Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #294
------------------------------

This Issue is Sponsored By: Wireless Security Conference

WIRELESS SECURITY CONFERENCE & EXPO is the nation's leading event for
corporate wireless security strategies and solutions. Learn everything you
need to help your company secure your corporate wireless networks and
mobile devices. Includes hands-on workshops, live hacking sessions, top
keynotes and more. Join hundreds of your colleagues, over 25 of the world's
top wireless security experts and our technology solutions expo. Expo pass
is free or use priority code WSCSFC to save $100 off conference rates.
April 19-21, 2005, Hyatt Regency Cambridge, Cambridge, MA. Conference
website is: www.wireless-security-conference.com 

http://www.securityfocus.com/sponsor/WirelessSecurityConference_sf-news_050329

------------------------------------------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Owning A New Phone
     2. Practical Certifications
II. BUGTRAQ SUMMARY
     1. Icecast XSL Parser Multiple Vulnerabilities
     2. OllyDbg Library Module Name Denial Of Service Vulnerability
     3. CoolForum Cross-Site Scripting And SQL Injection Vulnerabili...
     4. PHP-Fusion Setuser.PHP HTML Injection Vulnerability
     5. Ciamos Highlight.PHP File Disclosure Vulnerability
     6. TRG News Script Remote File Include Vulnerability
     7. Proview Disassembler Long File Name Handling Denial of Servi...
     8. CzarNews Remote File Include Vulnerability
     9. Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnera...
     10. Code Ocean Ocean FTP Server Remote Denial of Service Vulnera...
     11. PHPMyFamily Multiple SQL Injection Vulnerabilities
     12. Betaparticle Blog Multiple Remote Vulnerabilities
     13. FUN labs Game Engine Multiple Remote Denial of Service Vulne...
     14. Apple Mac OS X Multiple Vulnerabilities
     15. Samsung DSL Modem Multiple Remote Vulnerabilities
     16. FileZilla FTP Server Multiple Remote Denial Of Service Vulne...
     17. NetWin SurgeMail Multiple Remote HTML Injection and File Upl...
     18. Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scri...
     19. Phorum HTTP Response Splitting Vulnerability
     20. Microsoft Windows Local Denial Of Service Vulnerability
     21. Nortel Contivity VPN Client Local Password Disclosure Weakne...
     22. MercuryBoard Title Field HTML Injection Vulnerability
     23. ImageMagick SGI Parser Heap Overflow Vulnerability
     24. ImageMagick TIFF Image File Unspecified Denial Of Service Vu...
     25. ImageMagick TIFF Image Tag Denial Of Service Vulnerability
     26. Imagemagick Photoshop Document Parsing Unspecified Denial of...
     27. Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Servic...
     28. Vortex Portal Remote PHP File Include Vulnerability
     29. InterSpire ArticleLive NewComment Cross-Site Scripting Vulne...
     30. BirdBlog AdminCore.PHP SQL Injection Vulnerability
     31. Mozilla GIF Image Processing Library Remote Heap Overflow Vu...
     32. Mathopd Dump Files Local Insecure File Creation Vulnerabilit...
     33. DigitialHive Base.PHP Cross-Site Scripting Vulnerability
     34. Mozilla Firefox Sidebar Panel Script Injection Vulnerability
     35. Mozilla Browser Remote Insecure XUL Start Up Script Loading ...
     36. XMB Forum Multiple Remote Cross-Site Scripting Vulnerabiliti...
     37. PHPSysInfo Multiple Cross-Site Scripting Vulnerabilities
     38. Invision Power Board HTML Injection Vulnerability
     39. Microsoft Windows XP TSShutdn.exe Remote Denial of Service V...
     40. Cerulean Studios Trillian Multiple Remote HTTP Response Buff...
     41. CDRTools CDRecord Local Insecure File Creation Vulnerability
     42. Oracle Reports Server 10g Multiple Remote Cross-Site Scripti...
     43. Topic Calendar Calendar_Scheduler.PHP Cross-Site Scripting V...
     44. Double Choco Latte Multiple Vulnerabilities
     45. Dream4 Koobi CMS Index.PHP Cross-Site Scripting Vulnerabilit...
     46. Dream4 Koobi CMS Index.PHP SQL Injection Vulnerability
     47. Dnsmasq Multiple Remote Vulnerabilities
     48. Maxthon Web Browser Search Bar Information Disclosure Vulner...
     49. Smail-3 Multiple Remote and Local Vulnerabilities
     50. PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scri...
     51. Netcomm NB1300 Modem/Router Remote Denial of Service Vulnera...
     52. OpenMosixview Multiple Insecure Temporary File Creation Vuln...
III. SECURITYFOCUS NEWS ARTICLES
     1. Companies resist nuclear cyber security rule
     2. Feds square off with organized cyber crime
     3. WebTV 911 prankster guilty
     4. Quantum crypto comes to Blighty
     5. 'Doomsday nerds' defend cyberspace
     6. Symbian Trojan attacks anti-virus protection
IV. SECURITYFOCUS TOP 6 TOOLS
     1. Bitform Discover 2005.1
     2. Libnids 1.2
     3. File System Saint 1.02a
     4. TextKeeper 5.0
     5. DeSPAM Tunnel 3.0.0
     6. Umbrella v0.5
V. SECURITYJOBS LIST SUMMARY
     1. [SJ-JOB] Sales Engineer, Atlanta, US (Thread)
     2. [SJ-JOB] Security Engineer, RTP, US (Thread)
     3. [SJ-JOB] Sr. Security Analyst, Cleveland, US (Thread)
     4. [SJ-JOB] Security Engineer, Reston, US (Thread)
     5. [SJ-JOB] Application Security Engineer, Sunnyvale, U... (Thread)
     6. [SJ-JOB] Sr. Product Manager, San Diego, US (Thread)
     7. [SJ-JOB] Chief Security Strategist, London, GB (Thread)
     8. [SJ-JOB] Security Engineer, Bethesda, US (Thread)
     9. [SJ-JOB] Manager, Information Security, Philadelphia... (Thread)
     10. [SJ-JOB] Product Strategist, Sunnyvale, US (Thread)
     11. [SJ-JOB] Sales Engineer, New York, US (Thread)
     12. [SJ-JOB] Auditor, London, GB (Thread)
     13. [SJ-JOB] Manager, Information Security, Edinburgh, G... (Thread)
     14. [SJ-JOB] Application Security Engineer, London, GB (Thread)
     15. [SJ-JOB] Sr. Security Engineer, Sunnyvale, US (Thread)
     16. [SJ-JOB] Forensics Engineer, London, GB (Thread)
     17. [SJ-JOB] Jr. Security Analyst, Bethesda, US (Thread)
     18. [SJ-JOB] Management, Dallas, US (Thread)
     19. [SJ-JOB] Sales Representative, San Jose, US (Thread)
     20. [SJ-JOB] Security Product Manager, Sunnyvale, US (Thread)
     21. [SJ-JOB] Security Engineer, San Diego, US (Thread)
     22. [SJ-JOB] Sales Representative, Columbia, US (Thread)
     23. [SJ-JOB] Security Engineer, Sterling, US (Thread)
     24. [SJ-JOB] Application Security Architect, Riyadh, SA (Thread)
     25. [SJ-JOB] Security System Administrator, Fort Worth, ... (Thread)
     26. [SJ-JOB] Security Researcher, Aliso Viejo, US (Thread)
     27. [SJ-JOB] Technical Writer, Mission Viejo, US (Thread)
     28. [SJ-JOB] Security Engineer, Redwood City, US (Thread)
     29. [SJ-JOB] Security Engineer, Schaumburg, US (Thread)
     30. [SJ-JOB] Account Manager, New York, US (Thread)
     31. [SJ-JOB] Sr. Security Engineer, Livingston, US (Thread)
     32. [SJ-JOB] Security Auditor, New York, US (Thread)
     33. [SJ-JOB] Sr. Security Analyst, Riyadh, SA (Thread)
     34. [SJ-JOB] Security Consultant, New York, US (Thread)
     35. [SJ-JOB] Application Security Engineer, Mission Viej... (Thread)
     36. [SJ-JOB] Sales Representative, McLean, US (Thread)
     37. [SJ-JOB] Sr. Security Engineer, San Francisco, US (Thread)
     38. [SJ-JOB] Quality Assurance, San Francisco, US (Thread)
     39. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
VI. INCIDENTS LIST SUMMARY
     1. ANI Exploits in Spam (Thread)
     2. strange software > winsupdater.exe (Thread)
     3. Administrivia:  strange software > winsupdater.exe (Thread)
     4. Pubstro rash (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
     1. Scanner (Thread)
     2. RUXCON 2005 Call for Papers (Thread)
     3. Black Hat Briefings & Trainings: Registration now op... (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
     1. quarantine vpn clients (Thread)
     2. New Malware Approach - Any Experience With / Opinion... (Thread)
     3. Citrix vs Terminal Services? (Thread)
     4. Windows firewall scopes for notebook users ex office... (Thread)
     5. SecurityFocus Microsoft Newsletter #233 (Thread)
     6. RADIUS authentication from GINA Windows logon? (Thread)
     7. SQLRecon released by Special Ops Labs!!! (Thread)
IX. SUN FOCUS LIST SUMMARY
     1. dtremote (Thread)
     2. RE :  ipf and NIS (Thread)
     3. ipf and NIS (Thread)
     4. Experiences using 'enhanced' Solaris features: BSM, ... (Thread)
X. LINUX FOCUS LIST SUMMARY
     1. Apache+PHP+ftp security (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Owning A New Phone
By Scott Granneman
Recent mobile phone and Bluetooth hacks, and the public's response to them,
show us how the average person really looks at security.
http://www.securityfocus.com/columnists/310

2. Practical Certifications
By Don Parker
Recent changes to the GIAC makes one question the value of certification
for the security industry.
http://www.securityfocus.com/columnists/311

II. BUGTRAQ SUMMARY
-------------------
1. Icecast XSL Parser Multiple Vulnerabilities
BugTraq ID: 12849
Remote: Yes
Date Published: Mar 18 2005
Relevant URL: http://www.securityfocus.com/bid/12849
Summary:
Icecast is reported prone to multiple vulnerabilities. The following individual
issues are reported:

Icecast XSL parser is reported to be prone to a buffer overflow vulnerability.
This issue exists due to a lack of sufficient boundary checks performed on
certain XSL tag values before copying these values into a finite buffer in
process memory. It is reported that the vulnerability manifests when a malicious
XSL file is parsed by the affected software.

This issue may potentially be exploited to deny service for legitimate users or
potentially execute arbitrary code in the context of the user that is running
the affected software. This is not confirmed.

It is reported that the Icecast XSL parser is prone to an information disclosure
vulnerability. It is reported that the parser fails to parse XSL files when a
request for such a file is appended with a dot '.' character.

A remote attacker may exploit this vulnerability to disclose the contents of XSL
files that can be requested publicly.

These vulnerabilities are reported to affect Icecast version 2.20, other
versions might also be affected.

2. OllyDbg Library Module Name Denial Of Service Vulnerability
BugTraq ID: 12850
Remote: Yes
Date Published: Mar 19 2005
Relevant URL: http://www.securityfocus.com/bid/12850
Summary:
OllyDbg is reported prone to a denial of service vulnerability. It is reported
that the issue manifests when a target process that is being debugged attempts
to load a library module that has a superfluous filename.

An attacker may exploit this vulnerability to deny service to OllyDbg users.

This vulnerability is reported to affect OllyDbg version 1.10 (final version)
and prior versions.

3. CoolForum Cross-Site Scripting And SQL Injection Vulnerabili...
BugTraq ID: 12852
Remote: Yes
Date Published: Mar 19 2005
Relevant URL: http://www.securityfocus.com/bid/12852
Summary:
Multiple remote input validation vulnerabilities affect CoolForum. These issues
are due to a failure of the application to properly sanitize user-supplied input
prior to using it to carry out critical functionality.

Multiple SQL injection vulnerabilities have been reported and a cross-site
scripting vulnerability is also reported.

An attacker may leverage these issues to manipulate and view arbitrary database
contents by exploiting the SQL injection issues, and to have arbitrary script
code executed in the browser of an unsuspecting user by exploiting the
cross-site scripting vulnerabilities.

4. PHP-Fusion Setuser.PHP HTML Injection Vulnerability
BugTraq ID: 12853
Remote: Yes
Date Published: Mar 19 2005
Relevant URL: http://www.securityfocus.com/bid/12853
Summary:
PHP-Fusion is reportedly affected by a HTML injection vulnerability. This issue
is due to the application failing to properly sanitize user-supplied input
passed to the 'setuser.php' script before using it in dynamically generated
content.

This vulnerability is reported to affect PHP-Fusion version 5.01, however the
vendor reports that the vulnerability might exist in an alteration that is
planned for version 5.02. This alteration was recently released to the
PHP-Fusion community as a mod for version 5.01.

This BID will be updated as soon as further information is made available.

5. Ciamos Highlight.PHP File Disclosure Vulnerability
BugTraq ID: 12854
Remote: Yes
Date Published: Mar 19 2005
Relevant URL: http://www.securityfocus.com/bid/12854
Summary:
Ciamos is reported prone to a file disclosure vulnerability. The full scope of
this vulnerability is not currently known, however, it is demonstrated that this
issue may be leveraged to disclose the source of PHP files contained in a Ciamos
installation.

A remote attacker may exploit this vulnerability to reveal files that contain
potentially sensitive information. Information that is harvested in this manner
may then be used to aid in further attacks against the software and the computer
that is hosting the software.

6. TRG News Script Remote File Include Vulnerability
BugTraq ID: 12855
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12855
Summary:
A remote file include vulnerability affects TRG News. This issue is due to a
failure of the application to properly sanitize user-supplied input prior to
using it to carry out critical functionality.

Remote attackers could potentially exploit this issue to include a remote,
malicious PHP script. Execution of remote scripts would take place in the
context of the Web server hosting the vulnerable application.  This will
facilitate unauthorized access.

7. Proview Disassembler Long File Name Handling Denial of Servi...
BugTraq ID: 12856
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12856
Summary:
Proview Disassembler (PVDasm) is reported prone to a remote denial of service
vulnerability.

The issue presents itself when the application handles a file with a long name.

Reportedly, this can cause PVDasm to crash resulting in a denial of service
condition.

It is not known whether this vulnerability can be leveraged to execute arbitrary
code.  This BID will be updated when more information becomes available.

PVDasm 1.6b Beta and prior versions are affected by this issue.

8. CzarNews Remote File Include Vulnerability
BugTraq ID: 12857
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12857
Summary:
CzarNews is prone to a remote file include vulnerability.

An attacker may leverage this issue to execute arbitrary server-side script code
on an affected computer with the privileges of the Web server process. This may
facilitate unauthorized access. 

CzarNews 1.13b is reported vulnerable.  It is possible that other versions are
affected as well.

9. Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnera...
BugTraq ID: 12858
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12858
Summary:
Multiple remote buffer overflow vulnerabilities affect Xzabite's dyndnsupdate. 
These issues are due to a failure of the application to properly validate the
length of user-supplied strings prior to copying them into static process
buffers.

An attacker may exploit these issues to execute arbitrary code with the
privileges of a user that activated the vulnerable application. This may
facilitate unauthorized access or privilege escalation.

10. Code Ocean Ocean FTP Server Remote Denial of Service Vulnera...
BugTraq ID: 12859
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12859
Summary:
Ocean FTP Server is reported prone to a remote denial of service vulnerability.

It is reported that an attacker may cause the server to crash by establishing an
excessive number of simultaneous connections.  This may result in a crash or
hang due to resource exhaustion.

Ocean FTP Server 1.0 is reported vulnerable.  It is possible that other versions
are affected as well.

11. PHPMyFamily Multiple SQL Injection Vulnerabilities
BugTraq ID: 12860
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12860
Summary:
phpmyfamily is reportedly affected by multiple SQL injection vulnerabilities. 
These issues are due to a failure in the application to properly sanitize
user-supplied input before using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

12. Betaparticle Blog Multiple Remote Vulnerabilities
BugTraq ID: 12861
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12861
Summary:
betaparticle blog is reported prone to multiple vulnerabilities. The following
individual issues are reported:

It is reported that betaparticle blog fails to sufficiently secure the
authentication credential database. A remote attacker may exploit this
vulnerability to download and disclose the contents of the credential database.

This issue is reported to affect betaparticle blog prior to and including
version 3.0.

It is reported that several betaparticle blog scripts may be accessed by a
remote unauthenticated attacker and may be employed to upload and delete
arbitrary Web server accessible files. A remote attacker may exploit leverage
these scripts to deny service for legitimate users or potentially compromise a
target computer.

It is reported that these scripts may be leveraged on betaparticle blog versions
up to and including version 3.0.

13. FUN labs Game Engine Multiple Remote Denial of Service Vulne...
BugTraq ID: 12862
Remote: Yes
Date Published: Mar 20 2005
Relevant URL: http://www.securityfocus.com/bid/12862
Summary:
Multiple FUN labs games are affected by remote denial of service
vulnerabilities.

A remote attacker can cause a game server to stop responding by sending an empty
UDP packet. 

Another vulnerability can allow a remote attacker to send a malformed join
packet and crash the server.

These issues can be exploited to cause a denial of service condition in the
server.

14. Apple Mac OS X Multiple Vulnerabilities
BugTraq ID: 12863
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12863
Summary:
Multiple security vulnerabilities are reported to affect Apple Mac OS X. These
issues were disclosed in the referenced vendor advisory.

Insecure permissions are reported to be set on certain Apple Mac OS X folders .
It is reported that because of these insecure permissions local attackers may
exploit race conditions. The CVE Mitre candidate ID CAN-2005-0712 is assigned to
this issue.

This vulnerability is reported to affect Apple Mac OSX, and OSX Server version
10.3.8. Previous versions might also be affected.

Core Foundation is reported prone to a local buffer overflow vulnerability. It
is reported that this issue may be exploited in any application that is linked
against the Core Foundation Library. An attacker may exploit this vulnerability
to execute arbitrary code with elevated privileges. The CVE Mitre candidate ID
CAN-2005-0716 is assigned to this issue.

This vulnerability is reported to affect Apple Mac OSX, and OSX Server version
10.3.8. Previous versions might also be affected.

The Bluetooth Setup Assistant application is reported prone to an unspecified
security vulnerability. The CVE Mitre candidate ID CAN-2005-0713 is assigned to
this issue.

This vulnerability is reported to affect Apple Mac OSX, and OSX Server version
10.3.8. Previous versions might also be affected.

The AFP server is reported prone to an information disclosure vulnerability. An
attacker may exploit this issue to disclose the contents of Drop Boxes. The CVE
Mitre candidate ID CAN-2005-0715 is assigned to this issue.

This vulnerability is reported to affect Apple Mac OSX, and OSX Server version
10.3.8. Previous versions might also be affected.

This BID will be updated and split into unique BIDs as soon as further
information is available.

15. Samsung DSL Modem Multiple Remote Vulnerabilities
BugTraq ID: 12864
Remote: Yes
Date Published: Mar 21 2005
Relevant URL: http://www.securityfocus.com/bid/12864
Summary:
Multiple vulnerabilities are reported to exist in Samsung DSL modems.

The first issue is an information disclosure issue due to a failure of the
device to block access to potentially sensitive files.

The second issue is a default backdoor account vulnerability. It is reported
that multiple accounts exist on the modem by default, allowing remote attackers
to gain administrative privileges on the modem.

These vulnerabilities may allow remote attackers to gain access to potentially
sensitive information, or to gain administrative access to the affected device.

Samsung DSL modems running software version SMDK8947v1.2 are reported to be
affected. Other devices and software versions are also likely affected.

16. FileZilla FTP Server Multiple Remote Denial Of Service Vulne...
BugTraq ID: 12865
Remote: Yes
Date Published: Mar 22 2005
Relevant URL: http://www.securityfocus.com/bid/12865
Summary:
The FileZilla FTP server is reported prone to multiple remote denial of service
vulnerabilities. The following individual issues are reported:

It is reported that FileZilla fails to gracefully handle FTP requests that
contain reserved MS-DOS device names. A remote authenticated attacker may
exploit this vulnerability to deny service for legitimate users.

Finally, it is reported that the FileZilla FTP server may be influenced into
entering an infinite loop. A remote authenticated attacker may exploit this
vulnerability to deny service for legitimate users.

17. NetWin SurgeMail Multiple Remote HTML Injection and File Upl...
BugTraq ID: 12866
Remote: Yes
Date Published: Mar 22 2005
Relevant URL: http://www.securityfocus.com/bid/12866
Summary:
Multiple remote file upload and HTML injection vulnerabilities affect NetWin
SurgeMail. The underlying causes of these issues are a failure ot sanitize
user-supplied input and a failure to securely handle the file upload
functionality.

These issues may be leverage to upload arbitrary files into arbitrary locations
writable to the affected application and carry out HTML injection attacks
against the SurgeMail administrator. This may facilitate theft of credentials
and potentially compromise of the email server.

18. Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scri...
BugTraq ID: 12868
Remote: Yes
Date Published: Mar 22 2005
Relevant URL: http://www.securityfocus.com/bid/12868
Summary:
Kayako ESupport is prone to a cross-site scripting vulnerability.

Multiple parameters of the 'index.php' script can be exploited to pass malicious
HTML and script code to the application.

This would occur in the security context of the affected Web site and may allow
for theft of cookie-based authentication credentials or other attacks. 

ESupport 2.3 is reported vulnerable, however, it is possible that other versions
are affected as well.

19. Phorum HTTP Response Splitting Vulnerability
BugTraq ID: 12869
Remote: Yes
Date Published: Mar 22 2005
Relevant URL: http://www.securityfocus.com/bid/12869
Summary:
A remote HTTP response splitting vulnerability reportedly affects Phorum. This
issue is due to a failure of the application to properly sanitize user-supplied
input.

A remote attacker may exploit this vulnerability to influence or misrepresent
how web content is served, cached or interpreted.

This issue was reported to affect Phorum version 5.0.14a; other versions might
also be affected.

20. Microsoft Windows Local Denial Of Service Vulnerability
BugTraq ID: 12870
Remote: No
Date Published: Mar 22 2005
Relevant URL: http://www.securityfocus.com/bid/12870
Summary:
It is reported that Microsoft Windows XP Service Pack 1 is prone to a local
denial of service vulnerability.

The issue is reported to manifest when a raw IP over IP socket is created and
data is transferred over the newly created socket.

It is reported that this operation causes the kernel of the Windows computer to
crash, resulting in the computer rebooting. If this issue can be triggered
reliably, a local attacker may exploit the issue to deny service for legitimate
users.

Further investigation into this issue is ongoing; this BID will be updated as
soon as more details are available.

21. Nortel Contivity VPN Client Local Password Disclosure Weakne...
BugTraq ID: 12871
Remote: No
Date Published: Mar 22 2005
Relevant URL: http://www.securityfocus.com/bid/12871
Summary:
Nortel Contivity VPN Client for Microsoft Windows platforms is reported prone to
a local pre-shared key (password) disclosure weakness. It is reported that the
VPN user and group password is stored in the memory image of the process in
plain-text format. 

Credentials that are harvested through the exploitation of this weakness may
then be used to aid in further attacks.

This weakness is reported to affect Nortel Contivity VPN Client version 5.01 for
Microsoft Windows, versions for the Linux platform are not reported to be
vulnerable. Other versions might also be affected.

22. MercuryBoard Title Field HTML Injection Vulnerability
BugTraq ID: 12872
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12872
Summary:
MercuryBoard is affected by an HTML injection vulnerability. 

The issue affects the 'title' field when a PM is sent to a user and may be
exploited to execute arbitrary HTML and script code in the browser of a user
when the user views the PM.

MercuryBoard 1.1.2 is affected by this issue.  It is likely that this issue
affects prior versions as well.

23. ImageMagick SGI Parser Heap Overflow Vulnerability
BugTraq ID: 12873
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12873
Summary:
ImageMagick is prone to a heap-based buffer overflow vulnerability.  This
vulnerability exists in the SGI image file parser.

Successful exploitation may result in execution of arbitrary code.  This issue
may potentially be exploited through the ImageMagick application or in other
applications that import the SGI image file parser component.

It is noted that the SGI codec is enabled by default in ImageMagick.

24. ImageMagick TIFF Image File Unspecified Denial Of Service Vu...
BugTraq ID: 12874
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12874
Summary:
A remote, client-side denial of service vulnerability affects ImageMagick.  This
issue is likely due to a failure of the application to handle malformed TIFF
image files.

A remote attacker may leverage this issue to cause the affected application to
crash, potentially causing a loss of data denying service to legitimate users.

25. ImageMagick TIFF Image Tag Denial Of Service Vulnerability
BugTraq ID: 12875
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12875
Summary:
A remote, client-side denial of service vulnerability affects ImageMagick.  This
issue is likely due to a failure of the application to handle malformed TIFF
image files.

A remote attacker may leverage this issue to cause the affected application to
crash, potentially causing a loss of data, and denying service to legitimate
users.

26. Imagemagick Photoshop Document Parsing Unspecified Denial of...
BugTraq ID: 12876
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12876
Summary:
A remote, client-side denial of service vulnerability affects ImageMagick.  This
issue is likely due to a failure of the application to handle malformed PSD
files.

A remote attacker may leverage this issue to cause the affected application to
crash, potentially causing a loss of data denying service to legitimate users.

27. Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Servic...
BugTraq ID: 12877
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12877
Summary:
mod_ssl is prone to a remote denial of service vulnerability. The issue exists
in the 'ssl_io_filter_cleanup' function.

A remote attacker can exploit this issue to cause a denial of service condition
in an affected Apache server.

Apache 2.0.49 and prior versions are considered to be affected by this
vulnerability.

28. Vortex Portal Remote PHP File Include Vulnerability
BugTraq ID: 12878
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12878
Summary:
Vortex Portal is reportedly affected by a remote PHP file include vulnerability.
 This issue is due to a failure in the application to properly sanitize user
supplied input.

It is conjectured this vulnerability affects the latest release of Vortex
Portal, version 2.0.

29. InterSpire ArticleLive NewComment Cross-Site Scripting Vulne...
BugTraq ID: 12879
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12879
Summary:
Interspire ArticleLive 2005 is reportedly affected by a cross-site scripting
vulnerability.  This issue is due to a failure in the application to properly
sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

30. BirdBlog AdminCore.PHP SQL Injection Vulnerability
BugTraq ID: 12880
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12880
Summary:
BirdBlog is affected by a remote SQL injection vulnerability.  This issue is due
to a failure in the application to properly sanitize user-supplied input before
using it in a SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

The vendor has addressed this issue in BirdBlog version 1.2.0.

31. Mozilla GIF Image Processing Library Remote Heap Overflow Vu...
BugTraq ID: 12881
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12881
Summary:
Multiple Mozilla products are affected by a remote heap overflow vulnerability. 
This issue affects the GIF image processing library used by Mozilla Firefox,
Mozilla Browser, and Mozilla Thunderbird Mail client.

A successful attack can result in arbitrary code execution and result in
unauthorized access to the affected computer.  Arbitrary code execution will
take place in the context of a user running a vulnerable application.

32. Mathopd Dump Files Local Insecure File Creation Vulnerabilit...
BugTraq ID: 12882
Remote: No
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12882
Summary:
A local insecure file creation vulnerability affects Mathopd. This issue is due
to a design error that causes the insecure creation and writing of files.

An attacker may leverage this issue to corrupt arbitrary files with the
privileges of an unsuspecting user that activates and uses the vulnerable
software.

33. DigitialHive Base.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 12883
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12883
Summary:
DigitalHive is reportedly affected by a cross-site scripting vulnerability. 
This issue is due to a failure in the application to properly sanitize
user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

34. Mozilla Firefox Sidebar Panel Script Injection Vulnerability
BugTraq ID: 12884
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12884
Summary:
Mozilla Firefox is prone to a vulnerability that could allow remote code
execution.  

This may occur if a malicious Web page is bookmarked as a sidebar panel.  The
malicious page may then reportedly open a privileged page and inject JavaScript.
 This may be leveraged to execute arbitrary code as the victim client user.

35. Mozilla Browser Remote Insecure XUL Start Up Script Loading ...
BugTraq ID: 12885
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12885
Summary:
Mozilla Suite and Mozilla Firefox are affected by a remote insecure XUL script
loading vulnerability.  This issue is due to an access validation issue that
causes the script to be loaded with elevated privileges.

An attacker may leverage this issue to execute XUL startup scripts with elevated
privileges.  The vendor has reported that the security impact of this is
currently limited.

36. XMB Forum Multiple Remote Cross-Site Scripting Vulnerabiliti...
BugTraq ID: 12886
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12886
Summary:
Multiple cross-site scripting vulnerabilities affect the XMB Forum.  These
issues are due to a failure of the application to sanitize user-supplied input
prior to including it in dynamically generated Web content.

An attacker may leverage these issues to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

37. PHPSysInfo Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 12887
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12887
Summary:
phpSysInfo is reportedly affected by multiple cross-site scripting
vulnerabilities.  These issues are due to a failure in the application to
properly sanitize user-supplied input.

An attacker may leverage these issues to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

38. Invision Power Board HTML Injection Vulnerability
BugTraq ID: 12888
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12888
Summary:
Invision Power Board is reported prone to an HTML injection vulnerability.  This
issue arises due to insufficient sanitization of user-supplied data.

It is reported that due to a lack of filtering of HTML tags, an attacker can
inject an IFRAME through an HTTP POST request.

All version of Invision Power Board are considered vulnerable at the moment.

This BID will be updated when more information is available.

39. Microsoft Windows XP TSShutdn.exe Remote Denial of Service V...
BugTraq ID: 12889
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12889
Summary:
Microsoft Windows XP is prone to a remote denial of service vulnerability.  This
issue can allow a remote unauthorized user to shutdown an affected computer.

A remote attacker uses the TSShutdn.exe command to restart or shutdown a
computer.

It should be noted that the exploitation of this vulnerability may require the
attacker to be part of the same domain.  This BID will be updated when more
information is available.

Microsoft Windows XP Service Pack 1 is affected by this issue.

40. Cerulean Studios Trillian Multiple Remote HTTP Response Buff...
BugTraq ID: 12890
Remote: Yes
Date Published: Mar 23 2005
Relevant URL: http://www.securityfocus.com/bid/12890
Summary:
It is reported that Trillian is susceptible to multiple remote HTTP response
buffer overflow vulnerabilities. These issues are due to a failure of the
application to properly bounds check user-supplied data prior to copying it into
fixed-sized memory buffers.

It is reported that multiple Trillian modules likely share the same code for
making HTTP requests, and therefore multiple modules are vulnerable to the same
attack.

Remote attackers may exploit these vulnerabilities to execute arbitrary machine
code in the context of vulnerable Trillian clients.

Several of these vulnerabilities are reportedly fixed in version 3.0 of
Trillian. Versions 3.0 and 3.1 remain affected by multiple issues in its Yahoo!
component. Versions 2.0 up to, but not including 3.0 are reported to be affected
in multiple components.

41. CDRTools CDRecord Local Insecure File Creation Vulnerability
BugTraq ID: 12891
Remote: No
Date Published: Mar 24 2005
Relevant URL: http://www.securityfocus.com/bid/12891
Summary:
A local insecure file creation vulnerability affects cdrtools cdrecord.  This
issue is due to a failure of the application to securely create and write to
various files.

An attacker may leverage this issue to corrupt arbitrary files with the
privileges of an unsuspecting user that activates the application.

42. Oracle Reports Server 10g Multiple Remote Cross-Site Scripti...
BugTraq ID: 12892
Remote: Yes
Date Published: Mar 24 2005
Relevant URL: http://www.securityfocus.com/bid/12892
Summary:
Multiple remote cross-site scripting vulnerabilities affect Oracle Reports
Server.  These issues are due to a failure of the application to properly
sanitize user-supplied input prior to including it in dynamically generated Web
content. 

An attacker may leverage these issues to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

43. Topic Calendar Calendar_Scheduler.PHP Cross-Site Scripting V...
BugTraq ID: 12893
Remote: Yes
Date Published: Mar 24 2005
Relevant URL: http://www.securityfocus.com/bid/12893
Summary:
Topic Calendar is reportedly affected by a cross-site scripting vulnerability. 
This issue is due to a failure in the application to properly sanitize
user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

44. Double Choco Latte Multiple Vulnerabilities
BugTraq ID: 12894
Remote: Yes
Date Published: Mar 24 2005
Relevant URL: http://www.securityfocus.com/bid/12894
Summary:
Double Choco Latte is reported prone to multiple vulnerabilities.  These issues
result from insufficient sanitization of user-supplied data and may allow an
attacker to carry out cross-site scripting/HTML injection attacks and execute
arbitrary PHP code on a computer.

Double Choco Latte 0.9.4.3 is reported vulnerable to the cross-site
scripting/HTML injection issue.

Double Choco Latte 0.9.4.2 and prior versions are affected by the PHP code
execution issue.

This BID will be updated when more information is available.

45. Dream4 Koobi CMS Index.PHP Cross-Site Scripting Vulnerabilit...
BugTraq ID: 12895
Remote: Yes
Date Published: Mar 24 2005
Relevant URL: http://www.securityfocus.com/bid/12895
Summary:
Koobi CMS is reportedly affected by a cross-site scripting vulnerability.  This
issue is due to a failure in the application to properly sanitize user-supplied
input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

46. Dream4 Koobi CMS Index.PHP SQL Injection Vulnerability
BugTraq ID: 12896
Remote: Yes
Date Published: Mar 24 2005
Relevant URL: http://www.securityfocus.com/bid/12896
Summary:
Koobi CMS is reportedly affected by a SQL injection vulnerability.  This issue
is due to a failure in the application to properly sanitize user-supplied input
before using it in as SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

47. Dnsmasq Multiple Remote Vulnerabilities
BugTraq ID: 12897
Remote: Yes
Date Published: Mar 25 2005
Relevant URL: http://www.securityfocus.com/bid/12897
Summary:
Dnsmasq is reported prone to multiple remote vulnerabilities.  These issues can
allow an attacker to exploit an off-by-one overflow condition and carry out DNS
cache poisoning attacks.

An attacker may leverage these issues to manipulate cache data, potentially
facilitating man-in-the-middle, site impersonation, or denial of service
attacks.  A denial of service condition or potential code execution may occur
due to the off-by-one overflow vulnerability.

These issues affect Dnsmasq 2.20 and prior versions.

Due to a lack of details, further information is not available at the moment. 
This BID will be updated when more information becomes available.

48. Maxthon Web Browser Search Bar Information Disclosure Vulner...
BugTraq ID: 12898
Remote: Yes
Date Published: Mar 25 2005
Relevant URL: http://www.securityfocus.com/bid/12898
Summary:
Maxthon Web Browser is reported prone to an information disclosure
vulnerability.  This issue may allow an attacker to disclose search bar contents
from an affected browser.

Information disclosed through the exploitation of this vulnerability may aid an
attacker in carrying out other attacks against a vulnerable computer.

Maxthon Web Browser 1.2.0 is reported to be vulnerable to this issue. Prior
versions may be affected as well.

49. Smail-3 Multiple Remote and Local Vulnerabilities
BugTraq ID: 12899
Remote: Yes
Date Published: Mar 25 2005
Relevant URL: http://www.securityfocus.com/bid/12899
Summary:
Smail-3 is reported prone to multiple vulnerabilities.  These issues can allow a
local or remote attacker to execute arbitrary code on a vulnerable computer.  A
successful attack may lead to a complete compromise.

The following specific issues were identified:

Smail-3 is vulnerable to a remote heap overflow vulnerability.  An attacker can
leverage this vulnerability to execute arbitrary code with superuser privileges.
 Attack attempts may also trigger a denial of service condition.

The application is also reported prone to various potential vulnerabilities
arising from insecure handling of heap memory by signal handlers.  These issues
are not confirmed at the moment.

Smail-3 3.2.0.120 is affected by these issues.  Other versions may be
vulnerable.

This BID will be updated when more information becomes available.

50. PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scri...
BugTraq ID: 12900
Remote: Yes
Date Published: Mar 25 2005
Relevant URL: http://www.securityfocus.com/bid/12900
Summary:
phpMyDirectory is prone to a cross-site scripting vulnerability.

The problem presents itself when malicious HTML and script code is sent to the
application through various parameters of the 'review.php' script. 

This issue may allow for theft of cookie-based authentication credentials or
other attacks.

phpMyDirectory 10.1.3-rel is reported vulnerable, however, it is possible that
other versions are affected as well.

51. Netcomm NB1300 Modem/Router Remote Denial of Service Vulnera...
BugTraq ID: 12901
Remote: Yes
Date Published: Mar 25 2005
Relevant URL: http://www.securityfocus.com/bid/12901
Summary:
Netcomm NB1300 Modem/Router is reported prone to a remote denial of service
vulnerability.

An attacker can exploit this condition by sending a large amount of ping
requests to the device.

A successful attack can deny service to legitimate users.

52. OpenMosixview Multiple Insecure Temporary File Creation Vuln...
BugTraq ID: 12902
Remote: No
Date Published: Mar 25 2005
Relevant URL: http://www.securityfocus.com/bid/12902
Summary:
openMosixview is reported prone to multiple local insecure temporary file
creation vulnerabilities.  These issues are due to design errors that cause the
application to fail to verify the existence of files before writing to them.

An attacker may leverage these issues to overwrite and delete arbitrary files
with the privileges of an unsuspecting user that activates the vulnerable
application. 

All versions of openMosixView are reported vulnerable.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Companies resist nuclear cyber security rule
By: Kevin Poulsen

A proposed standard  for protecting nuclear power plant safety systems from
cyber attack gets a less than glowing reaction from system vendors and plant
operators.

http://www.securityfocus.com/news/10618

2. Feds square off with organized cyber crime
By: Kevin Poulsen

Law enforcement sees undercover operations as a key to unraveling sophisticated
alliances between computer intruders and fraud artists.
http://www.securityfocus.com/news/10525

3. WebTV 911 prankster guilty
By: Kevin Poulsen

Louisiana man cops to endangering public safety by sending out a malicious
script that made set-top boxes call the police.

http://www.securityfocus.com/news/10523

4. Quantum crypto comes to Blighty
By: Lucy Sherriff, The Register

UK reseller NOW Wireless has signed a deal to distribute MagiQtech's quantum
cryptography solution, MagiQ QPN Security Gateway, in the UK.
http://www.securityfocus.com/news/10785

5. 'Doomsday nerds' defend cyberspace
By: John Leyden, The Register

>From the outside it looks like a home for a Hobbit or two, but inside are
analysts monitoring banks of screens feeding security alerts from monitored
components of its clients' networks.
http://www.securityfocus.com/news/10765

6. Symbian Trojan attacks anti-virus protection
By: John Leyden, The Register

Malware authors have created a Trojan that targets Symbian smart phones and
attempts to remove any anti-virus protection it finds.
http://www.securityfocus.com/news/10755

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. Bitform Discover 2005.1
By: Bitform Technology Inc.
Relevant URL: http://www.bitform.net/products/discover/
Platforms: Java
Summary: 

Bitform Discover is a powerful utility that quickly analyzes individual
documents or whole collections of documents and reports on more than two dozen
potentially sensitive hidden data elements. Discover supports Microsoft Word,
Excel and PowerPoint file formats.

2. Libnids 1.2
By: Rafal Wojtczuk
Relevant URL: http://libnids.sourceforge.net/
Platforms: Os Independent
Summary: 

NIDS E-box implementation; emulates linux 2.0.36 TCP/IP stack. It provides IP
defragmentation, TCP reassembly, portscan detection.

3. File System Saint 1.02a
By: Joshua Fritsch
Relevant URL: http://www.unixgeeks.org/saint
Platforms: Linux, UNIX
Summary: 

A fast, flexible, lightweight perl-based host IDS.

4. TextKeeper 5.0
By: HardwareCrasher
Relevant URL: http://members.lycos.co.uk/textkeeper/tkup.zip
Platforms: Windows 2000, Windows 95/98, Windows XP
Summary: 

Encrypts text using numeric combinations and two algorithms, One of the
algorithms uses 5 different numeric combinations.

5. DeSPAM Tunnel 3.0.0
By: The German Computer Freaks (Du-Nu)
Relevant URL: http://www.gcf.de/projects/despam.zip
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary: 

This program is a tunnel for pop3 connections and filters spam during the
pop3-download of emails automatically. To determine whether an email is UCE it
evaluates the content of each email that passes the tunnel statistically. Its
intelligent wordparsing filter "backMatch" even matches buzzwords that contain
characters which have been replaced by similar looking special chars to avoid
being filtered.

6. Umbrella v0.5
By: Umbrella
Relevant URL: http://umbrella.sf.net/
Platforms: Linux
Summary: 

A combination of process-based access control (PBAC) and authentication of
binaries (like DigSig) - in addition the binaries have the security policy
included within the binary, thus when it is executed, the policy is applied to
the corrosponding process. Umbrella provides developers with a "restricted fork"
which enables him to further restrict a sub-process from e.g. accessing the
network.

V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Sales Engineer, Atlanta, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394430

2. [SJ-JOB] Security Engineer, RTP, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394428

3. [SJ-JOB] Sr. Security Analyst, Cleveland, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394427

4. [SJ-JOB] Security Engineer, Reston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394241

5. [SJ-JOB] Application Security Engineer, Sunnyvale, U... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394240

6. [SJ-JOB] Sr. Product Manager, San Diego, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394238

7. [SJ-JOB] Chief Security Strategist, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394237

8. [SJ-JOB] Security Engineer, Bethesda, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394236

9. [SJ-JOB] Manager, Information Security, Philadelphia... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394235

10. [SJ-JOB] Product Strategist, Sunnyvale, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394234

11. [SJ-JOB] Sales Engineer, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394233

12. [SJ-JOB] Auditor, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394232

13. [SJ-JOB] Manager, Information Security, Edinburgh, G... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394231

14. [SJ-JOB] Application Security Engineer, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394230

15. [SJ-JOB] Sr. Security Engineer, Sunnyvale, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394229

16. [SJ-JOB] Forensics Engineer, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394228

17. [SJ-JOB] Jr. Security Analyst, Bethesda, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394227

18. [SJ-JOB] Management, Dallas, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394222

19. [SJ-JOB] Sales Representative, San Jose, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394220

20. [SJ-JOB] Security Product Manager, Sunnyvale, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394217

21. [SJ-JOB] Security Engineer, San Diego, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/394214

22. [SJ-JOB] Sales Representative, Columbia, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393938

23. [SJ-JOB] Security Engineer, Sterling, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393930

24. [SJ-JOB] Application Security Architect, Riyadh, SA (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393929

25. [SJ-JOB] Security System Administrator, Fort Worth, ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393928

26. [SJ-JOB] Security Researcher, Aliso Viejo, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393927

27. [SJ-JOB] Technical Writer, Mission Viejo, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393926

28. [SJ-JOB] Security Engineer, Redwood City, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393924

29. [SJ-JOB] Security Engineer, Schaumburg, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393923

30. [SJ-JOB] Account Manager, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393922

31. [SJ-JOB] Sr. Security Engineer, Livingston, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393921

32. [SJ-JOB] Security Auditor, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393920

33. [SJ-JOB] Sr. Security Analyst, Riyadh, SA (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393919

34. [SJ-JOB] Security Consultant, New York, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393918

35. [SJ-JOB] Application Security Engineer, Mission Viej... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393917

36. [SJ-JOB] Sales Representative, McLean, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393914

37. [SJ-JOB] Sr. Security Engineer, San Francisco, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393913

38. [SJ-JOB] Quality Assurance, San Francisco, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393912

39. [SJ-JOB] Technology Risk Consultant, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/393909

VI. INCIDENTS LIST SUMMARY
--------------------------
1. ANI Exploits in Spam (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/394462

2. strange software > winsupdater.exe (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/394385

3. Administrivia:  strange software > winsupdater.exe (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/394380

4. Pubstro rash (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/394369

VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Scanner (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/394434

2. RUXCON 2005 Call for Papers (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/393899

3. Black Hat Briefings & Trainings: Registration now op... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/393898

VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. quarantine vpn clients (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/394402

2. New Malware Approach - Any Experience With / Opinion... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/394346

3. Citrix vs Terminal Services? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/394345

4. Windows firewall scopes for notebook users ex office... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/394343

5. SecurityFocus Microsoft Newsletter #233 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/394041

6. RADIUS authentication from GINA Windows logon? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/394039

7. SQLRecon released by Special Ops Labs!!! (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/393911

IX. SUN FOCUS LIST SUMMARY
--------------------------
1. dtremote (Thread)
Relevant URL:

http://www.securityfocus.com/archive/92/394365

2. RE :  ipf and NIS (Thread)
Relevant URL:

http://www.securityfocus.com/archive/92/394215

3. ipf and NIS (Thread)
Relevant URL:

http://www.securityfocus.com/archive/92/394149

4. Experiences using 'enhanced' Solaris features: BSM, ... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/92/394074

X. LINUX FOCUS LIST SUMMARY
---------------------------
1. Apache+PHP+ftp security (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/394503
[ terug ]