Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #291
------------------------------

This Issue is Sponsored By: Black Hat

Make plans now to attend the Black Hat Briefings & Training Europe, March 
29-April 1 in Amsterdam, the world's premier technical security event. 
Featuring 30 speakers in four tracks, 10 training sessions, with 250
delegates from 20 nations attending.  Learn about the technical security
market drivers in the European market.  Visit www.blackhat.com for
information or to register.

http://www.securityfocus.com/sponsor/BlackHat_sf-news_050308

------------------------------------------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Where is Google Headed?
     2. High Profile, Low Security
     3. WEP: Dead Again, Part 2
II. BUGTRAQ SUMMARY
     1. LionMax Software Chat Anywhere Insecure Password Storage Vul...
     2. PeerFTP_5 Insecure Password Storage Vulnerability
     3. Stormy Studios KNet Remote Buffer Overflow Vulnerability
     4. Mozilla Firefox Address Bar Image Dragging Remote Script Exe...
     5. Working Resources BadBlue MFCISAPICommand Remote Buffer Over...
     6. Debian Reportbug Multiple Information Disclosure Vulnerabili...
     7. FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
     8. KPPP Privileged File Descriptor Leakage Vulnerability
     9. PHPBB Authentication Bypass Vulnerability
     10. WebMod Content-Length Remote Heap Overflow Vulnerability
     11. MercurySteam Scrapland Game Server Remote Denial of Service ...
     12. NoMachine NX Server X Authority File Reading Signal Interrup...
     13. Mitel 3300 Integrated Communications Platform Web Interface ...
     14. PostNuke Pheonix CATID Parameter Remote SQL Injection Vulner...
     15. PostNuke Pheonix SHOW Parameter Remote SQL Injection Vulnera...
     16. PostNuke Phoenix Download Module Multiple Cross-Site Scripti...
     17. PHPCoin Multiple Remote Input Validation Vulnerabilities
     18. PHP Arena PANews Remote Input Validation Vulnerabilities
     19. RaidenHTTPD Multiple Remote Vulnerabilities
     20. Forumwa Multiple Remote Input Validation Vulnerabilities
     21. PBLang Bulletin Board System SendPM.PHP Directory Traversal ...
     22. CutePHP CuteNews X-Forwarded-For Script Injection Vulnerabil...
     23. SafeHTML Multiple HTML Entity Bypass Vulnerabilities
     24. 427BB Multiple Remote HTML Injection Vulnerabilities
     25. PBLang Bulletin Board System DelPM.PHP Arbitrary Personal Me...
     26. Trolltech QT Local Code Execution Vulnerability
     27. PHPNews Auth.PHP Remote File Include Vulnerability
     28. RealNetworks RealOne Player/RealPlayer Unspecified WAV File ...
     29. RealNetworks RealOne Player/RealPlayer SMIL File Remote Stac...
     30. PHP Glob Function Local Information Disclosure Vulnerability
     31. Computer Associates Unicenter Asset Management Multiple Vuln...
     32. Cerulean Studios Trillian Remote PNG Image File Parsing Buff...
     33. Golden FTP Server Username Remote Buffer Overflow Vulnerabil...
     34. Computer Associates License Application Multiple Vulnerabili...
     35. MercuryBoard Avatar HTML Injection Vulnerability
     36. MercuryBoard Index.PHP SQL Injection Vulnerability
     37. auraCMS Multiple Cross-Site Scripting Vulnerabilities
     38. ProjectBB Multiple Remote Cross-Site Scripting Vulnerabiliti...
     39. ProjectBB Multiple SQL Injection Vulnerabilities
     40. Foxmail USER Command Multiple Remote Vulnerabilities
     41. XLoadImage Compressed Image Command Execution Vulnerability
     42. XLI Unspecified Remote Buffer Mismanagement Vulnerability
     43. LibXPM Bitmap_unit Integer Overflow Vulnerability
     44. OpenVMS Unspecified Local Unauthorized Privileged Access Vul...
     45. Squid Proxy Set-Cookie Headers Information Disclosure Vulner...
     46. ImageMagick File Name Handling Remote Format String Vulnerab...
     47. WoltLab Burning Board/Burning Board Lite Sessoin.PHP Multipl...
     48. PABox HTML Injection Vulnerability
     49. D-Forum Nav.PHP3 Cross-Site Scripting Vulnerability
     50. Typo3 CMW_Linklist Extension SQL Injection Vulnerability
     51. Computalynx CProxy Directory Traversal Vulnerability
     52. FreeBSD Unspecified x86 SMP Local Information Disclosure Vul...
     53. XV File Name Handling Remote Format String Vulnerability
     54. Stadtaus.Com Download Center Lite Arbitrary Remote PHP File ...
     55. Ca3DE Multiple Remote Vulnerabilities
     56. Mozilla Suite/Firefox HTTP Authentication Dialogs Tab Focus ...
III. SECURITYFOCUS NEWS ARTICLES
     1. Companies resist nuclear cyber security rule
     2. Feds square off with organized cyber crime
     3. WebTV 911 prankster guilty
     4. MMS virus discovered
     5. Harvard rejects applicants who peeked into admissions comput...
     6. U.S. asked to probe music-downloading Web sites
IV. SECURITYFOCUS TOP 6 TOOLS
     1. Healthmonitor 2.1
     2. Kr4ck3r 1.0.0
     3. Travesty 1.0
     4. WinArpSpoofer 0.5.3
     5. OCS 0.1
     6. Cisco Torch 0.1 alpha
V. SECURITYJOBS LIST SUMMARY
     1. [SJ-JOB] Security Researcher, Newport Beach, US (Thread)
     2. [SJ-JOB] Security Architect, DC, US (Thread)
     3. [SJ-JOB] Developer, Boulder, US (Thread)
     4. [SJ-JOB] Security Researcher, Boulder, US (Thread)
     5. [SJ-JOB] Quality Assurance, Boulder, US (Thread)
     6. [SJ-JOB] Sales Engineer, San Francisco, US (Thread)
     7. [SJ-JOB] Security Consultant, Honolulu, US (Thread)
     8. [SJ-JOB] Sales Engineer, New York, US (Thread)
     9. [SJ-JOB] Management, Los Angeles, US (Thread)
     10. [SJ-JOB] Auditor, London, GB (Thread)
     11. [SJ-JOB] Security Consultant, Bristol. leeds, Manche... (Thread)
     12. [SJ-JOB] Security Architect, London, GB (Thread)
     13. [SJ-JOB] Technology Risk Consultant, Manchester, Gla... (Thread)
     14. [SJ-JOB] Sales Engineer, Boston, US (Thread)
     15. [SJ-JOB] Sales Engineer, Los Angeles, US (Thread)
     16. [SJ-JOB] Disaster Recovery Coordinator, South, GB (Thread)
     17. [SJ-JOB] Account Manager, Washington, US (Thread)
     18. [SJ-JOB] Account Manager, Los Angeles, US (Thread)
     19. [SJ-JOB] Sales Representative, Cupertino, US (Thread)
     20. [SJ-JOB] Account Manager, Washington DC, US (Thread)
     21. [SJ-JOB] Account Manager, Chicago, US (Thread)
     22. [SJ-JOB] Account Manager, Atlanta, US (Thread)
     23. [SJ-JOB] Security Consultant, Cupertino, US (Thread)
     24. [SJ-JOB] Security Auditor, San Antonio, US (Thread)
     25. [SJ-JOB] Sales Engineer, Nuremberg, Dusseldorf or Ka... (Thread)
     26. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
     27. [SJ-JOB] Security System Administrator, San Francisc... (Thread)
     28. [SJ-JOB] Sales Engineer, Miami, US (Thread)
     29. [SJ-JOB] Security Consultant, Washington, DC, US (Thread)
     30. [SJ-JOB] Security Consultant, Bangalore, IN (Thread)
     31. [SJ-JOB] Security Researcher, Merrimack, US (Thread)
     32. [SJ-JOB] Security Product Manager, Cupertino, US (Thread)
     33. [SJ-JOB] Regional Channel Manager, Boston, US (Thread)
     34. [SJ-JOB] Jr. Security Analyst, Roseville, US (Thread)
     35. [SJ-JOB] Security Consultant, New York, US (Thread)
     36. [SJ-JOB] Security Architect, Northbrook, US (Thread)
     37. [SJ-JOB] Sales Engineer, Washington, US (Thread)
     38. [SJ-JOB] Sr. Security Analyst, Washington, US (Thread)
     39. [SJ-JOB] CHECK Team Leader, London, GB (Thread)
     40. [SJ-JOB] Security Consultant, Washington, US (Thread)
     41. [SJ-JOB] Developer, Cupertino, US (Thread)
     42. [SJ-JOB] VP of Regional Sales, Atlanta, US (Thread)
     43. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
     44. [SJ-JOB] Jr. Security Analyst, Fremont, US (Thread)
     45. [SJ-JOB] Security Engineer, Palo Alto, US (Thread)
     46. [SJ-JOB] Sr. Security Engineer, Palo Alto, US (Thread)
     47. [SJ-JOB] Information Assurance Analyst, Annapolis Ju... (Thread)
     48. [SJ-JOB] Security Engineer, Austin, US (Thread)
     49. [SJ-JOB] Sr. Security Analyst, Winnipeg, CA (Thread)
     50. [SJ-JOB] Security Architect, Auburn Hills, US (Thread)
     51. [SJ-JOB] Security Architect, Kirkland, US (Thread)
VI. INCIDENTS LIST SUMMARY
     1. REVIEW: "Windows Forensics and Incident Recovery", H... (Thread)
     2. Port 500 scans (Thread)
     3. Odd typing in MSWord (Thread)
     4. Global DNS Cache poisoning? (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
     1. Hosting Controller Multiple Unauthenticated informat... (Thread)
     2. Scanner (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
     1. CONTENT FILTERING (Thread)
     2. SecurityFocus Microsoft Newsletter #230 (Thread)
     3. SID Manipulation Issue - Cross Domain Security Vulne... (Thread)
     4. Disabling USB mass storage (Thread)
     5. Folder Encryption (Thread)
     6. computer account password.... (Thread)
     7. Prohibit Folder Compression (Thread)
     8. Domain Controller Best Practice - Thanks! (Thread)
     9. AW: Disabling USB mass storage (Thread)
     10. Microsoft Network Analyzer? (Thread)
     11. FW: Restrict running applications from usb key (Thread)
     12. Restrict running applications from usb key (Thread)
     13. Changing system time for testing and development (Thread)
     14. Remote Terminal Services  :VSMail mx4 (Thread)
     15. Remote Terminal Services (Thread)
     16. Exchange Problem (Thread)
     17. AW: Microsoft Network Analyzer? (Thread)
     18. AW: Domain Controller Best Practice - Thanks! (Thread)
IX. SUN FOCUS LIST SUMMARY
     NO NEW POSTS FOR THE WEEK 2005-03-01 to 2005-03-08.
X. LINUX FOCUS LIST SUMMARY
     1. Deny Access To configuration file using php scripts (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Where is Google Headed?
By Scott Granneman
As the bad guys start using Google more and more, the company wrestles with
some new security and privacy issues with AutoLink.
http://www.securityfocus.com/columnists/304

2. High Profile, Low Security
By Matthew Tanase
Big companies stumble with high profile security breaches that make your
local WiFi coffee shop look secure.
http://www.securityfocus.com/columnists/305

3. WEP: Dead Again, Part 2
By Michael Ossmann
Part two of the WEP cracking series shows how active attacks can
dramatically increase the rate of packet collection and speed up
statistical attacks.
http://www.securityfocus.com/infocus/1824

II. BUGTRAQ SUMMARY
-------------------
1. LionMax Software Chat Anywhere Insecure Password Storage Vul...
BugTraq ID: 12669
Remote: No
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12669
Summary:
A local insecure password storage vulnerability affects LionMax Software Chat
Anywhere.  This issue is due to a failure of the application to store password
credentials in a secure location by default.

A local attacker may leverage this issue to gain access to restricted chat room
authentication credentials, facilitating unauthorized access.

2. PeerFTP_5 Insecure Password Storage Vulnerability
BugTraq ID: 12670
Remote: No
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12670
Summary:
A local insecure password storage vulnerability affects PeerFTP_5. This issue is
due to a failure of the application to store password with secure permissions by
default. 

A local attacker may leverage this issue to gain access to authentication
credentials for FTP user accounts, facilitating unauthorized access.

3. Stormy Studios KNet Remote Buffer Overflow Vulnerability
BugTraq ID: 12671
Remote: Yes
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12671
Summary:
A remote buffer overflow vulnerability affects Stormy Studios KNet.  This issue
is due to a failure of the application to securely copy user-supplied input into
finite process buffers.

An attacker may leverage this issue to execute arbitrary code on a computer with
the privileges of the affected server, facilitating unauthorized access.

4. Mozilla Firefox Address Bar Image Dragging Remote Script Exe...
BugTraq ID: 12672
Remote: Yes
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12672
Summary:
A remote script execution vulnerability affects Mozilla Firefox.  This issue is
due to a failure of the application to properly validate the origin of scripts
prior to execution when loaded into a browser window by dragging JavaScript
image URIs into the address bar.

An attacker may leverage this issue to execute arbitrary script code in the
context of a target Web site in the browser of an unsuspecting user.  This may
facilitate cookie-based authentication credential theft as well as other
attacks.

5. Working Resources BadBlue MFCISAPICommand Remote Buffer Over...
BugTraq ID: 12673
Remote: Yes
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12673
Summary:
A remote buffer overflow vulnerability affects Working Resources BadBlue.  This
issue is due to a failure of the application to securely copy GET request
parameters into finite process buffers.

An attacker may leverage this issue to execute arbitrary code with the
privileges of the affected Web server, facilitating a SYSTEM level compromise.

6. Debian Reportbug Multiple Information Disclosure Vulnerabili...
BugTraq ID: 12674
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12674
Summary:
Multiple information disclosure vulnerabilities affect Debian reportbug; these
issues are due to a failure of the application to properly configure sensitive
data files.

An attacker may leverage these issues to email smarthost passwords, potentially
leading to further compromise.

7. FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
BugTraq ID: 12676
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12676
Summary:
It is reported that FCKeditor allows remote attackers to upload arbitrary files
to a computer when it is used with PHP-Nuke.  This issue may allow attackers to
place malicious scripts on a server, which can lead to various attacks.

FCKeditor 2.0 RC2 running as a module for PHP-Nuke is reported prone to this
issue.  Other versions may be affected as well.

8. KPPP Privileged File Descriptor Leakage Vulnerability
BugTraq ID: 12677
Remote: No
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12677
Summary:
KPPP is reported prone to a file descriptor leakage vulnerability.  This
vulnerability can allow local attackers to gain read or write access to
sensitive files such as '/etc/hosts' and '/etc/resolv.conf', which may lead to
other attacks against the computer.

This vulnerability has been confirmed in KPPP 2.1.2.  KPPP versions included
with KDE 3.1.5 and prior versions are affected as well.

9. PHPBB Authentication Bypass Vulnerability
BugTraq ID: 12678
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12678
Summary:
phpBB is affected by an authentication bypass vulnerability.

This issue is due to the application failing to properly sanitize user-supplied
input during authentication.

Exploitation of this vulnerability would permit unauthorized access to any known
account including the administrator account.

The vendor has addressed this issue in phpBB 2.0.13.

10. WebMod Content-Length Remote Heap Overflow Vulnerability
BugTraq ID: 12679
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12679
Summary:
WebMod is reported prone to a remote heap overflow vulnerability.  This issue
arises due to a boundary condition error and may allow remote attackers to gain
unauthorized access to a vulnerable computer by executing arbitrary code.

WebMod versions 0.47 and prior are reported prone to this issue.

11. MercurySteam Scrapland Game Server Remote Denial of Service ...
BugTraq ID: 12680
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12680
Summary:
Scrapland game server is reported prone to various denial of service
vulnerabilities.  These issues present themselves because the application fails
to handle exceptional conditions.

It is reported that the game server crashes when handling various errors.

Scrapland 1.0 and prior versions are affected by these issues.

12. NoMachine NX Server X Authority File Reading Signal Interrup...
BugTraq ID: 12681
Remote: No
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12681
Summary:
A local unauthorized access vulnerability affects NoMachine NX Server.  This
issue due to a failure of the application to securely carry out its
authentication procedure.

An attacker may leverage this issue to gain unauthorized access to an affected x
server.

13. Mitel 3300 Integrated Communications Platform Web Interface ...
BugTraq ID: 12682
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12682
Summary:
A remote authentication bypass vulnerability affects the Web interface of Mitel
3300 Integrated Communications Platform.  This issue is due to a design error in
the session IDs produced to manage authenticated users.

This issue will allow an attacker to gain authenticated access to the Web
interface of an affected device, facilitating further attacks.

14. PostNuke Pheonix CATID Parameter Remote SQL Injection Vulner...
BugTraq ID: 12683
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12683
Summary:
PostNuke Pheonix is reported prone to an SQL injection vulnerability.  This
issue arises due to insufficient sanitization of user-supplied input.

It is reported that issue presents itself when malicious SQL syntax is issued to
the application through the 'catid' variable.

PostNuke 0.760-RC2 and prior versions are reported vulnerable.

15. PostNuke Pheonix SHOW Parameter Remote SQL Injection Vulnera...
BugTraq ID: 12684
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12684
Summary:
PostNuke Pheonix is reported prone to an SQL injection vulnerability. This issue
arises due to insufficient sanitization of user-supplied input. 

It is reported that issue presents itself when malicious SQL syntax is issued to
the application through the 'show' variable.

PostNuke 0.760-RC2 and prior versions are reported vulnerable.

16. PostNuke Phoenix Download Module Multiple Cross-Site Scripti...
BugTraq ID: 12685
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12685
Summary:
PostNuke is affected by multiple cross-site scripting vulnerabilities.  These
issues are due to the application failing to properly sanitize user-supplied
input.

As a result of these vulnerabilities, it is possible for a remote attacker to
create a malicious link containing script code that will be executed in the
browser of an unsuspecting user when followed. This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

17. PHPCoin Multiple Remote Input Validation Vulnerabilities
BugTraq ID: 12686
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12686
Summary:
Multiple remote input validation vulnerabilities affect phpCOIN.  These issues
are due to a failure of the application to properly sanitize user-supplied input
prior to using it to carry out critical functionality.

An attacker may leverage these issues to manipulate and view arbitrary database
contents by exploiting various SQL injection issues, and to have arbitrary
script code executed in the browser of an unsuspecting user by exploiting
multiple cross-site scripting vulnerabilities.

18. PHP Arena PANews Remote Input Validation Vulnerabilities
BugTraq ID: 12687
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12687
Summary:
Multiple input validation vulnerabilities affect PHP Arena paNews.  These issues
are due to a failure of the application to properly sanitize user-supplied input
prior to using it to carry out critical functionality.

The first issue reported is an SQL injection issue. The second issue is a local
script injection issue.

An attacker may leverage these issues to execute arbitrary server-side scripts
that exist on an affected server, and to inject SQL syntax into queries against
the underlying database.

19. RaidenHTTPD Multiple Remote Vulnerabilities
BugTraq ID: 12688
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12688
Summary:
RaidenHTTPD is reported to multiple remote vulnerabilities.  These issues can
allow an attacker to disclose the source code of PHP files hosted on the server
and execute arbitrary code to gain unauthorized access to a vulnerable computer.

The following specific issues were identified:

It is reported that a remote attacker can disclose the source code of any PHP
file hosted on the server.

A buffer overflow vulnerability is reported to affect the server as well.  This
issue may allow the attacker to gain unauthorized access to an affected
computer.

RaidenHTTPD 1.1.32 is reported vulnerable to these issues.

20. Forumwa Multiple Remote Input Validation Vulnerabilities
BugTraq ID: 12689
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12689
Summary:
Forumwa is reportedly affected by multiple remote input validation
vulnerabilities.  These issues are due to the application failing to properly
sanitize user-supplied input.

The application is vulnerable to a cross-site scripting attack permitting an
attacker to construct a malicious link containing script code to be executed in
the context of the affected site.  This may facilitate the theft of cookie-based
authentication credentials as well as other attacks.

The application is vulnerable to a HTML injection attack.  Attacker-supplied
HTML and script code would be able to access properties of the site, potentially
allowing for theft of cookie-based authentication credentials. An attacker could
also exploit this issue to control how the site is rendered to the user, other
attacks are also possible.

21. PBLang Bulletin Board System SendPM.PHP Directory Traversal ...
BugTraq ID: 12690
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12690
Summary:
PBLang is reported prone to a directory traversal vulnerability. It is reported
that the issue exists due to a lack of sufficient sanitization performed on
user-supplied input.

A remote attacker may exploit this condition to reveal the contents of web
server readable files. Reports indicate that this will allow a remote attacker
to reveal account information for target users including the password hash.

22. CutePHP CuteNews X-Forwarded-For Script Injection Vulnerabil...
BugTraq ID: 12691
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12691
Summary:
A remote script injection vulnerability affects CutePHP CuteNews.  This issue is
due to a failure of the application to properly sanitize user-supplied input
prior to using it to carry out critical functionality.

An attacker may leverage this issue to inject arbitrary server-side scripts
locally and client-side scripts remotely, potentially facilitating code
execution with the privileges of the affected Web server and cross-site
scripting attacks.

23. SafeHTML Multiple HTML Entity Bypass Vulnerabilities
BugTraq ID: 12692
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12692
Summary:
It is reported that SafeHTML does not filter HTML entities in a proper manner. 
The application is reported prone to two input validation vulnerabilities.

Failure to filter HTML content can result in the exploitation of various latent
vulnerabilities in Web based applications. A successful attack may facilitate
HTML injection or cross-site scripting type issues. 

SafeHTML versions prior to 1.3.0 are affected by these issues.

24. 427BB Multiple Remote HTML Injection Vulnerabilities
BugTraq ID: 12693
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12693
Summary:
427BB is reportedly affected by multiple remote HTML injection vulnerabilities. 
These issues occur because the application fails to properly sanitize
user-supplied input before using it in dynamically generated content.

The attacker-supplied HTML and script code would be able to access properties of
the site, potentially allowing for theft of cookie-based authentication
credentials.  An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

These issues are reported to affect all versions of 427BB.

25. PBLang Bulletin Board System DelPM.PHP Arbitrary Personal Me...
BugTraq ID: 12694
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12694
Summary:
PBLang is reported prone to a vulnerability that can allow a registered user to
delete arbitrary personal messages. The vulnerability exists due to a design
error leading to a lack of access controls.

26. Trolltech QT Local Code Execution Vulnerability
BugTraq ID: 12695
Remote: No
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12695
Summary:
A local code execution vulnerability affects Trolltech QT.  These issues are due
to a failure of the application to secure local dynamically loaded libraries.

An attacker may leverage this issue to execute arbitrary code in the context of
an unsuspecting user that activates a QT derived product; this will facilitate
privilege escalation.

27. PHPNews Auth.PHP Remote File Include Vulnerability
BugTraq ID: 12696
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12696
Summary:
It is reported that PHPNews is affected by a remote PHP file include
vulnerability.  This issue is due in part to the application failing to properly
sanitize user-supplied input. 

This issue reportedly affects PHPNews version 1.2.4, previous versions might
also be affected.

28. RealNetworks RealOne Player/RealPlayer Unspecified WAV File ...
BugTraq ID: 12697
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12697
Summary:
RealNetworks RealPlayer and RealOne Player are reported prone to an unspecified
buffer overflow vulnerability. It is reported that the issue manifests when a
malicious WAV file is processed.  The vulnerability affects heap-based memory.

A remote attacker may exploit this vulnerability to execute arbitrary code in
the context of a user that uses a vulnerable version of the media player to play
a malicious WAV file.

29. RealNetworks RealOne Player/RealPlayer SMIL File Remote Stac...
BugTraq ID: 12698
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12698
Summary:
RealNetworks RealPlayer and RealOne Player are reported prone to a remote stack
based buffer overflow vulnerability.  The issue exists due to a lack of boundary
checks performed by the application when parsing Synchronized Multimedia
Integration Language (SMIL) files.  A remote attacker may execute arbitrary code
on a vulnerable computer to gain unauthorized access.

This vulnerability is reported to exist in RealNetworks products for Microsoft
Windows, Linux, and Apple Mac platforms.

30. PHP Glob Function Local Information Disclosure Vulnerability
BugTraq ID: 12701
Remote: No
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12701
Summary:
A local information disclosure vulnerability affects PHP.  This issue is due to
a design error that presents potentially sensitive information to users within
error messages.

An attacker may leverage this issue to reveal filenames and therefore the
existence of files on an affected computer.

31. Computer Associates Unicenter Asset Management Multiple Vuln...
BugTraq ID: 12702
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12702
Summary:
Unicenter Asset Management is reported prone to multiple vulnerabilities that
may allow attackers to disclose sensitive information and carry out HTML
injection and SQL injection attacks.

The following specific issues were identified:

It is reported that attackers with access to the admin console can disclose the
masked SQL Admin password.

The application is also reported prone to an HTML injection vulnerability.  This
issue arises due to an input validation error and may allow remote attackers to
execute arbitrary HTML and script code in a user's browser. 

An SQL injection vulnerability exists in the application as well.  This issue
exists in the Query Designer and may allow remote attackers to inject malicious
SQL code in to imported files.

Unicenter Asset Management 4.0 for Windows is reported prone to these issues.

32. Cerulean Studios Trillian Remote PNG Image File Parsing Buff...
BugTraq ID: 12703
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12703
Summary:
A remote buffer overflow vulnerability affects Cerulean Studios Trillian.  This
issue is due to a failure of the application to securely copy image data into
finite process buffers.

An attacker may leverage this issue to execute arbitrary code with the
privileges of an unsuspecting user that activated the vulnerable application.

33. Golden FTP Server Username Remote Buffer Overflow Vulnerabil...
BugTraq ID: 12704
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12704
Summary:
A buffer overflow vulnerability is reported to affect Golden FTP Server. The
problem occurs due to insufficient bounds checking when processing 'USER'
command arguments of excessive length.

By exploiting this issue to modify sensitive stack variables, an anonymous
remote attacker may be capable of exploiting this issue to execute arbitrary
code.

This vulnerability is reported to affect Golden FTP Server version 1.92, other
versions might also be affected.

34. Computer Associates License Application Multiple Vulnerabili...
BugTraq ID: 12705
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12705
Summary:
Computer Associates License client and server applications are reported prone to
multiple vulnerabilities.  These issues include various buffer overflow
vulnerabilities in the client and server and a directory traversal vulnerability
in the client.  A remote attacker may execute arbitrary code and place files in
arbitrary locations on a vulnerable computer.

It should be noted that the affected application runs with SYSTEM privileges on
Microsoft Windows Platforms and superuser privileges on UNIX platforms; this
will allow for a complete compromise of the affected computer.

**Update: Additional vulnerabilities are reported to affect the 'LIC98RMT.EXE'
component of the Computer Associates License application.

Computer Associates License application versions 1.53 to 1.61.8 on all supported
platforms are affected by these vulnerabilities.

35. MercuryBoard Avatar HTML Injection Vulnerability
BugTraq ID: 12706
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12706
Summary:
MercuryBoard is reportedly affected by a HTML injection vulnerability.  This
issue is a result of the application failing to properly sanitize user-supplied
input used in dynamically generated content.

The attacker-supplied HTML and script code would be able to access properties of
the site, potentially allowing for theft of cookie-based authentication
credentials.  An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

This issue is reported to affect MercuryBoard 1.1.2; earlier versions may also
be affected.

36. MercuryBoard Index.PHP SQL Injection Vulnerability
BugTraq ID: 12707
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12707
Summary:
MercuryBoard is reportedly affected by a SQL injection vulnerability.  This
issue is due to the application failing to properly sanitize user-supplied input
before using it in a SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

This vulnerability affects MercuryBoard 1.1.2; earlier versions may also be
affected.

37. auraCMS Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 12708
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12708
Summary:
auraCMS is affected by multiple cross-site scripting vulnerabilities.

These issues exist because the application fails to properly sanitize
user-supplied input.

Because of these vulnerabilities, an attacker may craft a link containing
malicious HTML or script code and present the link to a victim. If the victim
user follows the link, the attacker-supplied code will be executed in their
browser in the security context of the vulnerable site.

38. ProjectBB Multiple Remote Cross-Site Scripting Vulnerabiliti...
BugTraq ID: 12709
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12709
Summary:
ProjectBB is reportedly affected by multiple cross-site scripting
vulnerabilities.  These issues are due to a failure in the application to
properly sanitize user-supplied input.

As a result of these vulnerabilities, it is possible for a remote attacker to
create a malicious link containing script code that will be executed in the
browser of an unsuspecting user when followed. This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

39. ProjectBB Multiple SQL Injection Vulnerabilities
BugTraq ID: 12710
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12710
Summary:
ProjectBB is reportedly affected by multiple SQL injection vulnerabilities. 
These  issues are due to the application failing to properly sanitize
user-supplied input before using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

40. Foxmail USER Command Multiple Remote Vulnerabilities
BugTraq ID: 12711
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12711
Summary:
Foxmail is reported prone to multiple remote vulnerabilities.  These issues
include a buffer overflow and a format string vulnerability.  An attacker may
exploit these issues to execute arbitrary code on a vulnerable computer to gain
unauthorized access.

The following specific issues were identified:

It is reported that Foxmail server is prone to a remote buffer overflow
vulnerability.  The problem presents itself when the application receives
excessive data through the USER command.  It is also reported that this issue
may also cause a heap overflow.

The application is also affected by a remote format string vulnerability.  It is
reported that this issue presents itself when the server processes a malicious
USER command.

Foxmail Server For Windows version 2.0 is reported vulnerable.  It is possible
that Foxmail Server For Unix is affected as well.

41. XLoadImage Compressed Image Command Execution Vulnerability
BugTraq ID: 12712
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12712
Summary:
A remote command execution vulnerability affects xloadimage.  This issue is due
to a failure of the application to safely parse compressed images.

An attacker may leverage this by distributing a malicious image file designed to
execute arbitrary commands with the privileges of an unsuspecting users.

42. XLI Unspecified Remote Buffer Mismanagement Vulnerability
BugTraq ID: 12713
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12713
Summary:
An unspecified remote buffer mismanagement vulnerability affects xli.  This
issue is due to a failure of the application to securely manage internal buffers
when processing user-supplied input.

An attacker may leverage this issue to execute arbitrary code with the
privileges of the affected application, facilitating privilege escalation or
unauthorized access.

43. LibXPM Bitmap_unit Integer Overflow Vulnerability
BugTraq ID: 12714
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12714
Summary:
An integer overflow vulnerability is reported to affect libXpm, it is reported
that this vulnerability exists in the 'scan.c' source file and is due to a lack
of sanity checks performed on the 'bitmap_unit' value.

A remote attacker may exploit this condition to execute arbitrary code in the
context of the application that is linked to the affected library.

44. OpenVMS Unspecified Local Unauthorized Privileged Access Vul...
BugTraq ID: 12715
Remote: No
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12715
Summary:
OpenVMS is reported prone to an unspecified vulnerability. It is reported that
the issue may be leveraged by a user that has local access to a vulnerable
computer to gain unauthorized privileged access to system resources and to data
stored on the computer.

45. Squid Proxy Set-Cookie Headers Information Disclosure Vulner...
BugTraq ID: 12716
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12716
Summary:
Squid Proxy is prone to an information disclosure vulnerability.  

It is reported that remote attackers may gain access to Set-Cookie headers
related to another user.  Information gathered through exploiting this issue may
aid in further attacks against services related to the cookie, potentially
allowing for session hijacking.

Squid Proxy 2.5 STABLE7 to 2.5 STABLE9 are vulnerable to this issue.

46. ImageMagick File Name Handling Remote Format String Vulnerab...
BugTraq ID: 12717
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12717
Summary:
ImageMagick is reported prone to a remote format string vulnerability.

Reportedly, this issue arises when the application handles malformed file names.
 An attacker can exploit this vulnerability by crafting a malicious file with a
name that contains format specifiers and sending the file to an unsuspecting
user.

It should be noted that other attack vectors also exist that may not require
user interaction as the application can be used with custom printing systems and
Web applications.

A successful attack may result in crashing the application or lead to arbitrary
code execution.

All versions of ImageMagick are considered vulnerable at the moment.

47. WoltLab Burning Board/Burning Board Lite Sessoin.PHP Multipl...
BugTraq ID: 12718
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12718
Summary:
WoltLab Burning Board/Burning Board Lite are reported prone to multiple SQL
injection vulnerabilities.  The vulnerabilities exist in the 'session.php'
script. 

An attacker may leverage these issues to manipulate SQL query strings and
potentially carry out arbitrary database queries. This may facilitate the
disclosure or corruption of sensitive database information.

48. PABox HTML Injection Vulnerability
BugTraq ID: 12719
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12719
Summary:
paBox is reportedly affected by a HTML injection vulnerability.  This issue is
due to the application failing to properly sanitize user-supplied input before
using it in dynamically generated content.

The attacker-supplied HTML and script code would be able to access properties of
the site, potentially allowing for theft of cookie-based authentication
credentials.  An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

This vulnerability is reported to affect paBox version 1.6.

paBox version 2.0 does not appear to be affected by this vulnerability; this has
not been confirmed by the vendor.

49. D-Forum Nav.PHP3 Cross-Site Scripting Vulnerability
BugTraq ID: 12720
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12720
Summary:
D-Forum is reportedly affected by a cross-site scripting vulnerability.  This
issue is due to the application failing to properly sanitize user-supplied
input.

As a result of this vulnerability, it is possible for a remote attacker to
create a malicious link containing script code that will be executed in the
browser of an unsuspecting user when followed. This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

This vulnerability is reported to affect D-Forum 1.11; earlier versions may also
be affected.

50. Typo3 CMW_Linklist Extension SQL Injection Vulnerability
BugTraq ID: 12721
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12721
Summary:
Typo3 'cmw_linklist' extension is affected by a remote SQL injection
vulnerability.  This issue is due to a failure in the application to properly
sanitize user-supplied input before using it in a SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

This issue is reported to affect 'cmw_linklist' extension versions 1.4.1 and
earlier.

51. Computalynx CProxy Directory Traversal Vulnerability
BugTraq ID: 12722
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12722
Summary:
CProxy is reported prone to a remote directory traversal vulnerability.  This
issue arises due to insufficient sanitization of user-supplied data.  A remote
user may exploit this issue to disclose arbitrary files and carry out a denial
of service condition.

It is reported that an attacker can simply issue an HTTP GET request including
directory traversal sequences to carry out this attack.

52. FreeBSD Unspecified x86 SMP Local Information Disclosure Vul...
BugTraq ID: 12724
Remote: No
Date Published: Mar 04 2005
Relevant URL: http://www.securityfocus.com/bid/12724
Summary:
FreeBSD is allegedly prone to an unspecified local information disclosure
vulnerability on x86 platforms.  This vulnerability is reportedly related to SMP
(Symmetric Multiprocessing).

It is also reported that other BSD-based operating systems may be similarly
affected, depending on their SMP implementation.  At the time of writing, no
other operating systems have been confirmed to be vulnerable.

53. XV File Name Handling Remote Format String Vulnerability
BugTraq ID: 12725
Remote: Yes
Date Published: Mar 04 2005
Relevant URL: http://www.securityfocus.com/bid/12725
Summary:
xv is reported prone to a remote format string vulnerability. This issue
presents itself because the application fails to properly sanitize user-supplied
input prior to passing it as the format specifier to a formatted printing
function. 

Reportedly, this issue arises when the application handles malformed file names.
 A successful attack may result in crashing the application or lead to arbitrary
code execution.

xv 3.10a is reported vulnerable; it is likely that other versions are also
affected.

54. Stadtaus.Com Download Center Lite Arbitrary Remote PHP File ...
BugTraq ID: 12726
Remote: Yes
Date Published: Mar 04 2005
Relevant URL: http://www.securityfocus.com/bid/12726
Summary:
Download Center Lite is reportedly affected by an arbitrary remote PHP file
include vulnerability.  This issue is due to the application failing to properly
sanitize user supplied input.

This vulnerability affects Download Center Lite version 1.5; earlier versions
may also be affected.

55. Ca3DE Multiple Remote Vulnerabilities
BugTraq ID: 12727
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12727
Summary:
Ca3DE is reported prone to multiple remote vulnerabilities.  An attacker can
exploit these issues to carry out format string and denial of service attacks.

The following specific issues were identified:

It is reported that all commands accepted by the server are affected by format
string vulnerabilities.

A successful attack may result in crashing the application or lead to arbitrary
code execution. This may facilitate unauthorized access or privilege escalation
in the context of the application.

The application is also affected by a remote denial of service vulnerability.  

Ca3DE versions released before March 2004 are affected by these issues.

56. Mozilla Suite/Firefox HTTP Authentication Dialogs Tab Focus ...
BugTraq ID: 12728
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12728
Summary:
Mozilla Suite and Mozilla Firefox are reported prone to a vulnerability that may
result in the loss of authentication credentials. It is reported that HTTP
authentication dialogs do not remain focused for the tab that invoked the
dialog, rather the dialog focuses over the active tab.

A remote attacker may potentially exploit this condition to aid in phishing
attacks.

This vulnerability is reported to affect Firefox versions prior to version 1.0.1
and Mozilla Suite versions prior to version 1.7.6.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Companies resist nuclear cyber security rule
By: Kevin Poulsen

A proposed standard  for protecting nuclear power plant safety systems from
cyber attack gets a less than glowing reaction from system vendors and plant
operators.

http://www.securityfocus.com/news/10618

2. Feds square off with organized cyber crime
By: Kevin Poulsen

Law enforcement sees undercover operations as a key to unraveling sophisticated
alliances between computer intruders and fraud artists.
http://www.securityfocus.com/news/10525

3. WebTV 911 prankster guilty
By: Kevin Poulsen

Louisiana man cops to endangering public safety by sending out a malicious
script that made set-top boxes call the police.

http://www.securityfocus.com/news/10523

4. MMS virus discovered
By: John Leyden, The Register

The first mobile phone virus capable of replicating via MMS messages has been
discovered.
http://www.securityfocus.com/news/10635

5. Harvard rejects applicants who peeked into admissions comput...
By: , The Associated Press

http://www.securityfocus.com/news/10634

6. U.S. asked to probe music-downloading Web sites
By: Ted Bridis, The Associated Press

http://www.securityfocus.com/news/10628

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. Healthmonitor 2.1
By: Vittorio Pavesi
Relevant URL: http://healthmonitor.sourceforge.net
Platforms: Windows 2000, Windows NT, Windows XP
Summary: 

HealthMonitor is a free powerful and featureful monitoring tool for Windows. 
It works as a Windows Service and check system status (event viewer, disk free
space, services status, performance....) and notify the administration by
E-Mail, SMS and by NET SEND; a database logging feature is also available. It is
under constant development, and releases are usually frequent. The latest news
regarding HealthMonitor can be found on Sourceforge.

2. Kr4ck3r 1.0.0
By: Black List Software
Relevant URL: http://hackinoutthebox.com/sub4.index.php
Platforms: Windows XP
Summary: 

This is the ultimate MD5 cracker having both a built-in brute-force and
dictionary attack functionality.

3. Travesty 1.0
By: Robert Wesley McGrew
Relevant URL: http://cse.msstate.edu/~rwm8/travesty/
Platforms: Linux
Summary: 

Travesty is an interactive program for managing the hardware addresses (MAC) of
ethernet devices on your computer.  It supports manually changing the MAC,
generating random addresses, and applying different vendor prefixes to the
current address.
 It also allows the user to import their own lists of hardware addresses and
descriptions that can be navigated from within the Travesty interface.  Travesty
is written in Python, and is very simple to add functionality to, or modify.

4. WinArpSpoofer 0.5.3
By: Gordon Ahn
Relevant URL: http://www.nextsecurity.net/downloads/winarpspoof/WinArpSpoof.zip
Platforms: Windows 2000, Windows NT, Windows XP
Summary: 

Windows ARP Spoofer (WinArpSpoof) is a program that can scan the computers
including network devices and can spoof their ARP tables on local area network
and can act as a router while pulling all packets on LAN. In addition, traffic
information through this program is measured.

5. OCS 0.1
By: OverIP
Relevant URL: http://hacklab.altervista.org/download/OCS.c
Platforms: Linux
Summary: 

This is a very reliable and fast mass scanner for Cisco router with
telnet/enable default password.

6. Cisco Torch 0.1 alpha
By: Arhont Team
Relevant URL: http://www.arhont.com/cisco-torch.tar.bz2
Platforms: Perl (any system supporting perl)
Summary: 

A fast mass scanning and application layer fingerprinting tool for Cisco devices
written while working on "Hacking Exposed: Cisco Networks" book. Supports telnet
and SSH bruteforcing as well as Cisco management webserver exploitation. More
features would be added soon - see TODO.

V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Security Researcher, Newport Beach, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392450

2. [SJ-JOB] Security Architect, DC, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392447

3. [SJ-JOB] Developer, Boulder, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392446

4. [SJ-JOB] Security Researcher, Boulder, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392444

5. [SJ-JOB] Quality Assurance, Boulder, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392443

6. [SJ-JOB] Sales Engineer, San Francisco, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392442

7. [SJ-JOB] Security Consultant, Honolulu, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392441

8. [SJ-JOB] Sales Engineer, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392438

9. [SJ-JOB] Management, Los Angeles, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392437

10. [SJ-JOB] Auditor, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392435

11. [SJ-JOB] Security Consultant, Bristol. leeds, Manche... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392434

12. [SJ-JOB] Security Architect, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392433

13. [SJ-JOB] Technology Risk Consultant, Manchester, Gla... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392432

14. [SJ-JOB] Sales Engineer, Boston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392431

15. [SJ-JOB] Sales Engineer, Los Angeles, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392429

16. [SJ-JOB] Disaster Recovery Coordinator, South, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392428

17. [SJ-JOB] Account Manager, Washington, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392427

18. [SJ-JOB] Account Manager, Los Angeles, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392426

19. [SJ-JOB] Sales Representative, Cupertino, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392425

20. [SJ-JOB] Account Manager, Washington DC, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392424

21. [SJ-JOB] Account Manager, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392422

22. [SJ-JOB] Account Manager, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392421

23. [SJ-JOB] Security Consultant, Cupertino, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392420

24. [SJ-JOB] Security Auditor, San Antonio, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392419

25. [SJ-JOB] Sales Engineer, Nuremberg, Dusseldorf or Ka... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392254

26. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392253

27. [SJ-JOB] Security System Administrator, San Francisc... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392252

28. [SJ-JOB] Sales Engineer, Miami, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392251

29. [SJ-JOB] Security Consultant, Washington, DC, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392250

30. [SJ-JOB] Security Consultant, Bangalore, IN (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392228

31. [SJ-JOB] Security Researcher, Merrimack, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392066

32. [SJ-JOB] Security Product Manager, Cupertino, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392064

33. [SJ-JOB] Regional Channel Manager, Boston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392063

34. [SJ-JOB] Jr. Security Analyst, Roseville, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392062

35. [SJ-JOB] Security Consultant, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392060

36. [SJ-JOB] Security Architect, Northbrook, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392059

37. [SJ-JOB] Sales Engineer, Washington, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392058

38. [SJ-JOB] Sr. Security Analyst, Washington, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392057

39. [SJ-JOB] CHECK Team Leader, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392054

40. [SJ-JOB] Security Consultant, Washington, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392053

41. [SJ-JOB] Developer, Cupertino, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392052

42. [SJ-JOB] VP of Regional Sales, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392051

43. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392050

44. [SJ-JOB] Jr. Security Analyst, Fremont, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392049

45. [SJ-JOB] Security Engineer, Palo Alto, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392048

46. [SJ-JOB] Sr. Security Engineer, Palo Alto, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392047

47. [SJ-JOB] Information Assurance Analyst, Annapolis Ju... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392046

48. [SJ-JOB] Security Engineer, Austin, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392045

49. [SJ-JOB] Sr. Security Analyst, Winnipeg, CA (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392044

50. [SJ-JOB] Security Architect, Auburn Hills, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392043

51. [SJ-JOB] Security Architect, Kirkland, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392042

VI. INCIDENTS LIST SUMMARY
--------------------------
1. REVIEW: "Windows Forensics and Incident Recovery", H... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/392436

2. Port 500 scans (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/392410

3. Odd typing in MSWord (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/392409

4. Global DNS Cache poisoning? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/392311

VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Hosting Controller Multiple Unauthenticated informat... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/392590

2. Scanner (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/392498

VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. CONTENT FILTERING (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392551

2. SecurityFocus Microsoft Newsletter #230 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392468

3. SID Manipulation Issue - Cross Domain Security Vulne... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392467

4. Disabling USB mass storage (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392466

5. Folder Encryption (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392464

6. computer account password.... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392288

7. Prohibit Folder Compression (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392243

8. Domain Controller Best Practice - Thanks! (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392240

9. AW: Disabling USB mass storage (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392232

10. Microsoft Network Analyzer? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392222

11. FW: Restrict running applications from usb key (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392193

12. Restrict running applications from usb key (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392192

13. Changing system time for testing and development (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392154

14. Remote Terminal Services  :VSMail mx4 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392150

15. Remote Terminal Services (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392122

16. Exchange Problem (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392121

17. AW: Microsoft Network Analyzer? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392100

18. AW: Domain Controller Best Practice - Thanks! (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392070

IX. SUN FOCUS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2005-03-01 to 2005-03-08.

X. LINUX FOCUS LIST SUMMARY
---------------------------
1. Deny Access To configuration file using php scripts (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/392536
[ terug ]