have to answer. Alternatively
you can also visit http://www.securityfocus.com/newsletters and unsubscribe via
the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to
be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: AirDefense
FREE WHITE PAPER & SOFTWARE DOWNLOAD . Protect your Wi-Fi Laptops
Learn how wireless laptops can be compromised at public hotspots. This white
paper explores how Wi-Phishing works and what procedures and policies are
needed to secure the mobile workforce. Also download AirDefense Personal
software to protect your wireless laptop anywhere from hotspot phishing, Evil
Twin, hackers, misconfigurations.
Download the white paper and AirDefense Personal software at:
http://www.securityfocus.com/sponsor/Airdefense_linux-secnews_050913
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]