Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #292
------------------------------

This Issue is Sponsored By: Cenzic

Automated Application Security Assessment
Fed up with 1500 page reports brimming with excessive false positives and
few discovered vulnerabilities?  You deserve a much higher level of
accuracy.  Why not step up to a new breed of web application security
assessment product.  Cenzic Hailstorm® finds more vulnerabilities and
generates a low occurrence of false positives.  Let Cenzic help you
automate your application security assessment process.

http://www.securityfocus.com/sponsor/Cenzic_sf-news_050316

------------------------------------------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Infection Vectors
     2. A Method for Forensic Previews
     3. Windows Firewalls Lacking
II. BUGTRAQ SUMMARY
     1. PaX VMA Mirroring Privilege Escalation Vulnerability
     2. Sylpheed Mail Client Buffer Overflow Vulnerability
     3. Xerox Microserver Web Server Unspecified Remote Authorizatio...
     4. Hashcash Email Reply Header Format String Vulnerability
     5. JoWood Chaser Remote Buffer Overflow Vulnerability
     6. Abuse Multiple Local Privilege Escalation Vulnerabilities
     7. Stadtaus.Com PHP Form Mail Script Remote File Include Vulner...
     8. PHPBB Session.PHP Autologin User_Level Privilege Escalation ...
     9. Mlterm Background Image Integer Overflow Vulnerability
     10. The Includer Remote Command Execution Vulnerability
     11. Gene6 FTP Server Remote Default Install Code Execution Vulne...
     12. BRT CopperExport XP_Publish.PHP SQL Injection Vulnerability
     13. phpMyFAQ Username SQL Injection Vulnerability
     14. SafeNet Sentinel License Manager Remote Buffer Overflow Vuln...
     15. Nokia Series 60 BlueTooth Remote Denial Of Service Vulnerabi...
     16. EXIF Library EXIF Tag Parsing Unspecified Memory Corruption ...
     17. Aztek Forum Unauthorized Access Vulnerability
     18. Sun Solaris AnswerBook2 Multiple Cross-Site Scripting Vulner...
     19. Jason Hines PHPWebLog Remote File Include Vulnerability
     20. Hosting Controller Multiple Information Disclosure Vulnerabi...
     21. Oracle Database 8i/9i Multiple Remote Directory Traversal Vu...
     22. Yahoo! Messenger Offline Mode Status Remote Buffer Overflow ...
     23. PHP-Fusion BBCode IMG Tag Script Injection Vulnerability
     24. OutStart Participate Enterprise Multiple Access Validation V...
     25. RedHat Linux Less Remote Buffer Overflow Vulnerability
     26. Xoops Custom Avatar Remote Arbitrary PHP File Upload Vulnera...
     27. ArGoSoft FTP Server DELE Command Remote Buffer Overrun Vulne...
     28. YaBB Remote UsersRecentPosts Cross-Site Scripting Vulnerabil...
     29. Drupal Unspecified Cross-Site Scripting Vulnerability
     30. PHP Arena PAFileDB Multiple Remote Cross Site Scripting Vuln...
     31. Ethereal RADIUS Authentication Dissection Buffer Overflow Vu...
     32. WF-Projects WF-Section SQL Injection Vulnerability
     33. NewsScript Access Validation Vulnerability
     34. Ethereal Etheric/GPRS-LLC/IAPP/JXTA/sFlow Dissector Vulnerab...
     35. Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerabi...
     36. Microsoft Exchange Server Mail Box Sub Folder Denial Of Serv...
     37. Microsoft Internet Explorer MSHTML.DLL CSS Handling Remote B...
     38. Novell iChain Mini FTP Server Unauthorized Remote Path Discl...
     39. Perl Local Race Condition Privilege Escalation Vulnerability
     40. HP Tru64 Message Queue Local Unspecified Denial Of Service V...
     41. Grip CDDB Response Multiple Matches Buffer Overflow Vulnerab...
     42. Multiple Vendor Antivirus Products Malformed ZIP Attachment ...
     43. Techland XPand Rally Remote Format String Vulnerability
     44. WEBInsta Mailing Manager Remote File Include Vulnerability
     45. SocialMPN Module Arbitrary Remote PHP File Include Vulnerabi...
     46. McNews Header.PHP Arbitrary File Include Vulnerability
     47. PHPOutsourcing Zorum Multiple Remote Vulnerabilities
     48. PY Software Active Webcam Webserver Multiple Vulnerabilities
     49. All Enthusiast PhotoPost PHP Pro Multiple Remote Vulnerabili...
     50. Ipswitch Collaboration Suite IMail Server IMAP EXAMINE Argum...
     51. MySQL AB MySQL Multiple Remote Vulnerabilities
     52. Xerox Document Centre ESS/Network Controller Web Server Remo...
     53. UBBCentral UBB.threads Editpost.PHP SQL Injection Vulnerabil...
     54. Xerox WorkCentre Multiple Page Fax Information Disclosure Vu...
III. SECURITYFOCUS NEWS ARTICLES
     1. Companies resist nuclear cyber security rule
     2. Feds square off with organized cyber crime
     3. WebTV 911 prankster guilty
     4. IE7 details leak onto web
     5. EU drops investigation into Microsoft-Time Warner anti-pirac...
     6. Banks 'wasting millions' on two-factor authentication
IV. SECURITYFOCUS TOP 6 TOOLS
     1. Healthmonitor 2.1
     2. Kr4ck3r 1.0.0
     3. Travesty 1.0
     4. WinArpSpoofer 0.5.3
     5. OCS 0.1
     6. Cisco Torch 0.1 alpha
V. SECURITYJOBS LIST SUMMARY
     1. [SJ-JOB] Security Engineer, Ft Lauterdale, US (Thread)
     2. [SJ-JOB] Management, New York City, US (Thread)
     3. [SJ-JOB] Management, Minneapolis, US (Thread)
     4. [SJ-JOB] Sr. Security Engineer, Hoboken, US (Thread)
     5. [SJ-JOB] Sr. Security Engineer, New York (Brooklyn M... (Thread)
     6. [SJ-JOB] Management, Los Angeles, US (Thread)
     7. [SJ-JOB] Sales Representative, Columbia, US (Thread)
     8. [SJ-JOB] Sales Representative, Charlotte, US (Thread)
     9. [SJ-JOB] Security Consultant, Arlington, US (Thread)
     10. [SJ-JOB] Security Architect, Chicago, US (Thread)
     11. [SJ-JOB] Management, Milpitas, US (Thread)
     12. [SJ-JOB] Security Engineer, New York, US (Thread)
     13. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
     14. [SJ-JOB] Security Engineer, D.C., US (Thread)
     15. [SJ-JOB] Auditor, Houston, US (Thread)
     16. [SJ-JOB] Auditor, Atlanta, US (Thread)
     17. [SJ-JOB] Sales Engineer, Dallas, US (Thread)
     18. [SJ-JOB] Security Engineer, New Orleans, US (Thread)
     19. [SJ-JOB] Security Engineer, Toronto, CA (Thread)
     20. [SJ-JOB] Sr. Security Analyst, St. Louis, US (Thread)
     21. [SJ-JOB] Security Consultant, St. Louis, US (Thread)
     22. [SJ-JOB] Security Consultant, Atlanta, US (Thread)
     23. [SJ-JOB] Security Consultant, Charlotte, US (Thread)
     24. [SJ-JOB] Security Engineer, San Jose, US (Thread)
     25. [SJ-JOB] Instructor, Various US Cities, US (Thread)
     26. [SJ-JOB] Sr. Product Manager, New York, US (Thread)
     27. [SJ-JOB] Security Consultant, Chicago, US (Thread)
     28. [SJ-JOB] VP of Regional Sales, New York , US (Thread)
     29. [SJ-JOB] Security Engineer, Cupertino, US (Thread)
     30. [SJ-JOB] Training / Awareness Specialist, Jersey Cit... (Thread)
     31. [SJ-JOB] Sr. Security Analyst, San Bruno, US (Thread)
     32. [SJ-JOB] Security Consultant, Herndon, US (Thread)
     33. [SJ-JOB] Security Researcher, Redwood Shores, US (Thread)
     34. [SJ-JOB] Security Researcher, San Jose, US (Thread)
     35. [SJ-JOB] Jr. Security Analyst, Rosslyn, US (Thread)
     36. [SJ-JOB] Sales Engineer, London, GB (Thread)
     37. [SJ-JOB] Channel / Business Development, London, GB (Thread)
     38. [SJ-JOB] Security Consultant, Raritan, US (Thread)
     39. [SJ-JOB] Application Security Architect, San Jose, U... (Thread)
     40. [SJ-JOB] Security Architect, San Jose, US (Thread)
     41. [SJ-JOB] Application Security Architect, DC, US (Thread)
     42. [SJ-JOB] Sr. Security Engineer, Jersey City, US (Thread)
     43. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
     44. [SJ-JOB] Sales Engineer, New York, US (Thread)
     45. [SJ-JOB] VP, Information Security, New York, US (Thread)
     46. [SJ-JOB] Sr. Security Engineer, Richland, US (Thread)
VI. INCIDENTS LIST SUMMARY
     1. Master RPC program number data base (/etc/rpc) (Thread)
     2. Port 500 scans (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
     1. calling all software security tool vendors/freeware/... (Thread)
     2. Clarification to: -->calling all software security t... (Thread)
     3. Security Masters Dojo (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
     1. Limitlogin v1.0 released from MS (Thread)
     2. Question on IIS servers and reverse lookup ... found... (Thread)
     3. Basic question (Thread)
     4. Folder Encryption (Thread)
     5. Question on IIS servers and reverse lookup (Thread)
     6. SecurityFocus Microsoft Newsletter #231 (Thread)
     7. Disabling USB mass storage (Thread)
     8. SID Manipulation Issue - Cross Domain Security Vulne... (Thread)
IX. SUN FOCUS LIST SUMMARY
     NO NEW POSTS FOR THE WEEK 2005-03-08 to 2005-03-15.
X. LINUX FOCUS LIST SUMMARY
     1. A question about passwords and login/authentication (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Infection Vectors
By Kelly Martin
It's time to pick your favorite virus.
http://www.securityfocus.com/columnists/306

2. A Method for Forensic Previews
By Timothy E. Wright
This article explains the forensic preview process, whereby a production
machine is left as undisturbed as possible while it is evaluated for
potential intrusion and compromise.
http://www.securityfocus.com/infocus/1825

3. Windows Firewalls Lacking
By Mark Burnett
For something as simple as a firewall for Windows servers, a good solution
just doesn't exist.
http://www.securityfocus.com/columnists/307

II. BUGTRAQ SUMMARY
-------------------
1. PaX VMA Mirroring Privilege Escalation Vulnerability
BugTraq ID: 12729
Remote: Yes
Date Published: Mar 05 2005
Relevant URL: http://www.securityfocus.com/bid/12729
Summary:
It is reported that PaX contains a privilege escalation vulnerability.

Local unprivileged users may exploit this vulnerability to execute arbitrary
code with the privileges of any targeted user. It is also conjectured that
remote attackers may also be able to exploit this vulnerability, but
exploitability depends on the ability of an attacker to control the executable
file mappings of a targeted application.

This issue is only exploitable if SEGMEXEC or RANDEXEC are enabled in the kernel
configuration.

This vulnerability is reported to affect all versions of PaX since September,
2003, when VMA mirroring was introduced.

2. Sylpheed Mail Client Buffer Overflow Vulnerability
BugTraq ID: 12730
Remote: Yes
Date Published: Mar 04 2005
Relevant URL: http://www.securityfocus.com/bid/12730
Summary:
It is reported that Sylpheed is susceptible to a buffer overflow vulnerability.
This issue is due to a failure of the application to properly bounds-check
user-supplied input data prior to copying it to fixed-size memory buffers.

Attackers may exploit this vulnerability to execute arbitrary machine code in
the context of the vulnerable application.

Versions prior to 1.0.3 are reported to be vulnerable.

3. Xerox Microserver Web Server Unspecified Remote Authorizatio...
BugTraq ID: 12731
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12731
Summary:
Xerox Microserver is a server utility that includes a Web server.  It is enabled
by default on Xerox WorkCentre devices.

A remote authorization bypass reportedly affects Xerox Microserver Web server. 
The underlying issue causing this vulnerability is currently unknown; this BID
will be updated as further information is released.

An attacker may potentially leverage this issue to alter configuration settings
on the affected device.

4. Hashcash Email Reply Header Format String Vulnerability
BugTraq ID: 12732
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12732
Summary:
A format string vulnerability exists in the generic C implementation of
Hashcash.  This vulnerability is exposed when the software handles an email
message that includes format specifiers in the recipient field of a reply.  

Successful exploitation may allow execution of arbitrary code in the context of
the software.

This vulnerability is believed to have been introduced after the release of
version 1.13.  It is not known exactly which version the vulnerability was
introduced in.

5. JoWood Chaser Remote Buffer Overflow Vulnerability
BugTraq ID: 12733
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12733
Summary:
A remote buffer overflow vulnerability affects JoWood Chaser.  This issue is due
to a failure of the application to securely copy user-supplied input into finite
process buffers.

An attacker may leverage this issue to execute arbitrary code in affected
clients or trigger a denial of service condition in affected servers.

6. Abuse Multiple Local Privilege Escalation Vulnerabilities
BugTraq ID: 12734
Remote: No
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12734
Summary:
Abuse is reported prone to multiple vulnerabilities. The following individual
issues are reported:

Abuse is reported prone to multiple local buffer overflow vulnerabilities. 

It is reported that a local attacker may exploit these issues to execute
arbitrary code with superuser privileges.

Abuse is also reported prone to an insecure file creation vulnerability. Reports
indicate that this issue may be leveraged to overwrite arbitrary files with
superuser privileges.

7. Stadtaus.Com PHP Form Mail Script Remote File Include Vulner...
BugTraq ID: 12735
Remote: Yes
Date Published: Mar 05 2005
Relevant URL: http://www.securityfocus.com/bid/12735
Summary:
PHP Form Mail Script is prone to  remote file include vulnerability.  

An attacker may leverage this issue to execute arbitrary server-side script code
on an affected computer with the privileges of the Web server process. This may
facilitate unauthorized access. 

PHP Form Mail Script 2.3 and prior versions are vulnerable to this issue.

8. PHPBB Session.PHP Autologin User_Level Privilege Escalation ...
BugTraq ID: 12736
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12736
Summary:
phpBB is reported prone to a privilege escalation vulnerability. The issue is
reported to exist when an autologin fails.

A remote attacker may potentially exploit this vulnerability to gain access to
parts of the affected website that should only be visible to a website
administrator. 

Information harvested through exploitation of this vulnerability may be employed
to aid in further attacks against the affected site.

This vulnerability is reported to affect phpBB versions up to up to 2.0.13.

9. Mlterm Background Image Integer Overflow Vulnerability
BugTraq ID: 12737
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12737
Summary:
mlterm is reported prone to an integer overflow vulnerability. This
vulnerability arises due to a lack of sanity checks performed on a malformed
image file.

mlterm versions 2.5.0 to 2.9.1 are reported vulnerable.

10. The Includer Remote Command Execution Vulnerability
BugTraq ID: 12738
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12738
Summary:
The Includer is reported prone to a remote arbitrary command execution
vulnerability. This issue presents itself due to insufficient sanitization of
user-supplied data. 

A remote attacker may exploit this vulnerability to execute arbitrary command in
the context of the Web server that is hosting the affected software.

11. Gene6 FTP Server Remote Default Install Code Execution Vulne...
BugTraq ID: 12739
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12739
Summary:
Reportedly a remote code execution vulnerability affects Gene6 FTP Server.  This
issue is due to a configuration error that fails to secure critical
functionality from default users.

An attacker that can authenticate to the affected FTP server can execute
arbitrary code with SYSTEM privileges; this will facilitate privilege
escalation.

12. BRT CopperExport XP_Publish.PHP SQL Injection Vulnerability
BugTraq ID: 12740
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12740
Summary:
CopperExport is reportedly affected by an SQL injection vulnerability. This
issue is due to the application failing to properly sanitize user-supplied input
to the 'xp_publish.php' script before using it in a SQL query.

This vulnerability could permit remote attackers to pass malicious input to
database queries, resulting in modification of query logic or other attacks.

CopperExport versions 0.1 and 0.2 are reported prone to this vulnerability.

13. phpMyFAQ Username SQL Injection Vulnerability
BugTraq ID: 12741
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12741
Summary:
phpMyFAQ is affected by an SQL injection vulnerability. This issue is due to the
application failing to properly sanitize user-supplied input to the 'username'
field of forum entries before using it in a SQL query.

This vulnerability could permit remote attackers to pass malicious input to
database queries, resulting in modification of query logic or other attacks.

phpMyFAQ versions 1.4 and 1.5 are reported prone to this vulnerability.

14. SafeNet Sentinel License Manager Remote Buffer Overflow Vuln...
BugTraq ID: 12742
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12742
Summary:
A remote buffer overflow vulnerability affects SafeNet Sentinel License Manager.
 This issue is due to a failure of the application to securely copy
network-derived data into finite process buffers.

An attacker may leverage this issue to execute arbitrary code with SYSTEM
privileges.

15. Nokia Series 60 BlueTooth Remote Denial Of Service Vulnerabi...
BugTraq ID: 12743
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12743
Summary:
A remote denial of service vulnerability affects Nokia Series 60.  This issue is
due to a failure of the operating system to handle malformed network data.

An attacker may leverage this issue to cause affected Nokia devices to restart,
denying service to legitimate users.

16. EXIF Library EXIF Tag Parsing Unspecified Memory Corruption ...
BugTraq ID: 12744
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12744
Summary:
libexif is reported prone to a memory corruption vulnerability. It is reported
that the issue presents itself when the affected library is processing malformed
EXIF tags. 

It is reported that this issue may be leveraged to execute arbitrary code in the
context of an application that is linked to the vulnerable library.

17. Aztek Forum Unauthorized Access Vulnerability
BugTraq ID: 12745
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12745
Summary:
Aztek Forum is reported prone to an unauthorized access vulnerability.  It is
conjectured that this issue arises due to an access validation error.

It is possible that an attacker can gain unauthorized administrative access to
the application.  This can lead to other attacks against the Web server hosting
the application.

Aztek Forum 4.0 is reported to be affected by this issue.

18. Sun Solaris AnswerBook2 Multiple Cross-Site Scripting Vulner...
BugTraq ID: 12746
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12746
Summary:
Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting
vulnerabilities.  These issues arise due to insufficient sanitization of
user-supplied data facilitating execution of arbitrary HTML and script code in a
user's browser.

The following specific issues were identified:

It is reported that the Search function of the application is affected by a
cross-site scripting vulnerability.

The AnswerBook2 admin interface is prone to cross-site scripting attacks as
well.

These issues can lead to theft of cookie based credentials and other attacks.

AnswerBook2 1.4.4 and prior versions are affected by these issues.

19. Jason Hines PHPWebLog Remote File Include Vulnerability
BugTraq ID: 12747
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12747
Summary:
phpWebLog is prone to remote file include vulnerability. This issue is due to a
failure of the application to properly sanitize user-supplied input prior to
using it in a PHP 'include_once()' function call.

An attacker may leverage this issue to execute arbitrary server-side script code
on an affected computer with the privileges of the Web server process. This may
facilitate unauthorized access.

20. Hosting Controller Multiple Information Disclosure Vulnerabi...
BugTraq ID: 12748
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12748
Summary:
Hosting Controller is reported prone to multiple information disclosure
vulnerabilities.  These issues can allow an attacker to disclose sensitive
information, which may be used to carry out further attacks against a computer.

An attacker can access a sensitive file to enumerate domain names of all hosted
domains.

Another issue affecting the application may allow remote users to disclose an
administrator's email address.

These issues are reported to affect Hosting Controller 6.1 Hotfix 1.7.  Other
versions are likely to be affected as well.

21. Oracle Database 8i/9i Multiple Remote Directory Traversal Vu...
BugTraq ID: 12749
Remote: Yes
Date Published: Mar 07 2005
Relevant URL: http://www.securityfocus.com/bid/12749
Summary:
Oracle Database server is reported prone to multiple directory traversal
vulnerabilities that may allow a remote attacker to read, write, or rename
arbitrary files with the privileges of the Oracle Database server.

The issues are reported to exist due to a lack of sufficient input validation
performed on filenames and paths passed to file processing functions, and may
allow a malicious SQL query to traverse outside of a directory that is described
in an Oracle directory object.

22. Yahoo! Messenger Offline Mode Status Remote Buffer Overflow ...
BugTraq ID: 12750
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12750
Summary:
It has been reported that a remote buffer overflow vulnerability affects Yahoo!
Messenger.  This issue is due to a failure of the application to securely copy
user-supplied input into finite process buffers.

It is likely that the attacker must be in the contact list of an unsuspecting
user to exploit this issue. It should be noted that the details surrounding this
issue are not clear; this BID will be updated as more details are released.

An attacker may leverage this issue to execute arbitrary code in the context of
an unsuspecting user running a vulnerable version of the affected application.

23. PHP-Fusion BBCode IMG Tag Script Injection Vulnerability
BugTraq ID: 12751
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12751
Summary:
PHP-Fusion is reported prone to a script injection vulnerability.  This issue is
due to the application failing to properly sanitize user-supplied input prior to
including it in dynamically generated content. 

An attacker can supply ASCII equivalents of arbitrary HTML and script code
through the BBCode IMG tag to trigger this issue and execute arbitrary script
code in a user's browser.

PHP-Fusion 5.00 is reportedly affected by this issue.

24. OutStart Participate Enterprise Multiple Access Validation V...
BugTraq ID: 12752
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12752
Summary:
Participate Enterprise is reported prone to multiple access validation
vulnerabilities.  These issues may allow remote attackers to disclose sensitive
information and corrupt and delete data that can ultimately lead to a denial of
service condition.

The following specific issues were identified:

An attacker can browse the directory tree and disclose sensitive information.

An attacker can rename arbitrary objects.

An attacker can delete arbitrary objects as well.

All versions of Participate Enterprise are considered vulnerable at the moment.

25. RedHat Linux Less Remote Buffer Overflow Vulnerability
BugTraq ID: 12753
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12753
Summary:
A remote, client-side buffer overflow vulnerability affects RedHat Linux less. 
This issue is due to a failure of the application to securely copy file data
into finite process buffers.

An attacker may leverage this issue to execute arbitrary code with the
privileges of an unsuspecting user.

26. Xoops Custom Avatar Remote Arbitrary PHP File Upload Vulnera...
BugTraq ID: 12754
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12754
Summary:
Xoops is reported prone to a remote arbitrary PHP file upload vulnerability. The
issue presents itself due to a lack of sanitization performed on image files
that are uploaded using custom avatar upload functionality.

A subsequent request for an uploaded script will result in the execution of the
script code in the context of the hosting web server.

This vulnerability is reported to affect Xoops version 2.0.9.2 and previous
versions.

27. ArGoSoft FTP Server DELE Command Remote Buffer Overrun Vulne...
BugTraq ID: 12755
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12755
Summary:
ArGoSoft FTP Server is prone to a buffer overrun when handling data through the
DELE command. 

It is reported that passing excessive data may overrun a finite sized internal
memory buffer.  A successful attack may result in memory corruption as memory
adjacent to the buffer is overwritten with user-supplied data. 

This issue may lead to a denial of service condition or the execution of
arbitrary code.

ArGoSoft FTP Server 1.4.2.8 is reported vulnerable.  It is possible that other
versions are affected as well.

28. YaBB Remote UsersRecentPosts Cross-Site Scripting Vulnerabil...
BugTraq ID: 12756
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12756
Summary:
A remote cross-site scripting vulnerability affects YaBB. This issue is due to a
failure of the application to properly sanitize user-supplied input prior to
including it in dynamically generated Web content. 

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

29. Drupal Unspecified Cross-Site Scripting Vulnerability
BugTraq ID: 12757
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12757
Summary:
An unspecified remote cross-site scripting vulnerability affects Drupal. This
issue is due to a failure of the application to properly sanitize user-supplied
input prior to using it in dynamically generated Web page content.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.

This vulnerability is reported to affect Drupal versions prior to version 4.5.2.

30. PHP Arena PAFileDB Multiple Remote Cross Site Scripting Vuln...
BugTraq ID: 12758
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12758
Summary:
Multiple remote cross-site scripting vulnerabilities affect PHP Arena PaFileDB.
These issues are due to a failure of the application to properly sanitize
user-supplied input prior to including it in dynamically generated Web content.

An attacker may leverage these issues to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

31. Ethereal RADIUS Authentication Dissection Buffer Overflow Vu...
BugTraq ID: 12759
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12759
Summary:
A remote buffer overflow vulnerability reportedly affects Ethereal.  This issue
is due to a failure of the application to securely copy network-derived data
into sensitive process buffers.  The specific issue exists in the 3GPP2 A11
dissector.

An attacker may exploit this issue to execute arbitrary code with the privileges
of the user that activated the vulnerable application. This may facilitate
unauthorized access or privilege escalation.

32. WF-Projects WF-Section SQL Injection Vulnerability
BugTraq ID: 12760
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12760
Summary:
WF-Section is reportedly affected by a SQL injection vulnerability.  This issue
is due to the application failing to properly sanitize user-supplied input
before using it in a SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

This issue is reported to affect WF-Section 1.0.7; earlier versions might also
be affected.

This vulnerability does not appear to affect WF-Section versions 2.x and
greater; this has not been confirmed by the vendor.

33. NewsScript Access Validation Vulnerability
BugTraq ID: 12761
Remote: Yes
Date Published: Mar 08 2005
Relevant URL: http://www.securityfocus.com/bid/12761
Summary:
NewsScript is reported prone to an access validation vulnerability.  This issue
may allow an unauthorized attacker to add, modify and delete messages.

It is reported that an attacker can exploit this issue by issuing a specially
crafted HTTP GET request for the 'newsscript.pl' script to bypass access checks
and carry out administrative tasks.

34. Ethereal Etheric/GPRS-LLC/IAPP/JXTA/sFlow Dissector Vulnerab...
BugTraq ID: 12762
Remote: Yes
Date Published: Mar 09 2005
Relevant URL: http://www.securityfocus.com/bid/12762
Summary:
Multiple buffer overflow and denial of service vulnerabilities affect various
Ethereal protocol dissectors.  The Etheric, GPRS-LLC, IAPP, JXTA, and sFlow
dissectors are affected by these issues.

These vulnerabilities may be triggered when the software is used to monitor live
network traffic or when a dump is viewed.  In the worst case scenario, it is
possible to execute arbitrary code as the superuser.  Other vulnerabilities will
only cause the software to crash when an affected dissector processes live
network traffic or a dump.

35. Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerabi...
BugTraq ID: 12763
Remote: No
Date Published: Mar 09 2005
Relevant URL: http://www.securityfocus.com/bid/12763
Summary:
A Local integer overflow vulnerability affects the Linux kernel.  This issue is
due to a failure of the affected kernel to properly handle user-supplied size
values.

An attacker may leverage this issue to overwrite low kernel memory.  This may
potentially facilitate privilege escalation.

36. Microsoft Exchange Server Mail Box Sub Folder Denial Of Serv...
BugTraq ID: 12764
Remote: Yes
Date Published: Mar 09 2005
Relevant URL: http://www.securityfocus.com/bid/12764
Summary:
A denial of service vulnerability affects Microsoft Exchange Server.  This issue
is due to the application failing to efficiently handle the manipulation of
specially crafted folders.

An attacker may leverage this issue to cause the Microsoft Exchange Information
Store service to stop responding, denying service to legitimate users.

37. Microsoft Internet Explorer MSHTML.DLL CSS Handling Remote B...
BugTraq ID: 12765
Remote: Yes
Date Published: Mar 09 2005
Relevant URL: http://www.securityfocus.com/bid/12765
Summary:
Microsoft Internet Explorer is reported prone to a remote buffer overflow
vulnerability.

This issue presents itself when the application handles a malformed CSS file.

A typical attack would involve the attacker creating a Web site that includes
the malicious CSS file.  The attacker may then entice a vulnerable user to visit
the site.  If successful, this attack may result in granting the attacker
unauthorized access to the affected computer in the context of the user running
Internet Explorer.

This issue may be related to BID 10816 (Microsoft Internet Explorer Style Tag
Comment Memory Corruption Vulnerability) and may have been fixed by Microsoft
Security Bulletin MS04-038.  This is not confirmed at the moment.  This BID will
be updated when further technical analysis is complete.

38. Novell iChain Mini FTP Server Unauthorized Remote Path Discl...
BugTraq ID: 12766
Remote: Yes
Date Published: Mar 09 2005
Relevant URL: http://www.securityfocus.com/bid/12766
Summary:
Novell iChain Mini FTP server is reported prone to a remote path disclosure
vulnerability.

This issue can allow an unauthorized attacker to disclose the iChain FTP server
path.

The information gathered through the exploitation of this issue may aid in other
attacks against a vulnerable computer.

Novell iChain 2.2, 2.3, and .3 Support Pack 2 are reported vulnerable.

39. Perl Local Race Condition Privilege Escalation Vulnerability
BugTraq ID: 12767
Remote: No
Date Published: Mar 09 2005
Relevant URL: http://www.securityfocus.com/bid/12767
Summary:
Perl is reported prone to a local race condition vulnerability. The
vulnerability is present in the 'rmtree()' function provided by the
'File::Path.pm' module.

A successful attack may allow an attacker to gain elevated privileges on a
vulnerable computer.

40. HP Tru64 Message Queue Local Unspecified Denial Of Service V...
BugTraq ID: 12768
Remote: No
Date Published: Mar 09 2005
Relevant URL: http://www.securityfocus.com/bid/12768
Summary:
HP Tru64 is reported prone to an unspecified local denial of service
vulnerability. It is reported that this issue exists in the message queue of the
affected platform and may be triggered by an unprivileged local user.

A local attacker may leverage this issue to deny service for legitimate users.

41. Grip CDDB Response Multiple Matches Buffer Overflow Vulnerab...
BugTraq ID: 12770
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12770
Summary:
A buffer overflow vulnerability exists in Grip.  The vulnerability occurs when
the software processes a response to a CDDB query that has in excess of 16
matches.

For an attacker to exploit this issue, they must be able to influence the
response to a CDDB query, either by controlling a malicious CDDB server or
through other means.  Successful exploitation will result in execution of
arbitrary code.

This vulnerability is reported to affect versions 3.1.2 and 3.2.0.  It is not
known if other versions are also affected.

42. Multiple Vendor Antivirus Products Malformed ZIP Attachment ...
BugTraq ID: 12771
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12771
Summary:
Multiple antivirus products from various vendors are reported prone to a
vulnerability that may allow potentially malformed ZIP archives to bypass
detection.

This issue arises when an affected application processes a ZIP archive with an
invalid CRC-32 checksum.  It should be noted that affected software may possibly
detect a malicious file in the archive when it is decompressed or scanned
manually.

The discoverer of this vulnerability has reported that this issue affects H+BEDV
AntiVir, AVG Anti-Virus, Sybari Antigen for Microsoft Exchange, and products by
McAfee, and BitDefender.  Symantec products were not found to be vulnerable to
the issue.

**Update: Symantec believes that the impact of this issue is low. This is
because an archive handler processing an archive that possesses a corrupt CRC-32
checksum will fail, reporting that the archive is corrupt. This would mean that
a malicious file contained in such an archive would not be directly accessible
to a target recipient user. 

Alternatively, if the CRC-32 checksum is corrected manually by the recipient
user and the file is extracted, it will likely be detected by client-side
Anti-Virus solutions during the file extraction routine. This detection will
likely occur before the malicious file is directly processed by the end user.

43. Techland XPand Rally Remote Format String Vulnerability
BugTraq ID: 12772
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12772
Summary:
A remote format string vulnerability affects XPand Rally.  This issue is due to
a failure of the application to securely call a formatted printing function.

An attacker may leverage this issue to execute arbitrary code with the
privileges of an unsuspecting user that activated the vulnerable server or
client application.

44. WEBInsta Mailing Manager Remote File Include Vulnerability
BugTraq ID: 12773
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12773
Summary:
WEBInsta Mailing Manager is prone to remote file include vulnerability.

An attacker may leverage this issue to execute arbitrary server-side script code
on an affected computer with the privileges of the Web server process.

This may facilitate unauthorized access. 

WEBInsta Mailing Manager 1.3d is reported vulnerable, however,  prior versions
may be affected as well.

45. SocialMPN Module Arbitrary Remote PHP File Include Vulnerabi...
BugTraq ID: 12774
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12774
Summary:
SocialMPN is affected by a remote PHP file include vulnerability.  This issue is
due to a failure in the aplication to properly validate user-supplied input.

This vulnerability affects SocialMPN versions prior to 1.2.6.

46. McNews Header.PHP Arbitrary File Include Vulnerability
BugTraq ID: 12776
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12776
Summary:
mcNews is reportedly affected by a remote file include vulnerability.  This
issue is due to a failure in the application to properly sanitize user-supplied
input.

This issue is reported to affect mcNews version 1.3; earlier versions may also
be affected.

47. PHPOutsourcing Zorum Multiple Remote Vulnerabilities
BugTraq ID: 12777
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12777
Summary:
Zorum is a freely available, open source Web-based forum application implemented
in PHP. It is available for UNIX, Linux, and any other platform that supports
PHP script execution.

Multiple remote vulnerabilities affect Zorum.  These issues are due to a failure
of the application to validate access rights and user-supplied input.

The issues reported are an HTML injection vulnerability, multiple cross-site
scripting vulnerabilities, an SQL injection vulnerability, and an authentication
bypass issue.

An attacker may leverage these issues to execute script code in an unsuspecting
user's browser, to manipulate SQL queries and to bypass authentication
requirements.

48. PY Software Active Webcam Webserver Multiple Vulnerabilities
BugTraq ID: 12778
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12778
Summary:
Active Webcam webserver is reported prone to multiple vulnerabilities. The
following individual issues are reported:

The first issue, a denial of service is reported to manifest when a request is
received for a file that exists on a floppy drive.

A remote attacker may exploit this issue to deny service for legitimate users.

A denial of service is reported to exist when the 'Filelist.html' file is
requested.

A remote attacker may exploit this issue to deny service for legitimate users.

An installation path disclosure vulnerability is reported to affect Active
Webcam. It is reported that a request for a non-existent file will result in an
error message that contains the installation path of the software.

A remote attacker may exploit this issue to gain information regarding the
filesystem on a target computer.

An information disclosure vulnerability is reported to affect Active Webcam. It
is reported that this vulnerability exists because different error messages are
returned to a request for a file depending on whether the file exists or not. 

A remote attacker may exploit this issue to gain information regarding the
filesystem on a target computer.

49. All Enthusiast PhotoPost PHP Pro Multiple Remote Vulnerabili...
BugTraq ID: 12779
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12779
Summary:
PhotoPost PHP Pro is a web-based image gallery application written in PHP. It
can be implemented on any platform that supports PHP script execution.

Multiple remote vulnerabilities affect All Enthusiast PhotoPost PHP Pro.  These
issues are due to a failure of the application to validate access rights and
user-supplied input.

The first issue is an access validation issue that may allow attackers to
manipulate images uploaded by arbitrary users.  The second issue is a cross-site
scripting vulnerability.

An attacker may leverage these issues to execute script code in an unsuspecting
user's browser and to bypass authentication to execute certain application
commands.

50. Ipswitch Collaboration Suite IMail Server IMAP EXAMINE Argum...
BugTraq ID: 12780
Remote: Yes
Date Published: Mar 10 2005
Relevant URL: http://www.securityfocus.com/bid/12780
Summary:
The Ipswitch Collaboration Suite IMail IMAP service is reported prone to a
buffer overflow vulnerability. The issue exists due to a lack of sufficient
boundary checks performed on arguments that are passed to the EXAMINE command.

It is conjectured that a remote authenticated attacker may exploit this
vulnerability to execute arbitrary code in the context of the affected service.
Immediate consequences of a failed exploit attempt would be a denial of service
due to the application crashing on an access violation.

IMail Server version 8.13 an earlier are reported prone to this vulnerability.

51. MySQL AB MySQL Multiple Remote Vulnerabilities
BugTraq ID: 12781
Remote: Yes
Date Published: Mar 11 2005
Relevant URL: http://www.securityfocus.com/bid/12781
Summary:
MySQL is reported prone to multiple vulnerabilities that can be exploited by a
remote authenticated attacker. The following individual issues are reported:

MySQL is reported prone to an insecure temporary file creation vulnerability. 

Reports indicate that an attacker that has 'CREATE TEMPORARY TABLE' privileges
on an affected installation may leverage this vulnerability to corrupt files
with the privileges of the MySQL process.

MySQL is reported prone to an input validation vulnerability that can be
exploited by remote users that have INSERT and DELETE privileges on the 'mysql'
administrative database.

Reports indicate that this issue may be leveraged to load an execute a malicious
library in the context of the MySQL process.

Finally, MySQL is reported prone to a remote arbitrary code execution
vulnerability. It is reported that the vulnerability may be triggered by
employing the 'CREATE FUNCTION' statement to manipulate functions in order to
control sensitive data structures.

This issue may be exploited to execute arbitrary code in the context of the
database process.

These issues are reported to exist in MySQL versions prior to MySQL 4.0.24 and
4.1.10a.

52. Xerox Document Centre ESS/Network Controller Web Server Remo...
BugTraq ID: 12783
Remote: Yes
Date Published: Mar 11 2005
Relevant URL: http://www.securityfocus.com/bid/12783
Summary:
A remote authentication bypass vulnerability affects Xerox Document Centre. 
This issue is due to a failure of the application to properly handle access
credentials.

An attacker may leverage this issue to gain unauthorized access to the device
configuration interface. It should be noted that access to user accounts on the
affected device is not granted through exploitation of this issue.

53. UBBCentral UBB.threads Editpost.PHP SQL Injection Vulnerabil...
BugTraq ID: 12784
Remote: Yes
Date Published: Mar 11 2005
Relevant URL: http://www.securityfocus.com/bid/12784
Summary:
It is reported that UBB.threads is prone to an SQL injection vulnerability. 

The SQL injection vulnerability is reported to affect the 'editpost.php' script.

UBB.threads 6.0 is reported prone to this issue.  It is likely that other
versions are affected as well.

54. Xerox WorkCentre Multiple Page Fax Information Disclosure Vu...
BugTraq ID: 12787
Remote: No
Date Published: Mar 11 2005
Relevant URL: http://www.securityfocus.com/bid/12787
Summary:
An information disclosure vulnerability affects Xerox WorkCentre devices.  This
issue is due to a design error that may facilitate information disclosure under
certain extreme conditions when an unsuspecting user sends a multi-page fax.

This issue may facilitate the disclosure of potentially sensitive information.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Companies resist nuclear cyber security rule
By: Kevin Poulsen

A proposed standard  for protecting nuclear power plant safety systems from
cyber attack gets a less than glowing reaction from system vendors and plant
operators.

http://www.securityfocus.com/news/10618

2. Feds square off with organized cyber crime
By: Kevin Poulsen

Law enforcement sees undercover operations as a key to unraveling sophisticated
alliances between computer intruders and fraud artists.
http://www.securityfocus.com/news/10525

3. WebTV 911 prankster guilty
By: Kevin Poulsen

Louisiana man cops to endangering public safety by sending out a malicious
script that made set-top boxes call the police.

http://www.securityfocus.com/news/10523

4. IE7 details leak onto web
By: Lucy Sherriff, The Register

Details of Microsoft's Internet Explorer 7.0 are starting to emerge, and if the
rumours are true, IE 7.0 will have tabbed browsing, a built-in news-aggregator,
and could be integrated with Microsoft's currently-in-beta anti-spyware product.
http://www.securityfocus.com/news/10701

5. EU drops investigation into Microsoft-Time Warner anti-pirac...
By: , The Associated Press

http://www.securityfocus.com/news/10692

6. Banks 'wasting millions' on two-factor authentication
By: John Leyden, The Register

Banks are spending millions on two-factor authentication for their customers but
the approach no longer provides adequate protection against fraud or identity
theft, according to Bruce Schneier, the encryption guru.
http://www.securityfocus.com/news/10694

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. Healthmonitor 2.1
By: Vittorio Pavesi
Relevant URL: http://healthmonitor.sourceforge.net
Platforms: Windows 2000, Windows NT, Windows XP
Summary: 

HealthMonitor is a free powerful and featureful monitoring tool for Windows. 
It works as a Windows Service and check system status (event viewer, disk free
space, services status, performance....) and notify the administration by
E-Mail, SMS and by NET SEND; a database logging feature is also available. It is
under constant development, and releases are usually frequent. The latest news
regarding HealthMonitor can be found on Sourceforge.

2. Kr4ck3r 1.0.0
By: Black List Software
Relevant URL: http://hackinoutthebox.com/sub4.index.php
Platforms: Windows XP
Summary: 

This is the ultimate MD5 cracker having both a built-in brute-force and
dictionary attack functionality.

3. Travesty 1.0
By: Robert Wesley McGrew
Relevant URL: http://cse.msstate.edu/~rwm8/travesty/
Platforms: Linux
Summary: 

Travesty is an interactive program for managing the hardware addresses (MAC) of
ethernet devices on your computer.  It supports manually changing the MAC,
generating random addresses, and applying different vendor prefixes to the
current address.
 It also allows the user to import their own lists of hardware addresses and
descriptions that can be navigated from within the Travesty interface.  Travesty
is written in Python, and is very simple to add functionality to, or modify.

4. WinArpSpoofer 0.5.3
By: Gordon Ahn
Relevant URL: http://www.nextsecurity.net/downloads/winarpspoof/WinArpSpoof.zip
Platforms: Windows 2000, Windows NT, Windows XP
Summary: 

Windows ARP Spoofer (WinArpSpoof) is a program that can scan the computers
including network devices and can spoof their ARP tables on local area network
and can act as a router while pulling all packets on LAN. In addition, traffic
information through this program is measured.

5. OCS 0.1
By: OverIP
Relevant URL: http://hacklab.altervista.org/download/OCS.c
Platforms: Linux
Summary: 

This is a very reliable and fast mass scanner for Cisco router with
telnet/enable default password.

6. Cisco Torch 0.1 alpha
By: Arhont Team
Relevant URL: http://www.arhont.com/cisco-torch.tar.bz2
Platforms: Perl (any system supporting perl)
Summary: 

A fast mass scanning and application layer fingerprinting tool for Cisco devices
written while working on "Hacking Exposed: Cisco Networks" book. Supports telnet
and SSH bruteforcing as well as Cisco management webserver exploitation. More
features would be added soon - see TODO.

V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Security Engineer, Ft Lauterdale, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393128

2. [SJ-JOB] Management, New York City, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393127

3. [SJ-JOB] Management, Minneapolis, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393126

4. [SJ-JOB] Sr. Security Engineer, Hoboken, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393124

5. [SJ-JOB] Sr. Security Engineer, New York (Brooklyn M... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393117

6. [SJ-JOB] Management, Los Angeles, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393116

7. [SJ-JOB] Sales Representative, Columbia, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393115

8. [SJ-JOB] Sales Representative, Charlotte, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393114

9. [SJ-JOB] Security Consultant, Arlington, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393113

10. [SJ-JOB] Security Architect, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393112

11. [SJ-JOB] Management, Milpitas, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393109

12. [SJ-JOB] Security Engineer, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393108

13. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393106

14. [SJ-JOB] Security Engineer, D.C., US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392835

15. [SJ-JOB] Auditor, Houston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392834

16. [SJ-JOB] Auditor, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392833

17. [SJ-JOB] Sales Engineer, Dallas, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392832

18. [SJ-JOB] Security Engineer, New Orleans, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392831

19. [SJ-JOB] Security Engineer, Toronto, CA (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392830

20. [SJ-JOB] Sr. Security Analyst, St. Louis, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392829

21. [SJ-JOB] Security Consultant, St. Louis, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392828

22. [SJ-JOB] Security Consultant, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392763

23. [SJ-JOB] Security Consultant, Charlotte, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392762

24. [SJ-JOB] Security Engineer, San Jose, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392761

25. [SJ-JOB] Instructor, Various US Cities, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392760

26. [SJ-JOB] Sr. Product Manager, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392759

27. [SJ-JOB] Security Consultant, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392758

28. [SJ-JOB] VP of Regional Sales, New York , US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392757

29. [SJ-JOB] Security Engineer, Cupertino, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392756

30. [SJ-JOB] Training / Awareness Specialist, Jersey Cit... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392755

31. [SJ-JOB] Sr. Security Analyst, San Bruno, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392754

32. [SJ-JOB] Security Consultant, Herndon, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392753

33. [SJ-JOB] Security Researcher, Redwood Shores, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392752

34. [SJ-JOB] Security Researcher, San Jose, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392751

35. [SJ-JOB] Jr. Security Analyst, Rosslyn, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392750

36. [SJ-JOB] Sales Engineer, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392749

37. [SJ-JOB] Channel / Business Development, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392748

38. [SJ-JOB] Security Consultant, Raritan, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392614

39. [SJ-JOB] Application Security Architect, San Jose, U... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392611

40. [SJ-JOB] Security Architect, San Jose, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392609

41. [SJ-JOB] Application Security Architect, DC, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392608

42. [SJ-JOB] Sr. Security Engineer, Jersey City, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392607

43. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392606

44. [SJ-JOB] Sales Engineer, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392605

45. [SJ-JOB] VP, Information Security, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392604

46. [SJ-JOB] Sr. Security Engineer, Richland, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/392603

VI. INCIDENTS LIST SUMMARY
--------------------------
1. Master RPC program number data base (/etc/rpc) (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/393169

2. Port 500 scans (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/392640

VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. calling all software security tool vendors/freeware/... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/393254

2. Clarification to: -->calling all software security t... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/393253

3. Security Masters Dojo (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/392942

VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. Limitlogin v1.0 released from MS (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393187

2. Question on IIS servers and reverse lookup ... found... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393102

3. Basic question (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393101

4. Folder Encryption (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393095

5. Question on IIS servers and reverse lookup (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392937

6. SecurityFocus Microsoft Newsletter #231 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392708

7. Disabling USB mass storage (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392707

8. SID Manipulation Issue - Cross Domain Security Vulne... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/392618

IX. SUN FOCUS LIST SUMMARY
--------------------------
NO NEW POSTS FOR THE WEEK 2005-03-08 to 2005-03-15.

X. LINUX FOCUS LIST SUMMARY
---------------------------
1. A question about passwords and login/authentication (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/393105
[ terug ]