Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #302
------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Is Deleting Spyware A Crime?
     2. Chrooted Snort on Solaris
     3. Sit Back and React
II. BUGTRAQ SUMMARY
     1. Shop-Script CategoryID SQL Injection Vulnerability
     2. PServ Symbolic Link Information Disclosure Vulnerability
     3. Shop-Script ProductID SQL Injection Vulnerability
     4. PostNuke Blocks Module Directory Traversal Vulnerability
     5. WebAPP Apage.CGI Remote Command Execution Vulnerability
     6. PServ Remote Source Code Disclosure Vulnerability
     7. MetaCart E-Shop ProductsByCategory.ASP Cross-Site Scripting ...
     8. Sigma ISP Manager Sigmaweb.DLL SQL Injection Vulnerability
     9. Mozilla Suite And Firefox Multiple Script Manager Security B...
     10. Pserv Directory Traversal Vulnerability
     11. WoltLab Burning Board Verify_email Function SQL Injection Vu...
     12. DotNetNuke User Registration Information HTML Injection Vuln...
     13. Mozilla Suite And Firefox DOM Property Overrides Code Execut...
     14. DotNetNuke User-Agent String Application Logs HTML Injection...
     15. DotNetNuke Failed Logon Username Application Logs HTML Injec...
     16. Pserv completedPath Remote Buffer Overflow Vulnerability
     17. NPDS THOLD Parameter SQL Injection Vulnerability
     18. JGS-Portal Multiple Cross-Site Scripting and SQL Injection V...
     19. Multiple Linux Kernel IOCTL Handlers Local Memory Corruption...
     20. War Times Remote Game Server Denial Of Service Vulnerability
     21. Fastream NETFile FTP/Web Server FTP Bounce Vulnerability
     22. IgnitionServer Entry Deletion Access Validation Checking Vul...
     23. Wordpress WP-Trackback.PHP SQL Injection Vulnerability
     24. IgnitionServer Locked Channel Protected Operator Lockout Vul...
     25. bzip2 Remote Denial of Service Vulnerability
     26. Microsoft IPV6 TCPIP Loopback LAND Denial of Service Vulnera...
     27. SafeHTML Quotes Handling Security Bypass Vulnerability
     28. MySQL mysql_install_db Insecure Temporary File Creation Vuln...
     29. Cheetah Local Privilege Escalation Vulnerability
     30. Wordpress Post.PHP Cross-Site Scripting Vulnerability
     31. Wordpress Edit.PHP Cross-Site Scripting Vulnerability
     32. Help Center Live Multiple Input Validation Vulnerabilities
     33. Help Center Live Administrator Command Execution Vulnerabili...
     34. Microsoft HTML Help Workshop HHC.EXE HHA.DLL HHC Path Memory...
     35. S9Y Serendipity Multiple Unspecified Remote Vulnerabilities
     36. EDMS Multiple Unspecified Security Vulnerabilities
     37. Avast! Antivirus Unspecified Scan Evasion Vulnerability
     38. PROMS Multiple Unspecified SQL Injection Vulnerabilities
     39. PROMS Multiple Unspecified HTML Injection Vulnerabilities
     40. PROMS Project Members Unauthorized Access Vulnerability
     41. Core CMS Unspecified Security Vulnerability
     42. Multiple Vendor TCP Timestamp PAWS Remote Denial Of Service ...
     43. Microsoft Outlook HTML Email URI Spoofing Vulnerability
     44. Novell ZENworks Multiple Remote Pre-Authentication Buffer Ov...
     45. D-Link DSL Router Remote Authentication Bypass Vulnerability
     46. Linux Kernel 64 Bit EXT3 Filesystem Extended Attribute Denia...
     47. PPXP Local Privilege Escalation Vulnerability
     48. Groove Networks Groove Virtual Office File Extension Obfusca...
     49. Sun JavaMail API MimeMessage Infromation Disclosure Vulnerab...
     50. Groove Networks Groove Virtual Office SharePoint Lists Arbit...
     51. Groove Networks Groove Virtual Office COM Object Security By...
     52. Groove Networks Groove Virtual Office Client Installation In...
     53. Microsoft Word MCW File Handler Buffer Overflow Vulnerabilit...
     54. Groove Networks Groove Mobile Workspace SharePoint Lists Arb...
     55. NetWin SurgeMail Multiple Unspecified Input Validation Vulne...
     56. Extreme Networks ExtremeWare XOS Privilege Escalation Vulner...
     57. PHP Advanced Transfer Manager Arbitrary File Include Vulnera...
     58. Episodex Guestbook HTML Injection Vulnerability
     59. Episodex Guestbook Unauthorized Access Vulnerability
     60. Apple Mac OS X Safari Dashboard Widget Download Validation B...
     61. Apple Mac OS X Local Filename Information Disclosure Vulnera...
     62. Apple Mac OS X Screensaver Contextual Menu Access Vulnerabil...
     63. GDB Multiple Vulnerabilities
     64. Picasm Error Generation Remote Buffer Overflow Vulnerability
     65. Gedit Filename Format String Vulnerability
     66. EJ3 TOPo Multiple Index.PHP Cross-Site Scripting Vulnerabili...
     67. EJ3 TOPo Comments Multiple HTML Injection Vulnerabilities
     68. Zyxel Prestige 650R-31 Router Remote Denial of Service Vulne...
     69. ImageMagick And GraphicsMagick XWD Decoder Denial Of Service...
III. SECURITYFOCUS NEWS ARTICLES
     1. Witty worm flaws reveal source, initial targets
     2. Underground showdown: Defacers take on phishers
     3. Microsoft looks to "monkeys" to find Web threats
     4. ISPs urged to throttle spam zombies
     5. House passes anti-spyware bills
     6. US bank staff 'sold customer details'
IV. SECURITYFOCUS TOP 6 TOOLS
     1. tcpdump for Windows 1.0 beta
     2. CIRT.DK SMTP Relay Scanner 1.4
     3. Assimilator 1.0.0
     4. Netfilter2html 0.9
     5. Cenzic Hailstorm 2.0
     6. VForce 2.1.008
V. SECURITYJOBS LIST SUMMARY
     1. [SJ-JOB] Security Consultant, Overland Park, US (Thread)
     2. [SJ-JOB] Security Consultant, Brussels, BE (Thread)
     3. [SJ-JOB] Security Engineer, London, GB (Thread)
     4. [SJ-JOB] CHECK Team Leader, Surrey, GB (Thread)
     5. [SJ-JOB] Application Security Architect, Seattle, US (Thread)
     6. [SJ-JOB] Application Security Engineer, Seattle, US (Thread)
     7. [SJ-JOB] Sales Representative, Southern California/A... (Thread)
     8. [SJ-JOB] Jr. Security Analyst, Boise, US (Thread)
     9. [SJ-JOB] Manager, Information Security, Boise, US (Thread)
     10. [SJ-JOB] Manager, Information Security, Den Haag, NL (Thread)
     11. [SJ-JOB] Application Security Engineer, Milwaukee, U... (Thread)
     12. [SJ-JOB] Security Architect, North West England, GB (Thread)
     13. [SJ-JOB] Security Engineer, Baltimore, US (Thread)
VI. INCIDENTS LIST SUMMARY
     1. Suspicious traffic w src & dst port 19161 (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
     1. problem to exploit a stack overflow (Thread)
     2. PEB heap exploitation question (Thread)
     3. JavaMail Information Disclosure (msgno) (Thread)
     4. Exploitation Help (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
     1. Encrypting remote files with EFS (Thread)
     2. SecurityFocus Microsoft Newsletter #241 (Thread)
IX. SUN FOCUS LIST SUMMARY
     1. chroot of iPlanet 6.0 and Siebel.... (Thread)
X. LINUX FOCUS LIST SUMMARY
     1. Secure Kickstart Installation (Thread)
     2. Bind cache availability... (Thread)
XI. UNSUBSCRIBE INSTRUCTIONS
XII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Is Deleting Spyware A Crime?
By Mark Rasch
The murky waters that sustain the spyware companies may have a few
unpleasant surprises just beneath the surface.
http://www.securityfocus.com/columnists/329

2. Chrooted Snort on Solaris
By Andre Lue-Fook-Sang
This article discussed installation and configuration of a chrooted Snort
IDS on most versions of Solaris.
http://www.securityfocus.com/infocus/1833

3. Sit Back and React
By Daniel Hanson
As the security industry moves more mainstream, it's becoming stagnant due
to a lack of vision. Who will lead the charge?
http://www.securityfocus.com/columnists/328

II. BUGTRAQ SUMMARY
-------------------
1. Shop-Script CategoryID SQL Injection Vulnerability
BugTraq ID: 13633
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13633
Summary:
Shop-Script is prone to an SQL injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

2. PServ Symbolic Link Information Disclosure Vulnerability
BugTraq ID: 13634
Remote: No
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13634
Summary:
pServ is prone to an information disclosure vulnerability through symbolic link
files.  This occurs because the application will follow symbolic links to files
outside the Web root.

This issue was reported to affect pServ 3.2 and 3.3; other versions are likely
vulnerable.

3. Shop-Script ProductID SQL Injection Vulnerability
BugTraq ID: 13635
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13635
Summary:
Shop-Script is prone to an SQL injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

4. PostNuke Blocks Module Directory Traversal Vulnerability
BugTraq ID: 13636
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13636
Summary:
PostNuke Blocks module is affected by a directory traversal vulnerability. 

The problem presents itself when an attacker passes a name for a target file,
along with directory traversal sequences, to the affected application.

An attacker may leverage this issue to disclose arbitrary files on an affected
computer.  It was also reported that an attacker can supply NULL bytes with a
target file name.  This may aid in other attacks such as crashing the server.

5. WebAPP Apage.CGI Remote Command Execution Vulnerability
BugTraq ID: 13637
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13637
Summary:
WebAPP is prone to a remote command execution vulnerability.  This issue is due
to a failure in the application to properly sanitize user-supplied input.

6. PServ Remote Source Code Disclosure Vulnerability
BugTraq ID: 13638
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13638
Summary:
pServ is affected by a remote source code disclosure vulnerability.

When handling a specially-crafted URI request, the application discloses the
source code of scripts in the 'cgi-bin' directory.

Information gathered through this attack could be used to launch further attacks
against a system.

7. MetaCart E-Shop ProductsByCategory.ASP Cross-Site Scripting ...
BugTraq ID: 13639
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13639
Summary:
MetaCart e-Shop is prone to a cross-site scripting vulnerability.  This issue is
due to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

8. Sigma ISP Manager Sigmaweb.DLL SQL Injection Vulnerability
BugTraq ID: 13640
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13640
Summary:
Sigma ISP Manager is prone to an SQL injection vulnerability.  This issue is due
to a failure in the application to properly sanitize user-supplied input prior
to using it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

9. Mozilla Suite And Firefox Multiple Script Manager Security B...
BugTraq ID: 13641
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13641
Summary:
Multiple issues exist in Mozilla Suite and Firefox. These issues allow attackers
to bypass security checks in the script security manager.

Security checks in the script security manager are designed to prevent script
injection vulnerabilities.

An attacker sending certain undisclosed JavaScript in 'view-source:', and 'jar:'
pseudo protocol URIs, may bypass these security checks.

An undisclosed, nested URI, as well as a variant of BID 13216 are reportedly
also able to bypass security checks.

These vulnerabilities allow remote attackers to execute script code with
elevated privileges, leading to the installation and execution of malicious
applications on an affected computer. Cross-site scripting, and other attacks
are also likely possible.

The vendor has not provided enough information to determine how many specific
instances of the issue were addressed, and has not clarified whether or not they
have addressed a single general vulnerability or multiple specific
vulnerabilities. This BID may be split into its separate issues as further
information is disclosed.

Further details are scheduled to be released in the future. This BID will be
updated at that time.

10. Pserv Directory Traversal Vulnerability
BugTraq ID: 13642
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13642
Summary:
pServ is prone to a directory traversal vulnerability.  This occurs because the
application does not implement a proper method for filtering directory traversal
sequences from URIs.  Since this can be done from the cgi-bin directory, it is
possible to execute commands to which the Web server has permission.

This issue was reported to affect pServ version 3.2; earlier versions are like
vulnerable.

11. WoltLab Burning Board Verify_email Function SQL Injection Vu...
BugTraq ID: 13643
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13643
Summary:
WoltLab Burning Board is prone to an SQL injection vulnerability.

This issue affects the 'verify_email()' function.  

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

12. DotNetNuke User Registration Information HTML Injection Vuln...
BugTraq ID: 13644
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13644
Summary:
DotNetNuke is prone to an HTML injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in dynamically generated content.  Specifically user-supplied input supplied
while registering a user is not sanitized, allowing script or HTML code to be
included in user information pages.

13. Mozilla Suite And Firefox DOM Property Overrides Code Execut...
BugTraq ID: 13645
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13645
Summary:
Mozilla Suite and Mozilla Firefox are affected by a code execution
vulnerability.  This issue is due to a failure in the application to properly
verify Document Object Model (DOM) property values.

An attacker may leverage this issue to execute arbitrary code with the
privileges of the user that activated the vulnerable Web browser, ultimately
facilitating a compromise of the affected computer.

This issue is reportedly a variant of BID 13233. Further details are scheduled
to be released in the future, and this BID will be updated accordingly.

14. DotNetNuke User-Agent String Application Logs HTML Injection...
BugTraq ID: 13646
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13646
Summary:
DotNetNuke is prone to an HTML injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in dynamically generated content.  Specifically user-supplied input supplied
as a User-Agent string value is not sanitized, allowing script or HTML code to
be included in application log files.

15. DotNetNuke Failed Logon Username Application Logs HTML Injec...
BugTraq ID: 13647
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13647
Summary:
DotNetNuke is prone to an HTML injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in dynamically generated content.  Specifically user-supplied input supplied
as a failed logon Username string value is not sanitized, allowing script or
HTML code to be included in application log files.

16. Pserv completedPath Remote Buffer Overflow Vulnerability
BugTraq ID: 13648
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13648
Summary:
pServ is prone to a remotely exploitable buffer overflow vulnerability.  The
issue occurs because proper boundary checks are not performed allowing an
internal buffer to be overrun.  This vulnerability could potentially be
exploited to execute arbitrary code in the context of the Web server.

This issue was fixed in pServ 3.3; earlier versions are likely vulnerable.

17. NPDS THOLD Parameter SQL Injection Vulnerability
BugTraq ID: 13649
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13649
Summary:
NPDS is prone to an SQL injection vulnerability.

This issue is due to a failure in the application to properly sanitize
user-supplied input to the 'thold' parameter.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

All versions are considered to be vulnerable at the moment.

18. JGS-Portal Multiple Cross-Site Scripting and SQL Injection V...
BugTraq ID: 13650
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13650
Summary:
JGS-Portal is prone to multiple cross-site scripting and SQL injection
vulnerabilities.  These issues are due to a failure in the application to
properly sanitize user-supplied input.

Successful exploitation of the SQL injection issues could result in a compromise
of the application, disclosure or modification of data, or may permit an
attacker to exploit vulnerabilities in the underlying database implementation.

An attacker may leverage the cross-site scripting issues to have arbitrary
script code executed in the browser of an unsuspecting user.  This may
facilitate the theft of cookie-based authentication credentials as well as other
attacks.

19. Multiple Linux Kernel IOCTL Handlers Local Memory Corruption...
BugTraq ID: 13651
Remote: No
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13651
Summary:
The Linux kernel raw device and pktcdvd block device ioctl handlers are reported
prone to local kernel-based memory corruption vulnerabilities. The issues
manifest due to a lack of sanity checks performed on argument values that are
passed to the 'raw_ioctl()' and 'pkt_ioctl()' functions.

A local attacker, that has read access to a sufficient block device, may
leverage this memory corruption to execute arbitrary attacker-supplied code in
the context of the system kernel (ring-0).

20. War Times Remote Game Server Denial Of Service Vulnerability
BugTraq ID: 13652
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13652
Summary:
War Times is susceptible to a remote denial of service vulnerability. This issue
is due to a failure of the application to properly bounds check user-supplied
network data prior to copying it into a fixed-size memory buffer.

This vulnerability allows remote attackers to crash the game server, denying
service to legitimate users.

Version 1.03, and prior are affected by this issue.

21. Fastream NETFile FTP/Web Server FTP Bounce Vulnerability
BugTraq ID: 13653
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13653
Summary:
NETFile FTP/Web Server is affected by an FTP Bounce issue that can allow remote
attackers to connect between the FTP server and an arbitrary port on another
computer.

This could result in the proxying of arbitrary requests by a user through the
system using the vulnerable FTP software.

This issue can allow attackers to bypass access controls and firewalls.

22. IgnitionServer Entry Deletion Access Validation Checking Vul...
BugTraq ID: 13654
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13654
Summary:
ignitionServer is prone to an issue that allows hosts to delete access entries
created by owners.  This occurs because access validation is never performed
when the host deletes the entry.

This issue was addressed in ignitionServer 0.3.6-P1.

23. Wordpress WP-Trackback.PHP SQL Injection Vulnerability
BugTraq ID: 13655
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13655
Summary:
Wordpress is prone to an SQL injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

24. IgnitionServer Locked Channel Protected Operator Lockout Vul...
BugTraq ID: 13656
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13656
Summary:
ignitionServer is prone to an issue that can allow a user to lock a protected
operator out of an IRC channel.  This issue occurs because a validation check
that should allow the protected operator to access the locked channel was not
included in the application.

This issue was addressed in ignitionServer 0.3.6-P1.

25. bzip2 Remote Denial of Service Vulnerability
BugTraq ID: 13657
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13657
Summary:
bzip2 is prone to a remote denial of service vulnerability.  This issue arises
when the application processes malformed archives. 

A successful attack can result in resource exhaustion and trigger a denial of
service condition.

bzip2 version 1.0.2 is reportedly affected by this issue.  Other version are
likely vulnerable as well.

26. Microsoft IPV6 TCPIP Loopback LAND Denial of Service Vulnera...
BugTraq ID: 13658
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13658
Summary:
The Microsoft Windows IPV6 TCP/IP stack is prone to a "loopback" condition
initiated by sending a TCP packet with the "SYN" flag set and the source address
and port spoofed to equal the destination source and port.  

When a packet of this type is handled, an infinite loop is initiated and the
affected system halts.  

A remote attacker may exploit this issue to deny service for legitimate users.

This issue is reported to affect Microsoft Windows XP Service Pack 2, Windows
2003 Server Service Pack 1.

27. SafeHTML Quotes Handling Security Bypass Vulnerability
BugTraq ID: 13659
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13659
Summary:
SafeHTML does not filter HTML entities in a proper manner.  Failure to filter
HTML content can result in the exploitation of various latent vulnerabilities in
Web based applications.  A successful attack may facilitate HTML injection or
cross-site scripting type issues.

This issue has been addressed in SafeHTML version 1.3.2; earlier versions are
reported vulnerable.

28. MySQL mysql_install_db Insecure Temporary File Creation Vuln...
BugTraq ID: 13660
Remote: No
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13660
Summary:
MySQL is reportedly affected by a vulnerability that can allow local attackers
to gain unauthorized access to the database or gain elevated privileges.  This
issue results from a design error due to the creation of temporary files in an
insecure manner.

The vulnerability affects the 'mysql_install_db' script.

Due to the nature of the script it may be possible to create database accounts
or gain elevated privileges.

MySQL versions prior to 4.0.12 and MySQL 5.x releases 5.0.4 and prior versions
are reported to be affected.

29. Cheetah Local Privilege Escalation Vulnerability
BugTraq ID: 13662
Remote: No
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13662
Summary:
Cheetah is prone to a local privilege escalation vulnerability.

The issue arises because the application imports modules from the '/tmp'
directory before searching for the path from the 'PYTHONPATH' variable.

This can result in arbitrary code execution granting elevated privileges to an
attacker.

Cheetah versions prior to 0.9.17-rc1 are affected by this issue.

30. Wordpress Post.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 13663
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13663
Summary:
Wordpress is prone to a cross-site scripting vulnerability.  This issue is due
to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

31. Wordpress Edit.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 13664
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13664
Summary:
Wordpress is prone to a cross-site scripting vulnerability.  This issue is due
to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

32. Help Center Live Multiple Input Validation Vulnerabilities
BugTraq ID: 13666
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13666
Summary:
Help Center Live is prone to multiple input validation vulnerabilities.  These
issues are due to a failure in the application to properly sanitize
user-supplied input.

Reportedly the application is affected by multiple HTML injection
vulnerabilities.  Attacker-supplied HTML and script code would be able to access
properties of the site, potentially allowing for theft of cookie-based
authentication credentials. An attacker could also exploit this issue to control
how the site is rendered to the user; other attacks are also possible.

The application is also affected by multiple SQL injection vulnerabilities. 
Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

These issues have reportedly been addressed in the latest release of Help Center
Live, this information has not been confirmed by Symantec or the vendor.

33. Help Center Live Administrator Command Execution Vulnerabili...
BugTraq ID: 13667
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13667
Summary:
Help Center Live is prone to an administrator command execution vulnerability.
This issue is due to a failure of the application to properly validate access to
administrative commands.

This issue permits a remote attacker to create a malicious URI link that
performs some administrator function. If an unsuspecting forum administrator
activates this URI, the attacker-supplied command would be carried out with the
administrator's privileges. This occurs in the security context of the affected
Web site and would cause various administrator actions to be taken.

These issues have reportedly been addressed in the latest release of Help Center
Live, this information has not been confirmed by Symantec or the vendor.

34. Microsoft HTML Help Workshop HHC.EXE HHA.DLL HHC Path Memory...
BugTraq ID: 13668
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13668
Summary:
The Microsoft HTML Help Workshop compiler tool, 'hhc.exe', is prone to a memory
corruption vulnerability.

Immediate consequences of exploitation of this issue result in an application
crash; this would not be considered a vulnerability. However, it may be possible
to subtly manipulate the contents of the affected registers so that an
exploitable code path is reached. This has not been confirmed.

This BID will be updated or retired when further investigation of this issue is
completed.

35. S9Y Serendipity Multiple Unspecified Remote Vulnerabilities
BugTraq ID: 13669
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13669
Summary:
Serendipity is affected by multiple unspecified remote vulnerabilities.  These
issues can allow unauthorized users to upload certain files and carry out
cross-site scripting attacks.

These issues were discovered in Serendipity 0.8.  Prior versions may be affected
by these issues as well.

Due to a lack of details, further information cannot be provided at the moment. 
This BID will be updated when more details are available.

36. EDMS Multiple Unspecified Security Vulnerabilities
BugTraq ID: 13670
Remote: Unknown
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13670
Summary:
eDMS is prone to multiple unspecified security vulnerabilities.  

No further information is available on this issue. This BID will be updated as
new information becomes available.

These issues have been addressed in eDMS version 2.0.1; earlier versions are
reported vulnerable.

37. Avast! Antivirus Unspecified Scan Evasion Vulnerability
BugTraq ID: 13671
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13671
Summary:
Avast! Antivirus is prone to an unspecified scan evasion vulnerability. Reports
indicate that the issue manifests because the software fails to properly handle
certain unspecified types of files.

This issue could result in a malicious executable file bypassing detection and
being executed, based on a false sense of trust, by a recipient.

No further details are available in regard to this issue. However, this BID will
be updated as soon as further information is made public.

38. PROMS Multiple Unspecified SQL Injection Vulnerabilities
BugTraq ID: 13672
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13672
Summary:
PROMS is prone to multiple unspecified remote SQL injection vulnerabilities. 
These issues are due to a failure in the application to properly sanitize
user-supplied input before using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

39. PROMS Multiple Unspecified HTML Injection Vulnerabilities
BugTraq ID: 13673
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13673
Summary:
PROMS is prone to multiple HTML injection vulnerabilities.  These issues are due
to a failure in the application to properly sanitize user-supplied input before
using it in dynamically generated content.

Attacker-supplied HTML and script code would be executed in the context of the
affected Web site, potentially allowing for theft of cookie-based authentication
credentials. An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

40. PROMS Project Members Unauthorized Access Vulnerability
BugTraq ID: 13674
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13674
Summary:
PROMS is prone to an unauthorized access vulnerability.

An unauthorized remote attacker can view and modify the project members list.

The vendor has addressed this issue in PROMS version 0.11; earlier versions are
reported vulnerable.

41. Core CMS Unspecified Security Vulnerability
BugTraq ID: 13675
Remote: Unknown
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13675
Summary:
Core CMS is affected by an unspecified security vulnerability.

No further information is available on this issue. This BID will be updated as
new information becomes available.

This issue has been addressed in Core CMS version 0.4.0; earlier versions are
reported vulnerable.

42. Multiple Vendor TCP Timestamp PAWS Remote Denial Of Service ...
BugTraq ID: 13676
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13676
Summary:
A denial of service vulnerability exists for the TCP RFC 1323. The issue exists
in the Protection Against Wrapped Sequence Numbers (PAWS) technique that was
included to increase overall TCP performance.

When TCP 'timestamps' are enabled, both hosts at the endpoints of a TCP
connection employ internal clocks to mark TCP headers with a 'time stamp'
value. 
 
When TCP PAWS is configured to employ timestamp values, this functionality
exposes TCP PAWS implementations to a denial of service vulnerability. 

The issue manifests if an attacker transmits a sufficient TCP PAWS packet to a
vulnerable computer. A large value is set by the attacker as the packet
timestamp. When the target computer processes this packet, the internal timer is
updated to the large attacker supplied value. This causes all other valid
packets that are received subsequent to an attack to be dropped as they are
deemed to be too old, or invalid. This type of attack will effectively deny
service for a target connection.

43. Microsoft Outlook HTML Email URI Spoofing Vulnerability
BugTraq ID: 13677
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13677
Summary:
Microsoft Outlook is reportedly affected by a URI spoofing vulnerability.  This
issue allows a URI in an email message to be misrepresented. 

An attacker can trick users into following links to untursted sites, which can
lead to various attacks.

All versions of Microsoft Outlook are reportedly vulnerable to this issue.

It appeared that this issue allowed for address bar spoofing in Microsoft
Outlook, however, further analysis has revealed that this is not correct.  This
functionality is included in HTML.  This BID is being retired.

44. Novell ZENworks Multiple Remote Pre-Authentication Buffer Ov...
BugTraq ID: 13678
Remote: Yes
Date Published: May 18 2005
Relevant URL: http://www.securityfocus.com/bid/13678
Summary:
Novell ZENworks is prone to multiple remote pre-authentication buffer overflow
vulnerabilities.

The issues exist in the 'zenrem32.exe' executable and may be exploited by a
remote attacker to execute arbitrary code in the context of the affected
service.

45. D-Link DSL Router Remote Authentication Bypass Vulnerability
BugTraq ID: 13679
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13679
Summary:
Various D-Link DSL routers are susceptible to a remote authentication bypass
vulnerability. This issue is due to a failure of the devices to require
authentication in certain circumstances.

This vulnerability allows remote attackers to gain complete administrative
access to affected devices.

Various D-Link devices with the following firmware revisions are affected by
this issue:
- V1.00B01T16.EN.20040211
- V1.00B01T16.EU.20040217
- V0.00B01T04.UK.20040220
- V1.00B01T16.EN.20040226
- V1.00B02T02.EU.20040610
- V1.00B02T02.UK.20040618
- V1.00B02T02.EU.20040729
- V1.00B02T02.DE.20040813
- V1.00B02T02.RU.20041014

Due to the common practice of code reuse, other devices are also likely affected
by this issue.

46. Linux Kernel 64 Bit EXT3 Filesystem Extended Attribute Denia...
BugTraq ID: 13680
Remote: No
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13680
Summary:
The Linux Kernel is prone to a local denial of service vulnerability. Reports
indicate the issue manifests on 64-bit platforms and is because of a flaw
present in offset handling for the extended attribute file system code.

A local attacker may trigger this issue to crash the system kernel.

47. PPXP Local Privilege Escalation Vulnerability
BugTraq ID: 13681
Remote: No
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13681
Summary:
ppxp is prone to a local privilege escalation vulnerability.  An attacker may
abuse the issue to open a shell with superuser privileges.

48. Groove Networks Groove Virtual Office File Extension Obfusca...
BugTraq ID: 13682
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13682
Summary:
Groove Virtual Office is affected by a vulnerability that allows remote
attackers to obfuscate file extensions of potentially malicious files.

The file extension of a specially crafted file may be obfuscated in a manner
that creates a false sense of security for a user.

The user may be inclined to open a malicious file that could lead to arbitrary
code execution.  This may allow an attacker to gain unauthorized access to a
computer in the context of the vulnerable user.

49. Sun JavaMail API MimeMessage Infromation Disclosure Vulnerab...
BugTraq ID: 13683
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13683
Summary:
The MimeMessage method in the Sun JavaMail API does not perform sufficient
validation on message number values that are passed to the method during
requests. An attacker that can successfully authenticate to an email server
implementation that is written using the Sun JavaMail API, may exploit this
issue to make requests for arbitrary email messages that are stored on the
server.

50. Groove Networks Groove Virtual Office SharePoint Lists Arbit...
BugTraq ID: 13684
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13684
Summary:
Groove Virtual Office is affected by an arbitrary script injection
vulnerability.

User-supplied data is not properly sanitized from SharePoint lists and is copied
into Groove Mobile Workspace.  This can allow an attacker to inject and execute
script code in the context of the application, which can lead to various
attacks.

51. Groove Networks Groove Virtual Office COM Object Security By...
BugTraq ID: 13685
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13685
Summary:
Groove Virtual Office is prone to a security bypass vulnerability with regards
to COM objects.  Due to a failure in the application an attacker may be able to
bypass the security restrictions on COM objects and execute arbitrary code.

This issue has been addressed in Groove Virtual Office 3.1 build 2338, 3.1a
build 2364, and Groove Workspace Version 2.5n build 1871.

52. Groove Networks Groove Virtual Office Client Installation In...
BugTraq ID: 13686
Remote: No
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13686
Summary:
Reportedly, Groove Virtual Office client installation directories are created
with insecure default permissions.

This can allow an attacker to gain access to sensitive data such as
authentication credentials.

53. Microsoft Word MCW File Handler Buffer Overflow Vulnerabilit...
BugTraq ID: 13687
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13687
Summary:
Microsoft Word is prone to a buffer overflow vulnerability. The issue manifests
when a '.mcw' (MacWrite II/MS Word for Macintosh) file is processed.

It is conjectured that this issue may be exploited to execute arbitrary code in
the context of a user that processes a malicious file with the affected
software.

54. Groove Networks Groove Mobile Workspace SharePoint Lists Arb...
BugTraq ID: 13688
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13688
Summary:
Groove Virtual Office is affected by an arbitrary script injection
vulnerability.

User-supplied data is not properly sanitized from SharePoint lists and is copied
into Groove Mobile Workspace.  This can allow an attacker to inject and execute
script code in the context of the application, which can lead to various
attacks.

55. NetWin SurgeMail Multiple Unspecified Input Validation Vulne...
BugTraq ID: 13689
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13689
Summary:
Multiple unspecified vulnerabilities affect SurgeMail. Reportedly, these issues
are due to a failure of the application to properly sanitize user-supplied input
prior to employing it in critical locations including dynamic content.  A
successful attack may allow attackers to execute arbitrary HTML and script code
in a user's browser.

SurgeMail 3.0c2 is reported to be affected by these issues.  Other versions may
be vulnerable as well.

Due to a lack of details, further information cannot be provided at the moment. 
This BID will be updated when more details are available.

56. Extreme Networks ExtremeWare XOS Privilege Escalation Vulner...
BugTraq ID: 13690
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13690
Summary:
Extreme Networks ExtremeWare XOS is prone to a local privilege escalation
vulnerability. 

The exact details of the vulnerability are not available. However, reports
indicate that the issue may be leveraged by an authenticated attacker to gain
superuser shell access to the underlying XOS operating system.

This issue is reported to affect ExtremeWare XOS 11.1: all versions prior to
version 11.1.3.3, 11.0: all versions prior to 11.0.2.4, and 10.x: all versions.

57. PHP Advanced Transfer Manager Arbitrary File Include Vulnera...
BugTraq ID: 13691
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13691
Summary:
PHP Advanced Transfer Manager is prone to an arbitrary file include
vulnerability.  This issue is due to a failure in the application to properly
sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary server-side script code
on an affected computer with the privileges of the Web server process. This may
facilitate unauthorized access.

58. Episodex Guestbook HTML Injection Vulnerability
BugTraq ID: 13692
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13692
Summary:
Episodex Guestbook is prone to an HTML injection vulnerability.  This issue is
due to a failure in the application to properly sanitize user-supplied input
before using it in dynamically generated content.

Attacker-supplied HTML and script code would be executed in the context of the
affected Web site, potentially allowing for theft of cookie-based authentication
credentials. An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

59. Episodex Guestbook Unauthorized Access Vulnerability
BugTraq ID: 13693
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13693
Summary:
Episodex Guestbook is prone to an unauthorized access vulnerability.  

An unauthenticated remote attacker can directly access administrator functions.

Exploitation of this vulnerability would compromise the application and could
aid in further attacks against the underlying system.

60. Apple Mac OS X Safari Dashboard Widget Download Validation B...
BugTraq ID: 13694
Remote: Yes
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13694
Summary:
Apple Mac OS X is susceptible to a Safari download validation bypass
vulnerability when downloading Dashboard widgets. This issue is due to Safari
improperly considering Dashboard widgets to be "safe" content.

It is demonstrated that an attacker can cause Safari to automatically download,
and then install widgets into the users '~/Library/Widgets' directory. This
happens without user intervention or notification.

Reportedly, once widgets have been automatically installed via Safari, the
normal validation required for widgets to gain access to system resources is
skipped, allowing complete system access to the malicious widgets, however, this
has not been confirmed by Symantec.

This issue allows remote attackers to install malicious code into the dashboard
without user intervention or knowledge. This will likely result in malicious
script, or machine code being executed in the context of the targeted user.

Mac OS X version 10.4 is vulnerable to this issue.

61. Apple Mac OS X Local Filename Information Disclosure Vulnera...
BugTraq ID: 13695
Remote: No
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13695
Summary:
Apple Mac OS X is susceptible to a local information disclosure vulnerability.
This is due to a failure of the operating system to properly implement POSIX
permissions checking in certain circumstances.

This vulnerability allows local attackers to retrieve normally forbidden names
contained in directories. This scenario is commonly used to obscure access to
public directories (such as '~/Public/Drop Box') for security reasons, as users
are required to have knowledge about already existing files contained in these
directories to be able to access them.

62. Apple Mac OS X Screensaver Contextual Menu Access Vulnerabil...
BugTraq ID: 13696
Remote: No
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13696
Summary:
Apple Mac OS X is susceptible to a screen saver contextual menu access
vulnerability.

This issue presents itself when a user locks their screen. When the screen saver
prompts for the password when a user attempts to unlock the screen, contextual
menus are available in the text-input fields.

Attackers may be able to partially bypass locked-screen restrictions. This may
allow attackers to cause inappropriate, incriminating, or otherwise unwanted Web
sites to be displayed on targeted computers. It may also allow them to exploit
other latent vulnerabilities in applications used to handle URIs, by opening
malicious Web sites or network resources.

63. GDB Multiple Vulnerabilities
BugTraq ID: 13697
Remote: Yes
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13697
Summary:
GDB is reportedly affected by multiple vulnerabilities.  These issues can allow
an attacker to execute arbitrary code and commands on an affected computer.  A
successful attack may result in the attacker gaining elevated privileges or
unauthorized access.

The following specific issues were identified:

The application is affected by a remote heap overflow vulnerability when loading
malformed object files.

Another vulnerability affecting the application may allow local attackers to
gain elevated privileges.

GDB 6.3 is reportedly affected by these issues.  Other versions are likely
vulnerable as well.

64. Picasm Error Generation Remote Buffer Overflow Vulnerability
BugTraq ID: 13698
Remote: Yes
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13698
Summary:
Picasm is affected by a remote buffer overflow vulnerability.

An attacker can exploit this issue by supplying an excessive 'error' directive.

If successfully exploited, this issue can allow a remote attacker to gain access
to the affected computer in the context of the user running the application.

Picasm 1.12b and prior versions are vulnerable to this issue.

65. Gedit Filename Format String Vulnerability
BugTraq ID: 13699
Remote: Yes
Date Published: May 30 2005
Relevant URL: http://www.securityfocus.com/bid/13699
Summary:
gEdit is prone to a format string vulnerability.  Exploitation may occur when
the program is invoked with a filename that includes malicious format
specifiers.  This issue could be exploited to corrupt arbitrary regions of
memory with attacker-supplied data, potentially resulting in execution of
arbitrary code in the context of the user running the program.

66. EJ3 TOPo Multiple Index.PHP Cross-Site Scripting Vulnerabili...
BugTraq ID: 13700
Remote: Yes
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13700
Summary:
TOPo is prone to multiple cross-site scripting vulnerabilities.  These issues
are due to a failure in the application to properly sanitize user-supplied
input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user.  This may facilitate the theft of
cookie-based authentication credentials as well as other attacks.

67. EJ3 TOPo Comments Multiple HTML Injection Vulnerabilities
BugTraq ID: 13701
Remote: Yes
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13701
Summary:
TOPo is prone to multiple HTML injection vulnerabilities.  These issues are due
to a failure in the application to properly sanitize user-supplied input before
using it in dynamically generated content.

Attacker-supplied HTML and script code would be executed in the context of the
affected Web site, potentially allowing for theft of cookie-based authentication
credentials. An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

68. Zyxel Prestige 650R-31 Router Remote Denial of Service Vulne...
BugTraq ID: 13703
Remote: Yes
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13703
Summary:
Zyxel Prestige 650R-31 router is affected by a remote denial of service
vulnerability.

The router fails to handle specially crafted fragmented IP packets and stops
responding.

Prestige 650R-31 router running ZyNOS Firmware 3.40 (KO.1) is affected by this
issue.

69. ImageMagick And GraphicsMagick XWD Decoder Denial Of Service...
BugTraq ID: 13705
Remote: Yes
Date Published: May 21 2005
Relevant URL: http://www.securityfocus.com/bid/13705
Summary:
A remote, client-side denial of service vulnerability affects ImageMagick and
GraphicsMagick.  This issue is due to a failure of the application to handle
malformed XWD image files.

A remote attacker may leverage this issue to cause the affected application to
enter into an infinite loop condition, consuming CPU resources on the affected
computer, denying service to legitimate users.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Witty worm flaws reveal source, initial targets
By: Robert Lemos

The worm's creator used a  computer at an European ISP to spread the program
Internet-wide a year ago, starting with 110 systems at a U.S. military base, an
analysis reveals.
http://www.securityfocus.com/news/11235

2. Underground showdown: Defacers take on phishers
By: Robert Lemos

Groups fighting against online criminals intent on phishing have gained allies
from another species of underground miscreant: Web-site defacers. Have Web-site
taggers finally found a good use of their time or just more crime?
http://www.securityfocus.com/news/11212

3. Microsoft looks to "monkeys" to find Web threats
By: Robert Lemos

Can a million monkeys secure the Web for Windows? Researchers at the company use
virtual Windows XP computers to crawl the Net looking for zero-day exploits.
http://www.securityfocus.com/news/11178

4. ISPs urged to throttle spam zombies
By: John Leyden, The Register

The US Federal Trade Commission (FTC), along with more than 35 government
agencies worldwide, announced an ambitious effort on Tuesday to get ISPs and
other organisations to deliver the net from the plague of zombie spam networks.
http://www.securityfocus.com/news/11230

5. House passes anti-spyware bills
By: John Leyden, The Register

The House of Representatives approved two anti-spyware bills on Monday.
http://www.securityfocus.com/news/11229

6. US bank staff 'sold customer details'
By: John Leyden, The Register

The sale of sensitive banking details to an allegedly bent debt collection
agency has triggered warning letters to more than 100,000 US consumers.
http://www.securityfocus.com/news/11228

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. tcpdump for Windows 1.0 beta
By: microOLAP Technologies
Relevant URL: http://microolap.com/products/network/tcpdump/
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary: 

MicroOLAP TCPDUMP for Windows accurately reproduces all features of 
the original tcpdump by LBNL's Network Research Group , developed for the UNIX 
systems. Since MicroOLAP TCPDUMP for Windows is compiled with the Packet Sniffer
SDK, 
it has the following advantages:
 - does not require any third-party preinstalled drivers; 
 - works from the single 300K .EXE file; 
 - supports 1Gbit networks.

2. CIRT.DK SMTP Relay Scanner 1.4
By: Dennis Rand - CIRT.DK
Relevant URL: http://www.cirt.dk/tools/relayscanner/relayscanner.zip
Platforms: Perl (any system supporting perl)
Summary: 

CIRT.DK SMTP Relay Scanner v.1.4
Description: This program is used to test SMTP servers for Relaying problems
that could lead to an spammer using your mailserver to send SPAM. Try to bypass
relaying in as many ways as possible.
   
The SMTP Relay scanner uses plugins, and an easy plugin language so that new
plugins can be made
   
Currently 152 tests preformed
http://www.cirt.dk/tools/

3. Assimilator 1.0.0
By: Black List Software
Relevant URL: http://hackinoutthebox.com/sub5.index.php
Platforms: Windows XP
Summary: 

Assimilation is the result of assimilating something which is dissimilated. In
other words, assimilation is the result of making two dissimilar things similar.
Assimilation can be based on a baseline. A baseline is a standard or protocol
which is in place for the sake of governing events. In the case of Assimilator
v1.0.0, our baseline is a replication of the good processes which run locally on
our computers.

4. Netfilter2html 0.9
By: Rodrigo P. Telles <rodrigo@telles.org>
Relevant URL: http://n2h.telles.org/
Platforms: UNIX
Summary: 

netfilter2html is a script wrote using GAWK to process netfilter logs and
generate a nice HTML output. GAWK is faster to process text files, it can
process 100.000 text lines in a few seconds.

5. Cenzic Hailstorm 2.0
By: Cenzic, Inc.
Relevant URL: http://www.cenzic.com/prod_application_security.html
Platforms: Windows XP
Summary: 

Cenzic Hailstorm automates penetration testing for your web applications. 
Cenzic Hailstorm provides various groups ? Information Security, QA, and
Developers ? throughout the enterprise an ability to test applications for
security vulnerabilities, for enforcement of internal security policies, and for
regulatory compliancecrafted policy library to address new and unique
vulnerabilities.

6. VForce 2.1.008
By: Virtual Forge
Relevant URL: http://solutions.virtualforge.net/sol_download_en.php
Platforms: Windows NT, Windows XP
Summary: 

V-Force is an instrument with whose help attacks on web server or applications
can be simulated and the results logged and analyzed.

V. SECURITYJOBS LIST SUMMARY
----------------------------
1. [SJ-JOB] Security Consultant, Overland Park, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398810

2. [SJ-JOB] Security Consultant, Brussels, BE (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398809

3. [SJ-JOB] Security Engineer, London, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398808

4. [SJ-JOB] CHECK Team Leader, Surrey, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398807

5. [SJ-JOB] Application Security Architect, Seattle, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398806

6. [SJ-JOB] Application Security Engineer, Seattle, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398805

7. [SJ-JOB] Sales Representative, Southern California/A... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398804

8. [SJ-JOB] Jr. Security Analyst, Boise, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398803

9. [SJ-JOB] Manager, Information Security, Boise, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398802

10. [SJ-JOB] Manager, Information Security, Den Haag, NL (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398801

11. [SJ-JOB] Application Security Engineer, Milwaukee, U... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398800

12. [SJ-JOB] Security Architect, North West England, GB (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398799

13. [SJ-JOB] Security Engineer, Baltimore, US (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/398798

VI. INCIDENTS LIST SUMMARY
--------------------------
1. Suspicious traffic w src & dst port 19161 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/75/398559

VII. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. problem to exploit a stack overflow (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/398874

2. PEB heap exploitation question (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/398873

3. JavaMail Information Disclosure (msgno) (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/398555

4. Exploitation Help (Thread)
Relevant URL:

http://www.securityfocus.com/archive/82/398427

VIII. MICROSOFT FOCUS LIST SUMMARY
----------------------------------
1. Encrypting remote files with EFS (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/398846

2. SecurityFocus Microsoft Newsletter #241 (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/398515

IX. SUN FOCUS LIST SUMMARY
--------------------------
1. chroot of iPlanet 6.0 and Siebel.... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/92/398853

X. LINUX FOCUS LIST SUMMARY
---------------------------
1. Secure Kickstart Installation (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/398817

2. Bind cache availability... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/398739
[ terug ]