SecurityFocus

Re: AntiGen Email scanning software allowes file through filter.... 2003-09-04
Thomas Roughley (thomas_roughley sybari com)

In-Reply-To: <20030815193237.4614.qmail (at) www.securityfocus (dot) com [email concealed]>

We have contacted Mr Pingree to resolve the issue reported. He has stated

that the problem WAS NOT with Antigen but a configuration problem. He has

since resolved the problem.

Thank You

Thomas Roughley

Manager- Techncial Acc

[ more ] [ reply ]

[RHSA-2003:240-01] Updated httpd packages fix Apache security vulnerabilities 2003-09-04
bugzilla redhat com

CfP DIMVA 2004 2003-09-03
Thomas Biege (thomas suse de)

[My apologies if you receive multiple copies of this message]

The special interest group SIDAR (Security - Intrusion Detection and
Response) of the German Informatics Society (GI) engages in the
detection and management of information security incidents. In
cooperation with the IEEE Task Force on I

[ more ] [ reply ]

Webcalendar <= 0.9.42 Cross Site Scripting Attacks and Potential SQL Injection Attack 2003-09-03
noconflic (nocon texas-shooters com)

[ more ] [ reply ]

(Ad-) Host blocking may cause Windows Update to silently fail 2003-09-02
miki4242 hotmail com

Description of the problem:

Using certain host blocking methods (possibly used to block

advertisements) and Windows Update configured to automatically download

(and possibly install) updates, Windows Update may silently FAIL to notify

the user of the existence of critical updates.

De

[ more ] [ reply ]

IE 5.x keep-alive session hijacking 2003-09-02
Domas Mituzas (Domas Mituzas microlink lt)

Hi,

sorry for being innacurate, but I noticed that our transparent-proxy system is trying (and even to succeeds at some level) to hijack client http connections. I asked users to supply us with their browser versions, and all of resulted answers were MS Internet Explorer. I didn't have too much tim

[ more ] [ reply ]

RE: [Full-Disclosure] SMC Router safe Login in plaintext 2003-09-03
Schmehl, Paul L (pauls utdallas edu) (1 replies)

Every ISP I've ever dealt with stores your password in plaintext. If
this were not true, they would not be able to tell you what it is. Just
call support, identify yourself and ask them to change your password for
you.

The risk is that someone else could use your account to access the
Internet.

[ more ] [ reply ]

RE: [Full-Disclosure] SMC Router safe Login in plaintext 2003-09-03
Nathan Rotschafer (nrotschafer geniussystems net)

[tool] the new p0f 2.0.1 is now out 2003-09-03
Michal Zalewski (lcamtuf ghettot org)

I am proud to announce the new stable version of p0f, 2.0.1, a complete
rewrite of the original open-source tool released back in 2000, and a
major step for the utility.

I apologize for posting to all the forums, and leave it to the moderators
to accept or drop this post - but I believe the tool i

[ more ] [ reply ]

RE: IRM 007: The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote 2003-09-02
Becher, Jim (STL) (jbecher express-scripts com)

Long-time lurker, first time poster... please be gentle.

I believe this is a very old (and known) issue:
http://www.securityfocus.com/archive/82/197560

-----Original Message-----
From: IRM Advisories [mailto:advisories (at) irmplc (dot) com [email concealed]]
Sent: Tuesday, September 02, 2003 5:26 AM
To: bugtraq@security

[ more ] [ reply ]

RE: IRM 007: The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote 2003-09-02
Becher, Jim (STL) (jbecher express-scripts com)

Ack... in case anyone cares, the URL provided in the post below is out of date, the new URL is:
http://www.becher.net/users/jim/web/getints.c

-----Original Message-----
From: Becher, Jim (STL)
Sent: Tuesday, September 02, 2003 1:33 PM
To: 'advisories (at) irmplc (dot) com [email concealed]'; bugtraq (at) securityfocus (dot) com [email concealed]
Subj

[ more ] [ reply ]

Re: ZoneAlarm remote Denial Of Service exploit 2003-09-03
Te Smith (tsmith zonelabs com)

In-Reply-To: <20030902145734.2258.qmail (at) sf-www3-symnsj.securityfocus (dot) com [email concealed]>

ZONE LABS SECURITY ADVISORY

DENIAL OF SERVICE REPORT

OVERVIEW

Zone Labs has found no evidence that, under real-world conditions, its

products are vulnerable to the Denial of Service attack described by

HackologyTeam@

[ more ] [ reply ]

EEYE: VBE Document Property Buffer Overflow 2003-09-03
Marc Maiffret (marc eeye com)

VBE Document Property Buffer Overflow

Release Date:
September 3, 2003

Reported Date:
May 7, 2003

Severity:
High (Code Execution)

Systems Affected:
Microsoft Access 97, 2000, 2002
Microsoft Excel 97, 2000, 2002
Microsoft PowerPoint 97, 2000, 2002
Microsoft Project 2000, 2002
Microsoft Publisher 2

[ more ] [ reply ]

SQL-injection defensively 2003-09-02
Alumni (alumni ok kz)

Copyright 2003 (c) Alumni

SQL-injection defensively

Questa materia fu mandato a memoria del giusto movimento,

"La Resistenza" di nome, del popolo italiano contro il fascismo,

anche a quel tempo durante la seconda guerra mondiale.

I. Problem stress:

While evaluating input data which b

[ more ] [ reply ]

Alert: Microsoft Security Bulletin - MS03-037 2003-09-03
Russ (Russ Cooper RC ON CA)

http://www.microsoft.com/technet/security/bulletin/MS03-037.asp

Flaw in Visual Basic for Applications Could Allow Arbitrary Code execution (822715)

Originally posted: September 03, 2003

Summary

Who should read this bulletin: Customers using Microsoft ® Office applications or applications that us

[ more ] [ reply ]

Alert: Microsoft Security Bulletin - MS03-034 2003-09-03
Russ (Russ Cooper RC ON CA)

http://www.microsoft.com/technet/security/bulletin/MS03-034.asp

Flaw in NetBIOS Could Lead to Information Disclosure (824105)

Originally posted: September 03, 2003

Summary

Who should read this bulletin: Customers using Microsoft® Windows®

Impact of vulnerability: Information disclosure

Maximum

[ more ] [ reply ]

Alert: Microsoft Security Bulletin - MS03-038 2003-09-03
Russ (Russ Cooper RC ON CA)

http://www.microsoft.com/technet/security/bulletin/MS03-038.asp

Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution (827104)

Originally posted: September 3, 2003

Summary

Who should read this bulletin: Customers who use Microsoft® Access or who use the downloadable Mi

[ more ] [ reply ]

Alert: Microsoft Security Bulletin - MS03-035 2003-09-03
Russ (Russ Cooper RC ON CA)

http://www.microsoft.com/technet/security/bulletin/MS03-035.asp

Flaw in Microsoft Word Could Enable Macros to Run Automatically (827653)

Originally posted: September 03, 2003

Summary

Who should read this bulletin: Customers who are using Microsoft® Word

Impact of vulnerability: Run macros witho

[ more ] [ reply ]

Alert: Microsoft Security Bulletin - MS03-036 2003-09-03
Russ (Russ Cooper RC ON CA)

http://www.microsoft.com/technet/security/bulletin/MS03-036.asp

Buffer Overrun in WordPerfect Converter Could Allow Code Execution (827103)

Originally posted: September 03, 2003

Summary

Who should read this bulletin: Customers who are using Microsoft® Office, Microsoft FrontPage®, Microsoft Publ

[ more ] [ reply ]

EEYE: Microsoft WordPerfect Document Converter Buffer Overflow 2003-09-03
Marc Maiffret (marc eeye com)

Microsoft WordPerfect Document Converter Buffer Overflow

Release Date:
September 3, 2003

Reported Date:
May 6, 2003

Severity:
Medium (Code Execution with User Interaction)

Systems Affected:
Microsoft Office 97, 2000, XP
Microsoft Word 98 (J)
Microsoft FrontPage 2000, 2002
Microsoft Publisher 200

[ more ] [ reply ]

Stunnel-3.x Daemon Hijacking 2003-09-03
Steve Grubb (linux_4ever yahoo com)

Product: Stunnel

Versions: <= 3.24, 4.00

URL: http://stunnel.mirt.net

Impact: Daemon Hijacking

Bug class: Leaked Descriptor

Vendor notified: Yes

Fix available: Yes

Date: 09/03/03

Issue:

======

Stunnel leaks a critical file descriptor that can be

used to

[ more ] [ reply ]

SuSE Security Announcement: pam_smb (SuSE-SA:2003:036) 2003-09-03
Thomas Biege (thomas suse de)