SecurityFocus

Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003) 2003-01-30
NGSSoftware Insight Security Research (nisr nextgenss com)

NGSSoftware Insight Security Research Advisory

Name: Locator Service Buffer Overflow Vulnerability
Systems Affected: Windows 2000/XP/NT
Severity: High Risk / Critical
Category: Buffer Overrun
Vendor URL: http://www.microsoft.com/
Author: David Litchfield (david (at) ngssoftware (dot) com [email concealed])
Date: 29th J

[ more ] [ reply ]

SPIKE Proxy 1.4.7 is now available 2003-01-29
Dave Aitel (dave immunitysec com)

SPIKE Proxy, Immunity, Inc.'s web application testing tool version 1.4.7
has just been released to the general public. As always, it is available
under the terms of the GNU Public License, and installers are available
for both Unix and Windows at
http://www.immunitysec.com/spikeproxy_downloads.html

[ more ] [ reply ]

David Litchfield talks about the SQL Worm in the Washington Post 2003-01-29
Richard M. Smith (rms computerbytesman com) (1 replies)

Hi,

The following quote from David Litchfield appeared in a front-page
article in today's Washington Post:

http://www.washingtonpost.com/wp-dyn/articles/A57550-2003Jan28.html

"You have this ideal vision of doing something
for the greater good," said David Litchfield,
managing direct

[ more ] [ reply ]

Re: David Litchfield talks about the SQL Worm in the Washington Post 2003-01-29
David Litchfield (david ngssoftware com)

iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords 2003-01-29
iDEFENSE Labs (labs idefense com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store
Passwords (AbsoluteTelnet, SecureCRT, Entunnel, SecureFx, and PuTTY)
http://www.idefense.com/advisory/01.28.03.txt
January 28, 2003

I. BACKGROUND

PuTTY is a free implementation of Teln

[ more ] [ reply ]

Local root vuln in SuSE 8.0 plptools package 2003-01-29
Carl Livitt (carl learningshophull co uk) (1 replies)

Hi,

There is a vulnerability in the plptools (Psion tools) package of SuSE 8.0
(possibly others; this has not been researched).

Please see attached advisory for more details.

Regards,
Carl

[ more ] [ reply ]

Re: Local root vuln in SuSE 8.0 plptools package 2003-01-29
Roman Drahtmueller (draht suse de)

Re: dotproject Remote Code Execution Vulnerability : Patch 2003-01-29
Frog Man (leseulfrog hotmail com)

A non-official patch has been created for this hole and is published on
http://www.phpsecure.org/index.php?zone=pPatchA&sAlpha=d&l=us (english
version) .

>From: mindwarper (at) hush (dot) com [email concealed]
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: dotproject Remote Code Execution Vulnerability
>Date: Wed, 29 Jan 2003

[ more ] [ reply ]

[OpenPKG-SA-2003.008] OpenPKG Security Advisory (mysql) 2003-01-29
OpenPKG (openpkg openpkg org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ] [ reply ]

[SECURITY] [DSA 246-1] New tomcat packages fix information exposure and cross site scripting 2003-01-29
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 246-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
January 29th, 2003

[ more ] [ reply ]

dotproject Remote Code Execution Vulnerability 2003-01-29
mindwarper hush com

dotproject Remote Code Execution Vulnerability (By Mindwarper)

<------- ------->

----------------------
Vendor Information:
----------------------

Homepage : http://www.dotproject.net
Vendor : informed
Mailed advisory: 28/01/03
Vender Response : None

----------------------
Affected V

[ more ] [ reply ]

VERITAS Software Technical Advisory (fwd) 2003-01-28
Dave Ahmad (da securityfocus com)

David Mirza Ahmad
Symantec

0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12

---------- Forwarded message ----------
Return-Path: <Technical_Services (at) maillist.support.veritas (dot) com [email concealed]>
Delivered-To: da (at) mail.securityfocus (dot) com [email concealed]
Received: (qmail 1157 invoked by alias); 26 Jan 2003 04

[ more ] [ reply ]

MITKRB5-SA-2003-001: Multiple vulnerabilities in old releases of MIT Kerberos 2003-01-28
Ken Raeburn (raeburn MIT EDU)

Re: MSDE contained in... 2003-01-28
monty solomon (monty roscom com) (1 replies)

See

PSS Security Response Team Alert - New Worm: W32.Slammer
http://www.microsoft.com/technet/security/virus/alerts/slammer.asp

and

Microsoft SQL Desktop Engine (MSDE) 2000 Detection:
The link below contains a list of products that include Microsoft SQL Desktop Engine (MSDE) 2000
http://www.micro

[ more ] [ reply ]

Re: MSDE contained in... 2003-01-29
Stefan Laudat (stefan worldbank ro)

Cisco Security Advisory: Cisco Security Advisory: Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061 2003-01-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Tech Article: HTTP Content Filter Analysis - Finjan SurfinGate V5.6 2003-01-27
ivan.buetler (at) csnc (dot) ch [email concealed] (ivan buetler csnc ch)

#############################################################
#
# COMPASS SECURITY http://www.csnc.ch/
#
#############################################################
#
# Topic: Tech-Article
# Betreff: HTTP/S Content Filter Analysis - Finjan SurfinGate V5.6
# Auto

[ more ] [ reply ]

RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! 2003-01-28
trent dilkie (trent dilkie com)

Symantec has posted a new version (1.0.3) that correctly identifies an
unpatched MSDE installation.

Thanks to David @ Symantec for following up with me, the tool can be
downloaded at:
http://securityresponse.symantec.com/avcenter/venc/data/w32.sqlexp.worm.
remo
val.tool.html

Trent.

-----Original M

[ more ] [ reply ]

[SECURITY] [DSA 245-1] New dhcp3 packages fix potential network flood 2003-01-28
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 245-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
January 28th, 2003

[ more ] [ reply ]

Black Hat Announcements 2003-01-28
Jeff Moss (jmoss blackhat com)

Hello BugTraq,

Black Hat would like to make three announcements that may be of interest here.

- First I would like to make the final announcement for the Black Hat
Windows Security Briefings & Training 2003. Held in Microsoft's back yard,
the conference will be in Seattle, February 26-27th, with

[ more ] [ reply ]

ProxyView default undocumented password 2003-01-28
Michael Brown (michaelb opentext com)

-- Summary --
The Replicom ProxyView remote access unit ships with a default Administrator
password for Embedded Windows NT.

Any users with access to communicate with the ProxyView over the NetBIOS port
(TCP/139) can exploit this fact to take over the ProxyView unit.

-- Product details --
From

[ more ] [ reply ]

Incorrect Certificate Validation in Java Secure Socket Extension 2003-01-28
Alex Loots (a loots itsec-ss nl)

According to SUN it has been reported that: "the Java Secure Socket
Extension (JSSE) may incorrectly validate the digital certificate of a
web site. This may result in untrustworthy web sites being
authenticated for SSL transactions. The Java Plug-in and Java Web Start
may incorrectly validate the d

[ more ] [ reply ]

MDKSA-2003:011 - Updated fetchmail packages fix remote exploit vulnerability 2003-01-27
Mandrake Linux Security Team (security linux-mandrake com)

[ANNOUNCE] WaveLock 1.0 Released 2003-01-27
Marco Peretti (marco2 securewave com)

SecureWave announces the release and immediate availability of
WaveLock 1.0, a free utility that prevents the use of wireless
network adapters recognized by Windows 2000 and Windows XP.

Corporate network infrastructures are usually carefully secured
against attacks from the outside, and abuse from

[ more ] [ reply ]

Security Issues in Rediff Bol Messenger 2003-01-22
S G Masood (sgmasood yahoo com)

Security Issues in Rediff Bol Messenger

The widely used Indian Instant Messaging service
"Rediff Bol(Ver. 2.0.2)" by www.rediff.com has a few
security problems. The major one is that a malicious
user can logout a user by "feeding" a specially ;))
constructed URL to him.

1.Malicious logging o

[ more ] [ reply ]

[SCSA-003] Multiple Cross Site Scripting & Script Injection Vulnerabilities in Nuked-Klan 2003-01-27
Grégory Le Bras (gregory lebras security-corp org)

.: Multiple Cross Site Scripting & Script Injection Vulnerabilities in

Nuked-Klan :.

________________________________________________________________________

Security Corporation Security Advisory [SCSA-003]

________________________________________________________________________

PROGR

[ more ] [ reply ]

Re: Mailman: cross-site scripting bug 2003-01-26
Barry Warsaw (barry python org)

In-Reply-To: <20030124143507.32126.qmail (at) mail.securityfocus (dot) com [email concealed]>

A fix for this has now been posted. Please see the

xss-2.1.0-patch.txt file referenced here:

http://sourceforge.net/project/showfiles.php?group_id=103

This fix will be part of Mailman 2.1.1 when that

release is ready.

[ more ] [ reply ]