Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #288
------------------------------

FREE Download - The Future in Desktop Firewalls is Available Now
 
NEW NetOp Desktop Firewall, the world's first driver-centric firewall
software - protecting your laptops and corporate PCs at ring-zero! NetOp
features sophisticated process & application control, centralized
management and multiple network user profiles - NetOp is able to increase
security when mobile users plug back into your network. Step into a more
secure future - Try it FREE 
http://www.securityfocus.com/sponsor/CrossTec_sf-news_050215

------------------------------------------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Windows NTFS Alternate Data Streams
     2. More Advisories, More Security
     3. Unexpected Attack Vectors
     4. Of Dog Sniffs and Packet Sniffs
II. BUGTRAQ SUMMARY
     1. RaidenHTTPD Remote File Disclosure Vulnerability
     2. LiteForum Enter.PHP SQL Injection Vulnerability
     3. WWWBoard Password Database Disclosure Vulnerability
     4. Foxmail MAIL-FROM Remote Buffer Overflow Vulnerability
     5. Mike Neuman OSH Command Line Argument Buffer Overflow Vulner...
     6. Chipmunk Forum Multiple SQL Injection Vulnerabilities
     7. CMScore Multiple SQL Injection Vulnerabilities
     8. Apple Mac OS X Finder DS_Store Insecure File Creation Vulner...
     9. Microsoft Outlook Web Access Login Form Remote URI Redirecti...
     10. Linux Kernel ntfs_warning() and ntfs_error() Local Denial of...
     11. Multiple Web Browser International Domain Name Handling Site...
     12. Emacs Movemail POP3 Remote Format String Vulnerability
     13. 3Com 3CServer Multiple Remote Buffer Overflow Vulnerabilitie...
     14. Mozilla Mozilla/Firefox Cross-Domain Tab Window Script Execu...
     15. Mozilla Firefox About Configuration Hidden Frame Remote Conf...
     16. SquirrelMail S/MIME Plug-in Remote Command Execution Vulnera...
     17. Mozilla Firefox Drag And Drop Security Policy Bypass Vulnera...
     18. BXCP Index.PHP Input Validation PHP Script Execution Vulnera...
     19. Multiple Mozilla Browser enable.IDN Setting Weakness
     20. PerlDesk SQL Injection Vulnerability
     21. IBM AIX CHDev Utility Local Format String Vulnerability
     22. Microsoft Internet Explorer URI Decoding Vulnerability
     23. SCO OpenServer Enable And Disable Multiple Local Buffer Over...
     24. Microsoft Internet Explorer DHTML Method Buffer Overflow Vul...
     25. Microsoft Windows SharePoint Services Cross-Site Scripting a...
     26. Microsoft Internet Explorer Unspecified ActiveX Image Contro...
     27. Apple Mac OS X AppleFileServer Remote Integer Overflow Vulne...
     28. Microsoft Windows Hyperlink Object Library Buffer Overflow V...
     29. Microsoft Office XP HTML Link Processing Remote Buffer Overf...
     30. Microsoft Windows License Logging Service Buffer Overflow Vu...
     31. PHP-Fusion Viewthread.PHP Information Disclosure Vulnerbilit...
     32. Microsoft Windows COM Structured Storage Local Privilege Esc...
     33. Microsoft Windows Server Message Block Handlers Remote Buffe...
     34. Microsoft Windows Media Player Remote PNG Image Format Buffe...
     35. Microsoft Windows Named Pipe Remote Information Disclosure V...
     36. ArGoSoft FTP Server Shortcut File Extension Filter Bypass Vu...
     37. Microsoft OLE Remote Buffer Overflow Vulnerability
     38. XGB Authentication Bypass Vulnerability
     39. SafeNet SoftRemote VPN Client Local Password Disclosure Vuln...
     40. BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffe...
     41. Symantec UPX Parsing Engine Remote Heap Overflow Vulnerabili...
     42. Frox Access Control List Bypass Vulnerability
     43. RealNetworks RealArcade Multiple Remote Vulnerabilities
     44. Software602 602 Lan Suite Arbitrary File Upload Vulnerabilit...
     45. IBM AIX AuditSelect Local Format String Vulnerability
     46. HP-UX BIND Unspecified Remote Denial Of Service Vulnerabilit...
     47. Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of ...
     48. XView Multiple Unspecified Local Buffer Overflow Vulnerabili...
     49. MyPHP Forum Multiple SQL Injection Vulnerabilities
     50. ArGoSoft Mail Server Multiple Directory Traversal Vulnerabil...
     51. MercuryBoard INDEX.PHP SQL Injection Vulnerability
     52. GNU Mailman Remote Directory Traversal Vulnerability
     53. PostWrap Module Cross-Site Scripting Vulnerability
     54. Microsoft MSN Messenger/Windows Messenger PNG Buffer Overflo...
     55. Conexant AccessRunner DSL Console Default Backdoor Account V...
     56. IBM DB2 Universal Database Unspecified Vulnerability
     57. IBM DB2 Unauthorized System Resource Access Vulnerability
     58. IBM DB2 XML Extender UDF Unauthorized File Access Vulnerabil...
     59. IBM DB2 Universal Database Server Network Message Processing...
     60. IBM DB2 Unspecified XML Functions Remote Arbitrary Code Exec...
     61. IBM AIX LSPath Unauthorized Local File Disclosure Vulnerabil...
     62. IBM DB2 Universal Database Server Object Creation Remote Cod...
     63. F-Secure ARJ Handling Buffer Overflow Vulnerability
     64. IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
     65. IBM AIX Netpmon Command Line Argument Local Buffer Overflow ...
     66. Yongguang Zhang HZTTY Local Arbitrary Command Execution Vuln...
     67. Apache mod_python Module Publisher Handler Information Discl...
     68. Armagetron Advanced Multiple Remote Denial Of Service Vulner...
     69. ASPJar Guestbook Multiple Remote Vulnerabilities
     70. BrightStor ARCserve/Enterprise Backup Default Backdoor Accou...
     71. XPCD PCDSVGAView Local Buffer Overflow Vulnerability
     72. Netkit RWho Packet Size Denial Of Service Vulnerability
     73. KDE Library DCOPIDLING Insecure Temporary File Creation Vuln...
     74. Daily Strip Manager Multiple Unspecified Remote Vulnerabilit...
     75. OpenPGP Cipher Feedback Mode Chosen-Ciphertext Partial Plain...
     76. Microsoft Internet Explorer Multiple Vulnerabilities
     77. Zone Labs ZoneAlarm Local Denial of Service Vulnerability
     78. Gentoo Portage-Built Webmin Binary Package Build Host Root P...
III. SECURITYFOCUS NEWS ARTICLES
     1. U.S. info-sharing initiative called a flop
     2. Hackers sued for tinkering with Xbox games
     3. Shhhh. U.S. appeals USA PATRIOT loss
     4. Microsoft will make antispyware software free of charge
     5. Spyware, adware threat to be hot topic at security conferenc...
     6. White House may make NSA the 'traffic cop' over U.S. compute...
IV. SECURITYFOCUS TOP 6 TOOLS
     1. Cisco Torch 0.1 alpha
     2. SafeLogon 2.0
     3. SafeSystem 1.5
     4. KSB - Kernel Socks Bouncer 2.6.10
     5. SQL column finder 0.1
     6. Secure Hive 1.0.0.1
V. SECURITYJOBS LIST SUMMARY
     1. [SJ-JOB] Application Security Architect, London, GB (Thread)
     2. [SJ-JOB] Security Architect, London, GB (Thread)
     3. [SJ-JOB] Security Consultant, North , GB (Thread)
     4. [SJ-JOB] Application Security Engineer, McLean, US (Thread)
     5. [SJ-JOB] Security Engineer, McLean, US (Thread)
     6. [SJ-JOB] Security Architect, McLean, US (Thread)
     7. [SJ-JOB] Sr. Product Manager, Fort Lauderdale, US (Thread)
     8. [SJ-JOB] Sales Representative, NYC, US (Thread)
     9. [SJ-JOB] VP / Dir / Mgr engineering, Fort Lauderdale... (Thread)
     10. [SJ-JOB] Security Consultant, Metro New York Area, U... (Thread)
     11. [SJ-JOB] Technical Support Engineer, Columbia, US (Thread)
     12. [SJ-JOB] Sales Engineer, Morristown, US (Thread)
     13. [SJ-JOB] Developer, Columbia, US (Thread)
     14. [SJ-JOB] Application Security Engineer, Seattle / Si... (Thread)
     15. [SJ-JOB] Quality Assurance, Columbia, US (Thread)
     16. [SJ-JOB] Sr. Security Analyst, San Francisco, US (Thread)
     17. [SJ-JOB] Security Architect, Herndon, US (Thread)
     18. [SJ-JOB] Security Researcher, San Diego, US (Thread)
     19. [SJ-JOB] Security Consultant, Evansville, US (Thread)
     20. [SJ-JOB] Manager, Information Security, Bridgewater ... (Thread)
     21. [SJ-JOB] Sales Representative, Austin, US (Thread)
     22. [SJ-JOB] Security Consultant, London, GB (Thread)
     23. [SJ-JOB] Sales Representative, Boston, US (Thread)
     24. [SJ-JOB] Account Manager, Redwood City, US (Thread)
     25. [SJ-JOB] Sr. Security Engineer, New York, US (Thread)
     26. [SJ-JOB] Privacy Officer, Columbus, US (Thread)
     27. [SJ-JOB] Security Consultant, New England Area, US (Thread)
     28. [SJ-JOB] Security Consultant, Albany, US (Thread)
     29. [SJ-JOB] Developer, San Diego, US (Thread)
     30. [SJ-JOB] Security System Administrator, Schaumburg, ... (Thread)
     31. [SJ-JOB] Security Architect, Schaumburg, US (Thread)
     32. [SJ-JOB] Security Engineer, Schaumburg, US (Thread)
     33. [SJ-JOB] Sr. Security Engineer, Melbourne, US (Thread)
     34. [SJ-JOB] Security Engineer, Palm Beach Gardens, US (Thread)
     35. [SJ-JOB] Security Architect, Buffalo Grove, US (Thread)
     36. [SJ-JOB] Security System Administrator, Nashville, U... (Thread)
     37. [SJ-JOB] Manager, Information Security, Calgary, CA (Thread)
     38. [SJ-JOB] Sr. Security Engineer, Nashville, US (Thread)
     39. [SJ-JOB] Sr. Security Engineer, London, GB (Thread)
     40. [SJ-JOB] Forensics Engineer, London, GB (Thread)
     41. [SJ-JOB] Security Auditor, Birmingham - UK wide, GB (Thread)
     42. [SJ-JOB] Sr. Product Manager, Redwood City, US (Thread)
     43. [SJ-JOB] Security Product Marketing Manager, Fremont... (Thread)
     44. [SJ-JOB] Application Security Engineer, Bangalore, I... (Thread)
     45. [SJ-JOB] Security Researcher, Santa Clara, US (Thread)
     46. [SJ-JOB] Security Consultant, Chicago, US (Thread)
     47. [SJ-JOB] Sr. Security Engineer, New York (Brooklyn M... (Thread)
VI. INCIDENTS LIST SUMMARY
     1. Exploit on tcp/4128? (Thread)
     2. SSH probe attack afoot? (Thread)
     3. Chinese HTTP ACKs (Thread)
     4. Strange iptables log entries (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
     1. SAM encrypted with syskey (Thread)
     2. books or material on mail protocols (Thread)
     3. SAM  encrypted with syskey (Thread)
     4. xml over https (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
     1. active directory password policy (Thread)
     2. Password Protected Screen Saver and AdministrativePa... (Thread)
     3. SAM encripted with syskey (Thread)
     4. Password Protected Screen Saver and Administrative P... (Thread)
     5. Re[2]: disclosure the administrative password (Thread)
     6. SecurityFocus Microsoft Newsletter #227 (Thread)
     7. disclosure the administrative password (Thread)
     8. ISA Server/WWW Blacklist (Thread)
IX. SUN FOCUS LIST SUMMARY
     NO NEW POSTS FOR THE WEEK 2005-02-08 to 2005-02-15.
X. LINUX FOCUS LIST SUMMARY
     NO NEW POSTS FOR THE WEEK 2005-02-08 to 2005-02-15.
XI. HTML NEWSLETTER
XII. UNSUBSCRIBE INSTRUCTIONS
XIII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Windows NTFS Alternate Data Streams
by Don Parker
The purpose of this article is to explain the existence of alternate data
streams in Microsoft Windows, demonstrate how to create them by
compromising a machine using the Metasploit Framework, and then use
freeware tools to easily discover these hidden files.
http://www.securityfocus.com/infocus/1822

2. More Advisories, More Security
By Thierry Carrez
More and more, we see articles questioning the security of a given platform
based solely on the number of advisories published -- and this approach is
simply wrong.
http://www.securityfocus.com/columnists/299

3. Unexpected Attack Vectors
By Scott Granneman
A new round of attacks and phishing attempts use some unexpected attack
vectors that we should have been paying attention to, but weren't.
http://www.securityfocus.com/columnists/298

4. Of Dog Sniffs and Packet Sniffs
By Mark Rasch
Why a Supreme Court decision on canine-assisted roadside searches opens the
door to a new regime of Internet surveillance.
http://www.securityfocus.com/columnists/297

II. BUGTRAQ SUMMARY
-------------------
1. RaidenHTTPD Remote File Disclosure Vulnerability
BugTraq ID: 12451
Remote: Yes
Date Published: Feb 05 2005
Relevant URL: http://www.securityfocus.com/bid/12451
Summary:
RaidenHTTPD is reported prone to a remote file disclosure vulnerability. It is
reported that the service does not correctly handle requests for restricted
files that reside outside of the web document root folder.

A remote attacker may exploit this issue to disclose the contents of web server
readable files.

2. LiteForum Enter.PHP SQL Injection Vulnerability
BugTraq ID: 12452
Remote: Yes
Date Published: Feb 05 2005
Relevant URL: http://www.securityfocus.com/bid/12452
Summary:
LiteForum is reportedly affected by an SQL injection vulnerability. This issue
is due to the application failing to properly sanitize user-supplied input
before being used in SQL queries.

This vulnerability could permit remote attackers to pass malicious input to
database queries, resulting in modification of query logic or other attacks.

It is reported that LiteForum 2.1.1 is affected by this vulnerability; earlier
versions may also be affected.

3. WWWBoard Password Database Disclosure Vulnerability
BugTraq ID: 12453
Remote: Yes
Date Published: Feb 05 2005
Relevant URL: http://www.securityfocus.com/bid/12453
Summary:
WWWBoard does not sufficiently secure the password database file. This issue is
due to lack of access controls to prevent remote users from requesting the
database file. It is possible for remote attackers to request the database file
and gain access to sensitive information such as encrypted administrative
credentials for WWWBoard.

4. Foxmail MAIL-FROM Remote Buffer Overflow Vulnerability
BugTraq ID: 12454
Remote: Yes
Date Published: Feb 05 2005
Relevant URL: http://www.securityfocus.com/bid/12454
Summary:
It is reported that Foxmail server is prone to a remote buffer overflow
vulnerability.  This issue is due to a failure of the application to verify
buffer boundaries when processing user-supplied email headers.

A remote attacker may potentially exploit this issue to cause the email server
to crash, denying service to legitimate users. It is also possible to further
leverage this issue in order to execute arbitrary code; this code would be
executed in the security context of the affected service.

5. Mike Neuman OSH Command Line Argument Buffer Overflow Vulner...
BugTraq ID: 12455
Remote: No
Date Published: Feb 05 2005
Relevant URL: http://www.securityfocus.com/bid/12455
Summary:
A buffer overflow vulnerability is reported for osh when processing superfluous
command line arguments. The problem likely occurs due to insufficient bounds
checking when copying command line argument data into an internal memory buffer.

This buffer overflow may be exploited to execute arbitrary code with superuser
privileges.

6. Chipmunk Forum Multiple SQL Injection Vulnerabilities
BugTraq ID: 12456
Remote: Yes
Date Published: Feb 06 2005
Relevant URL: http://www.securityfocus.com/bid/12456
Summary:
Chipmunk Forum is reportedly affected by multiple SQL injection vulnerabilities.
 These issues are due to the application failing to properly sanitize
user-supplied input before being used in SQL queries.

These vulnerabilities could permit remote attackers to pass malicious input to
database queries, resulting in modification of SQL query logic or other attacks.

Successful exploitation could result in compromise of the application,
disclosure or modification of data or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

7. CMScore Multiple SQL Injection Vulnerabilities
BugTraq ID: 12457
Remote: Yes
Date Published: Feb 06 2005
Relevant URL: http://www.securityfocus.com/bid/12457
Summary:
CMScore is Web-based software implemented in PHP utilizing a MySQL database.

CMScore is reportedly affected by multiple SQL injection vulnerabilities.  These
issues are due to the application failing to properly sanitize user-supplied
input before being used in SQL queries.

These vulnerabilities could permit remote attackers to pass malicious input to
database queries, resulting in modification of SQL query logic or other attacks.

Successful exploitation could result in compromise of the application,
disclosure or modification of data or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

8. Apple Mac OS X Finder DS_Store Insecure File Creation Vulner...
BugTraq ID: 12458
Remote: No
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12458
Summary:
An insecure file creation vulnerability affects Apple Mac OS X Finder.  This
issue is due to a failure of the application to validate the existence of files
prior to creating or writing to them.

An attacker may leverage this issue to cause a system-wide denial of service or
to gain escalated privileges on an affected computer, potentially leading to
unauthorized superuser access.

9. Microsoft Outlook Web Access Login Form Remote URI Redirecti...
BugTraq ID: 12459
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12459
Summary:
A remote URI redirection vulnerability affects Microsoft Outlook Web Access. 
This issue is due to a failure of the application to properly sanitize URI
supplied data.

An attacker may leverage this issue to carry out convincing phishing attacks
against unsuspecting users by causing an arbitrary page to be loaded once the
Microsoft Outlook Web Access login form is submitted.

10. Linux Kernel ntfs_warning() and ntfs_error() Local Denial of...
BugTraq ID: 12460
Remote: No
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12460
Summary:
Linux Kernel is reported prone to a local denial of service vulnerability.

It is reported that this vulnerability exists in the 'ntfs_warning()' and
'ntfs_error()' functions when compiled without debug.

Further details are not currently available.  This BID will be updated when more
information becomes available.

Linux Kernel 2.6.11-rc2 is reported vulnerable to this issue.  All 2.6 versions
are likely vulnerable as well.

11. Multiple Web Browser International Domain Name Handling Site...
BugTraq ID: 12461
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12461
Summary:
Multiple Web browsers are reported prone to vulnerabilities that surround the
handling of International Domain Names.

The vulnerabilities exist due to inconsistencies in how International Domain
Names are processed. Reports indicate that this inconsistency can be leveraged
to spoof address bar, status-bar, and SSL certificate values.

These vulnerabilities may be exploited by a remote attacker to aid in phishing
style attacks. This may result in the voluntary disclosure of sensitive
information to a malicious website due to a false sense of trust.

Although these vulnerabilities are reported to affect Web browsers, mail clients
that depend on the Web browser to generate HTML code may also be affected.

12. Emacs Movemail POP3 Remote Format String Vulnerability
BugTraq ID: 12462
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12462
Summary:
The movemail utility of Emacs is reported prone to a remote format string
vulnerability.  This issue arises because the application fails to sanitize
user-supplied data prior to passing it as the format specifier to a formatted
printing function.

A remote attacker may leverage this issue to write to arbitrary process memory,
facilitating code execution. Any code execution would take place with setgid
mail privileges.

13. 3Com 3CServer Multiple Remote Buffer Overflow Vulnerabilitie...
BugTraq ID: 12463
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12463
Summary:
Multiple remote buffer overflow vulnerabilities affect 3Com 3CServer.  These
issues are due to a failure of the application to securely copy user-supplied
input into process buffers.

An attacker may leverage this issue to execute arbitrary code on an affected
computer with SYSTEM privileges.  This may facilitate unauthorized access or
privilege escalation.

14. Mozilla Mozilla/Firefox Cross-Domain Tab Window Script Execu...
BugTraq ID: 12465
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12465
Summary:
Mozilla Mozilla/Firefox are reported prone to a cross-domain script execution
vulnerability.  The issue is reported to exist because the browsers fail to
prevent JavaScript that originates from one tab from accessing properties of a
site contained in another tab.  Typically, the Javascript security manager
prevents a 'javascript:' URI from one domain to be opened in the context of a
site from another window, however tabbed browsing can be used to bypass this
security restriction. 

This issue is reported to affect Firefox 1.0, however, it is possible that other
versions are affected as well.  Mozilla 1.7.5 was also reported vulnerable.

15. Mozilla Firefox About Configuration Hidden Frame Remote Conf...
BugTraq ID: 12466
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12466
Summary:
A remote configuration manipulation vulnerability affects Mozilla Firefox.  This
issue is due to a failure of the application to properly secure sensitive
configuration scripts from being activated by remote attackers.

An attacker may leverage this issue to alter an unsuspecting user's
configuration settings; this may lead to a false sense of security as sensitive
settings may be manipulated without the user's knowledge.

16. SquirrelMail S/MIME Plug-in Remote Command Execution Vulnera...
BugTraq ID: 12467
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12467
Summary:
A vulnerability exists in the SquirrelMail S/MIME plug-in that may allow
malicious Web mail users to execute system commands remotely.  The source of the
problem is that user data is passed to the PHP 'exec()' function without
sufficient sanitization. 

Command execution would occur in the context of the Web server hosting the
vulnerable software.

17. Mozilla Firefox Drag And Drop Security Policy Bypass Vulnera...
BugTraq ID: 12468
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12468
Summary:
Mozilla Firefox is reported prone to a security vulnerability that could allow a
malicious website to bypass drag-and-drop functionality security policies.

It is demonstrated that it is possible to exploit this vulnerability with an
image that renders correctly in the Firefox browser but that, when dragged and
dropped onto the local file system, will be saved with a '.bat' file extension. 

Because the batch file interpreter on Microsoft Windows is particularly lenient
when it comes to syntax, batch commands appended to the image file will be
executed if the image that was dragged and dropped is invoked.

Update: Netscape 7.2 is reported vulnerable to this issue as well.  It is
possible that other versions may also be affected.

18. BXCP Index.PHP Input Validation PHP Script Execution Vulnera...
BugTraq ID: 12469
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12469
Summary:
BXCP is reported prone to an access restriction bypass vulnerability. It is
reported that due to a lack of input sanitization the 'show' URI parameter
passed to the 'index.php' script can be used to render any PHP script that
resides on a vulnerable computer.

A remote attacker may exploit this vulnerability to render PHP scripts that are
supposed to be restricted.

The vulnerability may also be exploited by an attacker that has local access to
a target computer to run arbitrary PHP code with the privileges of the web
server process.

19. Multiple Mozilla Browser enable.IDN Setting Weakness
BugTraq ID: 12470
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12470
Summary:
Mozilla, Firefox, and Camino browsers contain a weakness in certain
configuration settings.  When the International Domain Name (IDN) setting is
disabled in the Web browser, the setting is not retained after the browser is
closed and started again.  The browser configuration will still show the setting
as being disabled.

This weakness could lead to a false sense of security if it is used as a
workaround for BID 12461.

20. PerlDesk SQL Injection Vulnerability
BugTraq ID: 12471
Remote: Yes
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12471
Summary:
PerlDesk is reportedly affected by an SQL injection vulnerability.  This issue
is due to the application failing to properly sanitize user-supplied input
before using it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

21. IBM AIX CHDev Utility Local Format String Vulnerability
BugTraq ID: 12472
Remote: No
Date Published: Feb 07 2005
Relevant URL: http://www.securityfocus.com/bid/12472
Summary:
A format string vulnerability has been discovered in the 'chdev' command that
could be exploited locally. 

It is reported by the vendor that this issue may be exploitable locally by a
member of the 'system' group in order to gain superuser privileges.

22. Microsoft Internet Explorer URI Decoding Vulnerability
BugTraq ID: 12473
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12473
Summary:
Microsoft Internet Explorer is prone to a vulnerability related to URI decoding.
 

A bug in how the browser parses encoded URI data may allow zone bypass.  As a
result, it is possible to force the browser to interpret Web content in the
Local Zone.  This could be exploited to execute arbitrary code in the context of
the user who is currently logged in.

Cross-site scripting attacks are also possible due to this issue, as well as
partial address bar obfuscation.

This vulnerability is similar to the zone bypass attack described in BID 10517.

23. SCO OpenServer Enable And Disable Multiple Local Buffer Over...
BugTraq ID: 12474
Remote: No
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12474
Summary:
Multiple local buffer overflow vulnerabilities affect SCO OpenServer enable and
disable utilities.  These issues are due to a failure of the application to
securely copy user-supplied data into sensitive process buffers.

It should be noted that unprivileged users are not permitted to execute the
'enable' and 'disable' utilities.  Users must have been assigned the 'lp'
privilege by an administrator prior to being able to execute the affected
utility, and therefore exploit this issue.

An attacker may leverage this issue to execute arbitrary code with the
privileges of the superuser.  This may facilitate privilege escalation.

24. Microsoft Internet Explorer DHTML Method Buffer Overflow Vul...
BugTraq ID: 12475
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12475
Summary:
Microsoft Internet Explorer is prone to a heap-based buffer overflow
vulnerability.  This vulnerability is due to a boundary condition error that is
exposed when passing data to the 'createControlRange()' DHTML method, resulting
in corruption of heap-based memory with attacker-supplied data.

This vulnerability could be exploited to execute arbitrary code in the context
of the currently logged in user.

25. Microsoft Windows SharePoint Services Cross-Site Scripting a...
BugTraq ID: 12476
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12476
Summary:
A cross-site scripting and spoofing vulnerability affects Microsoft Windows
SharePoint Services and SharePoint Team Services.  

A remote attacker may carry out a cross-site scripting attack to execute
arbitrary HTML and script code in a user's browser.  It is also possible to
poison Web browser and intermediate proxy server caches by placing spoofed
content in the caches.

26. Microsoft Internet Explorer Unspecified ActiveX Image Contro...
BugTraq ID: 12477
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12477
Summary:
Microsoft has announced in the MS05-014 Cumulative Internet Explorer bulletin
that the ActiveX Image Control 1.0 is no longer supported due to an unspecified
security vulnerability.  The cumulative update addresses the vulnerability by
setting the kill-bit on the control so that it may no longer be invoked from
Internet Explorer.

The impact of this unspecified vulnerability is not known at this time.

27. Apple Mac OS X AppleFileServer Remote Integer Overflow Vulne...
BugTraq ID: 12478
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12478
Summary:
A remote integer overflow vulnerability reportedly affects Apple Mac OS X
AppleFileServer.  This issue is due to a failure of the application to properly
handle integer signedness while copying data into finite process buffers.

An attacker may leverage this issue to cause the affected server process to
consume memory resources until triggering an EXC_BAD_ACCESS signal, ultimately
causing a denial of service condition.

28. Microsoft Windows Hyperlink Object Library Buffer Overflow V...
BugTraq ID: 12479
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12479
Summary:
The Microsoft Windows Hyperlink Object Library is reported prone to a buffer
overflow vulnerability.  An attacker may exploit this condition to execute
arbitrary code on a vulnerable computer, which may grant unauthorized access to
the computer or lead to privilege escalation.

It is reported that issue presents itself when a user follows a malformed link
specially crafted by an attacker, however, other attack vectors also exist to
exploit this vulnerability.  Specifically, an application that employs the
affected library by accepting and supplying parameters to the library may allow
an attacker to exploit this vulnerability remotely and without user interaction.

Local attacker vectors exist to exploit this vulnerability as well.  Reportedly,
an attacker with local interactive access to a vulnerable computer may pass a
malicious payload to an application that supplies parameters to the affected
library.

29. Microsoft Office XP HTML Link Processing Remote Buffer Overf...
BugTraq ID: 12480
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12480
Summary:
A remote buffer overflow vulnerability affects Microsoft Office XP.  The problem
presents itself when an unsuspecting user follows a malicious HTML link that
points to a Office document.  A boundary condition error is exposed during this
operation that may allow attacker-specified data to corrupt process memory.  

An attacker may leverage this issue to execute arbitrary code with the
privileges of an unsuspecting user that follows a malicious embedded link.

30. Microsoft Windows License Logging Service Buffer Overflow Vu...
BugTraq ID: 12481
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12481
Summary:
A buffer overflow exists in the Microsoft Windows License Logging Service.  This
could allow remote execution of arbitrary code.

31. PHP-Fusion Viewthread.PHP Information Disclosure Vulnerbilit...
BugTraq ID: 12482
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12482
Summary:
PHP-Fusion is reportedly affected by an information disclosure vulnerability. 
This issue is due to the application failing to properly sanitize user-supplied
input.

It is reported that an attacker could leverage this vulnerability to view any
thread of protected forums on an affected version of the application.  All
PHP-Fusion 4 versions are reportedly affected by this vulnerability; earlier
versions may also be vulnerable.

32. Microsoft Windows COM Structured Storage Local Privilege Esc...
BugTraq ID: 12483
Remote: No
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12483
Summary:
Microsoft Windows is reported prone to a local privilege escalation
vulnerability when processing COM structured storage files.  This issue may
allow a local attacker to gain elevated privileges on a vulnerable computer.

An attacker with local interactive access may craft an application that triggers
this condition and gain SYSTEM privileges on a vulnerable computer.

33. Microsoft Windows Server Message Block Handlers Remote Buffe...
BugTraq ID: 12484
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12484
Summary:
Microsoft Windows Server Message Block handler is reported prone to a remote
buffer overflow vulnerability.

It should be noted that SMB drivers execute in the kernel memory space and a
successful attack can allow a remote attacker to gain unauthorized access with
ring 0 privileges.

Microsoft has noted that other protocols, such as IPX/SPX, could also be
vulnerable to this issue.

34. Microsoft Windows Media Player Remote PNG Image Format Buffe...
BugTraq ID: 12485
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12485
Summary:
A remote buffer overflow vulnerability affects the Portable Network Graphics
(PNG)  image format processing functionality of Microsoft Windows Media Player. 
This issue is due to a failure of the application to properly validate the size
of image data prior to copying it into static process buffers.

An attacker may exploit this issue to execute arbitrary code with the privileges
of the SYSTEM user. This will facilitate unauthorized access and privilege
escalation.

35. Microsoft Windows Named Pipe Remote Information Disclosure V...
BugTraq ID: 12486
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12486
Summary:
A remote information disclosure vulnerability affects Microsoft Windows.  This
issue is due to a failure of the application to securely store potentially
sensitive system information.

An attacker may leverage this issue to disclose the user names of all users
connected to a network share, potentially facilitating further attacks against
affected computers.

36. ArGoSoft FTP Server Shortcut File Extension Filter Bypass Vu...
BugTraq ID: 12487
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12487
Summary:
ArGoSoft FTP server is reportedly affected by a vulnerability regarding the
upload of compressed shortcut files.  This issue is due to the application
failing to verify the contents of ZIP files during execution of the 'SITE UNZIP'
command.  A malicious user with write permission on any directory could extract
a shortcut (.lnk) file that points to the directory of their choice.  

It is conjectured this issue is related to BID 11589 (ArGoSoft FTP Server
Shortcut File Upload Vulnerability) and BID 2961 (ArGoSoft FTP Server .lnk
Directory Traversal Vulnerability).

37. Microsoft OLE Remote Buffer Overflow Vulnerability
BugTraq ID: 12488
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12488
Summary:
Microsoft OLE is reported prone to a remote buffer overflow vulnerability.  This
issue arises because the application fails to perform boundary checks before
copying user-supplied data to sensitive process buffers.  A remote attacker may
leverage this vulnerability to execute arbitrary code on a vulnerable computer.

If a vulnerable user opens a malicious file through any application that
supports OLE, the attacker-supplied arbitrary code may be executed in the
context of the user.  

Reportedly, user interaction is required to exploit this condition in Microsoft
Windows 2000, Windows XP, and Windows Server 2003.  

An anonymous remote user can exploit this issue in various versions of Microsoft
Exchange Server because Exchange Server uses the affected Windows OLE component.
 A successful attack can allow the attacker to gain SYSTEM privileges as the
Microsoft Exchange Server runs with elevated privileges.  Affected Microsoft
Exchange Server versions include Microsoft Exchange 2000 Server, Microsoft
Exchange Server 2003, Microsoft Exchange Server 5.0, and Microsoft Exchange
Server 5.5.  

Other applications that use the affected Windows OLE component include Microsoft
Office XP Service Pack 3, Microsoft Office XP Service Pack 2, Microsoft Office
2003 Service Pack 1, and Microsoft Office 2003.

38. XGB Authentication Bypass Vulnerability
BugTraq ID: 12489
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12489
Summary:
xGB is reportedly affected by a vulnerability that could permit unauthorized
administrator access.  This issue is due to the application failing to properly
verify user credentials.

A malicious user could exploit this vulnerability to bypass user authentication
and gain administrative access.

This vulnerability is reported to affect xGB version 2.0; earlier versions may
also be vulnerable.

39. SafeNet SoftRemote VPN Client Local Password Disclosure Vuln...
BugTraq ID: 12490
Remote: No
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12490
Summary:
SoftRemote and SoftRemoteLT VPN client utilities are reported prone to a local
pre-shared key (password) disclosure vulnerability. It is reported that the VPN
password is stored in the memory image of the process in plain-text format. 

Credentials that are harvested through the exploitation of this vulnerability
may then be used to aid in further attacks.

40. BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffe...
BugTraq ID: 12491
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12491
Summary:
Various Computer Associates BrightStor ARCserve/Enterprise Backup products are
prone to a remote buffer overflow vulnerability.  This issue presents itself
because the affected applications do not perform boundary checks prior to
copying user-supplied data into sensitive process buffers.  

A remote attacker may execute arbitrary code on a vulnerable computer to gain
unauthorized access to it.

41. Symantec UPX Parsing Engine Remote Heap Overflow Vulnerabili...
BugTraq ID: 12492
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12492
Summary:
Various Symantec products are reported prone to a remote heap overflow
vulnerability.  This issue affects the UPX Parsing Engine shipped with the
products.

A successful attack may allow a remote attacker to execute arbitrary code on a
vulnerable computer leading to a complete compromise.

42. Frox Access Control List Bypass Vulnerability
BugTraq ID: 12493
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12493
Summary:
It is reported that an ACL bypass vulnerability exists in frox because frox
fails to parse 'Deny' ACL entries correctly. 

This may lead to a false sense of security because ftp clients may use the frox
proxy to access services that a network administrator intended to block. 

This vulnerability is reported to exist in frox versions 0.7.16 and 0.7.17.

43. RealNetworks RealArcade Multiple Remote Vulnerabilities
BugTraq ID: 12494
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12494
Summary:
Multiple remote vulnerabilities reportedly affect RealNetworks RealArcade.  The
first issue allows for arbitrary file deletion due to an input validation issue.
 The second issue is an integer overflow issue resulting in code execution.

Both of these issues require an unsuspecting user to download and activate a
malicious file for exploitation.

Successful exploitation of these issues will facilitate code execution and file
deletion with the privileges of an unsuspecting user that activates a malicious
RealArcade file.

44. Software602 602 Lan Suite Arbitrary File Upload Vulnerabilit...
BugTraq ID: 12495
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12495
Summary:
602 Lan Suite 2004 is reportedly affected by a vulnerability regarding the
uploading of file attachments.  This issue is due to the application failing to
properly sanitize the names of file attachments before upload.  A malicious user
could exploit this vulnerability using directory traversal attacks to upload a
file to an arbitrary location accessible by the affected server.

This vulnerability could lead to the execution of a malicious file on the server
hosting the application.

602 Lan Suite 2004 version 2004.0.04.1221 is reportedly vulnerable; other
versions  may also be affected.

45. IBM AIX AuditSelect Local Format String Vulnerability
BugTraq ID: 12496
Remote: No
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12496
Summary:
A local format string vulnerability affects IBM AIX auditselect.  This issue is
due to a failure of the application to securely implement a formatted printing
function.

An attacker may leverage this issue to execute arbitrary code with superuser
privileges, ultimately facilitating privilege escalation.

46. HP-UX BIND Unspecified Remote Denial Of Service Vulnerabilit...
BugTraq ID: 12497
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12497
Summary:
An unspecified remote denial of service vulnerability affects HP-UX BIND.  This
issue is due to a failure of the application to handle malformed network data.

Further details surrounding this issue are currently unavailable; this BID will
be updated as further information is released.

An attacker may leverage this issue to trigger a denial of service condition in
the affected utility.

47. Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of ...
BugTraq ID: 12498
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12498
Summary:
A denial of service vulnerability affects Emdros.  This issue is due to a
failure of the application to properly manage memory.

Apparently this issue is distinct from that reported in BID 11143 (Ulrik
Petersen Emdros Database Engine Denial Of Service Vulnerability).  It should
also be noted that if the affected application is run as a daemon, a remote
attacker could exploit this issue.

An attacker may leverage this issue to cause the affected application to crash,
denying service to legitimate users.

48. XView Multiple Unspecified Local Buffer Overflow Vulnerabili...
BugTraq ID: 12500
Remote: No
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12500
Summary:
It is reported that a number of unspecified buffer overflow vulnerabilities
exist in the xview library. These issues could allow a local user to execute
arbitrary code via linked executables that are installed with setuid
privileges. 

Debian has identified these issues in xview-3.2p1.4.  Other versions affecting
various platforms may be vulnerable as well.

49. MyPHP Forum Multiple SQL Injection Vulnerabilities
BugTraq ID: 12501
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12501
Summary:
MyPHP Forum is reportedly affected by multiple SQL injection vulnerabilities. 
These issues are due to the application failing to properly sanitize
user-supplied input before using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

50. ArGoSoft Mail Server Multiple Directory Traversal Vulnerabil...
BugTraq ID: 12502
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12502
Summary:
ArGoSoft Mail Server is reported prone to multiple directory traversal
vulnerabilities.  These issues result from insufficient sanitization of
user-supplied data and may allow remote attackers to view, replace and delete
arbitrary files, folders, and users' email on a vulnerable computer running the
server.

ArGoSoft Mail Server 1.8.7.3 is reported vulnerable to these issues.  It is
possible that prior versions are affected as well.

51. MercuryBoard INDEX.PHP SQL Injection Vulnerability
BugTraq ID: 12503
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12503
Summary:
MercuryBoard is affected by an SQL injection vulnerability. This issue is due to
the application failing to properly sanitize user-supplied input before being
used in SQL queries. 

The vulnerability is reported to affect the 'index.php' script. 

MercuryBoard 1.1.1 and prior versions are affected by this vulnerability.

52. GNU Mailman Remote Directory Traversal Vulnerability
BugTraq ID: 12504
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12504
Summary:
Mailman, when hosted on a web server that does not strip extra slashes from URLs
(i.e. Apache 1.3.x), is reported prone to a remote directory traversal
vulnerability.

The remote attacker may exploit this vulnerability to disclose the contents of
web server readable files. Symantec has received reports of the username and
password databases of public mailing lists being compromised through the
exploitation of this vulnerability. 

Information that is harvested by leveraging this vulnerability may be used to
aid in further attacks against a target computer or victim user.

53. PostWrap Module Cross-Site Scripting Vulnerability
BugTraq ID: 12505
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12505
Summary:
PostWrap is reportedly affected by a cross-site scripting vulnerability.  This
issue is due to the application failing to properly sanitize user-supplied
input.

As a result of this vulnerability, it is possible for a remote attacker to
create a malicious link containing script code that will be executed in the
browser of an unsuspecting user when followed. This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

54. Microsoft MSN Messenger/Windows Messenger PNG Buffer Overflo...
BugTraq ID: 12506
Remote: Yes
Date Published: Feb 08 2005
Relevant URL: http://www.securityfocus.com/bid/12506
Summary:
A remotely exploitable buffer overflow exists in MSN Messenger and Windows
Messenger.  This vulnerability is related to parsing of Portable Network
Graphics (PNG) image header data.  Successful exploitation will result in
execution of arbitrary code in the context of the vulnerable client user.

Attack vectors and mitigations may differ for MSN Messenger and Windows
Messenger.  For Windows Messenger, the attacker must spoof the .NET Messenger
service and the client must be configured to receive .NET alerts.

However, MSN Messenger may be exploited through various methods in a
client-to-client attack.  Possible attack vectors for this vulnerability in MSN
Messenger include:
User display pictures
Custom icons that are displayed inline in instant messages
Thumbnails of transferred images
Background images

Since this issue may be exploited in a client-to-client attack for MSN
Messenger, it is a likely candidate for development of a worm.

This issue was originally described in BID 10857.  Further analysis has
determined that there are unique properties of the vulnerability that
distinguish it from the general libpng issue on other platforms.

55. Conexant AccessRunner DSL Console Default Backdoor Account V...
BugTraq ID: 12507
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12507
Summary:
It has been reported that Conexant AccessRunner DSL Console software has
built-in administrative access that cannot be disabled.

This vulnerability reportedly allows remote attackers to reset the router to
default settings, denying legitimate users network access. Other attacks are
also likely possible.

It is unknown at this time if remote attackers can access the administrative
interface via the WAN interface of affected devices.

Mentor MR4C/UK devices are reported susceptible to this vulnerability. Due to
code reuse across products, it is likely that other devices are also affected.

56. IBM DB2 Universal Database Unspecified Vulnerability
BugTraq ID: 12508
Remote: Yes
Date Published: Feb 09 2005
Relevant URL: http://www.securityfocus.com/bid/12508
Summary:
IBM DB2 Universal Database is reported prone to a vulnerability. The details of
this issue are unspecified.

The discoverer of this issue has reported that further details regarding this
vulnerability will be released on the 9th of May 2005. When these details are
released this BID will be updated with the additional details.

This vulnerability is reported to exist in IBMDB2 Universal Database version 8.1
and previous versions.

57. IBM DB2 Unauthorized System Resource Access Vulnerability
BugTraq ID: 12509
Remote: No
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12509
Summary:
IBM DB2 on Windows platforms is prone to a security vulnerability.  The
vulnerability is that IBM DB2 resources may be accessible to local users.  It is
reported that this could be exploited to launch denial of service attacks
against the database, view query results, or obtain database credentials.

This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified
Vulnerability.

58. IBM DB2 XML Extender UDF Unauthorized File Access Vulnerabil...
BugTraq ID: 12510
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12510
Summary:
IBM DB2 is prone to a security vulnerability that may allow unauthorized read or
write access to files on the computer in the context of the server process. 
This issue exists in the XML Extender UDFs (User-Defined Functions).  This could
result in information disclosure as well as corruption of files on the computer.
 There is a theoretical possibility of code execution.

This vulnerability appears similar in nature to BID 12170 IBM DB2 XML Function
Unauthorized File Creation and Disclosure Vulnerability.

This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified
Vulnerability.

59. IBM DB2 Universal Database Server Network Message Processing...
BugTraq ID: 12511
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12511
Summary:
A remote code execution vulnerability affects IBM DB2 Universal Database Server.
 This issue is due to a failure of the application to properly handle network
messages under certain circumstances.

This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified
Vulnerability.

An attacker with a database connection may leverage this issue to execute
arbitrary code within the context of the affected database instance, potentially
facilitating unauthorized access or privilege escalation.

60. IBM DB2 Unspecified XML Functions Remote Arbitrary Code Exec...
BugTraq ID: 12512
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12512
Summary:
IBM DB2 is reported prone to a remote arbitrary code execution vulnerability. 
This issue can allow a remote attacker to completely compromise a vulnerable
database server.

IBM DB2 version 8 FixPak 7 and FixPak 7a are reported vulnerable to this issue.

Further details are not available currently.  It is possible that this issue
results from an overflow condition, however, this is not confirmed at the
moment.  It is also possible that an SQL injection type attack may be used to
leverage this issue.  This BID will be updated when more information becomes
available.

This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified
Vulnerability.

61. IBM AIX LSPath Unauthorized Local File Disclosure Vulnerabil...
BugTraq ID: 12513
Remote: No
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12513
Summary:
A vulnerability exists in the IBM AIX lspath command that may allow for local
file disclosure attacks.  It is reported that this vulnerability may be
exploited to read the first line (up to the first encounter white space) of an
arbitrary file on the computer.

62. IBM DB2 Universal Database Server Object Creation Remote Cod...
BugTraq ID: 12514
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12514
Summary:
A remote code execution vulnerability affects IBM DB2 Universal Database Server.
 This issue is due to a failure of the application to properly handle the
creation of new objects.

This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified
Vulnerability.

An attacker with a database connection may leverage this issue to execute
arbitrary code within the context of the affected database instance, potentially
facilitating unauthorized access or privilege escalation.

63. F-Secure ARJ Handling Buffer Overflow Vulnerability
BugTraq ID: 12515
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12515
Summary:
A buffer overflow vulnerability exists in the ARJ handling code in the
Anti-Virus library included in various F-Secure products.  The vulnerability is
due to insufficient bounds check of ARJ header fields which will be copied into
a finite buffer on the heap.  This vulnerability could be exploited by a
malicious ARJ archive to execute arbitrary code in the context of the affected
applications.

64. IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
BugTraq ID: 12516
Remote: No
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12516
Summary:
A local buffer overflow vulnerability reportedly affects IBMs AIX 'ipl_varyon'
utility.  This issue is due to a failure of the application to securely copy
user-supplied data into finite process buffers.

A local attacker may leverage this issue to execute arbitrary code on an
affected computer with superuser privileges, facilitating privilege escalation.

65. IBM AIX Netpmon Command Line Argument Local Buffer Overflow ...
BugTraq ID: 12517
Remote: No
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12517
Summary:
netpmon is prone to a local buffer overflow vulnerability.

Reportedly, a user requires gid system privileges to execute the utility.  A
successful attack can grant the user superuser privileges.

IBM AIX 5.1, 5.2, and 5.3 are considered vulnerable at the moment.

66. Yongguang Zhang HZTTY Local Arbitrary Command Execution Vuln...
BugTraq ID: 12518
Remote: No
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12518
Summary:
A local, arbitrary command execution vulnerability affects Yongguang Zhang
hztty.  The underlying cause of this issue is currently unknown. This BID will
be updated as more information is released.

An attacker may leverage this issue to execute arbitrary commands with the
privileges of the 'utmp' group, potentially facilitating privilege escalation.

67. Apache mod_python Module Publisher Handler Information Discl...
BugTraq ID: 12519
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12519
Summary:
The mod_python module publisher handler is prone to a remote information
disclosure vulnerability.  This issue may allow remote unauthorized attackers to
gain access to sensitive objects.

Information disclosed through the exploitation of this issue may aid in
launching further attacks against an affected server.

All versions of mod_python are considered vulnerable at the moment.

68. Armagetron Advanced Multiple Remote Denial Of Service Vulner...
BugTraq ID: 12520
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12520
Summary:
Multiple denial of service vulnerabilities affect Armagetron Advanced.  These
issues are due to a failure of the application to handle malformed network data.

An attacker may leverage these issues to cause a remote denial of service
condition in affected applications.

69. ASPJar Guestbook Multiple Remote Vulnerabilities
BugTraq ID: 12521
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12521
Summary:
ASPJar Guestbook is reported vulnerable to multiple remote vulnerabilities. 
These issues can allow an attacker to carry out SQL injection attacks and gain
access to an administrative script to delete arbitrary data.

All versions of ASPJar Guestbook are considered vulnerable at the moment.

70. BrightStor ARCserve/Enterprise Backup Default Backdoor Accou...
BugTraq ID: 12522
Remote: Yes
Date Published: Feb 10 2005
Relevant URL: http://www.securityfocus.com/bid/12522
Summary:
BrightStor ARCserve/Enterprise Backup products contain a backdoor account.  

It is reported that hard coded credentials are present in the 'UniversalAgent'
service of BrightStor ARCserve/Enterprise Backup products for UNIX platforms. 

An attacker may carry out various attacks such as arbitrary command and code
execution by using the hard coded credentials.  This may lead to a complete
compromise of an affected computer.

71. XPCD PCDSVGAView Local Buffer Overflow Vulnerability
BugTraq ID: 12523
Remote: No
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12523
Summary:
A local buffer overflow vulnerability affects xpcd pcdsvgaview.  This issue is
due to a failure of the application to securely copy user-supplied input into
finite process buffers.

An attacker may leverage this issue to execute arbitrary code with superuser
privileges.

72. Netkit RWho Packet Size Denial Of Service Vulnerability
BugTraq ID: 12524
Remote: Yes
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12524
Summary:
The Netkit rwho daemon is prone to a denial of service vulnerability.  This
condition occurs when the server processes packets with malformed sizes.

The vulnerability is only reported to affect the software running on little
endian platforms.

It is not known if this condition is due to a boundary condition error or if it
may further be leveraged to execute arbitrary code.

73. KDE Library DCOPIDLING Insecure Temporary File Creation Vuln...
BugTraq ID: 12525
Remote: No
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12525
Summary:
A local insecure file creation vulnerability affects KDE Library 'dcopidling'. 
This issue is due to a failure of the application to validate the existence of a
file prior to writing to it.

An attacker may leverage this issue to corrupt arbitrary files with the
privileges of a user that activates an application that implements the affected
script.

74. Daily Strip Manager Multiple Unspecified Remote Vulnerabilit...
BugTraq ID: 12528
Remote: Yes
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12528
Summary:
Multiple unspecified remote vulnerabilities affect Daily Strip Manager.  The
underlying causes of these issues are currently unknown.

The impacts of these issues are also currently unknown.  This BID will be
updated as more information is released.

75. OpenPGP Cipher Feedback Mode Chosen-Ciphertext Partial Plain...
BugTraq ID: 12529
Remote: Yes
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12529
Summary:
OpenPGP is reported prone to a vulnerability that may theoretically allow
attackers to retrieve partial plaintexts from encrypted OpenPGP messages.

It is reported that a proof of concept chosen-ciphertext attack method has been
developed that exploits a flaw in OpenPGP to retrieve partial plaintexts from
OpenPGP messages encrypted with symmetric encryption.  Apparently when messages
are encrypted with the CFB mode, a design flaw in an integrity check feature can
be exploited.

The attack is also limited in the amount of information that can be disclosed
from an encrypted message.  Apparently, only partial disclosure of a message is
possible.

The OpenPGP standard is reported vulnerable to this issue.  It is not known
whether PGP or GNU Privacy Guard or other implementations are vulnerable.  This
BID will be updated when more information becomes available.

76. Microsoft Internet Explorer Multiple Vulnerabilities
BugTraq ID: 12530
Remote: Yes
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12530
Summary:
Microsoft Internet Explorer is reported prone to multiple vulnerabilities. 
These issues may allow remote attackers to execute arbitrary script code,
disclose sensitive information and execute files from the local system.  These
issues are alleged to have been addressed by MS05-014.

The following specific issues were identified:

The first issue may allow remote attackers to place arbitrary files on a
vulnerable computer.  It is possible that this issue is related to BID 10973
(Microsoft Internet Explorer Implicit Drag and Drop File Installation
Vulnerability) and BID 11466 (Microsoft Internet Explorer Valid File Drag and
Drop Embedded Code Vulnerability).  It is not known if this variant is distinct
from other known issues

The browser is reported prone to another cross-zone scripting vulnerability.  It
is reported that an attacker can link to local resources by crafting a malicious
Web site and enticing a user to visit the site.  This issue is triggered when
the user clicks on the attacker's site.

Another issue affecting the application allows malicious Web sites to reference
sites from the 'Temporary Internet Files' folder.

The application is prone to a vulnerability that may allow attackers to execute
files from the Local zone.

These issues may be combined to ultimately execute arbitrary code in the Local
zone.  This can lead to unauthorized access to the vulnerable computer.

Internet Explorer 5.01 and 5.5 have been reported vulnerable as well.

This BID will be divided into individual BIDs and updated when further analysis
is complete.

77. Zone Labs ZoneAlarm Local Denial of Service Vulnerability
BugTraq ID: 12531
Remote: No
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12531
Summary:
Multiple ZoneAlarm products and Check Point Integrity Client are reported prone
to a local denial of service vulnerability.  This issue exists due to an invalid
pointer dereference.

A successful attack can result in a denial of service condition in the kernel.

ZoneAlarm Security Suite, ZoneAlarm Pro, and ZoneAlarm versions prior to
5.5.062.011 and Check Point Integrity Client versions prior to 4.5.122.000 and
5.1.556.166 are considered vulnerable to this issue.

78. Gentoo Portage-Built Webmin Binary Package Build Host Root P...
BugTraq ID: 12532
Remote: Yes
Date Published: Feb 11 2005
Relevant URL: http://www.securityfocus.com/bid/12532
Summary:
It is reported that the Gentoo Portage-built Webmin binary package discloses the
build host's root password to remote users.

Any users who build the affected Webmin binary and share it with other users are
at a risk of compromise.

Gentoo app-admin/webmin packages prior to 1.170-r3 are vulnerable to this issue.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. U.S. info-sharing initiative called a flop
By: Kevin Poulsen

A controversial federal program encourages U.S. companies to share vulnerability
information with the government by promising to  keep it a secret from the
public. But a year later, industry says the measure still doesn't go far enough.
http://www.securityfocus.com/news/10481

2. Hackers sued for tinkering with Xbox games
By: Kevin Poulsen

A California video game maker sues a community of hobbyists for modifying code
on their own machines.
http://www.securityfocus.com/news/10466

3. Shhhh. U.S. appeals USA PATRIOT loss
By: Kevin Poulsen

The Justice Department has appealed a court ruling that revoked the FBI's power
to issue secret orders for customer ISP records. Just don't tell anyone.

http://www.securityfocus.com/news/10432

4. Microsoft will make antispyware software free of charge
By: Matthew Fordahl, The Associated Press

http://www.securityfocus.com/news/10500

5. Spyware, adware threat to be hot topic at security conferenc...
By: Matthew Fordahl, The Associated Press

http://www.securityfocus.com/news/10496

6. White House may make NSA the 'traffic cop' over U.S. compute...
By: Ted Bridis, The Associated Press

http://www.securityfocus.com/news/10494

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. Cisco Torch 0.1 alpha
By: Arhont Team
Relevant URL: http://www.arhont.com/cisco-torch.tar.bz2
Platforms: Perl (any system supporting perl)
Summary: 

A fast mass scanning and application layer fingerprinting tool for Cisco devices
written while working on "Hacking Exposed: Cisco Networks" book. Supports telnet
and SSH bruteforcing as well as Cisco management webserver exploitation. More
features would be added soon - see TODO.

2. SafeLogon 2.0
By: GemiScorp Software Solutions
Relevant URL: http://www.gemiscorp.com/english/slogon/info.html
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary: 

SafeLogon is a multi-user and password-based access control utility that
enhances and complements the Windows built-in logon and authentication system.
In other words, SafeLogon allows you to protect your system at home and office
from unauthorized access.

SafeLogon is fully configurable and allows its Administrator to:

- Restrict access to Windows to certain users, optionally controlling the days
of the week and the time of the day the user is allowed to log on and

3. SafeSystem 1.5
By: GemiScorp Software Solutions
Relevant URL: http://www.gemiscorp.com/english/safesystem/info.html
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary: 

SafeSystem is a security program that allows you to prevent access to your
personal and important files and folders, as well as protect and guarantee the
integrity and well functioning of your system. SafeSystem can make your files
and folders completely invisible, inaccessible or simply read-only. Furthermore,
SafeSystem can prevent the change of configuration and the accidental (or even
intentional) system files deletion or alteration, so your PC will be healthy

4. KSB - Kernel Socks Bouncer 2.6.10
By: Paolo Ardoino
Relevant URL: http://ardoino.altervista.org/kernel.php
Platforms: Linux
Summary: 

KSB26 [Kernel Socks Bouncer] is Linux Kernel 2.6.x patch that redirects full tcp
connections [SSH, telnet, ...] to follow through socks5. KSB26 uses a character
device to pass socks5 and target ips to the Linux Kernel. I have choosen to
write in kernel space to enjoy myself [I know that there are easier and safer
ways to write this in userspace].

5. SQL column finder 0.1
By: Rafal Bielecki
Relevant URL: http://sqlcfind.netro.pl/sqlcfind.exe
Platforms: Windows 2000, Windows 95/98, Windows XP
Summary: 

Helps you to find exact columns number when using union select query

6. Secure Hive 1.0.0.1
By: Secure Hive
Relevant URL: http://www.securehive.com/Secure%20Hive.htm
Platforms: Windows 2000, Windows NT, Windows XP
Summary: 

What Does Secure Hive Enterprise Offer?

 Encryption of part, or entire, Word documents, Excel worksheets or PowerPoint
presentations through Secure Hive's integration with Microsoft Office.
 
 Encryption of part, or entire, content of common documents (such as Notepad,
WordPad), email messages and instant messages, including mixed text and
graphics, with Secure Hive's Clipboard Encryption feature.

V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Application Security Architect, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390404

2. [SJ-JOB] Security Architect, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390403

3. [SJ-JOB] Security Consultant, North , GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390373

4. [SJ-JOB] Application Security Engineer, McLean, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390365

5. [SJ-JOB] Security Engineer, McLean, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390364

6. [SJ-JOB] Security Architect, McLean, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390362

7. [SJ-JOB] Sr. Product Manager, Fort Lauderdale, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390361

8. [SJ-JOB] Sales Representative, NYC, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390360

9. [SJ-JOB] VP / Dir / Mgr engineering, Fort Lauderdale... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390359

10. [SJ-JOB] Security Consultant, Metro New York Area, U... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390357

11. [SJ-JOB] Technical Support Engineer, Columbia, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390351

12. [SJ-JOB] Sales Engineer, Morristown, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390350

13. [SJ-JOB] Developer, Columbia, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390348

14. [SJ-JOB] Application Security Engineer, Seattle / Si... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390347

15. [SJ-JOB] Quality Assurance, Columbia, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390346

16. [SJ-JOB] Sr. Security Analyst, San Francisco, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390157

17. [SJ-JOB] Security Architect, Herndon, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390156

18. [SJ-JOB] Security Researcher, San Diego, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390154

19. [SJ-JOB] Security Consultant, Evansville, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390153

20. [SJ-JOB] Manager, Information Security, Bridgewater ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390038

21. [SJ-JOB] Sales Representative, Austin, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390030

22. [SJ-JOB] Security Consultant, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390028

23. [SJ-JOB] Sales Representative, Boston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390026

24. [SJ-JOB] Account Manager, Redwood City, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390025

25. [SJ-JOB] Sr. Security Engineer, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390024

26. [SJ-JOB] Privacy Officer, Columbus, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390022

27. [SJ-JOB] Security Consultant, New England Area, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389924

28. [SJ-JOB] Security Consultant, Albany, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389910

29. [SJ-JOB] Developer, San Diego, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389909

30. [SJ-JOB] Security System Administrator, Schaumburg, ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389898

31. [SJ-JOB] Security Architect, Schaumburg, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389897

32. [SJ-JOB] Security Engineer, Schaumburg, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389896

33. [SJ-JOB] Sr. Security Engineer, Melbourne, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389849

34. [SJ-JOB] Security Engineer, Palm Beach Gardens, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389847

35. [SJ-JOB] Security Architect, Buffalo Grove, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389846

36. [SJ-JOB] Security System Administrator, Nashville, U... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389786

37. [SJ-JOB] Manager, Information Security, Calgary, CA (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389785

38. [SJ-JOB] Sr. Security Engineer, Nashville, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389780

39. [SJ-JOB] Sr. Security Engineer, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389764

40. [SJ-JOB] Forensics Engineer, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389763

41. [SJ-JOB] Security Auditor, Birmingham - UK wide, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389762

42. [SJ-JOB] Sr. Product Manager, Redwood City, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389753

43. [SJ-JOB] Security Product Marketing Manager, Fremont... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389748

44. [SJ-JOB] Application Security Engineer, Bangalore, I... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389746

45. [SJ-JOB] Security Researcher, Santa Clara, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389745

46. [SJ-JOB] Security Consultant, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389744

47. [SJ-JOB] Sr. Security Engineer, New York (Brooklyn M... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/389743

VI. INCIDENTS LIST SUMMARY
--------------------------
1. Exploit on tcp/4128? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390486

2. SSH probe attack afoot? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390277

3. Chinese HTTP ACKs (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390212

4. Strange iptables log entries (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390211

VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. SAM encrypted with syskey (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/390295

2. books or material on mail protocols (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/390155

3. SAM  encrypted with syskey (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/390151

4. xml over https (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/390021

VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. active directory password policy (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/390379

2. Password Protected Screen Saver and AdministrativePa... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/390119

3. SAM encripted with syskey (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/390111

4. Password Protected Screen Saver and Administrative P... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/390095

5. Re[2]: disclosure the administrative password (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/389978

6. SecurityFocus Microsoft Newsletter #227 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/389901

7. disclosure the administrative password (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/389782

8. ISA Server/WWW Blacklist (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/389765

IX. SUN FOCUS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2005-02-08 to 2005-02-15.

X. LINUX FOCUS LIST SUMMARY
---------------------------
NO NEW POSTS FOR THE WEEK 2005-02-08 to 2005-02-15.
[ terug ]