Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #316
----------------------------------------

This Issue is Sponsored By: AirDefense

FREE WHITE PAPER & SOFTWARE DOWNLOAD . Protect your Wi-Fi Laptops
Learn how wireless laptops can be compromised at public hotspots. This white
paper explores how Wi-Phishing works and what procedures and policies are needed
to secure the mobile workforce. Also download AirDefense Personal software to
protect your wireless laptop anywhere from hotspot phishing, Evil Twin, hackers,
misconfigurations.
Download the white paper and AirDefense Personal software at: 

http://www.securityfocus.com/sponsor/Airdefense_linux-secnews_050913

------------------------------------------------------------------
I.    FRONT AND CENTER
       1. Crime? What crime?
       2. Cisco SNMP configuration attack with a GRE tunnel
II.   BUGTRAQ SUMMARY
       1. COOL! Remote Control Remote Denial Of Service Vulnerability
       2. Mall23 Infopage.ASP SQL Injection Vulnerability
       3. Rdiff-backup Directory Access Restriction Bypass Vulnerability
       4. KAudioCreator CDDB Arbitrary File Overwrite Vulnerability
       5. PunBB Multiple SQL Injection Vulnerabilities
       6. XFree86 Pixmap Allocation Local Privilege Escalation Vulnerability
       7. PunBB BBCode URL Tag HTML Injection Vulnerability
       8. SMC SMC7904WBRA Wireless Router Remote Denial Of Service Vulnerability
       9. TMSNC Unspecified Format String Vulnerability
       10. Snort PrintTcpOptions Remote Denial Of Service Vulnerability
       11. Ingate Administrative Interface Cross-Site Scripting Vulnerability
       12. Mark D. Roth PAM_Per_User Authentication Bypass Vulnerability
       13. PHPTagCool HTTP Header SQL Injection Vulnerability
       14. PHPNuke Multiple SQL Injection Vulnerabilities
       15. Util-Linux UMount Remounting Filesystem Option Clearing Vulnerability
       16. Subscribe Me Pro S.PL Remote Directory Traversal Vulnerability
       17. Handy Address Book Server Cross-Site Scripting Vulnerability
       18. Azerbaijan Development Group AZDGDatingLite Directory Traversal
Vulnerability
       19. Land Down Under Multiple SQL Injection Vulnerabilities
       20. Mail-it Now! Upload2Server Arbitrary File Upload Vulnerability
       21. Linksys WRT54G Wireless Router Multiple Remote Vulnerabilities
       22. Sun Java System Application Server Web Application JAR Disclosure
Vulnerability
       23. AVIRA Desktop for Windows ACE Archive Handling Remote Buffer Overflow
Vulnerability
       24. Apple Mac OS X Java Insecure Temporary File Vulnerability
       25. Apple Mac OS X Untrusted Java Applet Privilege Escalation
Vulnerability
       26. Apple Mac OS X Java ServerSocket Port Hijacking Vulnerability
       27. MIVA Merchant 5 Merchant.MVC Cross-Site Scripting Vulnerability
       28. Common-Lisp-Controller Cache Arbitrary Code Injection Vulnerability
       29. LineControl Java Client Local Password Disclosure Vulnerability
       30. ATutor Password_Reminder.PHP SQL Injection Vulnerability
       31. ATutor Chat Logs Remote Information Disclosure Vulnerability
       32. Noah's Classifieds Index.PHP SQL Injection Vulnerability
       33. TWiki TWikiUsers Remote Arbitrary Command Execution Vulnerability
       34. Noah's Classifieds Index.PHP Cross-Site Scripting Vulnerability
       35. Ensim OCW_login_username HTML Injection Vulnerability
       36. Compuware DriverStudio Remote Control Null Session Authentication
Bypass Vulnerability
       37. Compuware DriverStudio Unauthorized Remote Reboot Vulnerability
       38. Cambridge Computer Corporation VxFtpSrv Remote Buffer Overflow
Vulnerability
       39. Hosting Controller Unspecified Information Disclosure Vulnerability
       40. Cambridge Computer Corporation VxWeb Remote Buffer Overflow
Vulnerability
       41. Cambridge Computer Corporation VxTftpSrv Remote Buffer Overflow
Vulnerability
       42. Digital Scribe Login SQL Injection Vulnerability
       43. Ahnlab V3 Antivirus ACE Archive Handling Remote Buffer Overflow
Vulnerability
       44. IBM Lotus Domino BaseTarget Parameter Cross-Site Scripting
Vulnerability
       45. IBM Lotus Domino Src Parameter Cross-Site Scripting Vulnerability
       46. AEwebworks aeDating Search_Result.PHP SQL Injection Vulnerability
       47. Ahnlab V3 Antivirus ACE Archive Handling Directory Traversal
Vulnerability
       48. GTKDiskFree Insecure Temporary File Creation Vulnerability
       49. Ahnlab V3 Antivirus Privilege Escalation Vulnerability
       50. DeluxeBB Multiple SQL Injection Vulnerabilities
       51. Turquoise SuperStat Date Parser Remote Buffer Overflow Vulnerability
       52. Data Center Resources Avocent CCM Privileged Port Access Bypass
Vulnerability
       53. SimpleCDR-X Insecure Temporary File Creation Vulnerability
       54. Microsoft Internet Explorer Unspecified Code Execution Vulnerability
       55. GNOME Workstation Command Center Gwcc_out.TXT Insecure Temporary File
Creation Vulnerability
       56. PHP Session Handling Local Session Hijacking Vulnerability
       57. Ncompress Insecure Temporary File Creation Vulnerability
       58. PHP-Nuke WYSIWYG Editor Unspecified Security Vulnerability
       59. SuSE YaST Local Buffer Overflow Vulnerability
       60. Arc Insecure Temporary File Creation Vulnerability
       61. Py2Play Object Unpickling Remote Python Code Execution Vulnerability
       62. Tofu Object Unpickling Remote Python Code Execution Vulnerability
       63. ClamAV UPX Compressed Executable Buffer Overflow Vulnerability
       64. ClamAV FSG Compressed Executable Infinite Loop Denial Of Service
Vulnerability
       65. Apple Safari Data URI Memory Corruption Vulnerability
       66. CutePHP CuteNews Flood Protection Client-IP PHP Code Injection
Vulnerability
III.  SECURITYFOCUS NEWS
       1. Key clicks betray passwords, typed text
       2. Microsoft's delay to patch fuels concerns
       3. Big debate over small packets
       4. Katrina's destruction attracts online fraudsters
       5. Phishers trawl for victims in Europe
       6. Firefox and Mac security sanctuaries 'under attack'
       7. Worm spoofs Google on infected PCs
       8. Arrest made in Berkeley laptop theft case
IV.   SECURITY JOBS LIST SUMMARY
       1. [SJ-JOB] Training / Awareness Specialist, Columbia
       2. [SJ-JOB] Security Consultant, Columbia
       3. [SJ-JOB] Customer Support, Columbia
       4. [SJ-JOB] Sr. Security Engineer, Westminster
       5. [SJ-JOB] Security Engineer, Myrtle Beach & Chicago
       6. [SJ-JOB] Sr. Security Engineer, Washington, DC
       7. [SJ-JOB] Sr. Security Engineer, San Antonio
       8. [SJ-JOB] Application Security Engineer, Santa Clara
       9. [SJ-JOB] Sr. Security Analyst, Calgary
       10. [SJ-JOB] Sales Representative, Alameda
       11. [SJ-JOB] Product Strategist, Morristown
       12. [SJ-JOB] Sr. Security Engineer, Englewood
       13. [SJ-JOB] Security Architect, Milpitas
       14. [SJ-JOB] Developer, Morristown
       15. [SJ-JOB] Security Architect, Denver
       16. [SJ-JOB] Developer, Morristown
       17. [SJ-JOB] Security Engineer, ST. PETERSBURG
       18. [SJ-JOB] Developer, Morristown
       19. [SJ-JOB] Security Architect, Fort Lauderdale
       20. [SJ-JOB] Sales Representative, Oshkosh, Milwaukee, Green Bay,   
Madison, Fox Valley
       21. [SJ-JOB] Developer, Buckinghamshire
       22. [SJ-JOB] Sales Engineer, Boston
       23. [SJ-JOB] Sales Engineer, Tampa
       24. [SJ-JOB] Quality Assurance, Columbia
       25. [SJ-JOB] Technical Marketing Engineer, Cupertino
       26. [SJ-JOB] Regional Channel Manager, San Jose
       27. [SJ-JOB] Quality Assurance, Columbia
       28. [SJ-JOB] Sales Representative, Columbia
       29. [SJ-JOB] Security Consultant, New York
       30. [SJ-JOB] Security System Administrator, Princeton
       31. [SJ-JOB] Security Consultant, Islandia
       32. [SJ-JOB] Security Consultant, Herndon
       33. [SJ-JOB] Database Security Engineer, Islandia
       34. [SJ-JOB] Quality Assurance, Islandia
       35. [SJ-JOB] Management, Islandia
       36. [SJ-JOB] Management, Islandia
       37. [SJ-JOB] Quality Assurance, Islandia
       38. [SJ-JOB] Instructor, Novi
       39. [SJ-JOB] Sr. Security Engineer, Islandia
       40. [SJ-JOB] Security Product Manager, Waltham
       41. [SJ-JOB] Security Product Marketing Manager, Any Location
       42. [SJ-JOB] Security Product Manager, Herndon
       43. [SJ-JOB] Security Product Manager, Islandia
       44. [SJ-JOB] Security Consultant, Herndon
       45. [SJ-JOB] Security Consultant, Charlotte
       46. [SJ-JOB] Security Consultant, Herndon
       47. [SJ-JOB] Sr. Product Manager, San Diego
       48. [SJ-JOB] Developer, Columbia
       49. [SJ-JOB] Sr. Security Analyst, London
       50. [SJ-JOB] Quality Assurance, Islandia
       51. [SJ-JOB] Quality Assurance, San Bernardino
       52. [SJ-JOB] Quality Assurance, Plano
       53. [SJ-JOB] Customer Support, Boston
       54. [SJ-JOB] Security Engineer, Charlotte
       55. [SJ-JOB] Security Consultant, Franklin
       56. [SJ-JOB] Security Consultant, New York
       57. [SJ-JOB] Security Consultant, Tampa
       58. [SJ-JOB] Security Consultant, Atlanta
       59. [SJ-JOB] Security Consultant, Miami
       60. [SJ-JOB] Security Product Manager, Herndon
       61. [SJ-JOB] Quality Assurance, Waltham
       62. [SJ-JOB] Quality Assurance, Princeton
       63. [SJ-JOB] Security Product Marketing Manager, Islandia
       64. [SJ-JOB] Security Product Manager, Any Location
       65. [SJ-JOB] Security Engineer, Richmond
       66. [SJ-JOB] Security Architect, Richmond
       67. [SJ-JOB] Security Product Manager, Belmont (San Francisco Bay Area)
       68. [SJ-JOB] Sales Representative, Vienna
       69. [SJ-JOB] Security Engineer, Cupertino
       70. [SJ-JOB] Security Architect, Lincroft
       71. [SJ-JOB] Sales Engineer, Toronto
       72. [SJ-JOB] Security Architect, Chelmsford
       73. [SJ-JOB] Manager, Information Security, Hawthorne
       74. [SJ-JOB] Security Engineer, Montvale
V.    INCIDENTS LIST SUMMARY
       1. SF new mailing list announcement: BS 7799 Security
VI.   VULN-DEV RESEARCH LIST SUMMARY
       1. Whitepaper - Writing small shellcode
       2. RUXCON 2005 Update
       3. PocketPC exploitation
VII.  MICROSOFT FOCUS LIST SUMMARY
       1. CC and Windows evaluation
       2. SecurityFocus Microsoft Newsletter #256
VIII. SUN FOCUS LIST SUMMARY
IX.   LINUX FOCUS LIST SUMMARY
       1. scanning for windows spywear with linux
X.    BOOK EXCERPTS
       1. Nessus, Snort, and Ethereal Power Tools: Customizing Open Source
Security Applications
       2. Network Security Evaluation Using the NSA IEM
       3. Extreme Exploits: Advanced Defenses Against Hardcore Hacks
XI.    UNSUBSCRIBE INSTRUCTIONS
XII.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1. Crime? What crime?
By Kelly Martin
If there's one thing I've learned in the past few years as editor of
SecurityFocus, it's that there is absolutely no saving grace in the security
world.
http://www.securityfocus.com/columnists/355

2. Cisco SNMP configuration attack with a GRE tunnel
By Mati Aharoni, William M. Hidalgo
Throughout our education as system administrators, SNMP is often a topic that
eludes us.
http://www.securityfocus.com/infocus/1847


II.  BUGTRAQ SUMMARY
--------------------
1. COOL! Remote Control Remote Denial Of Service Vulnerability
BugTraq ID: 14802
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14802
Summary:
COOL! Remote Control is vulnerable to a remote denial of service vulnerability.

Successful exploitation will permit remote attackers to deny service to
legitimate users or cause the client to crash.

COOL! Remote Control 1.12 is affected by this issue.  Other versions may be
vulnerable as well.

2. Mall23 Infopage.ASP SQL Injection Vulnerability
BugTraq ID: 14803
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14803
Summary:
Mall23 is prone to an SQL injection vulnerability. This is due to a lack of
proper sanitization of user-supplied input before using it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.


3. Rdiff-backup Directory Access Restriction Bypass Vulnerability
BugTraq ID: 14804
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14804
Summary:
rdiff-backup is affected by a directory access restriction bypass vulnerability.

A successful attack can allow an attacker to obtain directory listings and write
files outside the restricted path.

rdiff-backup 1.0 and prior versions are vulnerable to this issue.

4. KAudioCreator CDDB Arbitrary File Overwrite Vulnerability
BugTraq ID: 14805
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14805
Summary:
KAudioCreator is prone to an arbitrary file overwrite vulnerability.  This issue
is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to overwrite arbitrary files in the
security context of the user running the vulnerable application.

5. PunBB Multiple SQL Injection Vulnerabilities
BugTraq ID: 14806
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14806
Summary:
PunBB is prone to multiple SQL injection vulnerabilities. These issues are due
to a failure in the application to properly sanitize user-supplied input before
using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.


6. XFree86 Pixmap Allocation Local Privilege Escalation Vulnerability
BugTraq ID: 14807
Remote: No
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14807
Summary:
XFree86 is prone to a buffer overrun in its pixmap processing code.

This issue can potentially result in arbitrary code execution and facilitate
privileges escalation.  It is possible that an attacker may gain superuser
privileges by exploiting this issue.

7. PunBB BBCode URL Tag HTML Injection Vulnerability
BugTraq ID: 14808
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14808
Summary:
PunBB is prone to an HTML injection vulnerability. This is due to a lack of
proper sanitization of user-supplied input.

Attacker-supplied HTML and script code would be executed in the context of the
affected Web site, potentially allowing for theft of cookie-based authentication
credentials. An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.


8. SMC SMC7904WBRA Wireless Router Remote Denial Of Service Vulnerability
BugTraq ID: 14809
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14809
Summary:
A remote denial of service vulnerability affects the SMC SMC7904WBRA Wireless
Router. This issue is due to a failure of the application to handle anomalous
network traffic.

The problem is reported to present itself when copious amounts of network
traffic are targeted at the router. Apparently the router fails to handle the
network traffic and reboots. Further information is not available, however this
BID will be updated when more details are released.

An attacker may leverage this issue to cause the affected router to crash,
denying service to legitimate users.

Due to code reuse among devices, other products are also likely affected.

9. TMSNC Unspecified Format String Vulnerability
BugTraq ID: 14810
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14810
Summary:
TMSNC is prone to an unspecified format string vulnerability.  Successful
exploitation could cause the application to fail or may allow remote arbitrary
code execution.

10. Snort PrintTcpOptions Remote Denial Of Service Vulnerability
BugTraq ID: 14811
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14811
Summary:
Snort is reported prone to a remote denial of service vulnerability. The
vulnerability is reported to exist in the 'PrintTcpOptions()' function of
'log.c', and is a result of a failure to sufficiently handle malicious TCP
packets.

A remote attacker may trigger this vulnerability to crash a remote Snort server
and in doing so may prevent subsequent malicious attacks from being detected.

It should be noted that the vulnerable code path is only executed when Snort is
run with the '-v' (verbose) flag. Due to the performance penalty of running the
Snort application in verbose mode, it is likely that most production
installations of the application are not vulnerable to this issue.

Update: Further messages have stated that other paths to the vulnerable code may
be possible. Using the 'frag3' preprocessor, ASCII mode logging, the '-A fast'
command-line option, and possibly other options may expose Snort to this
vulnerability. Please see the referenced messages for further information.

11. Ingate Administrative Interface Cross-Site Scripting Vulnerability
BugTraq ID: 14812
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14812
Summary:
Ingate Firewall and SIParator are prone to a cross-site scripting vulnerability.
This is due to a failure to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting administrative user in the context of the
affected site.  This may facilitate the theft of cookie-based authentication
credentials as well as other attacks.


12. Mark D. Roth PAM_Per_User Authentication Bypass Vulnerability
BugTraq ID: 14813
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14813
Summary:
Pam_per_user is prone to an authentication bypass vulnerability. This issue is
due to a design error in the module.

Successful exploitation could allow an unauthorized user to bypass
authentication, allowing them to gain administrative access to affected
computers.

It should be noted that only certain executables that utilize PAM are vulnerable
to this issue, due to the method of calling it. The 'login' program is
identified as one program that may be exploited, but other programs may also be
exploitable in conjunction with this module.

This vulnerability affects pam_per_user versions prior to 0.4.


13. PHPTagCool HTTP Header SQL Injection Vulnerability
BugTraq ID: 14814
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14814
Summary:
PhpTagCool is prone to an SQL injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

14. PHPNuke Multiple SQL Injection Vulnerabilities
BugTraq ID: 14815
Remote: Yes
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14815
Summary:
PHPNuke is prone to multiple SQL injection vulnerabilities. These issues are due
to a lack of sufficient sanitization of user-supplied input before passing it to
SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.


15. Util-Linux UMount Remounting Filesystem Option Clearing Vulnerability
BugTraq ID: 14816
Remote: No
Date Published: 2005-09-12
Relevant URL: http://www.securityfocus.com/bid/14816
Summary:
Util-linux is susceptible to a filesystem option clearing vulnerability. This
issue is due to a design flaw that improperly clears mounted-filesystem options
in certain circumstances.

This vulnerability allows attackers to clear mounted-filesystem options,
allowing them to execute setuid applications to gain elevated privileges. Other
attacks are also possible.

16. Subscribe Me Pro S.PL Remote Directory Traversal Vulnerability
BugTraq ID: 14817
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14817
Summary:
Subscribe Me Pro is prone to a directory traversal vulnerability. This is due to
a lack of proper sanitization of user-supplied input.

Exploitation of this vulnerability could lead to a loss of confidentiality as
arbitrary files are disclosed to an attacker.  Information obtained through this
attack may aid in further attacks against the underlying system.

Subscribe Me Pro 2.044.09P and prior are affected by this vulnerability.


17. Handy Address Book Server Cross-Site Scripting Vulnerability
BugTraq ID: 14818
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14818
Summary:
Handy Address Book Server is prone to a cross-site scripting vulnerability. 

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user in the context of the affected site.  This
may facilitate the theft of cookie-based authentication credentials as well as
other attacks.


18. Azerbaijan Development Group AZDGDatingLite Directory Traversal
Vulnerability
BugTraq ID: 14819
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14819
Summary:
AzDGDatingLite is prone to a directory traversal vulnerability.  This issue is
due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this vulnerability by supplying directory traversal
strings, followed by a filename and a NULL byte character and include an
arbitrary local file.  

The impact of successful exploitation will depend on the contents of the local
included file.

19. Land Down Under Multiple SQL Injection Vulnerabilities
BugTraq ID: 14820
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14820
Summary:
Land Down Under is prone to multiple SQL injection vulnerabilities.  These
issues are due to a failure in the application to properly sanitize
user-supplied input before using it in SQL queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

20. Mail-it Now! Upload2Server Arbitrary File Upload Vulnerability
BugTraq ID: 14821
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14821
Summary:
Mail-it Now! Upload2Server is prone to an arbitrary file upload vulnerability. 
This issue is due to a failure in the application to properly sanitize
user-supplied input before uploading files.

Successful exploitation will cause the application to execute the file in the
security context of the Web server process.  This may facilitate unauthorized
access; other attacks are also possible.

21. Linksys WRT54G Wireless Router Multiple Remote Vulnerabilities
BugTraq ID: 14822
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14822
Summary:
Multiple vulnerabilities have been identified in Linksys WRT54G routers. These
issue all require that an attacker have access to either the wireless, or
internal LAN network segments of the affected device. Exploitation from the WAN
interface is only possible if the affected device has remote management enabled.

This issue allows attackers to:
- Download and replace the configuration of affected routers.
- Execute arbitrary machine code in the context of the affected device.
- Utilize HTTP POST requests to upload router configuration and firmware files
without proper authentication
- Degrade the performance of affected devices and cause the Web server to become
unresponsive, potentially denying service to legitimate users.

22. Sun Java System Application Server Web Application JAR Disclosure
Vulnerability
BugTraq ID: 14823
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14823
Summary:
Sun Java System Application Server is prone to an information disclosure
vulnerability.  In particular, remote attackers may potentially gain
unauthorized access to JAR files that are associated with deployed Web
applications.

23. AVIRA Desktop for Windows ACE Archive Handling Remote Buffer Overflow
Vulnerability
BugTraq ID: 14824
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14824
Summary:
AVIRA Desktop for Windows is affected by a remote buffer overflow vulnerability
when handling ACE archives.

If the application has been enabled to scan compressed files and proceeds to
process a malicious archive, a buffer overflow condition can be triggered. This
may lead to memory corruption and potentially facilitate arbitrary code
execution.

An attacker may exploit this vulnerability to gain unauthorized remote access in
the context of SYSTEM.

Desktop for Windows version 1.00.00.68 running AVPACK32.DLL version 6.31.0.3 is
reportedly vulnerable.  It is possible that other versions are affected as well.

24. Apple Mac OS X Java Insecure Temporary File Vulnerability
BugTraq ID: 14825
Remote: No
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14825
Summary:
Sun Java running on Mac OS X is prone to an insecure temporary file creation
vulnerability.  Successful exploitation could allow corruption of files or
creation of arbitrary files.  It may also be possible for an attacker to
escalate their privileges by exploiting this vulnerability, however, this is
unconfirmed.




25. Apple Mac OS X Untrusted Java Applet Privilege Escalation Vulnerability
BugTraq ID: 14826
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14826
Summary:
Apple Mac OS X is prone to a vulnerability that can allow an untrusted Java
applet to gain elevated privileges.

It is conjectured that this could allow the applet to access resources with the
privilege level of the user running the applet, potentially allowing the applet
to read, write, or execute files on the system that are accessible to the user.

It should be noted that this issue is only specific to Java running on Mac OS X
10.3.9 and prior.

26. Apple Mac OS X Java ServerSocket Port Hijacking Vulnerability
BugTraq ID: 14827
Remote: No
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14827
Summary:
Apple Mac OS X Java implementation is prone to a vulnerability that could permit
one Java program to intercept another programs data.

An attacker can exploit this vulnerability to retrieve data intended for another
Java application.  This may result in information disclosure; other attacks may
also be possible.

This issue is reported to only affect the Apple Mac OS X implementation of Java.

27. MIVA Merchant 5 Merchant.MVC Cross-Site Scripting Vulnerability
BugTraq ID: 14828
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14828
Summary:
MIVA Merchant 5 is prone to a cross-site scripting vulnerability.This issue is
due to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user in the context of the affected site.  This
may facilitate the theft of cookie-based authentication credentials as well as
other attacks.


28. Common-Lisp-Controller Cache Arbitrary Code Injection Vulnerability
BugTraq ID: 14829
Remote: No
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14829
Summary:
common-lisp-controller is prone to an arbitrary code injection vulnerability.

Successful exploitation may facilitate privilege escalation; other attacks are
also possible.

29. LineControl Java Client Local Password Disclosure Vulnerability
BugTraq ID: 14830
Remote: No
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14830
Summary:
LineControl Java Client is prone to a password disclosure vulnerability. This is
due to a design error in the application.

LineControl Java Client version 0.8.0 is is vulnerable to this issue, however,
other versions may be affected as well.


30. ATutor Password_Reminder.PHP SQL Injection Vulnerability
BugTraq ID: 14831
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14831
Summary:
ATutor is prone to an SQL injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

31. ATutor Chat Logs Remote Information Disclosure Vulnerability
BugTraq ID: 14832
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14832
Summary:
ATutor is prone to a remote information disclosure vulnerability.  This issue is
due to a failure in the application to perform proper access validation before
granting access to privileged information.

A remote attacker can exploit this vulnerability and make repeated GET requests
for the chat logs, effectively retrieving all chat archives.  Information
obtained may aid an attacker in further attacks.

32. Noah's Classifieds Index.PHP SQL Injection Vulnerability
BugTraq ID: 14833
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14833
Summary:
Noah's Classifieds is prone to an SQL injection vulnerability. This is due to a
lack of proper sanitization of user-supplied input before using it in an SQL
query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.




33. TWiki TWikiUsers Remote Arbitrary Command Execution Vulnerability
BugTraq ID: 14834
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14834
Summary:
A remote command execution vulnerability affects the application.

The revision control function of the TWikiUsers script uses the backtick shell
metacharacter to construct a command line.  An attacker may use a specially
crafted URI to execute arbitrary commands through the shell. 

This attack would occur in the context of the vulnerable application and can
facilitate unauthorized remote access.


34. Noah's Classifieds Index.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14835
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14835
Summary:
Noah's Classifieds is prone to a cross-site scripting vulnerability. This issue
is due to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user in the context of the affected site.  This
may facilitate the theft of cookie-based authentication credentials as well as
other attacks.


35. Ensim OCW_login_username HTML Injection Vulnerability
BugTraq ID: 14836
Remote: Yes
Date Published: 2005-09-14
Relevant URL: http://www.securityfocus.com/bid/14836
Summary:
Ensim is prone to an HTML injection vulnerability.  This issue is due to a
failure in the application to properly sanitize user-supplied input before using
it in dynamically generated content.

Attacker-supplied HTML and script code would be executed in the context of the
affected Web site, potentially allowing for theft of cookie-based authentication
credentials. An attacker could also exploit this issue to control how the site
is rendered to the user; other attacks are also possible.

36. Compuware DriverStudio Remote Control Null Session Authentication Bypass
Vulnerability
BugTraq ID: 14837
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14837
Summary:
Compuware DriverStudio is prone to an issue that may permit remote attackers to
bypass authentication.  This issue exists in the DriverStudio Remote Control
Service.

If the attack is successful, it is possible to launch further attacks that could
result in execution of arbitrary code on the vulnerable computer.

37. Compuware DriverStudio Unauthorized Remote Reboot Vulnerability
BugTraq ID: 14838
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14838
Summary:
Compuware DriverStudio is prone to a vulnerability that may let unauthorized
remote users to reboot the system it is running on.

Remote attackers may exploit this issue by sending a specially crafted UDP
datagram to the DriverStudio Remote Control Service.

This issue could be exploited in combination with BID 14837 "Compuware
DriverStudio Remote Control Null Session Authentication Bypass Vulnerability" to
create circumstances that allow for remote code execution on the affected
computer.

38. Cambridge Computer Corporation VxFtpSrv Remote Buffer Overflow Vulnerability
BugTraq ID: 14839
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14839
Summary:
vxFtpSrv is prone to a remote buffer overflow vulnerability.

A successful attack may trigger a crash in the server or lead to arbitrary code
execution. The attacker may then gain unauthorized remote access in the context
of the server application. 

vxFtpSrv 0.9.7 is reported to be affected by this issue.  Other versions may
also be vulnerable.

39. Hosting Controller Unspecified Information Disclosure Vulnerability
BugTraq ID: 14840
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14840
Summary:
Hosting Controller is prone to an unspecified information disclosure
vulnerability.

This vulnerability could permit a remote attacker to view directory listings and
download arbitrary files.

This issue was reported in Hosting Controller 6.1 Hotfix 2.3 and fixed in Hotfix
2.4.  Earlier versions could also be affected.

40. Cambridge Computer Corporation VxWeb Remote Buffer Overflow Vulnerability
BugTraq ID: 14841
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14841
Summary:
vxWeb is prone to a remote buffer overflow vulnerability.

A successful attack may trigger a crash in the server.  This issue could lead to
arbitrary code execution, however, this was not confirmed.  If arbitrary code
execution is possible, the attacker may gain unauthorized remote access in the
context of the server application.

vxWeb 1.1.4 is reported to be affected by this issue. Other versions may also be
vulnerable.

41. Cambridge Computer Corporation VxTftpSrv Remote Buffer Overflow
Vulnerability
BugTraq ID: 14842
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14842
Summary:
vxTftpSrv is prone to a remote buffer overflow vulnerability.

A successful attack may trigger a crash in the server or lead to arbitrary code
execution. The attacker may then gain unauthorized remote access in the context
of the server application. 

vxTftpSrv 1.7.0 is reported to be affected by this issue. Other versions may
also be vulnerable.

42. Digital Scribe Login SQL Injection Vulnerability
BugTraq ID: 14843
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14843
Summary:
Digital Scribe is prone to an SQL injection vulnerability.  This issue is due to
a failure in the application to properly sanitize user-supplied input before
using it in an SQL query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

43. Ahnlab V3 Antivirus ACE Archive Handling Remote Buffer Overflow
Vulnerability
BugTraq ID: 14844
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14844
Summary:
Ahnlab V3 Antivirus products are affected by a remote buffer overflow
vulnerability when handling ACE archives.

An attacker may exploit this vulnerability to gain unauthorized remote access in
the context of SYSTEM. 

AhnLab V3Pro 2004 Build 6.0.0.383, AhnLab V3 VirusBlock 2005 Build 6.0.0.383,
and AhnLab V3Net for Windows Server 6.0 Build 6.0.0.383 are reported to be
vulnerable.  Other versions may be affected as well.

44. IBM Lotus Domino BaseTarget Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 14845
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14845
Summary:
IBM Lotus Domino is prone to a cross-site scripting vulnerability.  This is due
to insufficient input validation of data supplied through URI parameters.

An attacker may exploit this by enticing a victim user into visiting a malicious
link that contains HTML and script code.

Exploitation may permit theft of cookie-based authentication credentials.  Other
attacks are also possible.

45. IBM Lotus Domino Src Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 14846
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14846
Summary:
IBM Lotus Domino is prone to a cross-site scripting vulnerability.  This is due
to insufficient input validation of data supplied through URI parameters.

An attacker may exploit this by enticing a victim user into visiting a malicious
link that contains HTML and script code.

Exploitation may permit theft of cookie-based authentication credentials.  Other
attacks are also possible.

46. AEwebworks aeDating Search_Result.PHP SQL Injection Vulnerability
BugTraq ID: 14847
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14847
Summary:
AEwebworks aeDating is prone to an SQL injection vulnerability. This is due to a
lack of proper sanitization of user-supplied input before it is used in an SQL
query.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.

47. Ahnlab V3 Antivirus ACE Archive Handling Directory Traversal Vulnerability
BugTraq ID: 14848
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14848
Summary:
Ahnlab V3 Antivirus products are affected by a remote directory traversal
vulnerability facilitating arbitrary file uploads.

Malicious files may be placed in arbitrary locations on the filesystem, which
can lead to various attacks including arbitrary code execution.

AhnLab V3Pro 2004 Build 6.0.0.383, AhnLab V3 VirusBlock 2005 Build 6.0.0.383,
and AhnLab V3Net for Windows Server 6.0 Build 6.0.0.383 are reported to be
vulnerable. Other versions may be affected as well.

48. GTKDiskFree Insecure Temporary File Creation Vulnerability
BugTraq ID: 14849
Remote: No
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14849
Summary:
GtkDiskFree creates temporary files in an insecure manner. The issue exists in
the 'src/mount.c' file.

Exploitation would most likely result in loss of data or a denial of service if
critical files are overwritten in the attack. Other attacks may be possible as
well.

49. Ahnlab V3 Antivirus Privilege Escalation Vulnerability
BugTraq ID: 14850
Remote: No
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14850
Summary:
Ahnlab V3 Antivirus products are affected by a local privilege escalation
vulnerability.

A successful attack can allow a local attacker to execute arbitrary applications
with SYSTEM privileges.  The attacker can also disable the scan engine, which
can leave a computer vulnerable to malicious code attacks.

AhnLab V3Pro 2004 Build 6.0.0.383, AhnLab V3 VirusBlock 2005 Build 6.0.0.383,
and AhnLab V3Net for Windows Server 6.0 Build 6.0.0.383 are reported to be
vulnerable. Other versions may also be affected.

50. DeluxeBB Multiple SQL Injection Vulnerabilities
BugTraq ID: 14851
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14851
Summary:
DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a
lack of proper sanitization of user-supplied input before being sent to SQL
queries.

Successful exploitation could result in a compromise of the application,
disclosure or modification of data, or may permit an attacker to exploit
vulnerabilities in the underlying database implementation.


51. Turquoise SuperStat Date Parser Remote Buffer Overflow Vulnerability
BugTraq ID: 14852
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14852
Summary:
Turquoise SuperStat is prone to a buffer overflow in its NNTP response
mechanism.

The vulnerability presents itself when a malicious NNTP server supplies
excessive data to the application that is handled by the date parsing routines.

A successful attack may result in a remote compromise.

52. Data Center Resources Avocent CCM Privileged Port Access Bypass
Vulnerability
BugTraq ID: 14853
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14853
Summary:
Avocent CCM is prone to a vulnerability that permits the bypass of access
control to privileged ports.  This issue is due to a failure in the application
to perform proper authorization before granting access to internal functions.

An attacker can exploit this vulnerability to bypass access control and gain
privileged access to ports and devices connected to the vulnerable appliance.

53. SimpleCDR-X Insecure Temporary File Creation Vulnerability
BugTraq ID: 14855
Remote: No
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14855
Summary:
SimpleCDR-X creates temporary files in an insecure manner.

A local attacker would most likely take advantage of this vulnerability by
creating a malicious symbolic link in a directory where the temporary files will
be created. 

Exploitation would most likely result in loss of data or a denial of service if
critical files are overwritten in the attack. Other attacks may also be
possible.

SimpleCDR-X 1.3.3 is reported to be vulnerable.  Other versions may also be
affected.

54. Microsoft Internet Explorer Unspecified Code Execution Vulnerability
BugTraq ID: 14856
Remote: Yes
Date Published: 2005-09-15
Relevant URL: http://www.securityfocus.com/bid/14856
Summary:
Microsoft Internet Explorer is affected by an unspecified remote code execution
vulnerability.

This issue affects Internet Explore 6.0, 6.0 SP1, and 6.0 SP2.  Other versions
may also be vulnerable.

Due to a lack of information, further details cannot be described at the moment.
This BID will be updated when more information becomes available.

55. GNOME Workstation Command Center Gwcc_out.TXT Insecure Temporary File
Creation Vulnerability
BugTraq ID: 14857
Remote: No
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14857
Summary:
GNOME Workstation Command Center creates temporary files in an insecure manner.

A local attacker would most likely take advantage of this vulnerability by
creating a malicious symbolic link in a directory where the temporary files will
be created. 

Exploitation would most likely result in loss of data or a denial of service if
critical files are overwritten in the attack. Other attacks may also be
possible.

GNOME Workstation Command Center version 0.98 is reported to be vulnerable. 
Other earlier versions may also be affected.

56. PHP Session Handling Local Session Hijacking Vulnerability
BugTraq ID: 14858
Remote: No
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14858
Summary:
PHP is prone to a vulnerability that permits local hijacking of session
variables.  The problem presents itself in the way PHP stores session variables.

This issue can be exploited to hijack the session variables of victim users of
other PHP applications running on a system utilizing a vulnerable version of
PHP.

This issue is reported to effect the 3.x and 4.x versions of PHP; other versions
may also be affected.

57. Ncompress Insecure Temporary File Creation Vulnerability
BugTraq ID: 14859
Remote: No
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14859
Summary:
Ncompress creates temporary files in an insecure manner. 

A local attacker would most likely take advantage of this vulnerability by
creating a malicious symbolic link in a directory where the temporary files will
be created. 

Exploitation would most likely result in loss of data or a denial of service if
critical files are overwritten in the attack. Other attacks may also be
possible.

The vulnerability is reported in version 4.2.4. Other versions may also be
affected.


58. PHP-Nuke WYSIWYG Editor Unspecified Security Vulnerability
BugTraq ID: 14860
Remote: Yes
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14860
Summary:
PHP-Nuke is affected by an unspecified security vulnerability.

The vendor reports that the wysiwyg editor is affected by a potential security
vulnerability.  No other details are available on this issue.  This BID will be
updated as more information becomes available.

This issue has been addressed in PHP-Nuke version 7.9.


59. SuSE YaST Local Buffer Overflow Vulnerability
BugTraq ID: 14861
Remote: No
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14861
Summary:
SuSE YaST is affected by a local buffer overflow vulnerability.

A local attacker may exploit this issue to execute arbitrary code with superuser
privileges.

SuSE Linux 9.3 is reported to be vulnerable.  Other versions may be affected as
well.

60. Arc Insecure Temporary File Creation Vulnerability
BugTraq ID: 14863
Remote: No
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14863
Summary:
ARC creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to view files
and obtain privileged information.  The attacker may also perform symlink
attacks, overwriting arbitrary files in the context of the affected application.

Exploitation would most likely result in loss of confidentiality and theft of
privileged information. Successful exploitation of a symlink attack may result
in sensitive configuration files being overwritten.  This may result in a denial
of service; other attacks may also be possible.

ARC 5.21j and earlier versions are reported to be vulnerable.


61. Py2Play Object Unpickling Remote Python Code Execution Vulnerability
BugTraq ID: 14864
Remote: Yes
Date Published: 2005-09-17
Relevant URL: http://www.securityfocus.com/bid/14864
Summary:
Py2Play is prone to a vulnerability that may let remote attackers execute
arbitrary Python code in the context of the program.  

This issue could be exploited by remote peers.

62. Tofu Object Unpickling Remote Python Code Execution Vulnerability
BugTraq ID: 14865
Remote: Yes
Date Published: 2005-09-17
Relevant URL: http://www.securityfocus.com/bid/14865
Summary:
Tofu is prone to a vulnerability that may let remote attackers execute arbitrary
Python code in the context of the program.  

This issue could be exploited by remote peers.

63. ClamAV UPX Compressed Executable Buffer Overflow Vulnerability
BugTraq ID: 14866
Remote: Yes
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14866
Summary:
ClamAV is prone to a remote buffer overflow vulnerability.  This condition
occurs when the program processes malformed UPX compressed executables.

Successful exploitation may result in execution of arbitrary code in the context
of the application.

64. ClamAV FSG Compressed Executable Infinite Loop Denial Of Service
Vulnerability
BugTraq ID: 14867
Remote: Yes
Date Published: 2005-09-16
Relevant URL: http://www.securityfocus.com/bid/14867
Summary:
ClamAV is prone to a remote denial of service vulnerability.  This issue occurs
when the application handles a malformed FSG compressed executable.  

Exploitation could cause the application to enter an infinite loop, resulting in
a denial of service.

65. Apple Safari Data URI Memory Corruption Vulnerability
BugTraq ID: 14868
Remote: Yes
Date Published: 2005-09-17
Relevant URL: http://www.securityfocus.com/bid/14868
Summary:
Apple Safari is prone to a memory corruption vulnerability.  This issue is
exposed when the browser opens specific 'data:' URIs, causing the browser to
crash.

Though unconfirmed, this vulnerability could be exploitable to execute arbitrary
code.

66. CutePHP CuteNews Flood Protection Client-IP PHP Code Injection Vulnerability
BugTraq ID: 14869
Remote: Yes
Date Published: 2005-09-17
Relevant URL: http://www.securityfocus.com/bid/14869
Summary:
CutePHP CuteNews is prone to a vulnerability that may let remote attackers
inject PHP and execute PHP code.  This is due to an input validation error that
lets remote users inject PHP code into a temporary file used by the flood
protection feature of the application.

Exploitation could allow for remote execution of PHP code in the context of the
server hosting the application.

This issue is reported to affected CuteNews 1.4.0.  Other versions may also be
affected.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Key clicks betray passwords, typed text
By: Robert Lemos
University researchers find that a ten-minute recording of a person's typing  is
enough to recover more than 90 percent of the words entered on a computer
keyboard.
http://www.securityfocus.com/news/11318

2. Microsoft's delay to patch fuels concerns
By: Robert Lemos
The software giant decides to cancel a security fix after problems are found,
causing a row in the security community over the value of regularly scheduled
patches.
http://www.securityfocus.com/news/11313

3. Big debate over small packets
By: Robert Lemos
After a summer of debate over whether flaws in ICMP are a serious threat, an
Argentinian researcher continues to lobby the Internet's technical standards
body  to implement his proposal  to fix the issues.
http://www.securityfocus.com/news/11306

4. Katrina's destruction attracts online fraudsters
By: Robert Lemos
>From questionable charity sites to malicious code with a hurricane hook, people
ready to take advantage of the natural disaster in New Orleans and the Gulf of
Mexico have pursued their schemes on the Internet.
http://www.securityfocus.com/news/11302

5. Phishers trawl for victims in Europe
By: John Leyden
Security watchers are reporting a surge of phishing attacks targeting European
banks. Phishing attacks against over two dozen European banks were detected by
security firm Websense last weekend (17-18 September).
http://www.securityfocus.com/news/11323

6. Firefox and Mac security sanctuaries 'under attack'
By: John Leyden
Symantec has attacked the perceived security advantages of Firefox and Apple
Macs by drawing unfavourable comparisons with Microsoft's software and
describing Mac fans as living in a "false paradise".
http://www.securityfocus.com/news/11321

7. Worm spoofs Google on infected PCs
By: John Leyden
Virus writers have developed a worm that spoofs the behaviour of internet search
engine Google, varying the results displayed to suit the requirements of
hackers.
http://www.securityfocus.com/news/11322

8. Arrest made in Berkeley laptop theft case
By: John Leyden
Police have arrested a man after recovering a stolen laptop that held personal
data on more than 98,000 University of California, Berkeley students and
applicants.
http://www.securityfocus.com/news/11319

IV.  SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Training / Awareness Specialist, Columbia
http://www.securityfocus.com/archive/77/411204

2. [SJ-JOB] Security Consultant, Columbia
http://www.securityfocus.com/archive/77/411211

3. [SJ-JOB] Customer Support, Columbia
http://www.securityfocus.com/archive/77/411209

4. [SJ-JOB] Sr. Security Engineer, Westminster
http://www.securityfocus.com/archive/77/411195

5. [SJ-JOB] Security Engineer, Myrtle Beach & Chicago
http://www.securityfocus.com/archive/77/411194

6. [SJ-JOB] Sr. Security Engineer, Washington, DC
http://www.securityfocus.com/archive/77/411197

7. [SJ-JOB] Sr. Security Engineer, San Antonio
http://www.securityfocus.com/archive/77/411192

8. [SJ-JOB] Application Security Engineer, Santa Clara
http://www.securityfocus.com/archive/77/411193

9. [SJ-JOB] Sr. Security Analyst, Calgary
http://www.securityfocus.com/archive/77/411196

10. [SJ-JOB] Sales Representative, Alameda
http://www.securityfocus.com/archive/77/411186

11. [SJ-JOB] Product Strategist, Morristown
http://www.securityfocus.com/archive/77/411125

12. [SJ-JOB] Sr. Security Engineer, Englewood
http://www.securityfocus.com/archive/77/411129

13. [SJ-JOB] Security Architect, Milpitas
http://www.securityfocus.com/archive/77/411126

14. [SJ-JOB] Developer, Morristown
http://www.securityfocus.com/archive/77/411127

15. [SJ-JOB] Security Architect, Denver
http://www.securityfocus.com/archive/77/411128

16. [SJ-JOB] Developer, Morristown
http://www.securityfocus.com/archive/77/411109

17. [SJ-JOB] Security Engineer, ST. PETERSBURG
http://www.securityfocus.com/archive/77/411108

18. [SJ-JOB] Developer, Morristown
http://www.securityfocus.com/archive/77/411110

19. [SJ-JOB] Security Architect, Fort Lauderdale
http://www.securityfocus.com/archive/77/411106

20. [SJ-JOB] Sales Representative, Oshkosh, Milwaukee, Green Bay,    Madison,
Fox Valley
http://www.securityfocus.com/archive/77/411107

21. [SJ-JOB] Developer, Buckinghamshire
http://www.securityfocus.com/archive/77/411048

22. [SJ-JOB] Sales Engineer, Boston
http://www.securityfocus.com/archive/77/411050

23. [SJ-JOB] Sales Engineer, Tampa
http://www.securityfocus.com/archive/77/411047

24. [SJ-JOB] Quality Assurance, Columbia
http://www.securityfocus.com/archive/77/411045

25. [SJ-JOB] Technical Marketing Engineer, Cupertino
http://www.securityfocus.com/archive/77/411041

26. [SJ-JOB] Regional Channel Manager, San Jose
http://www.securityfocus.com/archive/77/411042

27. [SJ-JOB] Quality Assurance, Columbia
http://www.securityfocus.com/archive/77/411039

28. [SJ-JOB] Sales Representative, Columbia
http://www.securityfocus.com/archive/77/411040

29. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/410950

30. [SJ-JOB] Security System Administrator, Princeton
http://www.securityfocus.com/archive/77/410952

31. [SJ-JOB] Security Consultant, Islandia
http://www.securityfocus.com/archive/77/410951

32. [SJ-JOB] Security Consultant, Herndon
http://www.securityfocus.com/archive/77/410953

33. [SJ-JOB] Database Security Engineer, Islandia
http://www.securityfocus.com/archive/77/410944

34. [SJ-JOB] Quality Assurance, Islandia
http://www.securityfocus.com/archive/77/410941

35. [SJ-JOB] Management, Islandia
http://www.securityfocus.com/archive/77/410942

36. [SJ-JOB] Management, Islandia
http://www.securityfocus.com/archive/77/410945

37. [SJ-JOB] Quality Assurance, Islandia
http://www.securityfocus.com/archive/77/410948

38. [SJ-JOB] Instructor, Novi
http://www.securityfocus.com/archive/77/410940

39. [SJ-JOB] Sr. Security Engineer, Islandia
http://www.securityfocus.com/archive/77/410947

40. [SJ-JOB] Security Product Manager, Waltham
http://www.securityfocus.com/archive/77/410949

41. [SJ-JOB] Security Product Marketing Manager, Any Location
http://www.securityfocus.com/archive/77/410939

42. [SJ-JOB] Security Product Manager, Herndon
http://www.securityfocus.com/archive/77/410943

43. [SJ-JOB] Security Product Manager, Islandia
http://www.securityfocus.com/archive/77/410863

44. [SJ-JOB] Security Consultant, Herndon
http://www.securityfocus.com/archive/77/410870

45. [SJ-JOB] Security Consultant, Charlotte
http://www.securityfocus.com/archive/77/410877

46. [SJ-JOB] Security Consultant, Herndon
http://www.securityfocus.com/archive/77/410868

47. [SJ-JOB] Sr. Product Manager, San Diego
http://www.securityfocus.com/archive/77/410798

48. [SJ-JOB] Developer, Columbia
http://www.securityfocus.com/archive/77/410797

49. [SJ-JOB] Sr. Security Analyst, London
http://www.securityfocus.com/archive/77/410799

50. [SJ-JOB] Quality Assurance, Islandia
http://www.securityfocus.com/archive/77/410794

51. [SJ-JOB] Quality Assurance, San Bernardino
http://www.securityfocus.com/archive/77/410795

52. [SJ-JOB] Quality Assurance, Plano
http://www.securityfocus.com/archive/77/410796

53. [SJ-JOB] Customer Support, Boston
http://www.securityfocus.com/archive/77/410823

54. [SJ-JOB] Security Engineer, Charlotte
http://www.securityfocus.com/archive/77/410822

55. [SJ-JOB] Security Consultant, Franklin
http://www.securityfocus.com/archive/77/410820

56. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/410818

57. [SJ-JOB] Security Consultant, Tampa
http://www.securityfocus.com/archive/77/410819

58. [SJ-JOB] Security Consultant, Atlanta
http://www.securityfocus.com/archive/77/410791

59. [SJ-JOB] Security Consultant, Miami
http://www.securityfocus.com/archive/77/410821

60. [SJ-JOB] Security Product Manager, Herndon
http://www.securityfocus.com/archive/77/410762

61. [SJ-JOB] Quality Assurance, Waltham
http://www.securityfocus.com/archive/77/410753

62. [SJ-JOB] Quality Assurance, Princeton
http://www.securityfocus.com/archive/77/410767

63. [SJ-JOB] Security Product Marketing Manager, Islandia
http://www.securityfocus.com/archive/77/410769

64. [SJ-JOB] Security Product Manager, Any Location
http://www.securityfocus.com/archive/77/410754

65. [SJ-JOB] Security Engineer, Richmond
http://www.securityfocus.com/archive/77/410750

66. [SJ-JOB] Security Architect, Richmond
http://www.securityfocus.com/archive/77/410759

67. [SJ-JOB] Security Product Manager, Belmont (San Francisco Bay Area)
http://www.securityfocus.com/archive/77/410751

68. [SJ-JOB] Sales Representative, Vienna
http://www.securityfocus.com/archive/77/410752

69. [SJ-JOB] Security Engineer, Cupertino
http://www.securityfocus.com/archive/77/410755

70. [SJ-JOB] Security Architect, Lincroft
http://www.securityfocus.com/archive/77/410748

71. [SJ-JOB] Sales Engineer, Toronto
http://www.securityfocus.com/archive/77/410756

72. [SJ-JOB] Security Architect, Chelmsford
http://www.securityfocus.com/archive/77/410765

73. [SJ-JOB] Manager, Information Security, Hawthorne
http://www.securityfocus.com/archive/77/410749

74. [SJ-JOB] Security Engineer, Montvale
http://www.securityfocus.com/archive/77/410757

V.   INCIDENTS LIST SUMMARY
---------------------------
1. SF new mailing list announcement: BS 7799 Security
http://www.securityfocus.com/archive/75/410577

VI.  VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Whitepaper - Writing small shellcode
http://www.securityfocus.com/archive/82/411027

2. RUXCON 2005 Update
http://www.securityfocus.com/archive/82/411026

3. PocketPC exploitation
http://www.securityfocus.com/archive/82/403422

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. CC and Windows evaluation
http://www.securityfocus.com/archive/88/411183

2. SecurityFocus Microsoft Newsletter #256
http://www.securityfocus.com/archive/88/410591

VIII. SUN FOCUS LIST SUMMARY
----------------------------

IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. scanning for windows spywear with linux
http://www.securityfocus.com/archive/91/409832

X.  BOOK EXCERPTS
-----------------
1. Nessus, Snort, and Ethereal Power Tools: Customizing Open Source Security
Applications
By  Noam Rathaus
Published by Syngress, September 2005
http://securityfocus.com/excerpts/19

2. Network Security Evaluation Using the NSA IEM
By  Russ Rogers
Published by Syngress, July 2005
http://securityfocus.com/excerpts/18

3. Extreme Exploits: Advanced Defenses Against Hardcore Hacks
By  Victor Oppleman, Oliver Friedrichs and Brett Watso
Published by McGraw-Hill/Osborne, July 2005
http://securityfocus.com/excerpts/17
[ terug ]