Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #289
------------------------------

This Issue is Sponsored By: CrossTec

FREE Download - The Future in Desktop Firewalls is Available Now
NEW NetOp Desktop Firewall, the world's first driver-centric 
firewall software - protecting your laptops and corporate PCs at  
ring-zero! NetOp features sophisticated process & application
control, centralized management and multiple network user profiles -
NetOp is able to increase security when mobile users plug back 
into your network. Step into a more secure future - Try it FREE

http://www.securityfocus.com/sponsor/CrossTec_sf-news_050222

------------------------------------------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Complexity Kills Innovation
     2. Windows NTFS Alternate Data Streams
II. BUGTRAQ SUMMARY
     1. Firefox Remote SMB Document Local File Disclosure Vulnerabil...
     2. ID Software Quake 3 Engine Infostring Query Remote Denial of...
     3. BrightStor ARCserve/Enterprise Discovery Service SERVICEPC R...
     4. IBM WebSphere Application Server JSP Engine Source Code Disc...
     5. IBM WebSphere Application Server File Servlet Source Code Di...
     6. gFTP Remote Directory Traversal Vulnerability
     7. Debian Toolchain-Source Multiple Insecure Temporary File Cre...
     8. Microsoft Internet Explorer Mouse Event URI Status Bar Obfus...
     9. VBulletin Forumdisplay.PHP Remote Command Execution Vulnerab...
     10. AWStats Plugin Multiple Remote Command Execution Vulnerabili...
     11. Microsoft Internet Explorer Favorites List Script Code Execu...
     12. AWStats Debug Remote Information Disclosure Vulnerability
     13. Synaesthesia Local File Disclosure Vulnerability
     14. Open WebMail Logindomain Parameter Cross-Site Scripting Vuln...
     15. BEA WebLogic Server And WebLogic Express Authentication Fail...
     16. Brooky CubeCart Multiple Vulnerabilities
     17. Opera Web Browser Multiple Remote Vulnerabilities
     18. Squid Proxy DNS Name Resolver Remote Denial Of Service Vulne...
     19. VMWare Workstation For Linux Local Privilege Escalation Vuln...
     20. Sun Solaris ARP Handling Remote Denial Of Service Vulnerabil...
     21. OpenConf Paper Submission HTML Injection Vulnerability
     22. Linux Kernel Multiple Local Buffer Overflow And Memory Discl...
     23. ELOG Web Logbook Multiple Remote Vulnerabilities
     24. CitrusDB CSV File Upload Access Validation Vulnerability
     25. Siteman User.PHP Unspecified Security Restriction Bypass Vul...
     26. KarjaSoft Sami HTTP Server Multiple Remote Vulnerabilities
     27. CitrusDB Remote Authentication Bypass Vulnerability
     28. PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities
     29. Kayako ESupport Cross-Site Scripting Vulnerability
     30. CitrusDB Arbitrary Local PHP File Include Vulnerability
     31. Microsoft Internet Explorer Malformed File URI Denial of Ser...
     32. HP HTTP Server Remote Unspecified Buffer Overflow Vulnerabil...
     33. Lighttpd Remote CGI Script Disclosure Vulnerability
     34. OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
     35. Typespeed Local Format String Vulnerability
     36. KDE KStars FLICCD Utility Multiple Buffer Overflow Vulnerabi...
     37. Check Point VPN-1 SecureClient Malformed IP Address Local Me...
     38. AWStats Logfile Parameter Remote Command Execution Vulnerabi...
     39. DCP-Portal Multiple SQL Injection Vulnerabilities
     40. Microsoft ASP.NET Unicode Character Conversion Multiple Cros...
     41. Advanced Linux Sound Architecture Libasound.SO Stack-Memory ...
     42. PaNews Cross-Site Scripting Vulnerability
     43. SHA-0/SHA-1 Reduced Operation Digest Collision Weakness
     44. MercuryBoard Forum Remote Cross-Site Scripting Vulnerability
     45. NewsBruiser Comment System Security Restrictions Bypass Vuln...
     46. Skull-Splitter Guestbook Unspecified HTML Injection Vulnerab...
     47. WebCalendar SQL Injection Vulnerability
     48. PaFaq SQL Injection Vulnerability
     49. BibORB Multiple Input Validation Vulnerabilities
     50. OpenLDAP SlapD Multiple Remote Unspecified Denial Of Service...
     51. Yahoo! Messenger Local Insecure Default Installation Vulnera...
     52. glFTPD ZIP Plugins Multiple Directory Traversal Vulnerabilit...
     53. Yahoo! Messenger Download Dialogue Box File Name Spoofing Vu...
     54. GProFTPD GProstats Remote Format String Vulnerability
     55. Gaim Multiple Remote Denial of Service Vulnerabilities
     56. Bidwatcher Remote Format String Vulnerability
     57. Tarantella Enterprise/Secure Global Desktop Remote Informati...
     58. TrackerCam Multiple Remote Vulnerabilities
     59. Knox Arkeia Type 77 Request Remote Stack-Based Buffer Overru...
III. SECURITYFOCUS NEWS ARTICLES
     1. Feds square off with organized cyber crime
     2. WebTV 911 prankster guilty
     3. T-Mobile hacker pleads guilty
     4. NY teen charged over IM spam attack
     5. Microsoft compensates blocked Dutch web firm
     6. Wormability formulae weighs malware risks
IV. SECURITYFOCUS TOP 6 TOOLS
     1. Cisco Torch 0.1 alpha
     2. SafeLogon 2.0
     3. SafeSystem 1.5
     4. KSB - Kernel Socks Bouncer 2.6.10
     5. SQL column finder 0.1
     6. Secure Hive 1.0.0.1
V. SECURITYJOBS LIST SUMMARY
     1. [SJ-JOB] Developer, San Jose, US (Thread)
     2. [SJ-JOB] Sales Engineer, Boston, US (Thread)
     3. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
     4. [SJ-JOB] Auditor, London, Bristol, Manchester, Leeds... (Thread)
     5. [SJ-JOB] Sales Engineer, New York, US (Thread)
     6. [SJ-JOB] Sales Representative, San Francisco, US (Thread)
     7. [SJ-JOB] Application Security Engineer, London, GB (Thread)
     8. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
     9. [SJ-JOB] Sales Engineer, Denver , US (Thread)
     10. [SJ-JOB] Sales Engineer, Morristown Area, US (Thread)
     11. [SJ-JOB] Sales Engineer, Minneapolis, US (Thread)
     12. [SJ-JOB] Auditor, Wahsington DC, US (Thread)
     13. [SJ-JOB] Sr. Security Analyst, Boca Raton, US (Thread)
     14. [SJ-JOB] Security System Administrator, London, GB (Thread)
     15. [SJ-JOB] Security Consultant, Austin, US (Thread)
     16. [SJ-JOB] Sr. Security Analyst, Austin, US (Thread)
     17. [SJ-JOB] Information Assurance Analyst, London, GB (Thread)
     18. [SJ-JOB] Security Consultant, Minneapolis, US (Thread)
     19. [SJ-JOB] Channel / Business Development, London, GB (Thread)
     20. [SJ-JOB] Application Security Engineer, bangalore, I... (Thread)
     21. [SJ-JOB] Manager, Information Security, Mountain Vie... (Thread)
     22. [SJ-JOB] Sr. Security Analyst, London, GB (Thread)
     23. [SJ-JOB] Sr. Security Engineer, Dulles, US (Thread)
     24. [SJ-JOB] Security Consultant, Mission Viejo (Orange ... (Thread)
     25. [SJ-JOB] Security Architect, Salt Lake City, US (Thread)
     26. [SJ-JOB] Technical Support Engineer, Norfolk, US (Thread)
     27. [SJ-JOB] Developer, Fremont, US (Thread)
     28. [SJ-JOB] Security Architect, Fremont, US (Thread)
     29. [SJ-JOB] Management, Frammington, US (Thread)
     30. [SJ-JOB] Sales Representative, Southern California, ... (Thread)
     31. [SJ-JOB] Product Strategist, Atlanta, US (Thread)
     32. [SJ-JOB] Security Product Marketing Manager, santa c... (Thread)
     33. [SJ-JOB] Security Engineer, Bay Area, US (Thread)
VI. INCIDENTS LIST SUMMARY
     1. port 6801 and Netzero (Thread)
     2. New MSN worm? (Thread)
     3. THC's RealServer (port 554) exploit? (Thread)
     4. "Guide to Disaster Recovery", Michael Erbschloe (Thread)
     5. SSH probe attack afoot? (Thread)
     6. Exploit on tcp/4128? (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
     1. Taking the control by abusing array index. (Thread)
     2. SAM  encrypted with syskey (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
     1. SecurityFocus Microsoft Newsletter #228 (Thread)
IX. SUN FOCUS LIST SUMMARY
     NO NEW POSTS FOR THE WEEK 2005-02-15 to 2005-02-22.
X. LINUX FOCUS LIST SUMMARY
     1. Samba vs NFS (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Complexity Kills Innovation
By Kelly Martin
There's more innovation coming from today's virus writers than from the big
software companes whose core goals are to progress and innovate.
http://www.securityfocus.com/columnists/300

2. Windows NTFS Alternate Data Streams
By Don Parker
The purpose of this article is to explain the existence of alternate data
streams in Microsoft Windows, demonstrate how to create them by
compromising a machine using the Metasploit Framework, and then use
freeware tools to easily discover these hidden files.
http://www.securityfocus.com/infocus/1822

II. BUGTRAQ SUMMARY
-------------------
1. Firefox Remote SMB Document Local File Disclosure Vulnerabil...
BugTraq ID: 12533
Remote: Yes
Date Published: Feb 12 2005
Relevant URL: http://www.securityfocus.com/bid/12533
Summary:
A vulnerability has been published that may allow for attackers to read the
contents of attacker-specified files on the client users filesystem.  To exploit
this vulnerability, the attacker must place a HTML document containing code (the
example uses XMLHttpRequest) to read the target file on a remote SMB share.  The
attacker must then create flash content that will load the remote document via
file:// URI.  It is likely that only Firefox on Windows systems is affected.

This vulnerability may be related to BID 12466.

2. ID Software Quake 3 Engine Infostring Query Remote Denial of...
BugTraq ID: 12534
Remote: Yes
Date Published: Feb 12 2005
Relevant URL: http://www.securityfocus.com/bid/12534
Summary:
It has been reported that the server is vulnerable to a remotely exploitable
denial of service attack.  The server can be made to crash if a client issues a
query with a parameter of excessive length.  This can be exploited to cause a
denial of service condition.

3. BrightStor ARCserve/Enterprise Discovery Service SERVICEPC R...
BugTraq ID: 12536
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12536
Summary:
A remote buffer overflow vulnerability reportedly affects BrightStor
ARCserve/Enterprise.  This issue is due to a failure of the application to
securely copy data from the network.  It should be noted that this issue is
reportedly distinct from that outlined in BID 12522 (BrightStor
ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability).

A remote attacker may execute arbitrary code on a vulnerable computer,
potentially facilitating unauthorized superuser access. A denial of service
condition may arise as well.

4. IBM WebSphere Application Server JSP Engine Source Code Disc...
BugTraq ID: 12537
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12537
Summary:
IBM WebSphere Application Server is prone to a source code disclosure
vulnerability.  An attacker can exploit this issue by supplying a malformed URI
to the server to disclose JSP source code.

It should be noted that this issue only affects WebSphere Application Server
versions 5.0 and 5.1 running on Microsoft Windows platforms.

5. IBM WebSphere Application Server File Servlet Source Code Di...
BugTraq ID: 12538
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12538
Summary:
IBM WebSphere Application Server is prone to a source code disclosure
vulnerability.  An attacker can exploit this issue by supplying a malformed URI
to the server to disclose JSP source code.  The vulnerability exists in the file
serving servlet.

It should be noted that this issue only affects WebSphere Application Server
version 6.0 running on Microsoft Windows platforms.

6. gFTP Remote Directory Traversal Vulnerability
BugTraq ID: 12539
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12539
Summary:
A remote directory traversal vulnerability reportedly affects gFTP.  This issue
is due to a failure of the application to sanitize input supplied by malicious
FTP server.

An attacker may leverage this issue to overwrite or create arbitrary files on an
affected computer with the privileges of an unsuspecting user running the
vulnerable application.  This may lead to a compromise of the affected computer,
denial of service attacks, as well as others.

7. Debian Toolchain-Source Multiple Insecure Temporary File Cre...
BugTraq ID: 12540
Remote: No
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12540
Summary:
toolchain-source is reportedly affected by multiple local insecure temporary
file creation vulnerabilities. These issues are likely due to a design error
that causes the application to fail to verify the existence of a file before
writing to it. These issues affect some Debian-specific scripts supplied with
the package.

Debian toolchain-source versions prior to 3.0.4-1woody1 are reported vulnerable
to these issues.

8. Microsoft Internet Explorer Mouse Event URI Status Bar Obfus...
BugTraq ID: 12541
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12541
Summary:
Microsoft Internet Explorer is reported prone to a URI obfuscation weakness. 

The issue presents itself when a HREF tag contains certain mouse events. 

This issue may be leveraged by an attacker to display false information in the
status bar or URI property dialog of an affected browser, allowing an attacker
to present web pages to unsuspecting users that seem to originate from a trusted
location. This may facilitate phishing style attacks; other attacks may also be
possible.

9. VBulletin Forumdisplay.PHP Remote Command Execution Vulnerab...
BugTraq ID: 12542
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12542
Summary:
VBulletin is reported prone to a remote arbitrary command execution
vulnerability.  This issue presents itself due to insufficient sanitization of
user-supplied data and affects the 'forumdisplay.php' script when the
'showforumusers' option has been enabled.

This may allow attackers to execute arbitrary commands with the privileges of
the server running the application.

VBulletin versions 3.0 to 3.0.4 are reported vulnerable to this issue.  It is
reported that versions 3.0.5 and 3.0.6 are not affected.

10. AWStats Plugin Multiple Remote Command Execution Vulnerabili...
BugTraq ID: 12543
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12543
Summary:
Multiple remote command execution vulnerabilities reportedly affect AWStats. 
These issues are due to an input validation error that allows a remote attacker
to specify commands to be executed in the context of the affected application.

The first problem presents itself due to the potential of malicious use of the
'loadplugin' and 'pluginmode' parameters of the 'awstats.pl' script. The second
issue arises from an insecure implementation of the 'loadplugin' parameter
functionality.

An attacker may leverage these issues to execute arbitrary commands with the
privileges of the affected web server running the vulnerable scripts.  This may
facilitate unauthorized access to the affected computer, as well as other
attacks.

Multiple sources have reported that AWStats 6.3 and subsequent versions are not
vulnerable to these issues.

11. Microsoft Internet Explorer Favorites List Script Code Execu...
BugTraq ID: 12544
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12544
Summary:
Microsoft Internet Explorer is reported prone to a security vulnerability.

It is alleged that a JavaScript URI may be added to Internet Explorer favorites
if the 'CTRL-d' key combination is pressed to bookmark a website that contains a
specially crafted pop-up window.

This vulnerability may be harnessed to aid in the exploitation of other
vulnerabilities.

12. AWStats Debug Remote Information Disclosure Vulnerability
BugTraq ID: 12545
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12545
Summary:
A remote information disclosure vulnerability reportedly affects AWStats.  This
issue is due to a failure of the application to properly validate access to
sensitive data.

An attacker may leverage this issue to gain access to potentially sensitive
data, possibly facilitating further attacks against an affected computer.

13. Synaesthesia Local File Disclosure Vulnerability
BugTraq ID: 12546
Remote: No
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12546
Summary:
A local file disclosure vulnerability affects Synaesthesia.  This issue is due
to a failure of the application to securely access files.

An attacker may leverage this issue to read arbitrary files on an affected
computer.  Information gained in this way may lead to further attacks.

14. Open WebMail Logindomain Parameter Cross-Site Scripting Vuln...
BugTraq ID: 12547
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12547
Summary:
Open WebMail is prone to a cross-site scripting vulnerability. This issue is due
to a failure of the application to properly sanitize user-supplied URI input. 

The problem presents itself when malicious HTML and script code is sent to the
application through the 'logindomain' parameter.

This vulnerability has been reported to exist in Open WebMail versions 2.50
20050212 and prior.

15. BEA WebLogic Server And WebLogic Express Authentication Fail...
BugTraq ID: 12548
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12548
Summary:
A remote information disclosure weakness affects WebLogic Server and WebLogic
Express.  This issue is due to a failure of the application to present
authentication failures securely.

This issue may allow an attacker to use the revealed information to carry out
successful brute fore password attacks against an affected application.

16. Brooky CubeCart Multiple Vulnerabilities
BugTraq ID: 12549
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12549
Summary:
Brooky CubeCart is reported prone to multiple vulnerabilities.  These issues
result from insufficient sanitization of user-supplied data and may allow remote
attackers to disclose arbitrary files and carry out cross-site scripting
attacks.

The application is reportedly susceptible to a remote directory traversal
vulnerability.  A malicious user could issue a request containing directory
traversal strings such as '../' to possibly view files outside the server root
directory in the context of the server. 

The application is also prone to a cross-site scripting vulnerability. This
issue is due to a failure of the application to properly sanitize user-supplied
URI input.  This may allow for theft of cookie-based authentication credentials
or other attacks. 

CubeCart 2.0.4 and prior versions are considered to be vulnerable to these
issues.

17. Opera Web Browser Multiple Remote Vulnerabilities
BugTraq ID: 12550
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12550
Summary:
Opera Web Browser is reported prone to multiple vulnerabilities that are
exploitable remotely. The following issues are reported:

Opera Web Browser is prone to a vulnerability that presents itself when the
browser handles 'data' URIs.

A remote malicious website may exploit this condition to execute arbitrary code
in the context of a user that is running a vulnerable version of the affected
browser.

Opera Web Browser is prone to an unspecified security vulnerability that exists
in the Opera Java LiveConnect class.

Few details are known in regards to this vulnerability. However, it is believed
that the issue may be exploited by a remote malicious web site to access
dangerous private Java methods. This is not confirmed.

This BID will be updated as soon as further research into these issues is
completed.

18. Squid Proxy DNS Name Resolver Remote Denial Of Service Vulne...
BugTraq ID: 12551
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12551
Summary:
A remote denial of service vulnerability is reported to exist in Squid. The
issue is reported to present itself when the affected server performs a Fully
Qualify Domain Name (FQDN) lookup and receives an unexpected response. 

The vendor reports that under the above circumstances the affected service will
crash due to an assertion error, effectively denying service to legitimate
users.

19. VMWare Workstation For Linux Local Privilege Escalation Vuln...
BugTraq ID: 12552
Remote: No
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12552
Summary:
It is reported that VMWare workstation on Gentoo Linux based computers at least,
is prone to a local privilege escalation vulnerability. The issue exists because
the affected binary searches for a shared library in a world-writeable
location. 

A local attacker may exploit this vulnerability to execute arbitrary code in the
context of a user that runs the affected application.

20. Sun Solaris ARP Handling Remote Denial Of Service Vulnerabil...
BugTraq ID: 12553
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12553
Summary:
Sun Solaris is reported prone to a remote denial of service vulnerability. The
issue is reported to exist because the platform fails to gracefully handle a
flood of ARP packets.

A remote attacker may exploit this vulnerability to deny service to legitimate
users of a target Sun Solaris computer.

21. OpenConf Paper Submission HTML Injection Vulnerability
BugTraq ID: 12554
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12554
Summary:
OpenConf is prone to an HTML injection vulnerability.  This is due to
insufficient validation of data supplied through paper submissions within the
OpenConf system.

This may permit an attacker to inject hostile HTML and script code into the
session of a user who is reviewing the submitted paper.  Theft of cookie-based
credentials is possible in addition to other attacks.

22. Linux Kernel Multiple Local Buffer Overflow And Memory Discl...
BugTraq ID: 12555
Remote: No
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12555
Summary:
Multiple local buffer overflow and memory disclosure vulnerabilities affect the
Linux kernel. These issues are due to a failure to securely copy user-controlled
data, a race condition error, and a failure to secure memory written by the
kernel.

The first issue is a buffer overflow vulnerability in the procfs functionality.
The second issue is a kernel memory disclosure vulnerability. The third issue is
a race condition error in the Radeon driver that leads to a potential buffer
overflow condition.  The fourth issue is a buffer overflow vulnerability in the
i2c-viapro driver. 

A local attacker may leverage these issues to execute arbitrary code,
potentially facilitating privilege escalation, and to disclose sensitive kernel
memory.

23. ELOG Web Logbook Multiple Remote Vulnerabilities
BugTraq ID: 12556
Remote: Yes
Date Published: Feb 14 2005
Relevant URL: http://www.securityfocus.com/bid/12556
Summary:
ELOG is reported prone to multiple remote vulnerabilities.  These issues may
allow an attacker to disclose sensitive information and potentially execute
arbitrary code on a vulnerable computer.

The following specific issues were identified:

The application is reported prone to an unspecified buffer overflow
vulnerability.  The vendor has reported that this vulnerability is exploitable
and allows attackers to gain unauthorized access to a vulnerable computer.  

Another vulnerability affecting the application can allow remote attackers to
obtain sensitive information such as authentication credentials stored in an
unspecified configuration file.

ELOG 2.5.0 and prior versions are affected by these vulnerabilities.

24. CitrusDB CSV File Upload Access Validation Vulnerability
BugTraq ID: 12557
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12557
Summary:
CitrusDB is reportedly affected by an access validation vulnerability during the
upload of CSV files. Exploitation of this issue could result in path disclosure
or SQL injection.  The issue exists because the application fails to verify user
credentials during file upload and import.  

These issues are reported to affect CitrusDB 0.3.6; earlier versions may also be
affected.

25. Siteman User.PHP Unspecified Security Restriction Bypass Vul...
BugTraq ID: 12558
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12558
Summary:
Siteman is reported prone to an unspecified security restriction bypass
vulnerability.
 
The issue may be exploited by a remote attacker to gain 'site owner' (Level 5
member) privileges.

It is reported that this vulnerability exists in Siteman versions from 1.1.0 to
1.1.10.

26. KarjaSoft Sami HTTP Server Multiple Remote Vulnerabilities
BugTraq ID: 12559
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12559
Summary:
Multiple remote vulnerabilities affect KarjaSoft Sami HTTP server.  These issues
are due to poor input validation and a failure to handle malformed network-based
requests.

The first issue is a directory traversal issue. The second issue is a denial of
service issue. 

An attacker may leverage these issues to reveal files outside of the Web server
root directory or to crash the affected server.

27. CitrusDB Remote Authentication Bypass Vulnerability
BugTraq ID: 12560
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12560
Summary:
CitrusDB is reportedly affected by an authentication bypass vulnerability.  This
issue is due to the application using a static value during the creation of user
cookie information.

An attacker could exploit this vulnerability to log in as any existing user,
including the 'admin' account.

This issue is reported to affect CitrusDB 0.3.6; earlier versions may also be
affected.

28. PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 12561
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12561
Summary:
It is reported that PHP-Nuke is affected by various cross-site scripting
vulnerabilities. These issues are due to a failure of the application to
properly sanitize user-supplied URI input. 

These issues could permit a remote attacker to create a malicious URI link that
includes hostile HTML and script code. If this link were to be followed, the
hostile code may be rendered in the web browser of the victim user. This would
occur in the security context of the affected web site and may allow for theft
of cookie-based authentication credentials

29. Kayako ESupport Cross-Site Scripting Vulnerability
BugTraq ID: 12563
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12563
Summary:
Kayako ESupport is prone to a cross-site scripting vulnerability. This issue is
due to a failure of the application to properly sanitize user-supplied URI
input. 

ESupport 2.3.1 is reported vulnerable, however, it is possible that other
versions are affected as well.

30. CitrusDB Arbitrary Local PHP File Include Vulnerability
BugTraq ID: 12564
Remote: Unknown
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12564
Summary:
CitrusDB is reportedly affected by a vulnerability that permits the inclusion of
any local PHP file. This issue is due to the application failing to properly
sanitize user-supplied input.
 
This issue is reported to affect CitrusDB 0.3.6; earlier versions may also be
affected.

This issue may also allow remote file includes, although this has not been
confirmed.


31. Microsoft Internet Explorer Malformed File URI Denial of Ser...
BugTraq ID: 12565
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12565
Summary:
Microsoft Internet Explorer is reported prone to a remote denial of service
vulnerability.

It is reported that the affected browser will crash when a malformed 'file:' URI
is processed.


A remote attacker may exploit this vulnerability to crash the affected browser.

32. HP HTTP Server Remote Unspecified Buffer Overflow Vulnerabil...
BugTraq ID: 12566
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12566
Summary:
It is reported that the HP HTTP Server is prone to a remote unspecified buffer
overflow vulnerability.

Vendor reports indicate that this vulnerability may be exploited by a remote
attacker to corrupt process memory and ultimately have arbitrary supplied code
executed in the context of the vulnerable process.

This vulnerability is reported to affect HP HTTP Server versions 5.0 through
5.94.

33. Lighttpd Remote CGI Script Disclosure Vulnerability
BugTraq ID: 12567
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12567
Summary:
lighttpd is reported prone to an information disclosure vulnerability.

Reports indicate that a NULL sequence appended to the filename of a CGI or
FastCGI script will result in the script contents being served to the requestor.

Information that is harvested by exploiting this vulnerability may be used to
aid in further attacks launched against the target computer.

This vulnerability is reported to affect lighttpd 1.3.7 and previous versions.

34. OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 12568
Remote: Yes
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12568
Summary:
A vulnerability is reported to exist in osCommerce that may allow a remote user
to launch cross-site scripting attacks. 

This issue could permit a remote attacker to create a malicious URI link that
includes hostile HTML and script code. If this link were to be followed, the
hostile code may be rendered in the web browser of the victim user. This would
occur in the security context of the affected Web site and may allow for theft
of cookie-based authentication credentials or other attacks. 

This vulnerability is reported to exist in osCommerce version 2.2-MS2, other
versions might also be affected.

35. Typespeed Local Format String Vulnerability
BugTraq ID: 12569
Remote: No
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12569
Summary:
typespeed is prone to a local format string vulnerability.  Successful could
allow privilege escalation.

36. KDE KStars FLICCD Utility Multiple Buffer Overflow Vulnerabi...
BugTraq ID: 12570
Remote: Yes
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12570
Summary:
Multiple buffer overflow vulnerabilities affect KDE KStar fliccd.  These issues
are due to a failure of the utility to securely copy user-supplied data into
process memory.

An attacker may leverage these issues to gain escalated privileges locally and,
if the affected utility is run as a daemon, may facilitate remote code execution
with superuser privileges.

37. Check Point VPN-1 SecureClient Malformed IP Address Local Me...
BugTraq ID: 12571
Remote: No
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12571
Summary:
VPN-1 SecureClient is reported prone to a vulnerability that may allow local
attackers to disclose sensitive memory.  This can lead to various other attacks
against a vulnerable computer.  The vulnerability exists in the
'SR_Service.exe', which manages VPN connections.  

A successful attack may allow the attacker to disclose memory and cause the
application to crash.  Reportedly, this issue can be leveraged to ultimately
execute arbitrary code, however, this has not been confirmed.

VPN-1 SecureClient NG FP1 is reported prone to this vulnerability.  It is
possible that other versions are affected as well.

38. AWStats Logfile Parameter Remote Command Execution Vulnerabi...
BugTraq ID: 12572
Remote: Yes
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12572
Summary:
AWStats is reported prone to a remote arbitrary command execution vulnerability.
 This issue presents itself due to insufficient sanitization of user-supplied
data. 

Specifically, the user-specified 'logfile' URI parameter is supplied to the Perl
open() routine.  It is beleived that this issue is distinct from BID 10950
(AWStats Rawlog Plugin Logfile Parameter Input Validation Vulnerability).

AWStats versions 5.4 to 6.1 are reported vulnerable to this issue.

39. DCP-Portal Multiple SQL Injection Vulnerabilities
BugTraq ID: 12573
Remote: Yes
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12573
Summary:
DCP-Portal is reportedly affected by multiple SQL injection vulnerabilities. 
These issues exist because the application fails to properly sanitize
user-supplied input before using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

These vulnerabilities are reported to affect DCP-Portal 6.1.1; earlier versions
may also be affected.

40. Microsoft ASP.NET Unicode Character Conversion Multiple Cros...
BugTraq ID: 12574
Remote: Yes
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12574
Summary:
It is reported that ASP.NET is prone to various cross-site scripting attacks. 
These issues when ASP.NET converts Unicode characters ranging from U+ff00-U+ff60
to ASCII. 

Apparently, the application fails to properly validate Unicode characters
allowing an attacker to craft a malicious link containing arbitrary HTML or
script code to be executed in a user's browser.

This can facilitate theft of cookie-based credentials and other attacks.

41. Advanced Linux Sound Architecture Libasound.SO Stack-Memory ...
BugTraq ID: 12575
Remote: No
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12575
Summary:
A security weakness is reported to affect the Advanced Linux Sound Architecture
(ALSA) 'libasound.so' module; specifically the issue is reported to be present
in the ALSA mixer code. It is reported that the weakness can be leveraged to
disable stack-based memory code execution protection on binaries that are linked
to the library.

42. PaNews Cross-Site Scripting Vulnerability
BugTraq ID: 12576
Remote: Yes
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12576
Summary:
PaNews is reportedly affected by a cross-site scripting vulnerability.  This
issue  exists because the application fails to properly sanitize user-supplied
input.

As a result of this vulnerability, it is possible for a remote attacker to
create a malicious link containing script code that will be executed in the
browser of an unsuspecting user when followed. This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

43. SHA-0/SHA-1 Reduced Operation Digest Collision Weakness
BugTraq ID: 12577
Remote: Unknown
Date Published: Feb 15 2005
Relevant URL: http://www.securityfocus.com/bid/12577
Summary:
Researchers Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu have allegedly devised
attacks that will reduce the number of operations required to compute an input
that generates a collision in SHA-0/SHA-1 digests.  This weakness may threaten
the integrity of digital signatures that are generated using these algorithms,
as it may be possible to create identical signatures using different input
data. 

The research paper describing these attacks is not publicly available at this
time, and the results have not been vetted by others in the field.  This BID
will be updated as more information is made available.

44. MercuryBoard Forum Remote Cross-Site Scripting Vulnerability
BugTraq ID: 12578
Remote: Yes
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12578
Summary:
A remote cross-site scripting vulnerability affects the 'forum.php' script of
MercuryBoard.  This issue is due to a failure of the application to properly
sanitize user-supplied input prior to including it in dynamically generated Web
content. 

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

45. NewsBruiser Comment System Security Restrictions Bypass Vuln...
BugTraq ID: 12579
Remote: Yes
Date Published: Feb 17 2005
Relevant URL: http://www.securityfocus.com/bid/12579
Summary:
NewsBruiser is reported prone to a security restriction bypass vulnerability.  A
remote attacker may delete or approve comments on a site adversely affecting the
availability or integrity of data.

NewsBruiser 2.6.0 and prior versions are affected by this issue.

46. Skull-Splitter Guestbook Unspecified HTML Injection Vulnerab...
BugTraq ID: 12580
Remote: Yes
Date Published: Feb 17 2005
Relevant URL: http://www.securityfocus.com/bid/12580
Summary:
Skull-Splitter Guestbook is reportedly affected by an unspecified HTML injection
vulnerability.  A victim user who views the vulnerable sections of the site
would have the attacker-supplied HTML and script code execute in the security
context of the affected site. 

Skull-Splitter Guestbook version 2.1 is reported vulnerable, however, other
versions may be affected as well.

47. WebCalendar SQL Injection Vulnerability
BugTraq ID: 12581
Remote: Yes
Date Published: Feb 17 2005
Relevant URL: http://www.securityfocus.com/bid/12581
Summary:
WebCalendar is affected by an SQL injection vulnerability.  This issue exists
because the application fails to properly sanitize user-supplied input before
using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

This vulnerability is reported to affect WebCalendar 0.9.45; earlier versions
may also be affected.

The vendor has addressed this issue in WebCalendar 1.0RC1 and later.

48. PaFaq SQL Injection Vulnerability
BugTraq ID: 12582
Remote: Yes
Date Published: Feb 17 2005
Relevant URL: http://www.securityfocus.com/bid/12582
Summary:
paFaq is reportedly affected by an SQL injection vulnerability.  This issue
exists because the application fails to properly sanitize user-supplied input
before using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

This vulnerability is reported to affect paFaq beta4; earlier versions may also
be affected.

49. BibORB Multiple Input Validation Vulnerabilities
BugTraq ID: 12583
Remote: Yes
Date Published: Feb 17 2005
Relevant URL: http://www.securityfocus.com/bid/12583
Summary:
BibORB is reported prone to multiple vulnerabilities arising from insufficient
sanitization of user-supplied input.  These issues can be exploited by a remote
attacker to carry out cross-site scripting, HTML injection, SQL injection,
directory traversal, and arbitrary file upload attacks.  

These vulnerabilities are reported to affect BibORB version 1.3.2 and all
previous versions.

50. OpenLDAP SlapD Multiple Remote Unspecified Denial Of Service...
BugTraq ID: 12584
Remote: Yes
Date Published: Feb 16 2005
Relevant URL: http://www.securityfocus.com/bid/12584
Summary:
OpenLDAP is reported prone to multiple unspecified remotely exploitable denial
of service vulnerabilities. The vulnerabilities are reported to exist in the
'slapd' daemon.

A remote attacker may exploit these vulnerabilities to deny LDAP service for
legitimate users.

This BID will be updated as soon as further information regarding these issues
is made available.

51. Yahoo! Messenger Local Insecure Default Installation Vulnera...
BugTraq ID: 12585
Remote: No
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12585
Summary:
A local insecure default installation vulnerability affects Yahoo! Messenger. 
This issue is due to a failure of the application to properly secure directories
and executables when installation takes place.

A local attacker may leverage this issue to have arbitrary code executed with
the privileges of an unsuspecting user; this may facilitate privileges
escalation.

52. glFTPD ZIP Plugins Multiple Directory Traversal Vulnerabilit...
BugTraq ID: 12586
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12586
Summary:
It is reported that various ZIP related plugins supplied with the server contain
multiple directory traversal vulnerabilities.  These issues may allow remote
attackers to determine the existence of files on a computer and also disclose
arbitrary files.  The issues arise due to insufficient sanitization of
user-supplied data.

By determining the presence of files in restricted directories and outside the
server's root in addition to disclosing the contents of arbitrary files, the
attacker can launch various attacks against a vulnerable computer.  If an attack
results in the disclosure of a password file, these issues may ultimately lead
to unauthorized access to the affected computer in the context of the server.

The affected plugins are shipped with the FTP server by default.  glFTPD 1.26 to
2.00 are reported vulnerable.

53. Yahoo! Messenger Download Dialogue Box File Name Spoofing Vu...
BugTraq ID: 12587
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12587
Summary:
A remote download dialogue box spoofing vulnerability affects Yahoo! Messenger. 
This issue is due to a design error that facilitates the spoofing of file names.

An attacker may leverage this issue to spoof downloaded file names to
unsuspecting users. This issue may lead to a compromise of the target computer
as well as other consequences.

It should be noted that although only Yahoo! Messenger version 6.0.0.1750 is
reportedly affected; earlier versions may be affected as well.

54. GProFTPD GProstats Remote Format String Vulnerability
BugTraq ID: 12588
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12588
Summary:
GProftpd gprostats utility is reported prone to a remote format string handling
vulnerability.

A remote attacker may exploit this vulnerability to execute arbitrary
attacker-supplied code in the context of the affected utility.

This vulnerability is reported to affect GProftpd version 8.1.7 and precious
versions.

55. Gaim Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 12589
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12589
Summary:
Gaim is prone to multiple remote denial of service vulnerabilities.  These
issues can allow remote attackers to crash an affected client.

The following specific issues were identified:

Remote AIM or ICQ users may trigger a crash in a client by sending malformed
SNAC packets.

Another vulnerability in the client arises during the parsing of malformed HTML
data.

Gaim versions prior to 1.1.3 are affected by these issues.

56. Bidwatcher Remote Format String Vulnerability
BugTraq ID: 12590
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12590
Summary:
A remote format string vulnerability affects bidwatcher.  This issue is due to a
failure of the application to properly implement a formatted string function.

An attacker may leverage this issue to execute arbitrary code on an affected
computer with the privileges of an unsuspecting user that activated the
vulnerable application.  This may facilitate unauthorized access or privilege
escalation.

57. Tarantella Enterprise/Secure Global Desktop Remote Informati...
BugTraq ID: 12591
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12591
Summary:
Tarantella Enterprise 3 and Secure Global Desktop products are prone to an
information disclosure vulnerability.  This issue arises from a design error
that may allow an attacker to gather sensitive information about a vulnerable
computer.  Information gathered by exploiting this vulnerability may be used to
launch other attacks against a computer.

Specifically, computers running Tarantella Enterprise 3 and Secure Global
Desktop products in combination with RSA SecurID and multiple users with the
same username are affected.

58. TrackerCam Multiple Remote Vulnerabilities
BugTraq ID: 12592
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12592
Summary:
TrackerCam is reported prone to multiple vulnerabilities. The following
individual issues are reported:

A remote buffer overrun vulnerability is reported to affect the TrackerCam HTTP
server. 

A remote attacker may potentially exploit this vulnerability to execute
arbitrary code in the context of a vulnerable TrackerCam HTTP service.

Another remote buffer overrun vulnerability is reported to affect the TrackerCam
service. The issue is reported to exist due to a lack of sufficient boundary
checks performed on any argument passed to the TrackerCam PHP scripts.

A remote attacker may potentially exploit this vulnerability to execute
arbitrary code in the context of a vulnerable TrackerCam HTTP service.

TrackerCam is reported prone to a directory traversal vulnerability. This issue
is reported to exist in the 'ComGetLogFile.php3' script.

A remote attacker may exploit this vulnerability to reveal the contents of web
server readable files.

The 'ComGetLogFile.php3' script of TrackerCam is also reported prone to an
installation path disclosure vulnerability. 

Additionally, the 'ComGetLogFile.php3' script may be leveraged to view
potentially sensitive information that is contained in TrackerCam log files.

TrackerCam is reported prone to a HTML injection vulnerability. It is reported
that the username and password fields are not correctly sanitized of HTML
content.

A remote attacker may exploit this vulnerability to launch phishing style
attacks or steal cookie based authentication credentials.

Finally, the TrackerCam HTTP service is reported prone to multiple remote denial
of service vulnerabilities.

A remote attacker may exploit these vulnerabilities to deny service to
legitimate users.

59. Knox Arkeia Type 77 Request Remote Stack-Based Buffer Overru...
BugTraq ID: 12594
Remote: Yes
Date Published: Feb 18 2005
Relevant URL: http://www.securityfocus.com/bid/12594
Summary:
A remote stack-based buffer overrun is reported to exist in the Knox Arkeia
server. The issue is reported to occur due to insufficient bounds checking
performed when handling data contained within a type 77 request packet.

A remote attacker may leverage this vulnerability to execute arbitrary code
remotely in the context of the vulnerable service.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Feds square off with organized cyber crime
By: Kevin Poulsen

Law enforcement sees undercover operations as a key to unraveling sophisticated
alliances between computer intruders and fraud artists.
http://www.securityfocus.com/news/10525

2. WebTV 911 prankster guilty
By: Kevin Poulsen

Louisiana man cops to endangering public safety by sending out a malicious
script that made set-top boxes call the police.

http://www.securityfocus.com/news/10523

3. T-Mobile hacker pleads guilty
By: Kevin Poulsen

The wireless company says it's still investigating an intrusion that compromised
customer records, e-mail and stored files over the course of a year.

http://www.securityfocus.com/news/10516

4. NY teen charged over IM spam attack
By: John Leyden, The Register

A New York teenager has become the first American to be arrested for sending
spam messages across IM networks.
http://www.securityfocus.com/news/10537

5. Microsoft compensates blocked Dutch web firm
By: Jan Libbenga, The Register

Microsoft is to compensate Dutch web company Ilse Media because its AntiSpyware
software blocked one of Ilse's portals, Startpagina ("Startpage").
http://www.securityfocus.com/news/10536

6. Wormability formulae weighs malware risks
By: John Leyden, The Register

Security researchers are developing a method to predict the potential for
individual vulnerabilities to become the subject of computer worms.
http://www.securityfocus.com/news/10535

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. Cisco Torch 0.1 alpha
By: Arhont Team
Relevant URL: http://www.arhont.com/cisco-torch.tar.bz2
Platforms: Perl (any system supporting perl)
Summary: 

A fast mass scanning and application layer fingerprinting tool for Cisco devices
written while working on "Hacking Exposed: Cisco Networks" book. Supports telnet
and SSH bruteforcing as well as Cisco management webserver exploitation. More
features would be added soon - see TODO.

2. SafeLogon 2.0
By: GemiScorp Software Solutions
Relevant URL: http://www.gemiscorp.com/english/slogon/info.html
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary: 

SafeLogon is a multi-user and password-based access control utility that
enhances and complements the Windows built-in logon and authentication system.
In other words, SafeLogon allows you to protect your system at home and office
from unauthorized access.

SafeLogon is fully configurable and allows its Administrator to:

- Restrict access to Windows to certain users, optionally controlling the days
of the week and the time of the day the user is allowed to log on and

3. SafeSystem 1.5
By: GemiScorp Software Solutions
Relevant URL: http://www.gemiscorp.com/english/safesystem/info.html
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary: 

SafeSystem is a security program that allows you to prevent access to your
personal and important files and folders, as well as protect and guarantee the
integrity and well functioning of your system. SafeSystem can make your files
and folders completely invisible, inaccessible or simply read-only. Furthermore,
SafeSystem can prevent the change of configuration and the accidental (or even
intentional) system files deletion or alteration, so your PC will be healthy

4. KSB - Kernel Socks Bouncer 2.6.10
By: Paolo Ardoino
Relevant URL: http://ardoino.altervista.org/kernel.php
Platforms: Linux
Summary: 

KSB26 [Kernel Socks Bouncer] is Linux Kernel 2.6.x patch that redirects full tcp
connections [SSH, telnet, ...] to follow through socks5. KSB26 uses a character
device to pass socks5 and target ips to the Linux Kernel. I have choosen to
write in kernel space to enjoy myself [I know that there are easier and safer
ways to write this in userspace].

5. SQL column finder 0.1
By: Rafal Bielecki
Relevant URL: http://sqlcfind.netro.pl/sqlcfind.exe
Platforms: Windows 2000, Windows 95/98, Windows XP
Summary: 

Helps you to find exact columns number when using union select query

6. Secure Hive 1.0.0.1
By: Secure Hive
Relevant URL: http://www.securehive.com/Secure%20Hive.htm
Platforms: Windows 2000, Windows NT, Windows XP
Summary: 

What Does Secure Hive Enterprise Offer?

 Encryption of part, or entire, Word documents, Excel worksheets or PowerPoint
presentations through Secure Hive's integration with Microsoft Office.
 
 Encryption of part, or entire, content of common documents (such as Notepad,
WordPad), email messages and instant messages, including mixed text and
graphics, with Secure Hive's Clipboard Encryption feature.

V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Developer, San Jose, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390869

2. [SJ-JOB] Sales Engineer, Boston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390867

3. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390866

4. [SJ-JOB] Auditor, London, Bristol, Manchester, Leeds... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390861

5. [SJ-JOB] Sales Engineer, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390860

6. [SJ-JOB] Sales Representative, San Francisco, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390859

7. [SJ-JOB] Application Security Engineer, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390858

8. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390724

9. [SJ-JOB] Sales Engineer, Denver , US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390723

10. [SJ-JOB] Sales Engineer, Morristown Area, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390722

11. [SJ-JOB] Sales Engineer, Minneapolis, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390721

12. [SJ-JOB] Auditor, Wahsington DC, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390677

13. [SJ-JOB] Sr. Security Analyst, Boca Raton, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390676

14. [SJ-JOB] Security System Administrator, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390654

15. [SJ-JOB] Security Consultant, Austin, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390627

16. [SJ-JOB] Sr. Security Analyst, Austin, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390625

17. [SJ-JOB] Information Assurance Analyst, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390624

18. [SJ-JOB] Security Consultant, Minneapolis, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390621

19. [SJ-JOB] Channel / Business Development, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390619

20. [SJ-JOB] Application Security Engineer, bangalore, I... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390618

21. [SJ-JOB] Manager, Information Security, Mountain Vie... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390617

22. [SJ-JOB] Sr. Security Analyst, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390616

23. [SJ-JOB] Sr. Security Engineer, Dulles, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390614

24. [SJ-JOB] Security Consultant, Mission Viejo (Orange ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390613

25. [SJ-JOB] Security Architect, Salt Lake City, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390611

26. [SJ-JOB] Technical Support Engineer, Norfolk, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390610

27. [SJ-JOB] Developer, Fremont, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390484

28. [SJ-JOB] Security Architect, Fremont, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390483

29. [SJ-JOB] Management, Frammington, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390482

30. [SJ-JOB] Sales Representative, Southern California, ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390481

31. [SJ-JOB] Product Strategist, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390480

32. [SJ-JOB] Security Product Marketing Manager, santa c... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390479

33. [SJ-JOB] Security Engineer, Bay Area, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/390478

VI. INCIDENTS LIST SUMMARY
--------------------------
1. port 6801 and Netzero (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390996

2. New MSN worm? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390720

3. THC's RealServer (port 554) exploit? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390719

4. "Guide to Disaster Recovery", Michael Erbschloe (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390595

5. SSH probe attack afoot? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390590

6. Exploit on tcp/4128? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/390511

VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Taking the control by abusing array index. (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/391044

2. SAM  encrypted with syskey (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/390829

VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. SecurityFocus Microsoft Newsletter #228 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/390652

IX. SUN FOCUS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2005-02-15 to 2005-02-22.

X. LINUX FOCUS LIST SUMMARY
---------------------------
1. Samba vs NFS (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/391117
[ terug ]