Home
Systeembeheer
Consultancy
Connectivity
Training
Development

Klanten

Inloggen

Resources

Sans artikelen
Security artikelen

Software

Linux
Windows









[ terug ]
SecurityFocus Newsletter #443
----------------------------------------

This issue is Sponsored by: Black Hat Europe

Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical
event for ICT security experts. Featuring hands-on training courses and
Briefings presentations with lots of new content.  Network with 400+ delegates
from 30 nations and review products by leading vendors in a relaxed setting.
Black Hat Europe is supported by most leading European infosec associations.  
www.blackhat.com


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying
topics of interest for our community. We are proud to offer content from
Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I.    FRONT AND CENTER
       1.A Guide to Different Kinds of Honeypots
       2.The Laws of Full Disclosure
II.   BUGTRAQ SUMMARY
       1. OpenLDAP Multiple Remote Denial of Service Vulnerabilities
       2. OpenLDAP MODRDN Remote Denial of Service Vulnerability
       3. Bluemoon Inc. PopnupBlog XOOPS Module Index.PHP SQL Injection
Vulnerability
       4. pfSense Unspecified Cross-Site Scripting Vulnerabilities
       5. MediaWiki JSON Callback Information Disclosure Vulnerability
       6. PacketTrap pt360 Tool Suite TFTP Server Directory Traversal
Vulnerability
       7. Sun Solaris 8 Directory Functions Local Denial of Service
Vulnerability
       8. Crafty Syntax Live Help Multiple Cross-Site Scripting Vulnerabilities
       9. Crafty Syntax Live Help 'lostsheep.php' Cross-Site Scripting
Vulnerability
       10. Mozilla Thunderbird External-Body MIME Remote Heap Buffer Overflow
Vulnerability
       11. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.11 Multiple Remote
Vulnerabilities
       12. Mozilla Firefox chrome:// URI JavaScript File Request Information
Disclosure Vulnerability
       13. ViewVC Multiple Remote Information Disclosure Vulnerabilities
       14. Adobe Acrobat and Reader Multiple Arbitrary Code Execution and
Security Vulnerabilities
       15. Adobe Acrobat/Adobe Reader Information Disclosure Vulnerability
       16. D-Bus 'send_interface' Attribute Security Policy Bypass Vulnerability
       17. Firebird Username Remote Buffer Overflow Vulnerability
       18. Firebird Relational Database 'protocol.cpp' XDR Protocol Remote
Memory Corruption Vulnerability
       19. Audacity Insecure Temporary File Creation Vulnerability
       20. ADI Convergence Galaxy FTP Server Password Remote Denial of Service
Vulnerability
       21. phpComasy 'index.php' SQL Injection Vulnerability
       22. PHP-Nuke Johannes Hass 'gaestebuch' Module 'id' Parameter SQL
Injection Vulnerability
       23. Heathco Software h2desk Multiple Information Disclosure
Vulnerabilities
       24. phpArcadeScript 'userid' Parameter SQL Injection Vulnerability
       25. Joomla! and Mambo 'com_musica' Component 'id' Parameter SQL Injection
Vulnerability
       26. Koobi 'categ' Parameter SQL Injection Vulnerability
       27. Podcast Generator 'set_permissions.php' Cross-Site Scripting
Vulnerability
       28. Smarty Template Engine 'regex_replace' Template Security Bypass
Vulnerability
       29. Smart Publisher '/admin/op/disp.php' Remote Code Execution
Vulnerability
       30. Xen mov_to_rr RID Local Security Bypass Vulnerability
       31. Intel Wireless WiFi Link iwlwifi NULL Pointer Dereference
Vulnerability
       32. Joomla! and Mambo SOBI2 Component SQL Injection Vulnerability
       33. Linux Kernel PowerPC 'chrp/setup.c' NULL Pointer Dereference Denial
of Serviced Vulnerability
       34. Linux Kernel ISDN_Net.C Local Buffer Overflow Vulnerability
       35. Numara FootPrints HTML Injection and Remote Command Execution
Vulnerabilities
       36. SILC Toolkit 'silcutil.c' Function Buffer Overflow Vulnerability
       37. Gnome Evolution Encrypted Message Format String Vulnerability
       38. Lighttpd 'mod_cgi' Information Disclosure Vulnerability
       39. Sun Java SE Multiple Unspecified Vulnerabilities
       40. Sun Java RunTime Environment Read and Write Permission Multiple
Privilege Escalation Vulnerabilities
       41. Sun Java Runtime Environment Multiple Weaknesses
       42. Linux Kiss Server Multiple Format String Vulnerabilities
       43. WebCT Email and Discussion Board Messages HTML Injection
Vulnerability
       44. Apple QuickTime Movie Atom Remote Stack Buffer Overflow Vulnerability
       45. Apple QuickTime Multiple Overflow and Exception Vulnerabilities
       46. Apple QuickTime RTSP Response Header Content-Type Remote Stack Based
Buffer Overflow Vulnerability
       47. Opera Web Browser 9.25 Multiple Security Vulnerabilities
       48. MG2 'list' Parameter Cross-Site Scripting Vulnerability
       49. Mitra Informatika Solusindo Cart 'p' Parameter SQL Injection
Vulnerability
       50. Versant Object Database 'VERSANT_ROOT' Remote Arbitrary Command
Execution Vulnerability
       51. Libpng Library Multiple Remote Denial of Service Vulnerabilities
       52. The 'libpng' Graphics Library PNG_SET_SPLT Remote Denial of Service
Vulnerability
       53. Libpng Library ICC Profile Chunk Off-By-One Denial of Service
Vulnerability
       54. Libpng Library Remote Denial of Service Vulnerability
       55. Ariadne CMS Remote Arbitrary Shell Command Injection Vulnerability
       56. Android Web Browser BMP File Integer Overflow Vulnerability 
       57. Android Web Browser GIF File Heap-Based Buffer Overflow Vulnerability
       58. Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized
Access Vulnerability
       59. Rising Web Scan Object 'OL2005.dll' ActiveX Control Remote Code
Execution Vulnerability
       60. Adobe Acrobat Reader 'acroread' Insecure Temporary File Creation
Vulnerability
       61. BSD PPP 'pppx.conf' Local Denial of Service Vulnerability
       62. PHP-Nuke 'Seminars' Module 'fileName' Parameter Local File Include
Vulnerability
       63. PHP-Nuke eGallery Module 'pid' Parameter SQL Injection Vulnerability
       64. EDraw Office Viewer Component FtpDownloadFile ActiveX Buffer Overflow
Vulnerability
       65. XWine Printing Insecure Temporary File Creation Vulnerability
       66. Ghostscript zseticcspace() Function Buffer Overflow Vulnerability
       67. XRMS CRM 'msg' Parameter Cross Site Scripting Vulnerability
       68. ICQ Toolbar 'toolbaru.dll' ActiveX Control Remote Denial of Service
Vulnerability
       69. Crysis Username Format String Vulnerability
       70. Barryvan Compo Manager 'main.php' Remote File Include Vulnerability
       71. IBM WebSphere MQ Security Bypass Vulnerability
       72. phpMyTourney 'tourney/index.php' Remote File Include Vulnerability
       73. Podcast Generator Multiple Remote And Local File Include
Vulnerabilities
       74. SiteBuilder Elite 'CarpPath' Parameter Multiple Remote File Include
Vulnerabilities
       75. Centreon 'get_image.php' Local File Include Vulnerability
       76. eazyPortal 'upwd' and 'uname' Multiple SQL Injection Vulnerabilities
       77. Koobi Pro 'categ' Parameter SQL Injection Vulnerability
       78. Drupal Multiple HTML Injection Vulnerabilities
       79. Microsoft Jet Database Engine MDB File Parsing Unspecified Remote
Vulnerability
       80. phpMyAdmin '$_REQUEST' SQL Injection Vulnerability
       81. ICQ Message Processing Remote Format String Vulnerability
       82. Miniwebsvr Server Directory Traversal Vulnerability
       83. Eye-Fi Multiple Security Vulnerabilities
       84. Edimax 7205APL 802.11b Wireless Access Point Default Backdoor Account
Vulnerability
       85. Mantis 'view.php' HTML Injection Vulnerability
       86. Wireshark 0.99.7 Multiple Denial of Service Vulnerabilities
       87. paramiko Random Number Generator Weakness
       88. Borland VisiBroker Smart Agent Multiple Remote Vulnerabilities
       89. International Components for Unicode Library (libicu) Multiple Memory
Corruption Vulnerabilities
       90. Mambo/Joomla! RSGallery CATID Parameter SQL Injection Vulnerability
       91. The SWORD Project Diatheke Unspecified Remote Command Execution
Vulnerability
       92. SplitVT 'xprop' Local Privilege Escalation Vulnerability
       93. TorrentTrader 'msg' Parameter Cross Site Scripting Vulnerability
       94. Borland StarTeam Multiple Remote Vulnerabilities
       95. PacketTrap pt360 Tool Suite TFTP Server Remote Denial of Service
Vulnerability
       96. SARG User-Agent Processing HTML Injection and Stack Buffer Overflow
Vulnerabilities
       97. Flyspray Multiple Information Disclosure, HTML Injection, and
Cross-Site Scripting Vulnerabilities
       98. XP Book 'entry.php' Multiple Cross-Site Scripting Vulnerabilities
       99. KC Wiki 'wiki.php' Multiple Remote File Include Vulnerabilities
       100. PHP WEB SCRIPT Dynamic Photo Gallery 'album.php' SQL Injection
Vulnerability
III.  SECURITYFOCUS NEWS
       1. Law makers voice concerns over cybersecurity plan
       2. Worries over "good worms" rise again
       3. Federal agencies miss deadline on secure configs
       4. Universities fend off phishing attacks
IV.   SECURITY JOBS LIST SUMMARY
       1. [SJ-JOB] Auditor, Jersey City
       2. [SJ-JOB] Software Engineer, St. Paul
       3. [SJ-JOB] Security Architect, New York
       4. [SJ-JOB] Security Architect, San Francisco
       5. [SJ-JOB] Application Security Engineer, Pasadena
       6. [SJ-JOB] Security Architect, Los Angeles
       7. [SJ-JOB] Technical Support Engineer, Stoneham
       8. [SJ-JOB] Compliance Officer, Home based
       9. [SJ-JOB] Security Architect, Seattle
       10. [SJ-JOB] Manager, Information Security, London
       11. [SJ-JOB] Software Engineer, Alpharetta
       12. [SJ-JOB] Security Architect, Boston
       13. [SJ-JOB] Compliance Officer, Home based
       14. [SJ-JOB] Senior Software Engineer, Deerfield Beach
       15. [SJ-JOB] Security Architect, Chicago
       16. [SJ-JOB] Security Architect, Rockville
       17. [SJ-JOB] Penetration Engineer, Washington
       18. [SJ-JOB] Security Architect, Washington D.C.
       19. [SJ-JOB] Software Engineer, Rockville
       20. [SJ-JOB] Security Architect, Atlanta
       21. [SJ-JOB] VP / Dir / Mgr engineering, Alexandria
       22. [SJ-JOB] Sales Engineer, Reston
       23. [SJ-JOB] Security Architect, Philadelphia
       24. [SJ-JOB] Security Architect, Dallas
       25. [SJ-JOB] Penetration Engineer, NCR area
       26. [SJ-JOB] Security Engineer, Boca Raton
       27. [SJ-JOB] Software Engineer, St. Paul
       28. [SJ-JOB] Technical Writer, NCR
       29. [SJ-JOB] Developer, Moncton
       30. [SJ-JOB] Sales Engineer, Bloomington
       31. [SJ-JOB] Principal Software Engineer, Foxborough
       32. [SJ-JOB] Application Security Engineer, Chennai
       33. [SJ-JOB] Security System Administrator, Urbana
       34. [SJ-JOB] Security System Administrator, Foxborough
       35. [SJ-JOB] Incident Handler, New York
       36. [SJ-JOB] Information Assurance Engineer, Arlington
       37. [SJ-JOB] Quality Assurance, Foxborough
       38. [SJ-JOB] Security Engineer, San Antonio
       39. [SJ-JOB] Sr. Security Analyst, Stamford
       40. [SJ-JOB] Security Auditor, New York
       41. [SJ-JOB] Manager, Information Security, Foster City
       42. [SJ-JOB] Application Security Engineer, Washington
       43. [SJ-JOB] Application Security Architect, Baltimore
       44. [SJ-JOB] VP, Information Security, Morris Plains
       45. [SJ-JOB] Certification & Accreditation Engineer, NCR area
       46. [SJ-JOB] Sr. Security Engineer, Boston
       47. [SJ-JOB] Sr. Security Engineer, Ithaca
       48. [SJ-JOB] Sales Representative, Atlanta
       49. [SJ-JOB] Software Engineer, Washington
V.    INCIDENTS LIST SUMMARY
VI.   VULN-DEV RESEARCH LIST SUMMARY
       1. Recon 2008 - Call For Paper
       2. *BSD user-ppp local root (when conditions permit)
       3. OpenSSH 4.X DoS (maybe...)
VII.  MICROSOFT FOCUS LIST SUMMARY
VIII. SUN FOCUS LIST SUMMARY
IX.   LINUX FOCUS LIST SUMMARY
X.    UNSUBSCRIBE INSTRUCTIONS
XI.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1.A Guide to Different Kinds of Honeypots
Honeypots come in many shapes and sizes and are available to mimic lots of
different kinds of applications and protocols. We shall take the definition of a
honeypot as "a security resource whose value lies in being probed, attacked, or
compromised"[Spitzner02]. That is, a honeypot is a system we can monitor to
observe how attackers behave, a system which is designed to lure attackers away
from more valuable systems and/or a system which is designed to provide early
warning of an intrusion to the target network. A honeypot may be used for all
three applications at the same time.
http://www.securityfocus.com/infocus/1897

2.The Laws of Full Disclosure
By Federico Biancuzzi
Full disclosure has a long tradition in the security community worldwide, yet
different European countries have different views on the legality of
vulnerability research. SecurityFocus contributor Federico Biancuzzi
investigates the subject of full disclosure and the law by interviewing lawyers
from twelve EU countries: Belgium, Denmark, Finland, France, Germany,Greece,
Hungary, Ireland, Italy, Poland, Romania, and the UK.
http://www.securityfocus.com/columnists/466


II.  BUGTRAQ SUMMARY
--------------------
1. OpenLDAP Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 26245
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26245
Summary:
OpenLDAP is prone to multiple remote denial-of-service vulnerabilities because
of an incorrect NULL-termination issue and a double-free issue.

Attackers can exploit these issues to deny service to legitimate users.

Versions prior to OpenLDAP 2.3.39 are vulnerable.

2. OpenLDAP MODRDN Remote Denial of Service Vulnerability
BugTraq ID: 27778
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27778
Summary:
OpenLDAP is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to deny service to legitimate users.

OpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be
affected.

This issue is related to one described in BID 26245 (OpenLDAP Multiple Remote
Denial of Service Vulnerabilities), identified by CVE-2007-6698.

3. Bluemoon Inc. PopnupBlog XOOPS Module Index.PHP SQL Injection Vulnerability
BugTraq ID: 23286
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/23286
Summary:
Bluemoon Inc. PopnupBlog is prone to an SQL-injection vulnerability because it
fails to sufficiently sanitize user-supplied data before using it in an SQL
query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

This issue affects PopnupBlog 2.52; other versions may also be affected.

4. pfSense Unspecified Cross-Site Scripting Vulnerabilities
BugTraq ID: 28072
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28072
Summary:
pfSense is prone to multiple unspecified cross-site scripting vulnerabilities
because it fails to properly sanitize user-supplied input. 

An attacker may leverage these issues to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
allow the attacker to steal cookie-based authentication credentials and to
launch other attacks.

The vulnerabilities affect versions prior to pfSense 1.2.

5. MediaWiki JSON Callback Information Disclosure Vulnerability
BugTraq ID: 28070
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28070
Summary:
MediaWiki is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain potentially sensitive information
that may lead to further attacks.

This issue affects MediaWiki 1.11 to 1.11.2.

6. PacketTrap pt360 Tool Suite TFTP Server Directory Traversal Vulnerability
BugTraq ID: 28078
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28078
Summary:
PacketTrap pt360 Tool Suite TFTP server is prone to a directory-traversal
vulnerability because it fails to sufficiently sanitize user-supplied input
data.

Exploiting this issue allows attackers to access arbitrary files outside of the
TFTP server root directory. This can expose sensitive information that could
help the attacker launch further attacks, including overwriting system files,
which could lead to a complete compromise of the computer.

PacketTrap pt360 Tool Suite TFTP server 1.1.33.1 is vulnerable; other versions
may also be affected.

7. Sun Solaris 8 Directory Functions Local Denial of Service Vulnerability
BugTraq ID: 28069
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28069
Summary:
Sun Solaris is prone to a denial-of-service vulnerability.

A local unprivileged attacker can exploit this issue to cause a system crash on
an affected computer, resulting in denial-of-service conditions.

This issue affects Solaris 8 for SPARC and x86 architectures.

8. Crafty Syntax Live Help Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 28071
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28071
Summary:
Crafty Syntax Live Help is prone to multiple cross-site scripting
vulnerabilities because it fails to properly sanitize user-supplied input. 

An attacker may leverage these issues to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
allow the attacker to steal cookie-based authentication credentials and to
launch other attacks.

These issues affect versions prior to Crafty Syntax Live Help 2.14.6.

9. Crafty Syntax Live Help 'lostsheep.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27859
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27859
Summary:
Crafty Syntax Live Help is prone to a cross-site scripting vulnerability because
it fails to sufficiently sanitize user-supplied input data.

An attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
help the attacker steal cookie-based authentication credentials and launch other
attacks.

10. Mozilla Thunderbird External-Body MIME Remote Heap Buffer Overflow
Vulnerability
BugTraq ID: 28012
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28012
Summary:
Mozilla Thunderbird is prone to a remote heap-based buffer-overflow
vulnerability because it fails to properly bounds-check user-supplied data.

Successfully exploiting this issue may allow remote attackers to execute
arbitrary machine code in the context of the vulnerable application; failed
exploit attempts will likely crash the application. This may facilitate the
remote compromise of affected computers.

The issue affects versions prior to Mozilla Thunderbird 2.0.0.12.

11. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.11 Multiple Remote
Vulnerabilities
BugTraq ID: 27683
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27683
Summary:
The Mozilla Foundation has released multiple security advisories specifying
various vulnerabilities in Firefox 2.0.0.11 and prior versions.

Exploiting these issues can allow attackers to:

- remotely execute arbitrary code 
- cause denial-of-service conditions
- hide contents of security warnings
- access sensitive information 
- escape sandbox and execute scripts with chrome privileges
- inject script code into other sites and violate the same-origin policy

Other attacks are possible.

These issues are present in Firefox 2.0.0.11 and prior versions. Mozilla
Thunderbird 2.0.0.9 and prior versions as well as SeaMonkey 1.1.7 and prior
versions are also affected by many of these vulnerabilities.

12. Mozilla Firefox chrome:// URI JavaScript File Request Information Disclosure
Vulnerability
BugTraq ID: 27406
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27406
Summary:
Mozilla Firefox is prone to an information-disclosure vulnerability because it
fails to restrict access to local JavaScript, images and stylesheets files.

Attackers can exploit this issue to gain access to potentially sensitive
information that could aid in further attacks.

Firefox 2.0.0.11 is vulnerable; other versions may also be affected.

NOTE: For an exploit to succeed, a user must have an addon installed that does
not store its contents in a '.jar' file. The attacker would have to target a
specific addon that uses "flat" packaging.

13. ViewVC Multiple Remote Information Disclosure Vulnerabilities
BugTraq ID: 28055
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28055
Summary:
ViewVC is prone to multiple information-disclosure vulnerabilities because the
application fails to properly validate user privileges.

An unprivileged attacker may exploit these issues to bypass certain security
restrictions and gain access to perform certain actions that will disclose
sensitive information.

These issues affect versions prior to ViewVC 1.0.5.

14. Adobe Acrobat and Reader Multiple Arbitrary Code Execution and Security
Vulnerabilities
BugTraq ID: 27641
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27641
Summary:
Adobe Acrobat and Reader are prone to multiple arbitrary remote code-execution
and security vulnerabilities.

Attackers can exploit these issues to execute arbitrary code in the context of
the user running the affected application. Other attacks are also possible.

Versions  prior to Adobe Acrobat and Adobe Reader 8.1.2 are vulnerable to these
issues.

15. Adobe Acrobat/Adobe Reader Information Disclosure Vulnerability
BugTraq ID: 22753
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/22753
Summary:
Adobe Acrobat and Adobe Reader may allow remote attackers to retrieve the
contents of files on a vulnerable computer.  
 
Information gathered through a successful exploit of this vulnerability may aid
in other attacks.

16. D-Bus 'send_interface' Attribute Security Policy Bypass Vulnerability
BugTraq ID: 28023
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28023
Summary:
D-Bus is prone to a vulnerability that can allow attackers to bypass its
security policy.

Attackers can leverage this issue to access certain 'dbus-daemon' method calls
without proper permission.

This issue affects versions prior to D-Bus 1.0.3 and 1.2.20.

17. Firebird Username Remote Buffer Overflow Vulnerability
BugTraq ID: 27467
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27467
Summary:
Firebird is prone to a remote stack-based buffer-overflow vulnerability. 
 
An attacker can exploit this issue to execute arbitrary machine code in the
context of the affected database server. Failed exploit attempts will likely
cause denial-of-service conditions.  

The issue affects the following versions:

  Firebird 1.5.4
Firebird 2.0
Firebird 2.0.1
Firebird 2.0.2
Firebird 2.0.3
Firebird 2.1 Alpha 1
Firebird 2.1 Beta 1
Firebird 2.1 Beta 2

18. Firebird Relational Database 'protocol.cpp' XDR Protocol Remote Memory
Corruption Vulnerability
BugTraq ID: 27403
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27403
Summary:
Firebird is prone to an integer-overflow vulnerability because it fails to
ensure that integer values aren't overrun. Attackers may exploit this issue to
overflow a buffer and to corrupt process memory.

Attackers may be able to execute arbitrary machine code in the context of an
affected application. Failed exploit attempts will likely result in a
denial-of-service condition.

19. Audacity Insecure Temporary File Creation Vulnerability
BugTraq ID: 26608
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/26608
Summary:
Audacity is prone to a security vulnerability because it creates temporary files
in an insecure manner.

An attacker with local access could potentially exploit this issue to perform
symlink attacks, overwriting arbitrary files in the context of the affected
application. 

Successfully mounting a symlink attack may allow the attacker to delete or
corrupt sensitive files, which may result in a denial of service. Other attacks
may also be possible.

This issue affects Audacity 1.3.2; other versions may also be vulnerable.

20. ADI Convergence Galaxy FTP Server Password Remote Denial of Service
Vulnerability
BugTraq ID: 28066
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28066
Summary:
ADI Convergence Galaxy FTP Server is prone to a denial-of-service vulnerability
because the application fails to perform adequate boundary checks on
user-supplied data. 

An attacker can exploit this issue to crash the affected application, denying
service to legitimate users. Given the nature of this issue, remote code
execution may also be possible, but this has not been confirmed. 

ADI Convergence Galaxy FTP Server 0.1 is vulnerable; other versions may also be
affected.

21. phpComasy 'index.php' SQL Injection Vulnerability
BugTraq ID: 28064
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28064
Summary:
phpComasy is prone to an SQL-injection vulnerability because it fails to
sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

phpComasy 0.8 is vulnerable; other versions may also be affected.

22. PHP-Nuke Johannes Hass 'gaestebuch' Module 'id' Parameter SQL Injection
Vulnerability
BugTraq ID: 28063
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28063
Summary:
The 'gaestebuch' module for PHP-Nuke is prone to an SQL-injection vulnerability
because it fails to sufficiently sanitize user-supplied data before using it in
an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

This issue affects gaestebuch 2.2; other versions may also be affected.

23. Heathco Software h2desk Multiple Information Disclosure Vulnerabilities
BugTraq ID: 28062
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28062
Summary:
Heathco Software h2desk is prone to multiple information-disclosure
vulnerabilities.

Attackers can leverage these issues to obtain potentially sensitive information
that can aid in further attacks.

24. phpArcadeScript 'userid' Parameter SQL Injection Vulnerability
BugTraq ID: 28065
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28065
Summary:
phpArcadeScript is prone to an SQL-injection vulnerability because it fails to
sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

phpArcadeScript 1.0, 2.0, 3.0 RC1, and 3.0 RC2 are vulnerable; other versions
may also be affected.

25. Joomla! and Mambo 'com_musica' Component 'id' Parameter SQL Injection
Vulnerability
BugTraq ID: 28061
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28061
Summary:
The 'com_musica' component for Joomla! and Mambo is prone to an SQL-injection
vulnerability because it fails to sufficiently sanitize user-supplied data
before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

26. Koobi 'categ' Parameter SQL Injection Vulnerability
BugTraq ID: 28059
Remote: Yes
Last Updated: 2008-03-01
Relevant URL: http://www.securityfocus.com/bid/28059
Summary:
Koobi is prone to an SQL-injection vulnerability because it fails to
sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

This issue affects Koobi 4.2.3 to 4.3.0; other versions may also be vulnerable.

27. Podcast Generator 'set_permissions.php' Cross-Site Scripting Vulnerability
BugTraq ID: 28106
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28106
Summary:
Podcast Generator is prone to a cross-site scripting vulnerability because it
fails to adequately sanitize user-supplied input. 

An attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
help the attacker steal cookie-based authentication credentials and launch other
attacks.

Podcast Generator 0.96.2 is vulnerable; other versions may also be affected.

28. Smarty Template Engine 'regex_replace' Template Security Bypass
Vulnerability
BugTraq ID: 28105
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28105
Summary:
Smarty Template Engine is prone to a security-bypass vulnerability because it
fails to adequately sanitize user-supplied input. This issue occurs because of a
modifier error in the template security.

Attackers can exploit this issue to execute arbitrary script code in the context
of the application.

Versions prior to Smarty Template Engine 2.6.19 are vulnerable.

29. Smart Publisher '/admin/op/disp.php' Remote Code Execution Vulnerability
BugTraq ID: 27488
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27488
Summary:
Smart Publisher is prone to a vulnerability that lets remote attackers execute
arbitrary code because the application fails to sanitize user-supplied input.

An attacker can leverage this issue to execute arbitrary PHP code on an affected
computer with the privileges of the webserver process. This may facilitate
unauthorized access.

This issue affects Smart Publisher 1.0.1; prior versions may also be affected.

30. Xen mov_to_rr RID Local Security Bypass Vulnerability
BugTraq ID: 26716
Remote: No
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26716
Summary:
Xen is prone to a local security-bypass vulnerability because it fails to
validate user-supplied input.

Local attackers can leverage this issue to read memory from VT-i domains other
than the one they have access to. This could allow attackers to obtain
potentially sensitive information that could aid in further attacks.

Versions prior to Xen 3.1.2 on IA64 platforms are vulnerable.

31. Intel Wireless WiFi Link iwlwifi NULL Pointer Dereference Vulnerability
BugTraq ID: 26842
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26842
Summary:
The 'iwlwifi' drive is prone to a NULL-pointer dereference vulnerability because
of a flaw in the 'compatible/iwl3945-base.c' file.

Attackers can exploit this issue to trigger a kernel panic and cause
denial-of-service conditions.

Versions prior to iwlwifi 1.1.22 are vulnerable.

32. Joomla! and Mambo SOBI2 Component SQL Injection Vulnerability
BugTraq ID: 27617
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27617
Summary:
SOBI2 component for Joomla! and Mambo is prone to an SQL-injection vulnerability
because it fails to sufficiently sanitize user-supplied data before using it in
an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

This issue affects SOBI2 RC 2.5.3; other versions may also be vulnerable.

UPDATE (March 5, 2008): Reports indicate that this issue may not be exploitable
as described, because of the following line of code in the component:

$catid = intval(mosGetParam($_REQUEST, 'catid', 0));

33. Linux Kernel PowerPC 'chrp/setup.c' NULL Pointer Dereference Denial of
Serviced Vulnerability
BugTraq ID: 27555
Remote: No
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27555
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability. 

Attackers can exploit this issue to crash the affected kernel, denying service
to legitimate users.

This issue affects Linux kernel 2.4.21 through 2.6.18-53 running on the PowerPC
architecture.

34. Linux Kernel ISDN_Net.C Local Buffer Overflow Vulnerability
BugTraq ID: 26605
Remote: No
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26605
Summary:
The Linux kernel is prone to a local buffer-overflow vulnerability because it
fails to properly bounds-check user-supplied input before copying it into an
insufficiently sized buffer. 

An attacker can exploit this issue to cause denial-of-service conditions. Given
the nature of this issue, the attacker may also be able to execute arbitrary
code, but this has not been confirmed.

This issue affects the Linux kernel versions prior to 2.6.23.10.

35. Numara FootPrints HTML Injection and Remote Command Execution
Vulnerabilities
BugTraq ID: 28103
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28103
Summary:
Numara FootPrints is prone to an HTML-injection vulnerability and a remote
command-execution vulnerability because the application fails to sufficiently
sanitize user-supplied input. 

Attackers can exploit these issues to execute arbitrary commands within the
context of the webserver, execute arbitrary HTML or JavaScript code within the
context of the affected site, potentially allowing the attacker to steal
cookie-based authentication credentials and to control how the site is rendered
to the user. Other attacks are also possible.

Numara FootPrints 8.1 for Linux is vulnerable; other versions running on
different platforms may also be affected.

36. SILC Toolkit 'silcutil.c' Function Buffer Overflow Vulnerability
BugTraq ID: 28101
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28101
Summary:
SILC Toolkit is prone to a buffer-overflow vulnerability because it fails to
perform adequate boundary checks on user-supplied input.

Successfully exploiting this issue may allow remote attackers to execute
arbitrary code in the context of  the application. Failed exploit attempts will
cause denial-of-service conditions.

This issue affects versions prior to SILC Toolkit 1.1.6.

37. Gnome Evolution Encrypted Message Format String Vulnerability
BugTraq ID: 28102
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28102
Summary:
Gnome Evolution is prone to a format-string vulnerability. 

This issue presents itself because the application fails to properly sanitize
user-supplied input before passing it as the format-specifier argument of a
formatted-printing function when processing encrypted email massages.

Successfully exploiting this issue may allow remote attackers to execute
arbitrary machine code in the context of the application. Failed exploit
attempts will likely result in a denial of service.

Gnome Evolution 2.12.3 is vulnerable to this issue; other versions may also be
affected.

38. Lighttpd 'mod_cgi' Information Disclosure Vulnerability
BugTraq ID: 28100
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28100
Summary:
Lighttpd is prone to a vulnerability that in certain circumstances may allow
attackers to access source code because the application fails to properly handle
exceptional conditions.

Attackers can exploit this vulnerability to obtain potentially sensitive
information that may aid in further attacks.

This issue affects lighttpd 1.4.18; other versions may also be vulnerable.

39. Sun Java SE Multiple Unspecified Vulnerabilities
BugTraq ID: 28083
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28083
Summary:
Sun has released an advance notification for security updates for Java SE. The
notification indicates that seven advisories addressing multiple vulnerabilities
will be released on March 4, 2008.  The issues affect the following:

JDK and JRE 6 Update 5
JDK and JRE 5.0 Update 15
SDK and JRE 1.4.2_17
SDK and JRE 1.3.1_22
The following Sun Alerts corresponding to these updates will be released after
the updates are available:
 
 233321
 233322
 233323
 233324
 233325
 233326
 233327 

The impact and severity of these issues are currently unknown.  We will update
this BID as more information is disclosed. To better document the issues, each
issue may be assigned its own BID.

UPDATE: Sun has released the updates. Please see the references for more
information.

40. Sun Java RunTime Environment Read and Write Permission Multiple Privilege
Escalation Vulnerabilities
BugTraq ID: 27650
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27650
Summary:
Sun Java Runtime Environment is prone to multiple privilege-escalation
vulnerabilities when running untrusted applications or applets.

Successful exploits will compromise arbitrary data and possibly the underlying
computer.

These issues affect the following versions:

JDK and JRE 6 Update 1 and earlier
JDK and JRE 5.0 Update 13 and earlier.

41. Sun Java Runtime Environment Multiple Weaknesses
BugTraq ID: 25918
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/25918
Summary:
Sun Java Runtime Environment is prone to multiple weaknesses that may allow
JavaScript code or applets to connect to resources other than the one the
scripts or applets were downloaded from. One of the weaknesses may allow an
attacker to obscure a Java warning about an untrusted applet from the user.

These issues affect the following packages for Windows, Solaris, and Linux:

JDK and JRE 6 Update 2 and earlier
JDK and JRE 5.0 Update 12 and earlier
SDK and JRE 1.4.2_15 and earlier
SDK and JRE 1.3.1_20 and earlier

42. Linux Kiss Server Multiple Format String Vulnerabilities
BugTraq ID: 28099
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28099
Summary:
Linux Kiss Server is prone to multiple format-string vulnerabilities  because
the application fails to  adequately sanitize user-supplied input before passing
it as the format-specifier to a formatted-printing function.  

A remote attacker may execute arbitrary code in the context of the affected
application. Failed exploit attempts will likely result in a denial of service.

These issues affect Linux Kiss Server 1.2; other versions may also be
vulnerable.

43. WebCT Email and Discussion Board Messages HTML Injection Vulnerability
BugTraq ID: 28107
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28107
Summary:
WebCT is prone to an HTML-injection vulnerability because the application fails
to properly sanitize user-supplied input before using it in dynamically
generated content. 
 
Attacker-supplied HTML or JavaScript code could run in the context of the
affected site, potentially allowing an attacker to steal cookie-based
authentication credentials and to control how the site is rendered to the user;
other attacks are also possible.

This issue affects WebCT version 4.1.5.8; other versions may also be vulnerable.

44. Apple QuickTime Movie Atom Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 26443
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/26443
Summary:
Apple QuickTime is prone to a stack-based buffer-overflow issue because it fails
to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue by enticing an unsuspecting user to open a
specially crafted movie file.

Successfully exploiting this issue allows remote attackers to execute arbitrary
code in the context of the user running the application. Failed exploit attempts
likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Microsoft
Windows XP SP2, and Mac OS X.

45. Apple QuickTime Multiple Overflow and Exception Vulnerabilities
BugTraq ID: 19976
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/19976
Summary:
Apple QuickTime is prone to multiple vulnerabilities because it fails to
properly bounds-check and sanitize user-supplied data.

An attacker can exploit these issues to execute arbitrary code in the context of
the victim user running the vulnerable application. Successful exploits may
facilitate a remote compromise of affected computers.

46. Apple QuickTime RTSP Response Header Content-Type Remote Stack Based Buffer
Overflow Vulnerability
BugTraq ID: 26549
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/26549
Summary:
Apple QuickTime is prone to a remote buffer-overflow vulnerability because the
application fails to properly bounds-check user-supplied input before copying it
to an insufficiently sized stack-based memory buffer.

This issue occurs when handling specially crafted RTSP Response headers.

Attackers can leverage this issue to execute arbitrary machine code in the
context of the user running the affected application. Successful exploits will
compromise the application and possibly the underlying computer. Failed attacks
will likely cause denial-of-service conditions.

QuickTime 7.3 is vulnerable to this issue; other versions may also be affected.

UPDATE (December 4, 2007): Attackers are exploiting this issue through the
Second Life Viewer to steal Linden dollars from unsuspecting victims.

47. Opera Web Browser 9.25 Multiple Security Vulnerabilities
BugTraq ID: 27901
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/27901
Summary:
Opera Web Browser is prone to multiple security vulnerabilities, including
code-execution issues and a file-upload issue.

Attackers can exploit these issues to execute remote script code and obtain
sensitive data.

These issues affect versions prior to Opera 9.26.

48. MG2 'list' Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 28098
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28098
Summary:
MG2 is prone to a cross-site scripting vulnerability because it fails to
adequately sanitize user-supplied input. 

An attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
help the attacker steal cookie-based authentication credentials and launch other
attacks.

49. Mitra Informatika Solusindo Cart 'p' Parameter SQL Injection Vulnerability
BugTraq ID: 28096
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28096
Summary:
Mitra Informatika Solusindo Cart is prone to an SQL-injection vulnerability
because it fails to sufficiently sanitize user-supplied data before using it in
an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

50. Versant Object Database 'VERSANT_ROOT' Remote Arbitrary Command Execution
Vulnerability
BugTraq ID: 28097
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28097
Summary:
Versant Object Database is prone to a vulnerability that can be leveraged to
execute arbitrary commands. This issue occurs because the application fails to
adequately sanitize user-supplied input during the client-to-server connection
process.

Successful exploits will compromise the affected server and possibly the
underlying computer.

Versant Object Database 7.0.1.3  is vulnerable; other versions may also be
affected.

51. Libpng Library Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 25956
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/25956
Summary:
The 'libpng' library is prone to multiple remote denial-of-service
vulnerabilities because the library fails to handle malicious PNG files. 

Successful exploits may allow remote attackers to cause denial-of-service
conditions on computers running the affected library.

These issues affect 'libpng' 1.2.20 and prior versions.

52. The 'libpng' Graphics Library PNG_SET_SPLT Remote Denial of Service
Vulnerability
BugTraq ID: 21078
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/21078
Summary:
The 'libpng' graphics library is reported prone to a denial-of-service
vulnerability. The library fails to perform proper bounds-checking of
user-supplied input, which leads to an out-of-bounds read error.

Attackers may exploit this vulnerability to crash an application that relies on
the affected library.

53. Libpng Library ICC Profile Chunk Off-By-One Denial of Service Vulnerability
BugTraq ID: 25957
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/25957
Summary:
The 'libpng' library is prone to a remote denial-of-service vulnerability
because the library fails to handle malicious PNG files. 

Successful exploits may allow remote attackers to cause denial-of-service
conditions on computers running the affected library.

This issue affects 'libpng' 1.2.21 and prior versions.

54. Libpng Library Remote Denial of Service Vulnerability
BugTraq ID: 24000
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/24000
Summary:
The 'libpng' library is prone to a remote denial-of-service vulnerability
because the library fails to handle malicious PNG files. 

Successful exploits may allow remote attackers to cause denial-of-service
conditions on computers running the affected library.

This issue affects 'libpng' 1.2.16 and prior versions.

55. Ariadne CMS Remote Arbitrary Shell Command Injection Vulnerability
BugTraq ID: 28093
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28093
Summary:
Ariadne CMS is prone to a remote command-injection vulnerability because it
fails to adequately sanitize user-supplied input data.

Attackers can exploit this issue to execute arbitrary shell commands in the
context of the webserver hosting the vulnerable application. This may facilitate
the remote compromise of affected computers.

This issue affects  versions prior to Ariadne 2.6.

56. Android Web Browser BMP File Integer Overflow Vulnerability 
BugTraq ID: 28006
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28006
Summary:
Android Web Browser is prone to an integer-overflow vulnerability because it
fails to adequately handle user-supplied data.

Attackers can exploit this issue to execute arbitrary code in the context of the
application. Failed exploit attempts will likely cause denial-of-service
conditions.

This issue affects Android SDK m5-rc14 and earlier.

57. Android Web Browser GIF File Heap-Based Buffer Overflow Vulnerability
BugTraq ID: 28005
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28005
Summary:
Android Web Browser is prone to a heap-based buffer-overflow vulnerability
because it fails to adequately bounds-check user-supplied data before copying it
to an insufficiently sized memory buffer.

Successfully exploiting this vulnerability can allow remote attackers to execute
arbitrary machine code in the context of the application. Failed attempts will
likely result in denial-of-service conditions.
 
This issue affects Android SDK m3-rc37a and earlier.

58. Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access
Vulnerability
BugTraq ID: 28092
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28092
Summary:
Dovecot is prone to a vulnerability that can result in unauthorized access to
arbitrary data.

This occurs when the 'mail_extra_groups' setting is enabled.

Attackers can leverage this issue to write or delete certain files or to harvest
data that may aid in further attacks.

Dovecot 0.99.10.6 through 1.0.10 are vulnerable.

59. Rising Web Scan Object 'OL2005.dll' ActiveX Control Remote Code Execution
Vulnerability
BugTraq ID: 27997
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/27997
Summary:
Rising Web Scan Object 'OL2005.dll' ActiveX control is prone to a remote
code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code on a victim's
computer in the context of the vulnerable application using the ActiveX control
(typically Internet Explorer).

This issue affects Rising Web Scan Object 'OL2005.dll' 18.0.0.7; other versions
may also be affected.

60. Adobe Acrobat Reader 'acroread' Insecure Temporary File Creation
Vulnerability
BugTraq ID: 28091
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28091
Summary:
The 'acroread' script of the Adobe Acrobat Reader package creates temporary
files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform
symbolic-link attacks, overwriting arbitrary files in the context of the
affected application. 

Successfully mounting a symlink attack may allow the attacker to delete or
corrupt sensitive files, which may result in a denial of service. Other attacks
may also be possible.

This issue affects SUSE Linux Enterprise Desktop 10. It is currently unknown if
this issue is present in the upstream Adobe Acrobat Reader package or if it is
SUSE-specific. We will update this BID as more information emerges.

61. BSD PPP 'pppx.conf' Local Denial of Service Vulnerability
BugTraq ID: 28090
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28090
Summary:
BSD PPP is prone to a local denial-of-service vulnerability because it fails to
perform adequate boundary checks on user-supplied input.

Attackers can leverage this issue to crash the application and deny service to
legitimate users. Given the nature of the issue, arbitrary code execution may
also be possible, but this has not been confirmed.

This issue affects FreeBSD 6.3 and unspecified versions of NetBSD and OpenBSD;
other versions may also be affected.

62. PHP-Nuke 'Seminars' Module 'fileName' Parameter Local File Include
Vulnerability
BugTraq ID: 28089
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28089
Summary:
The PHP-Nuke 'Seminars' module is prone to a local file-include vulnerability
because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an unauthorized remote user to view files and
execute local scripts in the context of the webserver process.

63. PHP-Nuke eGallery Module 'pid' Parameter SQL Injection Vulnerability
BugTraq ID: 28088
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28088
Summary:
The eGallery module for PHP-Nuke is prone to an SQL-injection vulnerability
because it fails to sufficiently sanitize user-supplied data before using it in
an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

64. EDraw Office Viewer Component FtpDownloadFile ActiveX Buffer Overflow
Vulnerability
BugTraq ID: 25892
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/25892
Summary:
EDraw Office Viewer Component ActiveX control is prone to a buffer-overflow
vulnerability because it fails to bounds-check user-supplied data before copying
it into an insufficiently sized buffer.

An attacker can exploit this issue to cause a denial-of-service condition and
possibly to execute arbitrary code, but has not been confirmed. 

This issue affects EDraw Office Viewer Component 5.3; other versions may also be
affected.

65. XWine Printing Insecure Temporary File Creation Vulnerability
BugTraq ID: 28049
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28049
Summary:
XWine is prone to a security vulnerability because it creates temporary files in
an insecure manner.

An attacker with local access could potentially exploit this issue to perform
symlink attacks, overwriting arbitrary files in the context of the affected
application. 

Successfully mounting a symlink attack may allow the attacker to overwrite or
corrupt sensitive files, which may result in a denial of service. Other attacks
may also be possible.

This issue affects XWine 1.0.1; other versions may also be vulnerable.

66. Ghostscript zseticcspace() Function Buffer Overflow Vulnerability
BugTraq ID: 28017
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28017
Summary:
Ghostscript is prone to a buffer-overflow vulnerability because it fails to
perform adequate boundary checks on user-supplied input.

Successfully exploiting this issue may allow remote attackers to execute
arbitrary code in the context of  the application. Failed exploit attempts will
cause denial-of-service conditions.

67. XRMS CRM 'msg' Parameter Cross Site Scripting Vulnerability
BugTraq ID: 28041
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28041
Summary:
XRMS CRM is prone to a cross-site scripting vulnerability because it fails to
adequately sanitize user-supplied input. 

An attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
help the attacker steal cookie-based authentication credentials and launch other
attacks.

XRMS CRM 1.99.2 is affected; other versions may also be vulnerable.

68. ICQ Toolbar 'toolbaru.dll' ActiveX Control Remote Denial of Service
Vulnerability
BugTraq ID: 28086
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28086
Summary:
ICQ Toolbar 'toolbaru.dll' ActiveX control is prone to a denial-of-service
vulnerability.

An attacker can exploit this issue to trigger denial-of-service conditions in
Internet Explorer or other applications that use the vulnerable ActiveX control.

This issue affects ICQ Toolbar 2.3 Beta; other versions may also be affected.

69. Crysis Username Format String Vulnerability
BugTraq ID: 28039
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28039
Summary:
Crysis is prone to a format-string vulnerability.

Exploiting this issue will allow attackers to execute arbitrary code with the
permissions of a user running the application. Failed attacks will likely cause
denial-of-service conditions. 

Crysis 1.1.1.5879 is vulnerable to this issue; other versions may also be
affected.

70. Barryvan Compo Manager 'main.php' Remote File Include Vulnerability
BugTraq ID: 28035
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28035
Summary:
Barryvan Compo Manager is prone to a remote file-include vulnerability because
it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file
containing malicious PHP code and execute it in the context of the webserver
process. This may facilitate a compromise of the application and the underlying
system; other attacks are also possible.

This issue affects Barryvan Compo Manager 0.3; other versions may also be
vulnerable.

71. IBM WebSphere MQ Security Bypass Vulnerability
BugTraq ID: 28046
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28046
Summary:
IBM WebSphere MQ is prone to a security-bypass vulnerability because the
application fails to properly restrict access to certain functionality.

Attackers can exploit this issue to bypass certain security restrictions,
connect to a queue manager in an unauthorized manner, and obtain potentially
sensitive information; other attacks are also possible.

This issue affects versions prior to:

5.3 Fix Pack 14
6.0 Fix Pack 6.0.2.2

72. phpMyTourney 'tourney/index.php' Remote File Include Vulnerability
BugTraq ID: 28057
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28057
Summary:
phpMyTourney is prone to a remote file-include vulnerability because it fails to
properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file
containing malicious PHP code and execute it in the context of the webserver
process. This may facilitate a compromise of the application and the underlying
system; other attacks are also possible.

This issue affects phpMyTourney 2; other versions may also be vulnerable.

73. Podcast Generator Multiple Remote And Local File Include Vulnerabilities
BugTraq ID: 28038
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28038
Summary:
Podcast Generator is prone to multiple remote and local file-include
vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to execute arbitrary local and
remote scripts in the context of the webserver process or access potentially
sensitive information. This may result in a compromise of the application and
the underlying system; other attacks are also possible.

Podcast Generator 1.0 BETA 2 is vulnerable; other versions may also be affected.

74. SiteBuilder Elite 'CarpPath' Parameter Multiple Remote File Include
Vulnerabilities
BugTraq ID: 28036
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28036
Summary:
SiteBuilder Elite is prone to multiple remote file-include vulnerabilities
because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and
the underlying system; other attacks are also possible.

These issues affect SiteBuilder Elite 1.2; other versions may also be affected.

75. Centreon 'get_image.php' Local File Include Vulnerability
BugTraq ID: 28022
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28022
Summary:
Centreon is prone to a local file-include vulnerability because it fails to
properly sanitize user-supplied input.

Exploiting this issue may allow an attacker to obtain potentially sensitive
information that may lead to further attacks.

This issue affects Centreon 1.4.2.2 and 1.4.2.3; other versions may also be
vulnerable.

76. eazyPortal 'upwd' and 'uname' Multiple SQL Injection Vulnerabilities
BugTraq ID: 28019
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28019
Summary:
eazyPortal is prone to multiple SQL-injection vulnerabilities because it fails
to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

eazyPortal1.0 is vulnerable; other versions may also be affected.

77. Koobi Pro 'categ' Parameter SQL Injection Vulnerability
BugTraq ID: 28031
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28031
Summary:
Koobi Pro is prone to an SQL-injection vulnerability because it fails to
sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

This issue affects Koobi Pro 5.7; other versions may also be vulnerable.

78. Drupal Multiple HTML Injection Vulnerabilities
BugTraq ID: 28026
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28026
Summary:
Drupal is prone to multiple HTML-injection vulnerabilities because it fails to
sufficiently sanitize user-supplied input data.

Attacker-supplied HTML and script code would execute in the context of the
affected site, potentially allowing the attacker to steal cookie-based
authentication credentials or to control how the site is rendered to the user;
other attacks are also possible.
 
These issues affect Drupal 6.0; other versions may also be vulnerable.

79. Microsoft Jet Database Engine MDB File Parsing Unspecified Remote
Vulnerability
BugTraq ID: 28087
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28087
Summary:
Microsoft Jet Database Engine is prone to an unspecifed security vulnerability.

Remote attackers can exploit this issue to execute arbitrary machine code in the
context of a user running the application. Successful exploits will compromise
the affected application and possibly the underlying computer. Failed attacks
will likely cause denial-of-service conditions.

80. phpMyAdmin '$_REQUEST' SQL Injection Vulnerability
BugTraq ID: 28068
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28068
Summary:
phpMyAdmin is prone to an SQL-injection vulnerability because it fails to
sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

This issue affects versions prior to phpMyAdmin 2.11.5.

81. ICQ Message Processing Remote Format String Vulnerability
BugTraq ID: 28027
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28027
Summary:
ICQ is prone to a remote format-string vulnerability because the application
fails to properly sanitize user-supplied input before including it in the
format-specifier argument of a formatted-printing function.

A remote attacker may execute arbitrary code in the context of the affected
application. Failed exploit attempts will result in a denial of service. 
 
This issue affects ICQ 6 build 6043; other versions may also be vulnerable.

82. Miniwebsvr Server Directory Traversal Vulnerability
BugTraq ID: 23413
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/23413
Summary:
Miniwebsvr is prone to a directory-traversal vulnerability because it fails to
properly sanitize user-supplied input. 

An attacker can exploit this vulnerability to retrieve arbitrary files from the
vulnerable system in the context of the affected application. Information
obtained may aid in further attacks. 

Note that the attacker can traverse to only one directory above the current
working directory of the webserver application.
 
Miniwebsvr 0.0.7  is vulnerable to this issue; other versions may also be
affected.

UPDATE (March 4, 2008): Miniwebsvr 0.0.9a is also reported vulnerable.

83. Eye-Fi Multiple Security Vulnerabilities
BugTraq ID: 28085
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28085
Summary:
The Eye-Fi Manager and Card are prone to multiple security vulnerabilities,
including unauthorized image uploads to computers, remotely altering the
destination folder, cross-site request-forgery vulnerabilities, and a
denial-of-service vulnerability.

These issues affect Eye-Fi 1.1.2; other versions may also be affected.

84. Edimax 7205APL 802.11b Wireless Access Point Default Backdoor Account
Vulnerability
BugTraq ID: 10512
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/10512
Summary:
The Edimax 7205APL is reported to contain a default backdoor account. 
 
This account is hard-coded and cannot be removed. This account can be used to
log in to the device and to create a backup of the configuration. 
 
This configuration contains all users and their corresponding passwords,
allowing an attacker to then log in to the device as administrator. 
 
The reported vulnerable device had firmware revision 2.40a-00. Other revisions
may also contain similar backdoor accounts.

85. Mantis 'view.php' HTML Injection Vulnerability
BugTraq ID: 27045
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27045
Summary:
Mantis is prone to an HTML-injection vulnerability because the application fails
to properly sanitize user-supplied input before using it in dynamically
generated content. 
 
Attacker-supplied HTML or JavaScript code could run in the context of the
affected site, potentially allowing an attacker to steal cookie-based
authentication credentials and to control how the site is rendered to the user;
other attacks are also possible.

This issue affects versions prior to Mantis 1.1.0.

86. Wireshark 0.99.7 Multiple Denial of Service Vulnerabilities
BugTraq ID: 28025
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28025
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issues may allow attackers to cause crashes and deny service to
legitimate users of the application. Attackers may be able to leverage some of
these vulnerabilities to execute arbitrary code, but this has not been
confirmed.

Wireshark 0.6.0 to 0.99.7 are affected.

87. paramiko Random Number Generator Weakness
BugTraq ID: 27307
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27307
Summary:
The 'paramiko' module is prone to a random-number-generator weakness; fixes are
available.

Remote attackers can exploit this issue to predict random data generated by
certain applications that use paramiko for encryption purposes. 

Attackers may gain access to sensitive information that may aid in further
attacks.

88. Borland VisiBroker Smart Agent Multiple Remote Vulnerabilities
BugTraq ID: 28084
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28084
Summary:
Borland VisiBroker Smart Agent is prone to multiple remote vulnerabilities,
including a heap-based buffer-overflow issue and a denial-of-service issue.

A successful exploit will allow remote attackers to execute arbitrary code in
the context of the affected software or to crash the affected application,
denying service to legitimate users.

These issues affect Borland VisiBroker Smart Agent 08.00.00.C1.03; other
versions may also be affected.

89. International Components for Unicode Library (libicu) Multiple Memory
Corruption Vulnerabilities
BugTraq ID: 27455
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27455
Summary:
The International Components for Unicode library (libicu) is prone to multiple
memory-corruption vulnerabilities.

Successfully exploiting these issues allows remote attackers to corrupt and
overflow memory and possibly execute remote code. Failed exploit attempts will
likely crash applications.

These issues affect libicu 3.8.1 and prior versions.

90. Mambo/Joomla! RSGallery CATID Parameter SQL Injection Vulnerability
BugTraq ID: 26704
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/26704
Summary:
Mambo/Joomla! RSGallery is prone to an SQL-injection vulnerability because it
fails to sufficiently sanitize user-supplied data before using it in an SQL
query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

RSGallery 2.0 beta 5 is vulnerable; other versions may also be affected.

91. The SWORD Project Diatheke Unspecified Remote Command Execution
Vulnerability
BugTraq ID: 27987
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27987
Summary:
The SWORD Project's Diatheke front-end is prone to a vulnerability that can
allow arbitrary shell commands to run.

Successful exploits will compromise the application and possibly the underlying
webserver.

SWORD 1.5.9 is vulnerable; other versions may also be affected.

92. SplitVT 'xprop' Local Privilege Escalation Vulnerability
BugTraq ID: 27936
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27936
Summary:
SplitVT is prone to a local privilege-escalation vulnerability. 

Attackers can exploit this issue to gain group 'utmp' privileges on affected
computers.

93. TorrentTrader 'msg' Parameter Cross Site Scripting Vulnerability
BugTraq ID: 28082
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28082
Summary:
TorrentTrader is prone to a cross-site scripting vulnerability because it fails
to adequately sanitize user-supplied input. 

An attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
help the attacker steal cookie-based authentication credentials and launch other
attacks.

TorrentTrader Classic 1.08 is affected; other versions may also be vulnerable.

94. Borland StarTeam Multiple Remote Vulnerabilities
BugTraq ID: 28080
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28080
Summary:
Borland StarTeam is prone to multiple issues, including multiple
integer-overflow vulnerabilities, a heap-overflow vulnerability, and a
denial-of-service vulnerability.

Successfully exploiting these issues allows remote attackers to execute
arbitrary machine code in the context of vulnerable server processes. These
issues may facilitate the remote compromise of affected computers. Attackers may
also trigger denial-of-service conditions.

NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO
SmartSocket DLL, but this has not been confirmed. We may update this BID as more
information emerges.

Borland StarTeam Server 2008 and MPX products are vulnerable to these issues;
other versions may also be affected.

95. PacketTrap pt360 Tool Suite TFTP Server Remote Denial of Service
Vulnerability
BugTraq ID: 28079
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28079
Summary:
PacketTrap pt360 Tool Suite TFTP server is prone to a remote denial-of-service
vulnerability because it fails to handle user-supplied input.
 
Successfully exploiting this issue allows remote attackers to crash the affected
application, denying service to legitimate users.

PacketTrap pt360 Tool Suite TFTP server 1.1.33.1 is affected; other versions may
also be vulnerable.

96. SARG User-Agent Processing HTML Injection and Stack Buffer Overflow
Vulnerabilities
BugTraq ID: 28077
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28077
Summary:
SARG is prone to an HTML-injection vulnerability and a stack-based
buffer-overflow vulnerability. 

An attacker can exploit these issues to execute arbitrary HTML and
attacker-supplied code in the context of the affected webserver, steal
cookie-based authentication credentials, and cause a denial-of-service
condition.

This issue affects SARG 2.2.3.1; prior versions may also be affected.

97. Flyspray Multiple Information Disclosure, HTML Injection, and Cross-Site
Scripting Vulnerabilities
BugTraq ID: 28076
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28076
Summary:
Flyspray is prone to an information-disclosure issue, an HTML-injection issue,
and multiple cross-site scripting vulnerabilities because it fails to properly
sanitize user-supplied input. 

An attacker may leverage these issues determine valid usernames and passwords
via brute-force attacks or to execute arbitrary script code in the browser of an
unsuspecting user in the context of the affected site. This may allow the
attacker to steal cookie-based authentication credentials, control how the site
is rendered to the user, and launch other attacks.

These issues affect Flyspray 0.9.9 to 0.9.9.4.

98. XP Book 'entry.php' Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 28075
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28075
Summary:
XP Book is prone to multiple cross-site scripting vulnerabilities because it
fails to properly sanitize user-supplied input. 

An attacker may leverage these issues to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This may
allow the attacker to steal cookie-based authentication credentials and to
launch other attacks.

XP Book 3.0 is vulnerable; other versions may also be affected.

99. KC Wiki 'wiki.php' Multiple Remote File Include Vulnerabilities
BugTraq ID: 28074
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28074
Summary:
KC Wiki is prone to multiple remote file-include vulnerabilities because it
fails to properly sanitize user-supplied input.

An attacker can exploit these issues to include arbitrary remote files
containing malicious PHP code and execute it in the context of the webserver
process. This may allow the attacker to compromise the application and to gain
access to the underlying system.

KC Wiki 1.0 is vulnerable; other versions may also be affected.

100. PHP WEB SCRIPT Dynamic Photo Gallery 'album.php' SQL Injection
Vulnerability
BugTraq ID: 28067
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28067
Summary:
Dynamic Photo Gallery is prone to an SQL-injection vulnerability because it
fails to sufficiently sanitize user-supplied data before using it in an SQL
query.

Exploiting this issue could allow an attacker to compromise the application,
access or modify data, or exploit latent vulnerabilities in the underlying
database.

This issue affects Dynamic Photo Gallery 1.02; other versions may also be
vulnerable.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Law makers voice concerns over cybersecurity plan
By: Robert Lemos
Members of Congress seek more details of cyber attacks targeting the federal
government and worry that the recently announced Cyber Initiative will undermine
privacy.
http://www.securityfocus.com/news/11507

2. Worries over "good worms" rise again
By: Robert Lemos
A Microsoft researcher studies the use of self-propagation for patching, but for
most of the security industry, any worm is a bad worm.
http://www.securityfocus.com/news/11506

3. Federal agencies miss deadline on secure configs
By: Robert Lemos
The U.S. government has made progress on moving to a standard configuration for
Windows XP and Windows Vista systems, but work remains.
http://www.securityfocus.com/news/11505

4. Universities fend off phishing attacks
By: Robert Lemos
Online fraudsters send e-mail messages that masquerade as help-desk requests for
usernames and passwords.
http://www.securityfocus.com/news/11504

IV.  SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Auditor, Jersey City
http://www.securityfocus.com/archive/77/489141

2. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/489142

3. [SJ-JOB] Security Architect, New York
http://www.securityfocus.com/archive/77/489144

4. [SJ-JOB] Security Architect, San Francisco
http://www.securityfocus.com/archive/77/489120

5. [SJ-JOB] Application Security Engineer, Pasadena
http://www.securityfocus.com/archive/77/489122

6. [SJ-JOB] Security Architect, Los Angeles
http://www.securityfocus.com/archive/77/489123

7. [SJ-JOB] Technical Support Engineer, Stoneham
http://www.securityfocus.com/archive/77/489140

8. [SJ-JOB] Compliance Officer, Home based
http://www.securityfocus.com/archive/77/489111

9. [SJ-JOB] Security Architect, Seattle
http://www.securityfocus.com/archive/77/489112

10. [SJ-JOB] Manager, Information Security, London
http://www.securityfocus.com/archive/77/489113

11. [SJ-JOB] Software Engineer, Alpharetta
http://www.securityfocus.com/archive/77/489121

12. [SJ-JOB] Security Architect, Boston
http://www.securityfocus.com/archive/77/489106

13. [SJ-JOB] Compliance Officer, Home based
http://www.securityfocus.com/archive/77/489108

14. [SJ-JOB] Senior Software Engineer, Deerfield Beach
http://www.securityfocus.com/archive/77/489110

15. [SJ-JOB] Security Architect, Chicago
http://www.securityfocus.com/archive/77/489114

16. [SJ-JOB] Security Architect, Rockville
http://www.securityfocus.com/archive/77/489097

17. [SJ-JOB] Penetration Engineer, Washington
http://www.securityfocus.com/archive/77/489104

18. [SJ-JOB] Security Architect, Washington D.C.
http://www.securityfocus.com/archive/77/489105

19. [SJ-JOB] Software Engineer, Rockville
http://www.securityfocus.com/archive/77/489107

20. [SJ-JOB] Security Architect, Atlanta
http://www.securityfocus.com/archive/77/489143

21. [SJ-JOB] VP / Dir / Mgr engineering, Alexandria
http://www.securityfocus.com/archive/77/489094

22. [SJ-JOB] Sales Engineer, Reston
http://www.securityfocus.com/archive/77/489095

23. [SJ-JOB] Security Architect, Philadelphia
http://www.securityfocus.com/archive/77/489096

24. [SJ-JOB] Security Architect, Dallas
http://www.securityfocus.com/archive/77/489100

25. [SJ-JOB] Penetration Engineer, NCR area
http://www.securityfocus.com/archive/77/488876

26. [SJ-JOB] Security Engineer, Boca Raton
http://www.securityfocus.com/archive/77/488878

27. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/488881

28. [SJ-JOB] Technical Writer, NCR
http://www.securityfocus.com/archive/77/488882

29. [SJ-JOB] Developer, Moncton
http://www.securityfocus.com/archive/77/488883

30. [SJ-JOB] Sales Engineer, Bloomington
http://www.securityfocus.com/archive/77/488875

31. [SJ-JOB] Principal Software Engineer, Foxborough
http://www.securityfocus.com/archive/77/488879

32. [SJ-JOB] Application Security Engineer, Chennai
http://www.securityfocus.com/archive/77/488880

33. [SJ-JOB] Security System Administrator, Urbana
http://www.securityfocus.com/archive/77/488884

34. [SJ-JOB] Security System Administrator, Foxborough
http://www.securityfocus.com/archive/77/488869

35. [SJ-JOB] Incident Handler, New York
http://www.securityfocus.com/archive/77/488873

36. [SJ-JOB] Information Assurance Engineer, Arlington
http://www.securityfocus.com/archive/77/488877

37. [SJ-JOB] Quality Assurance, Foxborough
http://www.securityfocus.com/archive/77/488868

38. [SJ-JOB] Security Engineer, San Antonio
http://www.securityfocus.com/archive/77/488870

39. [SJ-JOB] Sr. Security Analyst, Stamford
http://www.securityfocus.com/archive/77/488871

40. [SJ-JOB] Security Auditor, New York
http://www.securityfocus.com/archive/77/488872

41. [SJ-JOB] Manager, Information Security, Foster City
http://www.securityfocus.com/archive/77/488863

42. [SJ-JOB] Application Security Engineer, Washington
http://www.securityfocus.com/archive/77/488864

43. [SJ-JOB] Application Security Architect, Baltimore
http://www.securityfocus.com/archive/77/488865

44. [SJ-JOB] VP, Information Security, Morris Plains
http://www.securityfocus.com/archive/77/488866

45. [SJ-JOB] Certification & Accreditation Engineer, NCR area
http://www.securityfocus.com/archive/77/488874

46. [SJ-JOB] Sr. Security Engineer, Boston
http://www.securityfocus.com/archive/77/488861

47. [SJ-JOB] Sr. Security Engineer, Ithaca
http://www.securityfocus.com/archive/77/488862

48. [SJ-JOB] Sales Representative, Atlanta
http://www.securityfocus.com/archive/77/488867

49. [SJ-JOB] Software Engineer, Washington
http://www.securityfocus.com/archive/77/488860

V.   INCIDENTS LIST SUMMARY
---------------------------
VI.  VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Recon 2008 - Call For Paper
http://www.securityfocus.com/archive/82/489030

2. *BSD user-ppp local root (when conditions permit)
http://www.securityfocus.com/archive/82/488980

3. OpenSSH 4.X DoS (maybe...)
http://www.securityfocus.com/archive/82/488955

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X.  UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com
from the subscribed address. The contents of the subject or message body do not
matter. You will receive a confirmation request message to which you will have
to answer. Alternatively you can also visit
http://www.securityfocus.com/newslettersand unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to
be manually removed.

XI.   SPONSOR INFORMATION
------------------------
This issue is Sponsored by: Black Hat Europe

Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical
event for ICT security experts. Featuring hands-on training courses and
Briefings presentations with lots of new content.  Network with 400+ delegates
from 30 nations and review products by leading vendors in a relaxed setting.
Black Hat Europe is supported by most leading European infosec associations.  
http://www.blackhat.com
[ terug ]