Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #293
------------------------------

This Issue is Sponsored By: SPI Dynamics

ALERT: Hackers New Trick: Mass Automation of Web App Worms
Web Application Worms utilize a known exploit, apply worm methodology and
then leverage the power of search engines to accelerate effectiveness.
These attacks mark the beginning of a new generation of worms targeted at
web applications. Are your web apps vulnerable? Easily test your
applications for over 5,100 web app vulnerabilities and attack
methodologies with our complimentary WebInspect 15-day product trial, which
delivers a comprehensive risk report!

http://www.securityfocus.com/sponsor/SPIDynamics_sf-news_050322

------------------------------------------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Computer Ethics, From the Grandstands
     2. A Method for Forensic Previews
     3. Defeating Honeypots: System Issues, Part 1
     4. Linux Kernel Security, Again
II. BUGTRAQ SUMMARY
     1. PAFileDB Multiple SQL Injection And Cross-Site Scripting Vul...
     2. HolaCMS Voting Module Remote File Corruption Vulnerability
     3. PlatinumFTPServer Multiple Malformed User Name Connection De...
     4. Wine Local Insecure File Creation Vulnerability
     5. OpenSLP Multiple Unspecified Buffer Overflow Vulnerabilities
     6. Multiple Vendor Antivirus Products Malformed ZIP Archive Sca...
     7. Spinworks Application Server Remote Denial Of Service Vulner...
     8. Apache Tomcat Remote Malformed Request Denial Of Service Vul...
     9. PABox Post Icon HTML Injection Vulnerability
     10. LuxMan Local Buffer Overflow Vulnerability
     11. Mozilla Suite/Firefox/Thunderbird Nested Anchor Tag Status B...
     12. HolaCMS Voting Module Directory Traversal Remote File Corrup...
     13. Phorum Multiple Subject and Attachment HTML Injection Vulner...
     14. SimpGB Guestbook.PHP SQL Injection Vulnerability
     15. Lime Wire Multiple Remote Unauthorized Access Vulnerabilitie...
     16. PHPAdsNew AdFrame.PHP Cross-Site Scripting Vulnerability
     17. KAME Racoon Malformed ISAKMP Packet Headers Denial of Servic...
     18. MaxDB WebAgent Input Validation Multiple Remote Denial Of Se...
     19. VoteBox Votebox.PHP Remote File Include Vulnerability
     20. RXVT-Unicode Escape Sequence Remote Buffer Overflow Vulnerab...
     21. ZPanel Multiple SQL Injection and File Include Vulnerabiliti...
     22. Linux Kernel PPP Driver Unspecified Remote Denial Of Service...
     23. Novell iChain Mini FTP Server Remote Information Disclosure ...
     24. IBM WebSphere Application Server Remote Information Disclosu...
     25. Novell iChain Server Remote Information Disclosure Unauthori...
     26. Freeciv Remote Denial Of Service Vulnerability
     27. GoodTech Systems Telnet Server for Windows NT/2000/XP/2003 R...
     28. Linux Kernel Netfilter Memory Leak Local Denial of Service V...
     29. PHPOpenChat Multiple Remote File Include Vulnerabilities
     30. Symantec Gateway Security Unspecified Remote DNS Cache Poiso...
     31. DataRescue IDA Pro Dynamically Linked Library Remote Format ...
     32. KDE DCOPServer Local Denial of Service Vulnerability
     33. Citrix MetaFrame Multiple Vulnerabilities
     34. Woodstone Servers Alive Local Privilege Escalation Vulnerabi...
     35. ASPJar Guestbook Tell-a-Friend Cross-Site Scripting Vulnerab...
     36. Microsoft InfoPath 2003 Insecure Information Storage Vulnera...
     37. Novell Evolution Unspecified Denial of Service Vulnerability
     38. Initial Redirect Unspecified Remote Buffer Overflow Vulnerab...
     39. PunBB Multiple HTML Injection Vulnerabilities
     40. Lysator LSH Unspecified Denial Of Service Vulnerability
     41. ThePoolClub IPool/ISnooker Insecure Local Credential Storage...
     42. Novell Netware Xsession Unauthorizied Server Console Access ...
     43. McAfee Antivirus Library LHA Archive Handler Stack Based Buf...
     44. MailEnable Remote Format String Vulnerability
     45. Microsoft Windows Graphical Device Interface Library Denial ...
     46. McNews Install.PHP Arbitrary File Include Vulnerability
     47. ACS Blog Search.ASP Cross-Site Scripting Vulnerability
     48. Linux Kernel Multiple Unspecified ISO9660 Filesystem Handlin...
     49. Sun Solaris NewGRP Local Buffer Overflow Vulnerability
     50. Subdreamer SQL Injection Vulnerability
     51. Massimiliano Montoro Cain & Abel PSK Sniffer Remote Heap Buf...
     52. PHPOpenChat Multiple HTML Injection Vulnerabilities
     53. Webroot My Firewall Local Insecure File Creation Vulnerabili...
     54. NotifyLink Enterprise Server Multiple Vulnerabilities
     55. PHP-Post Multiple Remote Input Validation Vulnerabilities
     56. Belkin 54G Wireless Router Multiple Vulnerabilities
     57. Sun Java Web Start System Property Tags Remote Unauthorized ...
     58. RunCMS Database Configuration Information Disclosure Vulnera...
III. SECURITYFOCUS NEWS ARTICLES
     1. Companies resist nuclear cyber security rule
     2. Feds square off with organized cyber crime
     3. WebTV 911 prankster guilty
     4. Duo charged over DDoS hire for scam
     5. Britain tops zombie PC charts
     6. Online profiler: Internet assistant or cyberstalking?
IV. SECURITYFOCUS TOP 6 TOOLS
     1. Bitform Discover 2005.1
     2. Libnids 1.2
     3. File System Saint 1.02a
     4. TextKeeper 5.0
     5. DeSPAM Tunnel 3.0.0
     6. Umbrella v0.5
V. SECURITYJOBS LIST SUMMARY
     1. [SJ-JOB] Sales Representative, Boulder, US (Thread)
     2. [SJ-JOB] Security Consultant, New York, US (Thread)
     3. [SJ-JOB] Manager, Information Security, New York (Br... (Thread)
     4. [SJ-JOB] CSO, Jacksonville, US (Thread)
     5. [SJ-JOB] Forensics Engineer, UK location, GB (Thread)
     6. [SJ-JOB] Security Engineer, Whitehouse Station, US (Thread)
     7. [SJ-JOB] Manager, Information Security, Warren, US (Thread)
     8. [SJ-JOB] Regional Channel Manager, Washington DC, US (Thread)
     9. [SJ-JOB] Security Engineer, Campbell, US (Thread)
     10. [SJ-JOB] Incident Handler, Los Angeles, US (Thread)
     11. [SJ-JOB] Security Product Marketing Manager, Aliso V... (Thread)
     12. [SJ-JOB] Security Researcher, San Diego, US (Thread)
     13. [SJ-JOB] Customer Service, Boston, US (Thread)
     14. [SJ-JOB] Account Manager, New York City, US (Thread)
     15. [SJ-JOB] Security Consultant, Kirkland, US (Thread)
     16. [SJ-JOB] Security Consultant, Atlanta, US (Thread)
     17. [SJ-JOB] Compliance Officer, Atlanta, US (Thread)
     18. [SJ-JOB] Instructor, Atlanta, US (Thread)
     19. [SJ-JOB] Security Consultant, South East England/Sco... (Thread)
     20. [SJ-JOB] Security Engineer, Atlanta, US (Thread)
     21. [SJ-JOB] Sales Engineer, San Francisco, US (Thread)
     22. [SJ-JOB] Security Engineer, Tysons Corner, US (Thread)
     23. [SJ-JOB] Security System Administrator, Boca Raton, ... (Thread)
     24. [SJ-JOB] Technology Risk Consultant, Riyadh, SA (Thread)
     25. [SJ-JOB] Application Security Architect, Redwood Cit... (Thread)
     26. [SJ-JOB] Security Product Marketing Manager, Redmond... (Thread)
     27. [SJ-JOB] Application Security Architect, Irvine, CA,... (Thread)
     28. [SJ-JOB] Security Product Manager, Redmond, US (Thread)
     29. [SJ-JOB] Management, new york, US (Thread)
     30. [SJ-JOB] Security Engineer, new york, US (Thread)
     31. [SJ-JOB] Security Architect, new york, US (Thread)
     32. [SJ-JOB] Security Engineer, 10016, US (Thread)
     33. [SJ-JOB] Sr. Security Engineer, Hershey, US (Thread)
     34. [SJ-JOB] Application Security Engineer, New York, US (Thread)
     35. [SJ-JOB] Technical Support Engineer, San Francisco, ... (Thread)
     36. [SJ-JOB] VP, Information Security, New York, US (Thread)
     37. [SJ-JOB] Information Assurance Analyst, New York, US (Thread)
     38. [SJ-JOB] Security Engineer, Warren, US (Thread)
     39. [SJ-JOB] Sr. Security Analyst, Hershey, US (Thread)
     40. [SJ-JOB] Application Security Architect, Kansas City... (Thread)
     41. [SJ-JOB] Security Consultant, Columbus, US (Thread)
     42. [SJ-JOB] Security Architect, Columbus, US (Thread)
     43. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
     44. [SJ-JOB] Manager, Information Security, New York, US (Thread)
     45. [SJ-JOB] Application Security Engineer, Ottawa, CA (Thread)
VI. INCIDENTS LIST SUMMARY
     1. Netscreen 5XT SSH Traffic (Thread)
     2. Administrivia: Good mailing list social graces. (Thread)
     3. Pubstro rash (Thread)
     4. RE : Pubstro rash (Thread)
     5. strange software > winsupdater.exe (Thread)
     6. awstats holes being exploited in the wild (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
     NO NEW POSTS FOR THE WEEK 2005-03-15 to 2005-03-22.
VIII. MICROSOFT FOCUS LIST SUMMARY
     1. UF_PASSWD_NOTREQD user account flag (Thread)
     2. Disabling USB mass storage (Thread)
     3. SecurityFocus Microsoft Newsletter #232 (Thread)
     4. Basic question (Thread)
     5. CONTENT FILTERING (Thread)
IX. SUN FOCUS LIST SUMMARY
     1. Experiences using 'enhanced' Solaris features: BSM, ... (Thread)
X. LINUX FOCUS LIST SUMMARY
     1. A question about passwords and login/authentication (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Computer Ethics, From the Grandstands
By Mark Rasch
The recent security breach that exposed an individual's application status
at top business schools raises moral and ethical questions about cyberspace.
http://www.securityfocus.com/columnists/309

2. A Method for Forensic Previews
By Timothy E. Wright
This article explains the forensic preview process, whereby a production
machine is left as undisturbed as possible while it is evaluated for
potential intrusion and compromise.
http://www.securityfocus.com/infocus/1825

3. Defeating Honeypots: System Issues, Part 1
By Thorsten Holz and Frederic Raynal
This two-part paper discusses how hackers discover, interact with, and
sometimes disable honeypots at the system level and application layer.
http://www.securityfocus.com/infocus/1826

4. Linux Kernel Security, Again
By Jason Miller
It's a sad day when an ancient fork bomb attack can still take down most of
the latest Linux distributions.
http://www.securityfocus.com/columnists/308

II. BUGTRAQ SUMMARY
-------------------
1. PAFileDB Multiple SQL Injection And Cross-Site Scripting Vul...
BugTraq ID: 12788
Remote: Yes
Date Published: Mar 12 2005
Relevant URL: http://www.securityfocus.com/bid/12788
Summary:
Multiple SQL injection and cross-site scripting vulnerabilities exist in
paFileDB.  These issues are reported to exist in the 'viewall.php' and
'category.php' scripts.

Exploitation of these issues may allow for compromise of the software, session
hijacking, or attacks against the underlying database.

2. HolaCMS Voting Module Remote File Corruption Vulnerability
BugTraq ID: 12789
Remote: Yes
Date Published: Mar 12 2005
Relevant URL: http://www.securityfocus.com/bid/12789
Summary:
HolaCMS is prone to a vulnerability that may allow remote users to corrupt files
on the server.  This is due an input validation error that allows users to
submit voting data to an attacker-specified file.

It has been demonstrated that the issue may be exploited to compromise HolaCMS. 
Arbitrary system files may also be corrupted in the context of the Web server
process.  Though unconfirmed, it may be possible to execute arbitrary code by
corrupting scripts on the computer.

3. PlatinumFTPServer Multiple Malformed User Name Connection De...
BugTraq ID: 12790
Remote: Yes
Date Published: Mar 12 2005
Relevant URL: http://www.securityfocus.com/bid/12790
Summary:
PlatinumFTPServer is prone to a denial of service vulnerability.  This issue is
reported to occur when a remote user makes 50 or more connections that attempt
to authenticate with a malformed user name.

4. Wine Local Insecure File Creation Vulnerability
BugTraq ID: 12791
Remote: No
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12791
Summary:
A local insecure file creation vulnerability affects Wine.  This issue is due to
a design error that fails to securely write to files in world-accessible
directories.

An attacker may leverage this issue to use a symbolic link file named after the
offending temporary file to write to arbitrary files with an unsuspecting user's
privileges.  Furthermore and attacker may gain access to potentially sensitive
information contained within the temporary file.

5. OpenSLP Multiple Unspecified Buffer Overflow Vulnerabilities
BugTraq ID: 12792
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12792
Summary:
OpenSLP is prone to multiple unspecified buffer overflow vulnerabilities.  These
vulnerabilities may be triggered by malformed SLP (Service Location Protocol)
packets.

If successfully exploited, these issues could allow remote code execution in the
context of the software.

6. Multiple Vendor Antivirus Products Malformed ZIP Archive Sca...
BugTraq ID: 12793
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12793
Summary:
Multiple antivirus products from various vendors are reported prone to a
vulnerability that may allow potentially malformed ZIP archives to bypass
detection.

This issue arises when an affected application processes a ZIP archive
containing potentially malicious files with specially crafted file names.

This issue could result in a malicious ZIP archive bypassing detection and being
executed by a recipient.

This vulnerability reportedly affects Trend Micro InterScan VirusWall for Linux
version 3.1.  AVG Anti-Virus is reported to be affected as well.

Sophos Sweep is being removed as a vulnerable package as the vendor has reported
that the correct procedure for scanning archives is to use the '-all' switch
instead of '-archive'.  The application is not affected if '-all' switch is used
to scan a malicious archive.

This BID will be updated when more information becomes available.

7. Spinworks Application Server Remote Denial Of Service Vulner...
BugTraq ID: 12794
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12794
Summary:
A remote denial of service vulnerability affects Spinworks Application Server. 
This issue is due to a failure of the application to properly handle malformed
requests.

An attacker may leverage this issue to trigger a denial of service condition in
the affected software.

8. Apache Tomcat Remote Malformed Request Denial Of Service Vul...
BugTraq ID: 12795
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12795
Summary:
A remote denial of service vulnerability affects Apache Tomcat.  This issue is
due to a failure of the application to properly handle malformed requests.

An attacker may leverage this issue to trigger a denial of service condition in
the affected software.

9. PABox Post Icon HTML Injection Vulnerability
BugTraq ID: 12796
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12796
Summary:
paBox is reportedly affected by a HTML injection vulnerability.  This issue is
due to a failure in the application to properly sanitize user-supplied input
before using it in dynamically generated content.

The attacker-supplied HTML and script code would be able to access properties of
the site, potentially allowing for theft of cookie-based authentication
credentials.  An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

This issue is reported to affect paBox 2.0; earlier versions may also be
vulnerable.

10. LuxMan Local Buffer Overflow Vulnerability
BugTraq ID: 12797
Remote: No
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12797
Summary:
LuxMan is reported prone to a local buffer overflow vulnerability.

A successful attack, can allow an attacker to gain elevated privileges on a
vulnerable computer.

LuxMan 0.41-17 is reported prone to this vulnerability.  It is possible that
other versions are affected as well.

11. Mozilla Suite/Firefox/Thunderbird Nested Anchor Tag Status B...
BugTraq ID: 12798
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12798
Summary:
Mozilla Suite/Firefox and Thunderbird are reported prone to a URI obfuscation
weakness. The issue is reported to manifest when 'Save Link As...' functionality
is invoked on an malicious anchor tag.

This issue may be leveraged by an attacker to display false information in the
status bar of an unsuspecting user, allowing an attacker to present downloads to
users that seem to originate from a trusted location. This may facilitate
attacks based on this false sense of trust.

12. HolaCMS Voting Module Directory Traversal Remote File Corrup...
BugTraq ID: 12799
Remote: Yes
Date Published: Mar 13 2005
Relevant URL: http://www.securityfocus.com/bid/12799
Summary:
HolaCMS is prone to a vulnerability that may allow remote users to corrupt files
on the server.

This issue is similar to the vulnerability described in BID 12789 (HolaCMS
Voting Module Remote File Corruption Vulnerability).  It is reported that
HolaCMS 1.4.9-1, which was released to address the issue in BID 12789 is still
vulnerable to a variant of that issue.

Specifically, an attacker can bypass the fix introduced in HolaCMS 1.4.9-1 by
including directory traversal sequences in the path to a target file.

HolaCMS 1.4.9-1 and prior versions are affected by this issue.

13. Phorum Multiple Subject and Attachment HTML Injection Vulner...
BugTraq ID: 12800
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12800
Summary:
Phorum is reportedly affected by multiple HTML injection vulnerabilities.  These
issues are due to a failure in the application to properly sanitize
user-supplied input before using it in dynamically generated content.

The attacker-supplied HTML and script code would be able to access properties of
the site, potentially allowing for theft of cookie-based authentication
credentials.  An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

These issues are reported to affect Phorum 5.0.14; earlier versions may also be
affected.

14. SimpGB Guestbook.PHP SQL Injection Vulnerability
BugTraq ID: 12801
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12801
Summary:
SimpGB is reportedly affected by an SQL injection vulnerability. This issue is
due to the application failing to properly sanitize user-supplied input passed
to the 'guestbook.php' script before using it in a SQL query.

This vulnerability could permit remote attackers to pass malicious input to
database queries, resulting in modification of query logic or other attacks.

15. Lime Wire Multiple Remote Unauthorized Access Vulnerabilitie...
BugTraq ID: 12802
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12802
Summary:
Multiple remote unauthorized access vulnerabilities affect Lime Wire.  These
issues are due to the application failing to securely service malicious
requests.

Two issues have been reported; both issues are due to a failure of the
application to ensure that file requests for files outside of the application's
shared directory are denied.

An attacker may leverage these issues to gain access to potentially sensitive
files with the permissions of the unsuspecting user that activated the affected
application.

16. PHPAdsNew AdFrame.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 12803
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12803
Summary:
phpAdsNew is reportedly affected by a remote cross-site scripting vulnerability.
 This issue is due to a failure in the application to properly sanitize
user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

17. KAME Racoon Malformed ISAKMP Packet Headers Denial of Servic...
BugTraq ID: 12804
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12804
Summary:
racoon is reported prone to a vulnerability that may allow a remote attacker to
cause a denial of service condition in the application.

This issue arises from a boundary condition error when the application handles
malformed ISAKMP packets.

racoon versions prior to 20050307 are considered to be vulnerable to this issue.

18. MaxDB WebAgent Input Validation Multiple Remote Denial Of Se...
BugTraq ID: 12805
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12805
Summary:
MaxDB WebAgent is prone to multiple remote denial of service vulnerabilities.
These issues arise as the application fails to sufficiently sanitize
user-supplied parameter input.

A remote attacker may exploit this vulnerability to deny service to legitimate
users.

This vulnerability is reported to affect MySQL MaxDB 7.5.00 for Microsoft
Windows platforms; other versions might also be affected.

19. VoteBox Votebox.PHP Remote File Include Vulnerability
BugTraq ID: 12806
Remote: Yes
Date Published: Mar 14 2005
Relevant URL: http://www.securityfocus.com/bid/12806
Summary:
It is reported that VoteBox is affected by a remote PHP file include
vulnerability. This issue is due in part to the application failing to properly
sanitize user-supplied input to the 'votebox.php' script. 

Remote attackers could potentially exploit this issue to include and execute a
remote malicious PHP script.

This issue reportedly affects VoteBox version 2.0, previous versions might also
be affected.

20. RXVT-Unicode Escape Sequence Remote Buffer Overflow Vulnerab...
BugTraq ID: 12807
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12807
Summary:
A remote buffer overflow vulnerability affects rxvt-unicode.  The issue is due
to a failure of the application to securely copy externally supplied input into
sensitive process buffers.

An attacker may leverage this issue to execute arbitrary code with the
privileges of the unsuspecting user that activated the affected application.

21. ZPanel Multiple SQL Injection and File Include Vulnerabiliti...
BugTraq ID: 12809
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12809
Summary:
ZPanel is reportedly affected by multiple input validation vulnerabilities.

ZPanel is affected by multiple SQL injection vulnerabilities.  These issues are
due to a failure in the application to properly sanitize user-supplied input
before using it in SQL queries.

ZPanel is also affected by remote and local file inclusion vulnerabilities. 
These issue are due to a failure in the application to properly sanitize
user-supplied input.

The SQL injection vulnerabilities are reported to affect ZPanel versions 2 and
2.5beta; other versions may also be affected.

The remote file inclusion vulnerability is reported to only affect ZPanel
version 2.  The local file inclusion vulnerability is reported to affect ZPanel
version 2 and 2.5beta.

22. Linux Kernel PPP Driver Unspecified Remote Denial Of Service...
BugTraq ID: 12810
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12810
Summary:
Linux Kernel (Point-to-Point Protocol) PPP Driver is reported prone to an
unspecified remote denial of service vulnerability.

A successful attack can cause a denial of service condition in the server and
prevent access to legitimate users.

Linux Kernel 2.6.8 was reported vulnerable.  It is possible that subsequent
versions are affected as well.

Due to a lack of details, further information is not available at the moment. 
This BID will be updated when more information becomes available.

23. Novell iChain Mini FTP Server Remote Information Disclosure ...
BugTraq ID: 12811
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12811
Summary:
Novell iChain Mini FTP server is reported prone to a remote information
disclosure vulnerability. It is reported that during authentication the service
responds with different messages based on valid or invalid usernames.

Information that is harvested in this manner may then be used to aid in further
attacks.

24. IBM WebSphere Application Server Remote Information Disclosu...
BugTraq ID: 12812
Remote: No
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12812
Summary:
A remote information disclosure vulnerability affects IBM WebSphere Application
Server. This issue is due to a failure of the application to properly secure
potentially sensitive information, and may be triggered only under certain
circumstances.

This issue will cause potentially sensitive information to be preloaded into a
password change Web form, potentially facilitating brute force password attacks.

25. Novell iChain Server Remote Information Disclosure Unauthori...
BugTraq ID: 12813
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12813
Summary:
Novell iChain server is reported prone to an information disclosure
vulnerability that can lead to unauthorized access.

An attacker on the local network can sniff network traffic and gain access to
sensitive information such as configuration data and authentication credentials
for various services.

An attacker can also sniff network traffic, obtain a sensitive cookie and use it
in a malicious Java applet to gain unauthorized access to the iChain server by
hijacking another user's account.

This vulnerability can allow an attacker to gain administrative access to an
affected iChain server.

26. Freeciv Remote Denial Of Service Vulnerability
BugTraq ID: 12814
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12814
Summary:
The Freeciv game server is reported prone to a remote denial of service
vulnerability. The issue is reported to exist because the affected software does
not gracefully handle incomplete or modified requests.

A remote attacker may exploit this issue to deny service for legitimate users.

27. GoodTech Systems Telnet Server for Windows NT/2000/XP/2003 R...
BugTraq ID: 12815
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12815
Summary:
A remote buffer overflow vulnerability affects GoodTech Systems Telnet Server
for Windows NT/2000/XP/2003.  This issue is due to a failure of the application
to securely copy network-derived data into sensitive process buffers.

An attacker may leverage this issue to execute arbitrary code with SYSTEM
privileges on a computer running a vulnerable version of the affected software.

28. Linux Kernel Netfilter Memory Leak Local Denial of Service V...
BugTraq ID: 12816
Remote: Unknown
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12816
Summary:
Linux Kernel is reported prone to a local denial of service vulnerability due to
a memory leak in Netfilter code.  This issue can allow an attacker to crash a
computer and deny service to legitimate users.

It is not known whether this issue allows for remote exploitation.

Linux Kernel 2.6.8 was reported vulnerable, however, it is possible that
subsequent versions are affected as well.

29. PHPOpenChat Multiple Remote File Include Vulnerabilities
BugTraq ID: 12817
Remote: Yes
Date Published: Mar 15 2005
Relevant URL: http://www.securityfocus.com/bid/12817
Summary:
PHPOpenChat is prone to multiple remote file include vulnerabilities.

An attacker may leverage these issues to execute arbitrary server-side script
code on an affected computer with the privileges of the Web server process. This
may facilitate unauthorized access. 

PHPOpenChat 3.0.1 and prior versions are reported prone to this issue.

30. Symantec Gateway Security Unspecified Remote DNS Cache Poiso...
BugTraq ID: 12818
Remote: Yes
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12818
Summary:
A remote DNS cache poisoning vulnerability affects Symantec Gateway Security. 
The underlying issue causing this vulnerability is currently unknown.

An attacker may leverage this issue to manipulate cache data, potentially
facilitating man-in-the-middle, site impersonation, or denial of service
attacks.

31. DataRescue IDA Pro Dynamically Linked Library Remote Format ...
BugTraq ID: 12819
Remote: Yes
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12819
Summary:
A remote, client-side format string vulnerability affects DataRescue IDA Pro.
This issue is due to a failure of the application to securely implement a
formatted printing function.

An attacker may leverage this issue to execute arbitrary code with the
privileges of an unsuspecting user that executed the vulnerable application.

32. KDE DCOPServer Local Denial of Service Vulnerability
BugTraq ID: 12820
Remote: No
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12820
Summary:
KDE's Desktop Communication Protocol (DCOP) daemon is affected by a local denial
of service vulnerability.

It is reported that a user's DCOPServer can be locked up by causing the
authentication process to stall.

All versions of KDE prior to 3.4 are affected by this issue.

This BID will be updated when more information is available.

33. Citrix MetaFrame Multiple Vulnerabilities
BugTraq ID: 12821
Remote: Yes
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12821
Summary:
Citrix MetaFrame is reported prone to multiple vulnerabilities. The following
individual issues are reported to exist:

The first issue is reported to affect the Citrix MetaFrame Conferencing Manager
application. It is reported that users that are partaking in a conference may
have keyboard and mouse control over the conference host even when the
conference host has specified that keyboard and mouse control is not permitted.

The second issue is reported to affect the Citrix MetaFrame Password Manager. It
is reported that the secondary password may be viewed even if it has been
configured as inaccessible.

A local attacker may exploit this vulnerability to view the secondary password
assigned to them.

This vulnerability is reported to affect Citrix MetaFrame Password Manager
version 2.5 and previous versions.

34. Woodstone Servers Alive Local Privilege Escalation Vulnerabi...
BugTraq ID: 12822
Remote: No
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12822
Summary:
A local privilege escalation vulnerability affects Woodstone Servers Alive. 
This issue is due to a design error that fails to implement proper access
restrictions.

A local attacker may leverage this issue to gain SYSTEM privilege access to an
affected computer.

35. ASPJar Guestbook Tell-a-Friend Cross-Site Scripting Vulnerab...
BugTraq ID: 12823
Remote: Yes
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12823
Summary:
ASPJar Guestbook is reportedly affected by a cross-site scripting vulnerability.
 This issue is due to a failure in the application to properly sanitize
user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

36. Microsoft InfoPath 2003 Insecure Information Storage Vulnera...
BugTraq ID: 12824
Remote: No
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12824
Summary:
Microsoft InfoPath is reported prone to an insecure data storage vulnerability.
It is reported that the issue manifests when functionality that was introduced
with service pack one is employed.

An attacker that can access the 'Manifest.xsf' file may employ stored data to
aid in further attacks.

37. Novell Evolution Unspecified Denial of Service Vulnerability
BugTraq ID: 12826
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12826
Summary:
Evolution is vulnerable to a remotely exploitable denial of service condition
related to processing of messages with malformed unicode specifications. 
Messages with certain properties can cause a failure that will force the client
to crash when the message is processed.  The denial of service may persist until
the message is manually removed from the mail archive.  Usenet posts may be an
ideal vector for a passive attack against unsuspecting readers.

38. Initial Redirect Unspecified Remote Buffer Overflow Vulnerab...
BugTraq ID: 12827
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12827
Summary:
A remote buffer overflow vulnerability affects Initial Redirect. This issue is
due to a failure of the application to securely copy user-supplied data into
potentially sensitive process buffers.

The affect of this issue is currently unspecified.  However, due to the nature
of the vulnerability it is likely that this issue may facilitate denial of
service attacks and potentially remote code execution.  

This BID will be updated as more details become available.

39. PunBB Multiple HTML Injection Vulnerabilities
BugTraq ID: 12828
Remote: Yes
Date Published: Mar 16 2005
Relevant URL: http://www.securityfocus.com/bid/12828
Summary:
PunBB is reportedly affected by multiple HTML injection vulnerabilities.

An attacker could also exploit this issue to control how the site is rendered to
the user; other attacks are also possible such as the theft of cookie-based
authentication credentials.

PunBB 1.2.3 is reported vulnerable, however, other versions may be affected as
well.

40. Lysator LSH Unspecified Denial Of Service Vulnerability
BugTraq ID: 12829
Remote: Unknown
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12829
Summary:
An unspecified denial of service vulnerability affects Lysator LSH.  The
underlying cause of this issue is currently unknown; this BID will be updated as
more details become available.

An attacker may leverage this issue to cause the affected application to stop
responding or crash, ultimately denying service to legitimate users.

41. ThePoolClub IPool/ISnooker Insecure Local Credential Storage...
BugTraq ID: 12830
Remote: No
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12830
Summary:
iPool and iSnooker are reported prone to a design flaw. It is reported that the
applications store username and passwords in plaintext in a folder that is
accessible by all local users.

An attacker with local interactive access to the affected computer may exploit
this issue to retrieve iPool and iSnooker credentials, this data may aid in
further exploit attempts.

iSnooker and iPool versions up to an including version 1.6.8 are reported prone
to this issue.

42. Novell Netware Xsession Unauthorizied Server Console Access ...
BugTraq ID: 12831
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12831
Summary:
It is reported that Netware is affected by a vulnerability that may allow an
unauthorized user to access the server console of a computer that is responsible
for providing xwindows sessions.  The cause of the vulnerability is an access
validation error due to missing authentication routines.

This issue can allow an attacker to delete and manipulate data on the server and
may lead to other attacks.

Novell Netware 6.5 SP2 and subsequent versions are reportedly affected by this
vulnerability.  It is possible that other versions are affected as well.

43. McAfee Antivirus Library LHA Archive Handler Stack Based Buf...
BugTraq ID: 12832
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12832
Summary:
McAfee Antivirus Library is reported prone to a buffer overflow vulnerability.
The issue is reported to exist in the LHA archive parser. The affected library
does not perform sufficient bounds checking on LHA type two header file name
fields before copying the data into a finite process buffer.

Although unclear, it is reported that the LHA archive must be especially
malformed and conform to an alternate non-archive file format in order to
trigger the vulnerability.

A remote attacker may exploit this vulnerability to execute arbitrary code with
SYSTEM privileges on a computer that is running the affected software.

44. MailEnable Remote Format String Vulnerability
BugTraq ID: 12833
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12833
Summary:
MailEnable is reported prone to a remote format string vulnerability.

Reportedly this issue arises when the application handles malicious data passed
through a malformed SMTP request.

A successful attack may result in crashing the server or lead to arbitrary code
execution. This may facilitate unauthorized access or privilege escalation in
the context the server. 

MailEnable 1.8 is reported vulnerable, however, it is possible that other
versions are affected as well.

45. Microsoft Windows Graphical Device Interface Library Denial ...
BugTraq ID: 12834
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12834
Summary:
Reportedly, a denial of service vulnerability affects Microsoft Windows GDI
library 'gdi32.dll'.  This issue is due to a failure of the application to
securely copy data from malformed EMF image files.

An attacker may leverage this issue to trigger a denial of service condition in
software implementing the vulnerable library.  Other attacks may also be
possible.

46. McNews Install.PHP Arbitrary File Include Vulnerability
BugTraq ID: 12835
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12835
Summary:
mcNews is reportedly affected by a remote file include vulnerability. This issue
is due to a failure in the application to properly sanitize user-supplied input
to the 'install.php' script.

This issue is reported to affect mcNews versions 1.3 and prior.

47. ACS Blog Search.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 12836
Remote: Yes
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12836
Summary:
ACS Blog is reportedly affected by a cross-site scripting vulnerability.  This
issue is due to a failure in the application to properly sanitize user-supplied
input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

48. Linux Kernel Multiple Unspecified ISO9660 Filesystem Handlin...
BugTraq ID: 12837
Remote: No
Date Published: Mar 17 2005
Relevant URL: http://www.securityfocus.com/bid/12837
Summary:
It is reported that the Linux kernel is prone to multiple vulnerabilities that
manifest because of what are described as 'range checking flaws' present in the
ISO9660 handling routines.

These issues may be exploited to trigger kernel based memory corruption.
Ultimately the issues may be exploited to execute arbitrary malicious code with
ring zero privileges.

These vulnerabilities are reported to be present in the ISO9660 file system
handler including Rock Ridge and Juliet extensions for the Linux kernel up to
and including version 2.6.11.

49. Sun Solaris NewGRP Local Buffer Overflow Vulnerability
BugTraq ID: 12838
Remote: No
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12838
Summary:
A local buffer overflow vulnerability affects Sun Solaris newgrp.  This issue is
due to a failure of the application to securely copy user-supplied data into
potentially sensitive process buffers.

An attacker may leverage this issue to execute arbitrary code with superuser
privileges, facilitating local privilege escalation.

50. Subdreamer SQL Injection Vulnerability
BugTraq ID: 12839
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12839
Summary:
Subdreamer is prone to an SQL injection vulnerability.

Because of this, a malicious user may influence database queries in order to
view or modify sensitive information, potentially compromising the software or
the database. 

Subdreamer Light is reported to be affected by this issue.  All versions of
Subdreamer Light are considered to be vulnerable at the moment.

51. Massimiliano Montoro Cain & Abel PSK Sniffer Remote Heap Buf...
BugTraq ID: 12840
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12840
Summary:
Massimiliano Montoro Cain & Abel is reported prone to a heap-based buffer
overflow vulnerability. The issue is reported to exist due to a lack of
sufficient boundary checks performed when processing certain IKE packet
parameter data.

It is reported that a remote attacker may leverage this vulnerability to execute
arbitrary code in the context of a victim user that is running the vulnerable
application.

Cain & Abel version 2.65 is reported prone to this vulnerability.

52. PHPOpenChat Multiple HTML Injection Vulnerabilities
BugTraq ID: 12841
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12841
Summary:
PHPOpenChat is reportedly affected by multiple remote HTML injection
vulnerabilities.  These issues are due to a failure in the application to
properly sanitize user-supplied input before using it in dynamically generated
content.

Attacker-supplied HTML and script code would be able to access properties of the
site, potentially allowing for theft of cookie-based authentication credentials.
An attacker could also exploit this issue to control how the site is rendered to
the user; other attacks are also possible.

53. Webroot My Firewall Local Insecure File Creation Vulnerabili...
BugTraq ID: 12842
Remote: No
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12842
Summary:
A local insecure file creation vulnerability affects Webroot My Firewall.  This
issue is due to an access validation issue that allows an unprivileged user to
create files with escalated privileges.

This issue may be exploited by a local attacker to corrupt arbitrary files on an
affected computer with SYSTEM privileges.

54. NotifyLink Enterprise Server Multiple Vulnerabilities
BugTraq ID: 12843
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12843
Summary:
NotifyLink Enterprise Server is reported prone to multiple vulnerabilities. 
These issues can allow an attacker to disclose sensitive information, gain
unauthorized access to certain functions, carry out SQL injection attacks and
potentially disclose encrypted email messages.

The following specific issues were identified:

It is reported that the server is affected by a weakness that can allow an
administrative user to disclose the NotifyLink server and mail server passwords
of other users.

Another vulnerability can allow a user to bypass security restrictions and gain
access to restricted functions.

The application is also affected by multiple remote SQL injection
vulnerabilities. 

Another weakness in the application may allow an attacker to potentially
disclose encrypted emails.

NotifyLink Enterprise Server versions prior to 3.0 are affected by these issues.

55. PHP-Post Multiple Remote Input Validation Vulnerabilities
BugTraq ID: 12845
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12845
Summary:
Multiple remote input validation vulnerabilities affect PHP-Post.  These issues
are due to a failure of the application to properly sanitize user-supplied input
prior to including it in critical site functionality.

The issues reported are multiple unspecified cross-site scripting
vulnerabilities and a username spoofing issue. 

An attacker may leverage these issues to execute arbitrary code in the browsers
of unsuspecting users and to spoof previously registered usernames.

56. Belkin 54G Wireless Router Multiple Vulnerabilities
BugTraq ID: 12846
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12846
Summary:
The Belkin 54G (F5D7130) appliance is reported prone to multiple remote
vulnerabilities. The following individual issues are reported:

It is reported that the Belkin 54G appliance transmits UPNP datagrams to the
connected private network at regular intervals. Reports indicate that these
datagrams contain a URI, this URI may be accessed by local network users without
requiring authentication.

A remote attacker that resides on the local network segment connected to the
affected appliance may exploit this vulnerability to disclose sensitive
information.

It is reported that SNMP support is enabled on the affected appliance under a
default configuration.

A remote attacker that resides on the local network segment connected to the
affected appliance may exploit this vulnerability to disclose sensitive
information.

Finally, it is reported that the SNMP service may be exploited to deny service
for legitimate users.

A remote attacker that resides on the local network segment connected to the
affected appliance may exploit this vulnerability to deny service for legitimate
users.

57. Sun Java Web Start System Property Tags Remote Unauthorized ...
BugTraq ID: 12847
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12847
Summary:
A remote unauthorized access vulnerability affects Java Web Start.  This issue
is due to a failure of the application to properly validate user-supplied input
prior to considering it as trusted.

An attacker may leverage this issue to gain unauthorized read and write access
to affected computers.  Other attacks may also be possible.  It should be noted
that unauthorized access granted in this way will be with the privileges of the
unsuspecting user that visits a malicious website.

58. RunCMS Database Configuration Information Disclosure Vulnera...
BugTraq ID: 12848
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12848
Summary:
RunCMS is reportedly affected by an information disclosure vulnerability.  This
issue is due to a failure in the application to secure sensitive information.

Exploitation of this vulnerability could lead to the disclosure of database
configuration details, including the database name, user name and password.

RunCMS was formerly named E-Xoops.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Companies resist nuclear cyber security rule
By: Kevin Poulsen

A proposed standard  for protecting nuclear power plant safety systems from
cyber attack gets a less than glowing reaction from system vendors and plant
operators.

http://www.securityfocus.com/news/10618

2. Feds square off with organized cyber crime
By: Kevin Poulsen

Law enforcement sees undercover operations as a key to unraveling sophisticated
alliances between computer intruders and fraud artists.
http://www.securityfocus.com/news/10525

3. WebTV 911 prankster guilty
By: Kevin Poulsen

Louisiana man cops to endangering public safety by sending out a malicious
script that made set-top boxes call the police.

http://www.securityfocus.com/news/10523

4. Duo charged over DDoS hire for scam
By: John Leyden, The Register

The FBI last week arrested a 17 year-old and a Michigan man over suspected
involvement in a denial of service for hire racket.
http://www.securityfocus.com/news/10739

5. Britain tops zombie PC charts
By: John Leyden, The Register

Britain has the largest zombie PC population of any country on the planet,
according to the latest Symantec Internet Security Threat Report.
http://www.securityfocus.com/news/10730

6. Online profiler: Internet assistant or cyberstalking?
By: Jay Lindsay, The Associated Press

http://www.securityfocus.com/news/10727

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. Bitform Discover 2005.1
By: Bitform Technology Inc.
Relevant URL: http://www.bitform.net/products/discover/
Platforms: Java
Summary: 

Bitform Discover is a powerful utility that quickly analyzes individual
documents or whole collections of documents and reports on more than two dozen
potentially sensitive hidden data elements. Discover supports Microsoft Word,
Excel and PowerPoint file formats.

2. Libnids 1.2
By: Rafal Wojtczuk
Relevant URL: http://libnids.sourceforge.net/
Platforms: Os Independent
Summary: 

NIDS E-box implementation; emulates linux 2.0.36 TCP/IP stack. It provides IP
defragmentation, TCP reassembly, portscan detection.

3. File System Saint 1.02a
By: Joshua Fritsch
Relevant URL: http://www.unixgeeks.org/saint
Platforms: Linux, UNIX
Summary: 

A fast, flexible, lightweight perl-based host IDS.

4. TextKeeper 5.0
By: HardwareCrasher
Relevant URL: http://members.lycos.co.uk/textkeeper/tkup.zip
Platforms: Windows 2000, Windows 95/98, Windows XP
Summary: 

Encrypts text using numeric combinations and two algorithms, One of the
algorithms uses 5 different numeric combinations.

5. DeSPAM Tunnel 3.0.0
By: The German Computer Freaks (Du-Nu)
Relevant URL: http://www.gcf.de/projects/despam.zip
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary: 

This program is a tunnel for pop3 connections and filters spam during the
pop3-download of emails automatically. To determine whether an email is UCE it
evaluates the content of each email that passes the tunnel statistically. Its
intelligent wordparsing filter "backMatch" even matches buzzwords that contain
characters which have been replaced by similar looking special chars to avoid
being filtered.

6. Umbrella v0.5
By: Umbrella
Relevant URL: http://umbrella.sf.net/
Platforms: Linux
Summary: 

A combination of process-based access control (PBAC) and authentication of
binaries (like DigSig) - in addition the binaries have the security policy
included within the binary, thus when it is executed, the policy is applied to
the corrosponding process. Umbrella provides developers with a "restricted fork"
which enables him to further restrict a sub-process from e.g. accessing the
network.

V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Sales Representative, Boulder, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393842

2. [SJ-JOB] Security Consultant, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393841

3. [SJ-JOB] Manager, Information Security, New York (Br... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393840

4. [SJ-JOB] CSO, Jacksonville, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393839

5. [SJ-JOB] Forensics Engineer, UK location, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393838

6. [SJ-JOB] Security Engineer, Whitehouse Station, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393837

7. [SJ-JOB] Manager, Information Security, Warren, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393836

8. [SJ-JOB] Regional Channel Manager, Washington DC, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393835

9. [SJ-JOB] Security Engineer, Campbell, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393833

10. [SJ-JOB] Incident Handler, Los Angeles, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393832

11. [SJ-JOB] Security Product Marketing Manager, Aliso V... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393831

12. [SJ-JOB] Security Researcher, San Diego, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393830

13. [SJ-JOB] Customer Service, Boston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393825

14. [SJ-JOB] Account Manager, New York City, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393820

15. [SJ-JOB] Security Consultant, Kirkland, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393819

16. [SJ-JOB] Security Consultant, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393818

17. [SJ-JOB] Compliance Officer, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393817

18. [SJ-JOB] Instructor, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393815

19. [SJ-JOB] Security Consultant, South East England/Sco... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393813

20. [SJ-JOB] Security Engineer, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393812

21. [SJ-JOB] Sales Engineer, San Francisco, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393811

22. [SJ-JOB] Security Engineer, Tysons Corner, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393809

23. [SJ-JOB] Security System Administrator, Boca Raton, ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393388

24. [SJ-JOB] Technology Risk Consultant, Riyadh, SA (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393386

25. [SJ-JOB] Application Security Architect, Redwood Cit... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393385

26. [SJ-JOB] Security Product Marketing Manager, Redmond... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393384

27. [SJ-JOB] Application Security Architect, Irvine, CA,... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393383

28. [SJ-JOB] Security Product Manager, Redmond, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393381

29. [SJ-JOB] Management, new york, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393375

30. [SJ-JOB] Security Engineer, new york, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393373

31. [SJ-JOB] Security Architect, new york, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393371

32. [SJ-JOB] Security Engineer, 10016, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393368

33. [SJ-JOB] Sr. Security Engineer, Hershey, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393367

34. [SJ-JOB] Application Security Engineer, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393366

35. [SJ-JOB] Technical Support Engineer, San Francisco, ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393365

36. [SJ-JOB] VP, Information Security, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393364

37. [SJ-JOB] Information Assurance Analyst, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393363

38. [SJ-JOB] Security Engineer, Warren, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393361

39. [SJ-JOB] Sr. Security Analyst, Hershey, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393359

40. [SJ-JOB] Application Security Architect, Kansas City... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393358

41. [SJ-JOB] Security Consultant, Columbus, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393356

42. [SJ-JOB] Security Architect, Columbus, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393355

43. [SJ-JOB] Sales Engineer, Chicago, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393354

44. [SJ-JOB] Manager, Information Security, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393352

45. [SJ-JOB] Application Security Engineer, Ottawa, CA (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393351

VI. INCIDENTS LIST SUMMARY
--------------------------
1. Netscreen 5XT SSH Traffic (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/393795

2. Administrivia: Good mailing list social graces. (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/393698

3. Pubstro rash (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/393697

4. RE : Pubstro rash (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/393585

5. strange software > winsupdater.exe (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/393582

6. awstats holes being exploited in the wild (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/393395

VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
NO NEW POSTS FOR THE WEEK 2005-03-15 to 2005-03-22.

VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. UF_PASSWD_NOTREQD user account flag (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393618

2. Disabling USB mass storage (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393556

3. SecurityFocus Microsoft Newsletter #232 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393401

4. Basic question (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393392

5. CONTENT FILTERING (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393377

IX. SUN FOCUS LIST SUMMARY
--------------------------
1. Experiences using 'enhanced' Solaris features: BSM, ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/92/393717

X. LINUX FOCUS LIST SUMMARY
---------------------------
1. A question about passwords and login/authentication (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/393474
[ terug ]