Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #303
----------------------------------------

This Issue is Sponsored By: SPI Dynamics

ALERT: How a Hacker Launches a SQL Injection Attack
It's as simple as placing additional SQL commands into a Web Form input box
giving hackers 
complete access to all your backend systems! Firewalls and IDS will not stop
such attacks 
because SQL Injections are NOT seen as intruders. Download this *FREE* white
paper from 
SPI Dynamics for a complete guide to protection! 

http://www.securityfocus.com/sponsor/SPIDynamics_sf-news_050614

------------------------------------------------------------------
I.    FRONT AND CENTER
       1. Shred It!
       2. A Role Model for Security. Almost.
       3. Software Firewalls: Made of Straw? Part 1 of 2
       4. Microsoft's Most Successful Failure
II.   BUGTRAQ SUMMARY
       1. MDKSA-2005:100 - Updated rsh packages fix vulnerability
       2. MDKSA-2005:099 - Updated gaim packages fix more vulnerabilities
       3. Anti-Virus Malformed ZIP Archives flaws [UPDATE]
       4. iDEFENSE Security Advisory 06.14.05: Microsoft Windows Interactive
Training Buffer Overflow Vulnerability
       5. iDEFENSE Security Advisory 06.14.05: Microsoft Outlook Express NNTP
Response Parsing Buffer Overflow Vulnerability
       6. iDEFENSE Security Advisory 06.14.05: Multiple Vendor Telnet Client
Information Disclosure Vulnerability
       7. Bluetooth dot dot attacks (update)
       8. URL-Encoding Problem in Finjan SurfinGate
       9. [NGSEC] AntiPharming v1.00 FREE
       10. Local privilege escalation using runasp V3.5.1
       11. Remote Exploit for  Web_store.cgi
       12. [ GLSA 200506-12 ] MediaWiki: Cross-site scripting vulnerability
       13. UPDATE: [ GLSA 200505-06 ] TCPDump: Decoding routines Denial of
Service vulnerability
       14. NDSS '06 -- Call for Papers
       15. FusionBB Multiple Vulnerabilities
       16. TSL-2005-0028 - multi
       17. Security contact of airport Rome, Italy
       18. reconsidering physical security: pod slurping
       19. File Upload Manager Sploits
       20. singapore v0.9.11 cross site scripting and path disclosure
       21. [ GLSA 200506-11 ] Gaim: Denial of Service vulnerabilities
       22. Bluetooth SIG Denial of Service vulnerability
       23. [ GLSA 200506-10 ] LutelWall: Insecure temporary file creation
       24. Multiple vulnerabilities in Pico Server (pServ) v3.3
       25. [ GLSA 200506-09 ] gedit: Format string vulnerability
       26. [ GLSA 200506-08 ] GNU shtool, ocaml-mysql: Insecure temporary file
creation
       27. [ GLSA 200506-07 ] Ettercap: Format string vulnerability
       28. [OpenPKG-SA-2005.010] OpenPKG Security Advisory (openpkg)
       29. [OpenPKG-SA-2005.009] OpenPKG Security Advisory (gzip)
       30. [OpenPKG-SA-2005.008] OpenPKG Security Advisory (bzip2)
       31. [OpenPKG-SA-2005.007] OpenPKG Security Advisory (cvs)
       32. osCommere HTTP Response Splitting
       33. Voice VLAN Access/Abuse Possible on Cisco voice-enabled,   
802.1x-secured Interfaces
       34. [Full-disclosure] [USN-139-1] Gaim vulnerability
       35. Webhints v1.03 Remote Command Execution
       36. "Meanwhile, on the other side of the web server" - a new write-up by
Amit Klein
       37. MDKSA-2005:098 - Updated wget packages fix vulnerabilities
       38. [ GLSA 200506-06 ] libextractor: Multiple overflow vulnerabilities
       39. Arbitrary code execution in eping plugin
       40. Invision Gallery Vulnerabilities
       41. tftp 2000 1.0.0.1
       42. [USN-138-1] gedit vulnerability
       43. Invision Community Blog Vulnerabilities
       44. SUSE Security Announcement: several kernel security problems 
(SUSE-SA:2005:029)
       45. FreeBSD Security Advisory FreeBSD-SA-05:12.bind9
       46. FreeBSD Security Advisory FreeBSD-SA-05:11.gzip
       47. FreeBSD Security Advisory FreeBSD-SA-05:10.tcpdump
       48. xmysqladmin insecure temporary file creation
       49. [ Suresec Advisories ] - Mac OS X 10.4 - launchd local root
vulnerability
       50. leafnode security announcement leafnode-SA-2005-02 (CAN-2005-1911)
       51. 2 SQL injection in Loki download manager v2.0
       52. [ GLSA 200506-05 ] SilverCity: Insecure file permissions
       53. [USN-137-1] Linux kernel vulnerabilities
III.  SECURITYFOCUS NEWS
       1. Stealthy Trojan horses, modular bot software dodging defenses
       2. Latest Bluetooth attack makes short work of weak passwords
       3. Study: Flaw disclosure hurts software maker's stock
       4. Cybersecurity czar will have hard road ahead
       5. VXers love Britney Spears - official
       6. Motorola downplays data security breach
       7. Skulls Trojan poses as security code
       8. Japanese 'Yahoo! phisher' arrested
IV.   SECURITY JOBS LIST SUMMARY
       1. [SJ-JOB] Auditor, Chicago
       2. [SJ-JOB] Security Director, Hughesville
       3. [SJ-JOB] Security System Administrator, Pittsburgh
       4. [SJ-JOB] Management, Sunnyvale
       5. [SJ-JOB] Sr. Security Engineer, Denver
       6. [SJ-JOB] Application Security Architect, Denver
       7. [SJ-JOB] Application Security Architect, Annapolis
       8. [SJ-JOB] Technical Writer, San Francisco
       9. [SJ-JOB] Sales Representative, Atlanta
       10. [SJ-JOB] Security Consultant, Livermore
       11. [SJ-JOB] Manager, Information Security, Bridgewater
       12. [SJ-JOB] Security System Administrator, Chicago
       13. [SJ-JOB] Security Engineer, Westboro
       14. [SJ-JOB] Sales Representative, Bay Area, CA
       15. [SJ-JOB] Manager, Information Security, Bridgewater
       16. [SJ-JOB] Regional Channel Manager, Reston
       17. [SJ-JOB] Security Engineer, Los Angeles
       18. [SJ-JOB] Security Architect, Eastern Iowa
       19. [SJ-JOB] Security Product Marketing Manager, Bay Area
       20. [SJ-JOB] Certification & Accreditation Engineer, Austin
       21. [SJ-JOB] Management, Toronto
       22. [SJ-JOB] Sr. Security Engineer, Dulles
       23. [SJ-JOB] Management, Little Rock
       24. [SJ-JOB] Security Engineer, New York
       25. [SJ-JOB] Sales Engineer, Portland
       26. [SJ-JOB] Auditor, Milwaukee
       27. [SJ-JOB] Security Consultant, Chicago/Schaumburg
       28. [SJ-JOB] Sales Representative, New York
       29. [SJ-JOB] Sales Engineer, East Hartford
       30. [SJ-JOB] Security Engineer, Redwood city
       31. [SJ-JOB] Security Architect, Dallas
       32. [SJ-JOB] Security Engineer, Little Rock
       33. [SJ-JOB] Application Security Engineer, Houston
       34. [SJ-JOB] Application Security Engineer, San Jose
       35. [SJ-JOB] Application Security Engineer, San Jose
       36. [SJ-JOB] Security Engineer, Houston
       37. [SJ-JOB] Security Engineer, East Hartford
       38. [SJ-JOB] Developer, Mountain View
       39. [SJ-JOB] Sales Engineer, New York
       40. [SJ-JOB] Security Architect, Boston
       41. [SJ-JOB] Auditor, Washington DC
V.    INCIDENTS LIST SUMMARY
       1. Source port 0 and from a 0 network to boot?
       2. New http attack?
VI.   VULN-DEV RESEARCH LIST SUMMARY
       1. Exploit development in Per
       2. reconsidering physical security: pod slurping
       3. New IE6 security hole
VII.  MICROSOFT FOCUS LIST SUMMARY
       1. DHCP database
       2. Scripted Software removal (Encrypting Credentials)
       3. E-Mail gateway on IIS.
       4. reconsidering physical security: pod slurping
       5. Restricting file server to access to domain computers only.
       6. Kerberos & NTLM Auth in IIS6
       7. Windows Server 2K Lockdown
       8. [Q] Beef Up Active Directory
       9. DEP on Windows XP SP2
       10. Using Messenger Service for 'Net Send' Functionality ---   
Dangerous? Why?
VIII. SUN FOCUS LIST SUMMARY
       1. Solaris Security Toolkit and Solaris 10
IX.   LINUX FOCUS LIST SUMMARY
X.    UNSUBSCRIBE INSTRUCTIONS
XI.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1. Shred It!
By Mark Rasch
The second worst thing you can do in the face of a government investigation is
to destroy the documents relevant to that investigation. The worst thing you can
do, of course, is to almost destroy these documents.
http://www.securityfocus.com/columnists/332

2. A Role Model for Security. Almost.
By Jason Miller
The pursuit of absolute security is a lot like perfectionism.
http://www.securityfocus.com/columnists/331

3. Software Firewalls: Made of Straw? Part 1 of 2
By Israel G. Lugo, Don Parker
The concept of a firewall still brings to mind the picture of an impenetrable
brick wall, the unsurpassable magic protector of all that is good.
http://www.securityfocus.com/infocus/1839

4. Microsoft's Most Successful Failure
By Mark Burnett
 Someone once asked Pable Picasso which one of his many paintings was his
favorite. His reply: the next one. Ask Steve Ballmer which version of Windows is
the most secure and guess what his answer will be?
http://www.securityfocus.com/columnists/330


II.  BUGTRAQ SUMMARY
--------------------
1. MDKSA-2005:100 - Updated rsh packages fix vulnerability
http://www.securityfocus.com/archive/1/402254

2. MDKSA-2005:099 - Updated gaim packages fix more vulnerabilities
http://www.securityfocus.com/archive/1/402256

3. Anti-Virus Malformed ZIP Archives flaws [UPDATE]
http://www.securityfocus.com/archive/1/402244

4. iDEFENSE Security Advisory 06.14.05: Microsoft Windows Interactive Training
Buffer Overflow Vulnerability
http://www.securityfocus.com/archive/1/402245

5. iDEFENSE Security Advisory 06.14.05: Microsoft Outlook Express NNTP Response
Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/archive/1/402246

6. iDEFENSE Security Advisory 06.14.05: Multiple Vendor Telnet Client
Information Disclosure Vulnerability
http://www.securityfocus.com/archive/1/402230

7. Bluetooth dot dot attacks (update)
http://www.securityfocus.com/archive/1/402262

8. URL-Encoding Problem in Finjan SurfinGate
http://www.securityfocus.com/archive/1/402231

9. [NGSEC] AntiPharming v1.00 FREE
http://www.securityfocus.com/archive/1/402251

10. Local privilege escalation using runasp V3.5.1
http://www.securityfocus.com/archive/1/402234

11. Remote Exploit for  Web_store.cgi
http://www.securityfocus.com/archive/1/402253

12. [ GLSA 200506-12 ] MediaWiki: Cross-site scripting vulnerability
http://www.securityfocus.com/archive/1/402160

13. UPDATE: [ GLSA 200505-06 ] TCPDump: Decoding routines Denial of Service
vulnerability
http://www.securityfocus.com/archive/1/402263

14. NDSS '06 -- Call for Papers
http://www.securityfocus.com/archive/1/402163

15. FusionBB Multiple Vulnerabilities
http://www.securityfocus.com/archive/1/402257

16. TSL-2005-0028 - multi
http://www.securityfocus.com/archive/1/402138

17. Security contact of airport Rome, Italy
http://www.securityfocus.com/archive/1/402126

18. reconsidering physical security: pod slurping
http://www.securityfocus.com/archive/1/402143

19. File Upload Manager Sploits
http://www.securityfocus.com/archive/1/402125

20. singapore v0.9.11 cross site scripting and path disclosure
http://www.securityfocus.com/archive/1/402127

21. [ GLSA 200506-11 ] Gaim: Denial of Service vulnerabilities
http://www.securityfocus.com/archive/1/402128

22. Bluetooth SIG Denial of Service vulnerability
http://www.securityfocus.com/archive/1/402156

23. [ GLSA 200506-10 ] LutelWall: Insecure temporary file creation
http://www.securityfocus.com/archive/1/402047

24. Multiple vulnerabilities in Pico Server (pServ) v3.3
http://www.securityfocus.com/archive/1/402045

25. [ GLSA 200506-09 ] gedit: Format string vulnerability
http://www.securityfocus.com/archive/1/402048

26. [ GLSA 200506-08 ] GNU shtool, ocaml-mysql: Insecure temporary file creation
http://www.securityfocus.com/archive/1/402050

27. [ GLSA 200506-07 ] Ettercap: Format string vulnerability
http://www.securityfocus.com/archive/1/402049

28. [OpenPKG-SA-2005.010] OpenPKG Security Advisory (openpkg)
http://www.securityfocus.com/archive/1/402142

29. [OpenPKG-SA-2005.009] OpenPKG Security Advisory (gzip)
http://www.securityfocus.com/archive/1/402129

30. [OpenPKG-SA-2005.008] OpenPKG Security Advisory (bzip2)
http://www.securityfocus.com/archive/1/402124

31. [OpenPKG-SA-2005.007] OpenPKG Security Advisory (cvs)
http://www.securityfocus.com/archive/1/402119

32. osCommere HTTP Response Splitting
http://www.securityfocus.com/archive/1/401936

33. Voice VLAN Access/Abuse Possible on Cisco voice-enabled,    802.1x-secured
Interfaces
http://www.securityfocus.com/archive/1/401938

34. [Full-disclosure] [USN-139-1] Gaim vulnerability
http://www.securityfocus.com/archive/1/401939

35. Webhints v1.03 Remote Command Execution
http://www.securityfocus.com/archive/1/401940

36. "Meanwhile, on the other side of the web server" - a new write-up by Amit
Klein
http://www.securityfocus.com/archive/1/401866

37. MDKSA-2005:098 - Updated wget packages fix vulnerabilities
http://www.securityfocus.com/archive/1/401865

38. [ GLSA 200506-06 ] libextractor: Multiple overflow vulnerabilities
http://www.securityfocus.com/archive/1/401868

39. Arbitrary code execution in eping plugin
http://www.securityfocus.com/archive/1/401862

40. Invision Gallery Vulnerabilities
http://www.securityfocus.com/archive/1/401833

41. tftp 2000 1.0.0.1
http://www.securityfocus.com/archive/1/401818

42. [USN-138-1] gedit vulnerability
http://www.securityfocus.com/archive/1/401869

43. Invision Community Blog Vulnerabilities
http://www.securityfocus.com/archive/1/401815

44. SUSE Security Announcement: several kernel security problems 
(SUSE-SA:2005:029)
http://www.securityfocus.com/archive/1/401820

45. FreeBSD Security Advisory FreeBSD-SA-05:12.bind9
http://www.securityfocus.com/archive/1/401827

46. FreeBSD Security Advisory FreeBSD-SA-05:11.gzip
http://www.securityfocus.com/archive/1/401821

47. FreeBSD Security Advisory FreeBSD-SA-05:10.tcpdump
http://www.securityfocus.com/archive/1/401834

48. xmysqladmin insecure temporary file creation
http://www.securityfocus.com/archive/1/401828

49. [ Suresec Advisories ] - Mac OS X 10.4 - launchd local root vulnerability
http://www.securityfocus.com/archive/1/401822

50. leafnode security announcement leafnode-SA-2005-02 (CAN-2005-1911)
http://www.securityfocus.com/archive/1/401819

51. 2 SQL injection in Loki download manager v2.0
http://www.securityfocus.com/archive/1/401771

52. [ GLSA 200506-05 ] SilverCity: Insecure file permissions
http://www.securityfocus.com/archive/1/401770

53. [USN-137-1] Linux kernel vulnerabilities
http://www.securityfocus.com/archive/1/401748

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Stealthy Trojan horses, modular bot software dodging defenses
By: Robert Lemos
Software that turns PCs into remotely controlled zombies is getting better, but
defenses are not keeping up. 
http://www.securityfocus.com/news/11209

2. Latest Bluetooth attack makes short work of weak passwords
By: Robert Lemos
Devices that use 4-digit PINs for security can be compromised in less than a
second, but longer passwords are proof against the attack, researchers say.
http://www.securityfocus.com/news/11202

3. Study: Flaw disclosure hurts software maker's stock
By: Robert Lemos
Stock prices suffer when vulnerabilities are found, two researchers say. The
long-term effects of public disclosure, however, are still uncertain.
http://www.securityfocus.com/news/11197

4. Cybersecurity czar will have hard road ahead
By: Robert Lemos
A bill likely to be passed this month will give the Department
of Homeland Security's chief cybersecurity officer more clout but will not solve
major issues, security experts say.
http://www.securityfocus.com/news/11194

5. VXers love Britney Spears - official
By: John Leyden
Spanish anti-virus firm Panda Software has produced a ranking of the famous
people most often used to spread viruses on the internet.
http://www.securityfocus.com/news/11210

6. Motorola downplays data security breach
By: John Leyden
A pair of computers containing personal information on Motorola workers stolen
from the office of a third party contractor has sparked a minor security flap.
http://www.securityfocus.com/news/11206

7. Skulls Trojan poses as security code
By: John Leyden
Virus writers have created mobile phone malware that poses as a pirated copy of
F-Secure's mobile anti-virus software.
http://www.securityfocus.com/news/11207

8. Japanese 'Yahoo! phisher' arrested
By: Jan Libbenga
Japanese police today arrested a man from Osaka who allegedly ran an Internet
phishing scam based around a site called Yafoo.
http://www.securityfocus.com/news/11208

IV.  SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Auditor, Chicago
http://www.securityfocus.com/archive/77/401988

2. [SJ-JOB] Security Director, Hughesville
http://www.securityfocus.com/archive/77/401990

3. [SJ-JOB] Security System Administrator, Pittsburgh
http://www.securityfocus.com/archive/77/401995

4. [SJ-JOB] Management, Sunnyvale
http://www.securityfocus.com/archive/77/401996

5. [SJ-JOB] Sr. Security Engineer, Denver
http://www.securityfocus.com/archive/77/401989

6. [SJ-JOB] Application Security Architect, Denver
http://www.securityfocus.com/archive/77/401987

7. [SJ-JOB] Application Security Architect, Annapolis
http://www.securityfocus.com/archive/77/401998

8. [SJ-JOB] Technical Writer, San Francisco
http://www.securityfocus.com/archive/77/401999

9. [SJ-JOB] Sales Representative, Atlanta
http://www.securityfocus.com/archive/77/402000

10. [SJ-JOB] Security Consultant, Livermore
http://www.securityfocus.com/archive/77/402001

11. [SJ-JOB] Manager, Information Security, Bridgewater
http://www.securityfocus.com/archive/77/402004

12. [SJ-JOB] Security System Administrator, Chicago
http://www.securityfocus.com/archive/77/401993

13. [SJ-JOB] Security Engineer, Westboro
http://www.securityfocus.com/archive/77/402003

14. [SJ-JOB] Sales Representative, Bay Area, CA
http://www.securityfocus.com/archive/77/402006

15. [SJ-JOB] Manager, Information Security, Bridgewater
http://www.securityfocus.com/archive/77/401991

16. [SJ-JOB] Regional Channel Manager, Reston
http://www.securityfocus.com/archive/77/401994

17. [SJ-JOB] Security Engineer, Los Angeles
http://www.securityfocus.com/archive/77/402002

18. [SJ-JOB] Security Architect, Eastern Iowa
http://www.securityfocus.com/archive/77/401982

19. [SJ-JOB] Security Product Marketing Manager, Bay Area
http://www.securityfocus.com/archive/77/401974

20. [SJ-JOB] Certification & Accreditation Engineer, Austin
http://www.securityfocus.com/archive/77/401975

21. [SJ-JOB] Management, Toronto
http://www.securityfocus.com/archive/77/401971

22. [SJ-JOB] Sr. Security Engineer, Dulles
http://www.securityfocus.com/archive/77/401980

23. [SJ-JOB] Management, Little Rock
http://www.securityfocus.com/archive/77/401972

24. [SJ-JOB] Security Engineer, New York
http://www.securityfocus.com/archive/77/401992

25. [SJ-JOB] Sales Engineer, Portland
http://www.securityfocus.com/archive/77/401973

26. [SJ-JOB] Auditor, Milwaukee
http://www.securityfocus.com/archive/77/401981

27. [SJ-JOB] Security Consultant, Chicago/Schaumburg
http://www.securityfocus.com/archive/77/401970

28. [SJ-JOB] Sales Representative, New York
http://www.securityfocus.com/archive/77/401962

29. [SJ-JOB] Sales Engineer, East Hartford
http://www.securityfocus.com/archive/77/401964

30. [SJ-JOB] Security Engineer, Redwood city
http://www.securityfocus.com/archive/77/401966

31. [SJ-JOB] Security Architect, Dallas
http://www.securityfocus.com/archive/77/401961

32. [SJ-JOB] Security Engineer, Little Rock
http://www.securityfocus.com/archive/77/401985

33. [SJ-JOB] Application Security Engineer, Houston
http://www.securityfocus.com/archive/77/401963

34. [SJ-JOB] Application Security Engineer, San Jose
http://www.securityfocus.com/archive/77/401967

35. [SJ-JOB] Application Security Engineer, San Jose
http://www.securityfocus.com/archive/77/401969

36. [SJ-JOB] Security Engineer, Houston
http://www.securityfocus.com/archive/77/401965

37. [SJ-JOB] Security Engineer, East Hartford
http://www.securityfocus.com/archive/77/401968

38. [SJ-JOB] Developer, Mountain View
http://www.securityfocus.com/archive/77/401960

39. [SJ-JOB] Sales Engineer, New York
http://www.securityfocus.com/archive/77/401959

40. [SJ-JOB] Security Architect, Boston
http://www.securityfocus.com/archive/77/401957

41. [SJ-JOB] Auditor, Washington DC
http://www.securityfocus.com/archive/77/401958

V.   INCIDENTS LIST SUMMARY
---------------------------
1. Source port 0 and from a 0 network to boot?
http://www.securityfocus.com/archive/75/402016

2. New http attack?
http://www.securityfocus.com/archive/75/401729

VI.  VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Exploit development in Per
http://www.securityfocus.com/archive/82/402136

2. reconsidering physical security: pod slurping
http://www.securityfocus.com/archive/82/402135

3. New IE6 security hole
http://www.securityfocus.com/archive/82/401892

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. DHCP database
http://www.securityfocus.com/archive/88/402113

2. Scripted Software removal (Encrypting Credentials)
http://www.securityfocus.com/archive/88/402112

3. E-Mail gateway on IIS.
http://www.securityfocus.com/archive/88/402104

4. reconsidering physical security: pod slurping
http://www.securityfocus.com/archive/88/402101

5. Restricting file server to access to domain computers only.
http://www.securityfocus.com/archive/88/401904

6. Kerberos & NTLM Auth in IIS6
http://www.securityfocus.com/archive/88/401853

7. Windows Server 2K Lockdown
http://www.securityfocus.com/archive/88/401825

8. [Q] Beef Up Active Directory
http://www.securityfocus.com/archive/88/401802

9. DEP on Windows XP SP2
http://www.securityfocus.com/archive/88/401688

10. Using Messenger Service for 'Net Send' Functionality ---    Dangerous? Why?
http://www.securityfocus.com/archive/88/401953

VIII. SUN FOCUS LIST SUMMARY
----------------------------
1. Solaris Security Toolkit and Solaris 10
http://www.securityfocus.com/archive/92/402093

IX. LINUX FOCUS LIST SUMMARY
[ terug ]