News

Tuesday, November 28, 2006

SecurityFocus Newsletter #378

SecurityFocus Newsletter #378
----------------------------------------

This Issue is Sponsored by: SPI Dynamics

ALERT: Learn to Think Like a Hacker- Simulate a Hacker Breaking into Your Web Apps
The speed with which Web Applications are developed make them prime targets for attackers, often these applications were developed so quickly that they are not coded properly or subjected to any security testing. Hackers know this and use it as their weapon. Download this *FREE* test guide from SPI Dynamics to check for Web application vulnerabilities.

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000Ce5v

------------------------------------------------------------------
I. FRONT AND CENTER
1. A Hard Lesson in Privacy
2. Vulnerability Scanning Web 2.0 Client-Side Components
II. BUGTRAQ SUMMARY
1. Microsoft Agent ActiveX Control Remote Code Execution Vulnerability
2. Microsoft Internet Explorer Daxctle.OCX Spline Method Heap Buffer Overflow Vulnerability
3. Mozilla Firefox Range Script Object Denial of Service Vulnerability
4. Retired: CubeCart DB.Inc.PHP SQL Injection Vulnerability
5. Lynx NNTP Article Header Buffer Overflow Vulnerability
6. HIOXS Star Rating System Addcode.PHP Remote File Include Vulnerability
7. Texinfo File Handling Buffer Overflow Vulnerability
8. Simple PHP Gallery System SP_Index.PHP Cross-Site Scripting Vulnerability
9. PHP-Nuke News Module Index.PHP SQL Injection Vulnerability
10. GNU Texinfo Insecure Temporary File Creation Vulnerability
11. Wallpaper Complete Website Wallpaper.PHP SQL Injection Vulnerability
12. TFTPD32 Filename Remote Buffer Overflow Vulnerability
13. Apple Mac OS X Mach-O Binary Loading Privilege Escalation Vulnerability
14. GraphicsMagick PALM DCM Buffer Overflow Vulnerabilities
15. ImageMagick Image Filename Remote Command Execution Vulnerability
16. ImageMagick File Name Handling Remote Format String Vulnerability
17. Woltlab Burning Board WBB_UserID SQL Injection Vulnerability
18. MidiCart ASP Item_Show.ASP ID2006quant Parameter SQL Injection Vulnerability
19. MidiCart PHP Item_List.PHP SecondGroup Parameter SQL Injection Vulnerability
20. MidiCart PHP Item_List.PHP MainGroup Parameter SQL Injection Vulnerability
21. MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability
22. JiRo's FAQ Manager Login.ASP SQL Injection Vulnerability
23. Linux Kernel SNMP NAT Helper Remote Denial of Service Vulnerability
24. Quinnware Quintessential Player Playlist Files Remote Memory Corruption Vulnerability
25. Apple Safari Password Manager Cross-Site Information Disclosure Weakness
26. NetBSD Kernel Multiple Local Information Disclosure Vulnerabilities
27. Microsoft Windows Workstation Service NetpManageIPCConnect Remote Code Execution Vulnerability
28. OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability
29. PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
30. Samba Internal Data Structures Denial of Service Vulnerability
31. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
32. OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability
33. GNU GZip Archive Handling Multiple Remote Vulnerabilities
34. Microsoft Client Service for Netware Denial of Service Vulnerability
35. MPG123 Malformed MP3 File Memory Corruption Vulnerability
36. Perl Perl_sv_vcatpvfn Format String Integer Wrap Vulnerability
37. PHP Html_Entity_Decode() Information Disclosure Vulnerability
38. TDiary Conf Parameter Cross-Site Scripting Vulnerabilities
39. Clam Anti-Virus PE Rebuilding Heap Buffer Overflow Vulnerability
40. Linux Kernel SG Driver Direct IO Local Denial of Service Vulnerability
41. Apple Airport Driver Remote Code Execution Vulnerability
42. Symantec Antivirus Remote Stack Buffer Overflow Vulnerability
43. Lynx Malformed HTML Infinite Loop Denial Of Service Vulnerability
44. Mambo Jambook Entry Field HTML Injection Vulnerability
45. GNU Tar GNUTYPE_NAMES Remote Directory Traversal Vulnerability
46. Qbik WinGate Remote Denial Of Service Vulnerability
47. XMPlay Playlist Files Remote Buffer Overflow Vulnerability
48. Microsoft Windows Client Service For Netware Remote Code Execution Vulnerability
49. Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability
50. ProFTPD SReplace Remote Buffer Overflow Vulnerability
51. PHP Event Calendar Calendar.PHP Remote File Include Vulnerability
52. Expinion.net iNews Publisher Articles.ASP Multiple Cross Site Scripting Vulnerabilities
53. OpenBSD Systrace STRIOCREPLACE Local Integer Overflow Vulnerability
54. PHPMyAdmin Multiple Input Validation Vulnerabilities
55. Apple Mac OS X Mach-O Binary Loading Integer Overflow Vulnerability
56. Sendmail Long Header Denial Of Service Vulnerability
57. TikiWiki PageAlias HTML Injection Vulnerability
58. Sysinfo Kampus Multiple Remote File Include Vulnerabilities
59. LibTiff TIFFToRGB Denial of Service Vulnerability
60. Wireshark Multiple Protocol Dissectors Denial of Service Vulnerabilities
61. Nivisec Hacks List HACK_ID SQL Injection Vulnerability
62. Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
63. ImageMagick SGI Image File Unspecified Remote Heap Buffer Overflow Vulnerability
64. MailEnable IMAP Service Unspecified Buffer Overflow Vulnerability
65. Nagios Remote Content-Length Integer Overflow Vulnerability
66. BasicForum EDIT.ASP SQL Injection Vulnerability
67. PostgreSQL Multibyte Character Encoding SQL Injection Vulnerabilities
68. MySQL Query Logging Bypass Vulnerability
69. OpenLDAP Server Bind Request Denial Of Service Vulnerability
70. Liberum Help Desk DETAILS.ASP SQL Injection Vulnerability
71. MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
72. Mono System.CodeDom.Compiler Class Insecure Temporary File Creation Vulnerability
73. Libextractor Multiple Heap Buffer Overflow Vulnerabilities
74. Owllib OWLLIB_ROOT Remote File Include Vulnerability
75. Vixie Cron PAM_Limits Local Privilege Escalation Vulnerability
76. Dovecot Remote Information Disclosure Vulnerability
77. LinuxPrinting.org Foomatic-Filter Command Execution Vulnerability
78. fipsShop Multiple SQL Injection Vulnerabilities
79. WebHost Manager Multiple Cross-Site Scripting Vulnerabilities
80. MAlbum Index.PHP Directory Traversal Vulnerability
81. PEGames Remote File Include Vulnerability
82. CPanel 11 Beta Multiple Cross-Site Scripting Vulnerabilities
83. Link Exchange Lite Multiple SQL Injection Vulnerabilities
84. SIAP CMS Login.ASP SQL Injection Vulnerability
85. Seditio Users.Profile.Inc.PHP SQL Injection Vulnerability
86. SoftAcid Reciprocal Link Exchange Lite SQL Injection Vulnerability
87. KTools Remote Buffer Overflow Vulnerability
88. Apple Mac OS X KQueue Local Denial of Service Vulnerability
89. NukeAI Util.PHP Remote Code Execution Vulnerability
90. Linux Kernel SCTP_Make_Abort_User Function Buffer Overflow Vulnerability
91. Linux Kernel CD-ROM Driver Local Buffer Overflow Vulnerability
92. Fixit IDMS Pro Multiple Input Validation Vulnerability
93. DB-Central CMS Search Cross-Site Scripting Vulnerability
94. Cahier De Texte Telecharger.PHP Directory Traversal Vulnerability
95. Ingo Procmail Driver Shell Command Execution Vulnerability
96. GNU GV Stack Buffer Overflow Vulnerability
97. ACLogic CesarFTP Multiple Commands Remote Buffer Overflow Vulnerability
98. Typespeed Remote Buffer Overflow Vulnerability
99. MMGallery Thumbs.PHP Cross-Site Scripting Vulnerability
100. ASP ListPics Listpics.ASP SQL Injection Vulnerability
III. SECURITYFOCUS NEWS
1. Bot spreads through antivirus, Windows flaws
2. Viruses go virtual
3. Malware goes to the movies
4. E-voting worries focus on failures, not fraud
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Application Security Engineer, Washington D.C.
2. [SJ-JOB] Application Security Engineer, Dallas
3. [SJ-JOB] Application Security Engineer, Atlanta
4. [SJ-JOB] Training / Awareness Specialist, Cupertino
5. [SJ-JOB] Incident Handler, Raleigh
6. [SJ-JOB] Associate Software Engineer, Alexandria
7. [SJ-JOB] Security Consultant, Atlanta
8. [SJ-JOB] Database Security Architect, Riyadh
9. [SJ-JOB] Channel / Business Development, Hampshire
10. [SJ-JOB] Sr. Security Analyst, DC
11. [SJ-JOB] Forensics Engineer, London
12. [SJ-JOB] Sr. Security Analyst, Las Vegas
13. [SJ-JOB] Software Engineer, San Diego
14. [SJ-JOB] Security Consultant, dubai
15. [SJ-JOB] Application Security Engineer, Dubai
16. [SJ-JOB] Security Engineer, Dubai
17. [SJ-JOB] Auditor, Montreal
18. [SJ-JOB] Evangelist, Minneapolis
19. [SJ-JOB] Channel / Business Development, Cincinnati
20. [SJ-JOB] Sales Representative, Pompano Beach
21. [SJ-JOB] Security Engineer, Dubai
22. [SJ-JOB] Auditor, Dubai
23. [SJ-JOB] MOD CLAS Consultant, Berkshire
24. [SJ-JOB] Application Security Architect, Various
25. [SJ-JOB] MOD CLAS Consultant, London
26. [SJ-JOB] Security Consultant, West England
27. [SJ-JOB] MOD CLAS Consultant, Multiple
28. [SJ-JOB] Application Security Architect, Baltimore
29. [SJ-JOB] Software Engineer, Boston
30. [SJ-JOB] Security Engineer, London + Hants (Hook)
31. [SJ-JOB] Application Security Architect, Columbia
32. [SJ-JOB] Application Security Engineer, Redmond
33. [SJ-JOB] Penetration Engineer, London/South/UK Wide
34. [SJ-JOB] Security Consultant, Manchester - UK
35. [SJ-JOB] Security Consultant, New York
36. [SJ-JOB] Security Architect, Telford, Shropshire
37. [SJ-JOB] Security Consultant, Any Major U.S. City
38. [SJ-JOB] Channel / Business Development, New York
39. [SJ-JOB] Security Architect, Portsmouth
40. [SJ-JOB] Security Engineer, Pompano Beach
41. [SJ-JOB] Security Engineer, Hackensack
42. [SJ-JOB] Security Consultant, New York
43. [SJ-JOB] Sales Engineer, New York
44. [SJ-JOB] Security Consultant, Telford, Shropshire
45. [SJ-JOB] Sr. Product Manager, Sunnyvale
46. [SJ-JOB] VP of Regional Sales, New York
47. [SJ-JOB] Security Engineer, Palo Alto
48. [SJ-JOB] Security Researcher, Palo Alto
49. [SJ-JOB] Information Assurance Engineer, VARIOUS
50. [SJ-JOB] Security Engineer, Chicago
51. [SJ-JOB] Sales Representative, New York
V. INCIDENTS LIST SUMMARY
1. "Ticken" web attacks?
VI. VULN-DEV RESEARCH LIST SUMMARY
1. kernel bug in 2.1.1.1
VII. MICROSOFT FOCUS LIST SUMMARY
1. 'conflict' between offline files and SMB signing?
2. SecurityFocus Microsoft Newsletter #318
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. Portsentry and Snort Question
2. Red Hat vs Debian Linux: overall security
3. How to check UID of process on the other side of local TCP/UDP connection
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. A Hard Lesson in Privacy
By Scott Granneman
Scott Granneman looks at a hard lesson in personal privacy and security through the lens of a very public and well-known female television show host in Europe.
http://www.securityfocus.com/columnists/424

2. Vulnerability Scanning Web 2.0 Client-Side Components
By Shreeraj Shah
This article discusses the challenges faced when vulnerability scanning Web 2.0 applications, and then provides a methodology to detect vulnerabilities in Web 2.0 client-side application components.
http://www.securityfocus.com/infocus/1881


II. BUGTRAQ SUMMARY
--------------------
1. Microsoft Agent ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 21034
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21034
Summary:
The Microsoft Agent ActiveX control is prone to remote code execution.

An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page.

2. Microsoft Internet Explorer Daxctle.OCX Spline Method Heap Buffer Overflow Vulnerability
BugTraq ID: 19738
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/19738
Summary:
Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability..

The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls.

An attacker can exploit this issue to execute arbitrary code within context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

3. Mozilla Firefox Range Script Object Denial of Service Vulnerability
BugTraq ID: 20799
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20799
Summary:
Mozilla Firefox is prone to a remote denial-of-service vulnerability.

An attacker may exploit this vulnerability to cause Mozilla Firefox to crash, resulting in denial-of-service conditions.

Mozilla Firefox 1.5.0.7 (and earlier) as well as version 2.0 are prone to this issue.

4. Retired: CubeCart DB.Inc.PHP SQL Injection Vulnerability
BugTraq ID: 21308
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21308
Summary:
CubeCart is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

This issue affects version 3.0.14; earlier versions may also be vulnerable.

Further analysis of this issue reports the application is not vulnerable as suggested. Therefore this BID is being retired.

5. Lynx NNTP Article Header Buffer Overflow Vulnerability
BugTraq ID: 15117
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/15117
Summary:
Lynx is prone to a buffer overflow when handling NNTP article headers.

This issue may be exploited when the browser handles NNTP content, such as through 'news:' or 'nntp:' URIs. Successful exploitation will result in code execution in the context of the program user.

6. HIOXS Star Rating System Addcode.PHP Remote File Include Vulnerability
BugTraq ID: 21280
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21280
Summary:
HIOXS Star Rating System is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Version 1.0 is vulnerable to this issue; other versions may also be affected.

7. Texinfo File Handling Buffer Overflow Vulnerability
BugTraq ID: 20959
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20959
Summary:
Texinfo is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue allows attackers to cause the affected applications using Texinfo to crash, denying service to legitimate users. Arbitrary code execution may also be possible, but this has not been confirmed.

8. Simple PHP Gallery System SP_Index.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 21278
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21278
Summary:
Simple PHP Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Version 1.1 is vulnerable to this issue; other versions may also be affected.

9. PHP-Nuke News Module Index.PHP SQL Injection Vulnerability
BugTraq ID: 21277
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21277
Summary:
The PHP-Nuke News module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

PHP-Nuke 7.9 and prior versions are vulnerable.

10. GNU Texinfo Insecure Temporary File Creation Vulnerability
BugTraq ID: 14854
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/14854
Summary:
Texinfo creates temporary files in an insecure manner. The issue resides in the 'textindex.c' file.

Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.

11. Wallpaper Complete Website Wallpaper.PHP SQL Injection Vulnerability
BugTraq ID: 21274
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21274
Summary:
Wallpaper Complete Website is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Wallpaper Complete Website version 1.0.09 is vulnerable to this issue.

12. TFTPD32 Filename Remote Buffer Overflow Vulnerability
BugTraq ID: 21148
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21148
Summary:
TFTPD32 is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before storing it in a finite-sized buffer.

An attacker can exploit this issue to cause the application to crash, denying further service to legitimate users. Due to the nature of this issue, the attacker may presumably be able to exploit it for remote code execution.

Version 3.01 is vulnerable.

13. Apple Mac OS X Mach-O Binary Loading Privilege Escalation Vulnerability
BugTraq ID: 21272
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21272
Summary:
Apple Mac OS X is prone to privilege-escalation vulnerability. This issue occurs when the operating system fails to handle specially crafted binaries.

A successful exploit would allow a local attacker to execute arbitrary code with kernel-level privileges. A successful exploit would lead to the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

14. GraphicsMagick PALM DCM Buffer Overflow Vulnerabilities
BugTraq ID: 20707
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20707
Summary:
GraphicsMagick is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.

Successful exploits may allow an attacker to execute arbitrary machine code to compromise an affected computer or to cause denial-of-service conditions.

GraphicsMagick 1.1.7 and prior versions are vulnerable.

15. ImageMagick Image Filename Remote Command Execution Vulnerability
BugTraq ID: 16093
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/16093
Summary:
ImageMagick is prone to a remote shell command-execution vulnerability.

Successful exploitation can allow arbitrary commands to be executed in the context of the affected user. Note that attackers could exploit this issue through other applications that use ImageMagick as the default image viewer.

ImageMagick 6.2.4.5 is reportedly vulnerable. Other versions may be affected as well.

16. ImageMagick File Name Handling Remote Format String Vulnerability
BugTraq ID: 12717
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/12717
Summary:
ImageMagick is reported prone to a remote format-string vulnerability.

Reportedly, this issue arises when the application handles malformed filenames. An attacker can exploit this vulnerability by crafting a malicious file with a name that contains format specifiers and sending the file to an unsuspecting user.

Note that there are other attack vectors that may not require user interaction, since the application can be used with custom printing systems and web applications.

A successful attack may crash the application or lead to arbitrary code execution.

All versions of ImageMagick are considered vulnerable at the moment.

17. Woltlab Burning Board WBB_UserID SQL Injection Vulnerability
BugTraq ID: 21265
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21265
Summary:
Woltlab Burning Board is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

18. MidiCart ASP Item_Show.ASP ID2006quant Parameter SQL Injection Vulnerability
BugTraq ID: 21273
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21273
Summary:
MidiCart ASP is prone to an SQL injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

19. MidiCart PHP Item_List.PHP SecondGroup Parameter SQL Injection Vulnerability
BugTraq ID: 13514
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/13514
Summary:
MidiCart PHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

This issue is reported to affect both the PHP and ASP versions of MidiCart Shopping Cart.

20. MidiCart PHP Item_List.PHP MainGroup Parameter SQL Injection Vulnerability
BugTraq ID: 13513
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/13513
Summary:
MidiCart PHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

This issue is reported to affect both the PHP and ASP versions of MidiCart Shopping Cart.

21. MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability
BugTraq ID: 14544
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/14544
Summary:
MidiCart ASP is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

22. JiRo's FAQ Manager Login.ASP SQL Injection Vulnerability
BugTraq ID: 21271
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21271
Summary:
JiRo's FAQ Manager is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

23. Linux Kernel SNMP NAT Helper Remote Denial of Service Vulnerability
BugTraq ID: 18081
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18081
Summary:
The Linux SNMP NAT helper is susceptible to a remote denial-of-service vulnerability.

This issue allows remote attackers to potentially corrupt memory and ultimately trigger a denial of service for legitimate users.

Kernel versions prior to 2.6.16.18 are vulnerable to this issue.

24. Quinnware Quintessential Player Playlist Files Remote Memory Corruption Vulnerability
BugTraq ID: 21331
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21331
Summary:
Quinnware Quintessential Player is prone to a remote memory-corruption vulnerability because the application fails to handle malformed playlist files.

An attacker can exploit this issue to execute arbitrary code within the context of the application or trigger a denial-of-service condition.

Quintessential Player version 4.50.1.82 is vulnerable to this issue; other versions may also be affected.

25. Apple Safari Password Manager Cross-Site Information Disclosure Weakness
BugTraq ID: 21329
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21329
Summary:
Apple Safari is prone to an information-disclosure weakness because it fails to properly notify users of automatic form field population in disparate URLs deriving from the same domain.

This issue may allow attackers to obtain user credentials that have been saved in forms deriving from the same website that attack code resides. The most common manifestation of this condition would typically be in blogs or forums. This may allow attackers to gain access to potentially sensitive information that would facilitate the success of phishing attacks.

26. NetBSD Kernel Multiple Local Information Disclosure Vulnerabilities
BugTraq ID: 21328
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21328
Summary:
The NetBSD kernel is prone to multiple local information-disclosure vulnerabilities because the kernel fails to properly initialize kernel memory before returning it to user-space programs.

Successfully exploiting these issues allows local attackers to gain access to potentially sensitive information contained in kernel memory, aiding them in further attacks.

NetBSD kernel branch 2 to branch 3 prior to 3.0.2, and current prior to 10/27/06 are vulnerable.

27. Microsoft Windows Workstation Service NetpManageIPCConnect Remote Code Execution Vulnerability
BugTraq ID: 20985
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20985
Summary:
Microsoft Windows Workstation service is prone to a remote code-execution vulnerability.

Exploiting this issue allows remote, anonymous attackers to execute arbitrary machine code on affected computers with SYSTEM-level privileges. This facilitates the complete compromise of affected computers.

Attackers require administrative privileges to exploit this issue on Windows XP SP2 computers. Anonymous attackers may exploit this issue on Windows 2000 computers.

28. OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability
BugTraq ID: 20246
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20246
Summary:
OpenSSL is prone to a denial-of-service vulnerability.

A malicious server could cause a vulnerable client application to crash, effectively denying service.

29. PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
BugTraq ID: 20879
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20879
Summary:
PHP is prone to multiple buffer-overflow vulnerabilities because it fails to effectively bounds-check user-supplied input before copying it to an insufficiently sized buffer.

An attacker could exploit these issues to have arbitrary code execute in the context of an affected webserver. This may lead to the compromise of the webserver. Failed exploit attempts could cause denial-of-service conditions, denying access to legitimate users.

Only limited information is available regarding these issues. This BID will be updated as more information becomes available.

PHP 5 is vulnerable to these issues.

NOTE: The affected functions are employed by a large number of popular PHP libraries. As a result, there are many PHP applications affected by this issue.

30. Samba Internal Data Structures Denial of Service Vulnerability
BugTraq ID: 18927
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18927
Summary:
The smbd daemon is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to consume excessive memory resources, ultimately crashing the affected application.

This issue affects Samba versions 3.0.1 through 3.0.22 inclusive.

31. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
BugTraq ID: 19849
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/19849
Summary:
OpenSSL is prone to a vulnerability that may allow an attacker to forge an RSA signature. The attacker may be able to forge a PKCS #1 v1.5 signature when an RSA key with exponent 3 is used.

An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key.

All versions of OpenSSL prior to and including 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.

32. OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability
BugTraq ID: 20249
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20249
Summary:
OpenSSL is prone to a buffer-overflow vulnerability because the library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users.

33. GNU GZip Archive Handling Multiple Remote Vulnerabilities
BugTraq ID: 20101
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20101
Summary:
The gzip utility is prone to multiple remote buffer-overflow and denial-of-service vulnerabilities when handling malicious archive files.

Successful exploits may allow a remote attacker to corrupt process memory by triggering an overflow condition. This may lead to arbitrary code execution in the context of an affected user and may facilitate a remote compromise. Attackers may also trigger denial-of-service conditions by crashing or hanging the application.

Specific information regarding affected versions of gzip is currently unavailable. This BID will be updated as more information is released.

34. Microsoft Client Service for Netware Denial of Service Vulnerability
BugTraq ID: 20984
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20984
Summary:
Microsoft Client Service for Netware is prone to a denial-of-service vulnerability.

Exploiting this issue would cause the affected computer to crash, denying service to legitimate users.

35. MPG123 Malformed MP3 File Memory Corruption Vulnerability
BugTraq ID: 17365
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/17365
Summary:
The mpg123 application is prone to a memory-corruption vulnerability related to the handling of MP3 streams.

An attacker may be able to exploit this vulnerability to execute arbitrary code in the context of the user running the player, but this has not been confirmed.

This issue may be related to the one described in BID 12218 (MPG123 Layer 2 Frame Header Heap Overflow Vulnerability).

36. Perl Perl_sv_vcatpvfn Format String Integer Wrap Vulnerability
BugTraq ID: 15629
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/15629
Summary:
Perl is susceptible to a format-string vulnerability. This issue is due to the programming language's failure to properly handle format specifiers in formatted-printing functions.

An attacker may leverage this issue to write to arbitrary process memory, facilitating code execution in the context of the Perl interpreter process. This can result in unauthorized remote access.

Developers should treat the formatted printing functions in Perl as equivalently vulnerable to exploitation as the C library versions, and should properly sanitize all data passed in the format-specifier argument.

All applications that use formatted-printing functions in an unsafe manner should be considered exploitable.

37. PHP Html_Entity_Decode() Information Disclosure Vulnerability
BugTraq ID: 17296
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/17296
Summary:
PHP 'html_entity_decode()' function is prone to an information-disclosure vulnerability. This issue arises when a script using the function accepts data from a remote untrusted source and returns the function's result to an attacker.

Information that the attacker gathers by exploiting this vulnerability may aid in other attacks.

PHP versions prior to 5.1.3-RC1 are vulnerable to this issue.

38. TDiary Conf Parameter Cross-Site Scripting Vulnerabilities
BugTraq ID: 21321
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21321
Summary:
tDiary is prone to multiple cross-site scripting vulnerabilities.

An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

tDiary versions 2.1.4.20061115 and prior are vulnerable to these issues.

39. Clam Anti-Virus PE Rebuilding Heap Buffer Overflow Vulnerability
BugTraq ID: 20535
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20535
Summary:
ClamAV is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

Exploiting this issue could allow attacker-supplied machine code to execute in the context of the affected application. The issue would occur when the malformed file is scanned manually or automatically in deployments such as email gateways.

ClamAV version 0.88.4 is vulnerable to this issue.

40. Linux Kernel SG Driver Direct IO Local Denial of Service Vulnerability
BugTraq ID: 18101
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18101
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability. This issue is due to a design error in the SG driver.

This vulnerability allows local users to cause a kernel panic, denying further service to legitimate users.

This issue affects Linux kernel versions prior to 2.6.13.

41. Apple Airport Driver Remote Code Execution Vulnerability
BugTraq ID: 20862
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20862
Summary:
Apple AirPort driver is prone to a vulnerability that could allow remote arbitrary code execution with kernel-level privileges.

Successful exploits may allow remote attackers to execute arbitrary machine code, resulting in a complete compromise of affected computers. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects the eMac, iBook, iMac, PowerBook G3, PowerBook G4, and Power Mac G4 computers which were equipped with an original AirPort card. Computers with an AirPort Extreme are not affected.

42. Symantec Antivirus Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 18107
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18107
Summary:
Multiple Symantec products are susceptible to a remote stack buffer-overflow vulnerability.

This issue allows remote attackers to execute arbitrary machine code with SYSTEM-level privileges, facilitating the complete compromise of affected computers.

Symantec Antivirus Corporate Edition 10.1 and Symantec Client Security 3.1 are currently known to be vulnerable to this issue.

43. Lynx Malformed HTML Infinite Loop Denial Of Service Vulnerability
BugTraq ID: 11443
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/11443
Summary:
Lynx is prone to a denial-of-service vulnerability when handling certain malformed HTML. Attackers could exploit this condition could to cause the application to enter an infinite loop.

44. Mambo Jambook Entry Field HTML Injection Vulnerability
BugTraq ID: 21298
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21298
Summary:
The jambook module for Mambo is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Version 1.0 beta 5 is vulnerable to this issue; other versions may also be affected.

45. GNU Tar GNUTYPE_NAMES Remote Directory Traversal Vulnerability
BugTraq ID: 21235
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21235
Summary:
GNU Tar is prone to a vulnerability that may allow an attacker to place files and overwrite files in arbitrary locations on a vulnerable computer. These issues present themselves when the application processes malicious archives.

A successful attack can allow the attacker to place potentially malicious files and overwrite files on a computer in the context of the user running the affected application. Successful exploits may aid in further attacks.

46. Qbik WinGate Remote Denial Of Service Vulnerability
BugTraq ID: 21295
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21295
Summary:
Qbik WinGate is prone to a remote denial-of-service vulnerability because it fails to properly handle certain DNS requests.

A remote attacker may exploit this issue to crash the application, denying service to legitimate users.

WinGate 6.1 is reported vulnerable; other versions may be affected as well.

47. XMPlay Playlist Files Remote Buffer Overflow Vulnerability
BugTraq ID: 21206
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21206
Summary:
XMPlay is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data prior to loading malformed playlist files.

An attacker can exploit this issue to execute arbitrary code within the context of the application or trigger a denial-of-service condition.

XMPlay 3.3.0.4 is vulnerable to this issue; other versions may also be affected.

48. Microsoft Windows Client Service For Netware Remote Code Execution Vulnerability
BugTraq ID: 21023
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21023
Summary:
Microsoft Client Service for Netware is prone to a remote code-execution vulnerability.

A remote attacker can exploit this vulnerability to execute arbitrary code in the context of the user running the affected service.

Note that the Client Service for Netware is not installed by default on any affected operating system.

49. Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability
BugTraq ID: 20047
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20047
Summary:
Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.

The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

This issue is similar to, but separate from, the one described in BID 19738 (Microsoft Internet Explorer Daxctle.OCX Spline Method Heap Buffer Overflow Vulnerability).

Microsoft has released information stating this issue is being exploited publicly in limited attacks.

50. ProFTPD SReplace Remote Buffer Overflow Vulnerability
BugTraq ID: 20992
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20992
Summary:
ProFTPD is prone to an remote buffer-overflow vulnerability. This issue is due to an off-by-one error, allowing attackers to corrupt memory.

Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the server application, facilitating the compromise of affected computers.

ProFTPD versions prior to 1.3.0a are vulnerable to this issue.

Update: This BID was recently updated to state that 'CommandBufferSize' was affected by a denial-of-service issue, but according to the vendor, that directive is not vulnerable.

51. PHP Event Calendar Calendar.PHP Remote File Include Vulnerability
BugTraq ID: 18965
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18965
Summary:
PHP Event Calendar is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

52. Expinion.net iNews Publisher Articles.ASP Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 21296
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21296
Summary:
iNews Publisher is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.

53. OpenBSD Systrace STRIOCREPLACE Local Integer Overflow Vulnerability
BugTraq ID: 20392
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20392
Summary:
OpenBSD systrace is prone to a local integer-overflow vulnerability.

An attacker can exploit this vulnerability to execute arbitrary code with elevated privileges. A successful exploit could lead to a complete compromise of affected computers.

OpenBSD 3.8 and 3.9 are reported vulnerable; other BSD variants such as NetBSD and FreeBSD may be affected as well.

54. PHPMyAdmin Multiple Input Validation Vulnerabilities
BugTraq ID: 21137
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21137
Summary:
PHPMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities.

An attacker could exploit these vulnerabilities to view sensitive information or to have arbitrary script code execute in the context of the affected site, which may allow the attacker to steal cookie-based authentication credentials or change the way the site is rendered to the user. Data gained could aid in further attacks.

All versions of PHPMyAdmin are vulnerable.

55. Apple Mac OS X Mach-O Binary Loading Integer Overflow Vulnerability
BugTraq ID: 21291
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21291
Summary:
Apple Mac OS X is prone to a local integer-overflow vulnerability. This issue occurs when the operating system fails to handle specially crafted binaries.

A successful exploit would allow a local attacker to execute arbitrary code with kernel-level privileges, leading to the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

56. Sendmail Long Header Denial Of Service Vulnerability
BugTraq ID: 19714
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/19714
Summary:
Sendmail is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the Sendmail process, causing a denial of service.

57. TikiWiki PageAlias HTML Injection Vulnerability
BugTraq ID: 21297
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21297
Summary:
TikiWiki is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

TikiWiki 1.9.6 is reportedly vulnerable; other versions may also be affected.

58. Sysinfo Kampus Multiple Remote File Include Vulnerabilities
BugTraq ID: 21294
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21294
Summary:
Sysinfo Kampus is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Sysinfo Kampus 0.8 and prior versions are vulnerable.

59. LibTiff TIFFToRGB Denial of Service Vulnerability
BugTraq ID: 17809
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/17809
Summary:
LibTIFF is affected by a denial-of-service vulnerability.

An attacker can exploit this vulnerability to cause a denial of service in applications using the affected library.

60. Wireshark Multiple Protocol Dissectors Denial of Service Vulnerabilities
BugTraq ID: 20762
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20762
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issues may permit attackers to cause crashes and deny service to legitimate users of the application.

Wireshark versions prior to 0.99.4 are affected.

61. Nivisec Hacks List HACK_ID SQL Injection Vulnerability
BugTraq ID: 21290
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21290
Summary:
Hacks List phpBB Mod is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Hacks List 1.21 and prior versions are vulnerable to this issue.

62. Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 21183
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21183
Summary:
Dovecot is prone to an off-by-one buffer-overflow condition due to an error that results in insufficient memory allocation.

An attacker may exploit this issue to trigger denial-of-service conditions. Presumably, arbitrary code execution may be possible as well.

Versions 1.0test53 to 1.0.rc14 are vulnerable.

63. ImageMagick SGI Image File Unspecified Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 21185
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21185
Summary:
ImageMagick is prone to a remote heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of applications that use the ImageMagick library.

ImageMagick versions in the 6.x series, up to version 6.2.8, are vulnerable to this issue.

64. MailEnable IMAP Service Unspecified Buffer Overflow Vulnerability
BugTraq ID: 21252
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21252
Summary:
MailEnable is prone to a buffer-overflow vulnerability in the IMAP service because the application fails to properly bounds-check unspecified user-supplied data.

This issue is reported to affect the following MailEnable versions, but other versions may also be vulnerable:

1.9-1.82 Professional Edition
1.1-1.30 Enterprise Edition
2.0-2.32 Professional Edition
2.0-2.32 Enterprise Edition

65. Nagios Remote Content-Length Integer Overflow Vulnerability
BugTraq ID: 18059
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18059
Summary:
Nagios is prone to a remote integer-overflow vulnerability. The application fails to properly ensure that user-supplied input doesn't overflow integer values. This may result in user-supplied data being copied past the end of a memory buffer.

This issue allows remote attackers to execute arbitrary machine code in the context of hosting webservers.

Nagios versions prior to 2.3.1 are vulnerable to this issue.

This issue is very similar to BID 17879 (Nagios Remote Negative Content-Length Buffer Overflow Vulnerability), but is a separate issue.

66. BasicForum EDIT.ASP SQL Injection Vulnerability
BugTraq ID: 21293
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21293
Summary:
BasicForum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

BasicForum 1.1 and prior versions are vulnerable to this issue.

67. PostgreSQL Multibyte Character Encoding SQL Injection Vulnerabilities
BugTraq ID: 18092
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18092
Summary:
PostgreSQL is prone to SQL-injection vulnerabilities. These issues are due to a potential mismatch of multibyte character conversions between PostgreSQL servers and client applications.

A successful exploit could allow an attacker to execute arbitrary SQL statements on affected servers. This may allow the attacker to compromise the targeted computer, access or modify data, or exploit other latent vulnerabilities.

PostgreSQL versions prior to 7.3.15, 7.4.13, 8.0.8, and 8.1.4 are vulnerable to these issues.

68. MySQL Query Logging Bypass Vulnerability
BugTraq ID: 16850
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/16850
Summary:
MySQL is susceptible to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysql_real_query()' function and in the query-logging functionality.

This issue allows attackers to bypass the query-logging functionality of the database so they can cause malicious SQL queries to be improperly logged. This may help them hide the traces of their malicious activity from administrators.

This issue affects MySQL version 5.0.18; other versions may also be affected.

69. OpenLDAP Server Bind Request Denial Of Service Vulnerability
BugTraq ID: 20939
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20939
Summary:
OpenLDAP server is prone to a denial-of-service vulnerability because it fails to handle exceptional conditions.

An attacker can exploit this issue to cause a crash in the LDAP server, effectively denying service to legitimate users.

70. Liberum Help Desk DETAILS.ASP SQL Injection Vulnerability
BugTraq ID: 21292
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21292
Summary:
Liberum Help Desk is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Liberum Help Desk 0.97.3 and prior versions are affected by this issue.

71. MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
BugTraq ID: 17780
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/17780
Summary:
MySQL is susceptible to multiple remote vulnerabilities:

- A buffer-overflow vulnerability due to insufficient bounds-checking of user-supplied data before copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code in the context of affected database servers. Failed exploit attempts will likely crash the server, denying further service to legitimate users.

- Two information-disclosure vulnerabilities due to insufficient input-sanitization and bounds-checking of user-supplied data. These issues allow remote users to gain access to potentially sensitive information that may aid them in further attacks.

72. Mono System.CodeDom.Compiler Class Insecure Temporary File Creation Vulnerability
BugTraq ID: 20340
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20340
Summary:
The Mono 'System.CodeDom.Compiler' class creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.

Successfully exploiting a symlink attack may allow an attacker to overwrite or corrupt sensitive files. This may result in a denial of service; other attacks may also be possible.

Versions 1.0 and 2.0 are vulnerable; other versions may also be affected.

73. Libextractor Multiple Heap Buffer Overflow Vulnerabilities
BugTraq ID: 18021
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18021
Summary:
The libextractor library is affected by multiple buffer-overflow vulnerabilities. The software fails to perform sufficient boundary checks of user-supplied input before copying it to insufficiently sized memory buffers.

An attacker exploits these issues by enticing a vulnerable user to open a malformed file using an application that employs libextractor.

This issue allows attackers to execute arbitrary machine code in the context of applications that use the affected library, aiding them in the remote compromise of affected computers.

Version 0.5.13 of libextractor is vulnerable to these issues; other versions may also be affected.

74. Owllib OWLLIB_ROOT Remote File Include Vulnerability
BugTraq ID: 21268
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21268
Summary:
Owllib is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Version 1.0 is vulnerable.

75. Vixie Cron PAM_Limits Local Privilege Escalation Vulnerability
BugTraq ID: 18108
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18108
Summary:
Vixie cron is susceptible to a local privilege-escalation vulnerability. This issue is due to the application's failure to properly drop superuser privileges in certain circumstances when executing jobs.

This issue allows local attackers that have been authorized to execute cron jobs to execute arbitrary commands with superuser privileges. This facilitates the complete compromise of affected computers.

Vixie cron version 4.1 is vulnerable to this issue when used in conjunction with pam_limits. Other versions may also be affected.

76. Dovecot Remote Information Disclosure Vulnerability
BugTraq ID: 17961
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/17961
Summary:
Dovecot is prone to an information-disclosure vulnerability that may allow authenticated attackers to gain access to the names of all users with mailboxes on an affected IMAP server.

Dovecot versions 1.0 stable through 1.0 beta8 are vulnerable to this issue.

77. LinuxPrinting.org Foomatic-Filter Command Execution Vulnerability
BugTraq ID: 11184
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/11184
Summary:
Reportedly, the LinuxPrinting.org Foomatic-Filter is affected by an arbitrary command-execution vulnerability. Although unconfirmed, this issue is likely due to the affected script's failure to properly validate input when issuing shell commands.

An attacker may exploit this issue to execute arbitrary commands as the printer user on a computer running the vulnerable software.

78. fipsShop Multiple SQL Injection Vulnerabilities
BugTraq ID: 21289
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21289
Summary:
fipsShop is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

79. WebHost Manager Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 21288
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21288
Summary:
WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

WebHost Manager version 3.1.0 is vulnerable; other versions may also be affected.

80. MAlbum Index.PHP Directory Traversal Vulnerability
BugTraq ID: 21241
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21241
Summary:
mAlbum is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.

81. PEGames Remote File Include Vulnerability
BugTraq ID: 21266
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21266
Summary:
PEGames is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

82. CPanel 11 Beta Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 21287
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21287
Summary:
cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

cPanel version 11 beta is vulnerable; other versions may also be affected.

83. Link Exchange Lite Multiple SQL Injection Vulnerabilities
BugTraq ID: 21225
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21225
Summary:
Link Exchange Lite is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

84. SIAP CMS Login.ASP SQL Injection Vulnerability
BugTraq ID: 21286
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21286
Summary:
SIAP CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

85. Seditio Users.Profile.Inc.PHP SQL Injection Vulnerability
BugTraq ID: 21232
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21232
Summary:
Seditio is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Seditio 1.10 is vulnerable to this issue.

86. SoftAcid Reciprocal Link Exchange Lite SQL Injection Vulnerability
BugTraq ID: 21239
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21239
Summary:
SoftAcid Reciprocal Link Exchange Lite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

87. KTools Remote Buffer Overflow Vulnerability
BugTraq ID: 15600
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/15600
Summary:
The ktools library is prone to a remote buffer-overflow vulnerability.

An attacker may execute arbitrary code with the privileges of the application and gain unauthorized remote access.

Version 0.3 (and prior) of ktools is vulnerable to this issue.

88. Apple Mac OS X KQueue Local Denial of Service Vulnerability
BugTraq ID: 21285
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21285
Summary:
Apple Mac OS X is prone to a local denial-of-service vulnerability because the kernel fails to properly handle exceptional conditions.

Exploiting this issue allows local, unprivileged users to crash affected kernels, denying further service to legitimate users.

Apple Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.

89. NukeAI Util.PHP Remote Code Execution Vulnerability
BugTraq ID: 21284
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21284
Summary:
NukeAI is prone to an arbitrary remote code-execution vulnerability because the application fails to sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

The beta3 version of this application is affected.

90. Linux Kernel SCTP_Make_Abort_User Function Buffer Overflow Vulnerability
BugTraq ID: 19666
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/19666
Summary:
The Linux kernel is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

A local attacker can exploit this issue to execute arbitrary code and potentially compromise the affected computer.

91. Linux Kernel CD-ROM Driver Local Buffer Overflow Vulnerability
BugTraq ID: 18847
Remote: No
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18847
Summary:
The Linux kernel is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation.

This issue allows local attackers to overwrite kernel memory with arbitrary data, potentially allowing them to execute malicious machine code in the context of affected kernels. This vulnerability facilitates the complete compromise of affected computers.

Linux kernel version 2.6.17.3 and prior are affected by this issue.

92. Fixit IDMS Pro Multiple Input Validation Vulnerability
BugTraq ID: 21282
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21282
Summary:
Fixit iDMS Pro is prone to multiple input-validation vulnerabilities, including SQL-injection issues and an HTML-injection issue, because the application fails to properly sanitize user-supplied input.

Successful exploits of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.

93. DB-Central CMS Search Cross-Site Scripting Vulnerability
BugTraq ID: 20622
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20622
Summary:
db-central CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

94. Cahier De Texte Telecharger.PHP Directory Traversal Vulnerability
BugTraq ID: 21283
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21283
Summary:
Cahier de texte is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.

95. Ingo Procmail Driver Shell Command Execution Vulnerability
BugTraq ID: 20637
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20637
Summary:
Ingo is prone to a vulnerability that may permit the execution of arbitrary shell commands. This issue occurs because the Ingo procmail driver fails to properly sanitize user-supplied input.

Exploiting this issue allows attackers to execute arbitrary commands with the privileges of users executing a vulnerable version of the application.

This issue affects version 1.1.1 and earlier.

96. GNU GV Stack Buffer Overflow Vulnerability
BugTraq ID: 20978
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/20978
Summary:
GNU gv is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application. Failed attempts will likely crash the application, resulting in denial-of-service conditions.

Version 3.6.2 is reported vulnerable; other versions may also be affected.

NOTE: Various other applications may employ embedded GNU gv code and could also be vulnerable as a result.

97. ACLogic CesarFTP Multiple Commands Remote Buffer Overflow Vulnerability
BugTraq ID: 18586
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18586
Summary:
CesarFTP is prone to a buffer-overflow vulnerability when handling data through the MKD command.
Reportedly, passing excessive data may overflow a finite-sized internal memory buffer. A successful attack may result in memory corruption as memory adjacent to the buffer is overwritten with user-supplied data.

This issue may lead to a denial-of-service condition or to the execution of arbitrary code.

Version 0.99g of CesarFTP is vulnerable to this issue; other versions may also be affected.

98. Typespeed Remote Buffer Overflow Vulnerability
BugTraq ID: 18194
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/18194
Summary:
Typespeed is susceptible to a remote buffer-overflow vulnerability. This issue is due to a failure in the application to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue allows remote attackers to execute arbitrary machine code in the context of affected applications, aiding them in the compromise of affected computers.

Typespeed versions 0.4.1 and 0.4.4 are vulnerable to this issue; other versions may also be affected.

99. MMGallery Thumbs.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 21281
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21281
Summary:
The mmgallery script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Version 1.55 is vulnerable to this issue; other versions may also be affected.

100. ASP ListPics Listpics.ASP SQL Injection Vulnerability
BugTraq ID: 21279
Remote: Yes
Last Updated: 2006-11-28
Relevant URL: http://www.securityfocus.com/bid/21279
Summary:
ASP ListPics is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

ASP ListPics version 5.0 is vulnerable.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Bot spreads through antivirus, Windows flaws
By: Robert Lemos
University campuses are dealing with a spate of infections caused by a bot program that compromises computers running unpatched versions of Windows and an older version of Symantec's antivirus software.
http://www.securityfocus.com/news/11426

2. Viruses go virtual
By: Robert Lemos
Online worlds--from Second Life to the World of Warcraft--pave the way to a virtual future, replete with tailored viruses and digital diseases.
http://www.securityfocus.com/news/11425

3. Malware goes to the movies
By: Robert Lemos
Online attackers start to experiment with embedding malicious code or links to such code in video files.
http://www.securityfocus.com/news/11424

4. E-voting worries focus on failures, not fraud
By: Robert Lemos
No obvious election fraud tainted the midterm elections, but e-voting machine critics stress that Election Day failures should raise a red flag.
http://www.securityfocus.com/news/11423

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Application Security Engineer, Washington D.C.
http://www.securityfocus.com/archive/77/452921

2. [SJ-JOB] Application Security Engineer, Dallas
http://www.securityfocus.com/archive/77/452922

3. [SJ-JOB] Application Security Engineer, Atlanta
http://www.securityfocus.com/archive/77/452924

4. [SJ-JOB] Training / Awareness Specialist, Cupertino
http://www.securityfocus.com/archive/77/452857

5. [SJ-JOB] Incident Handler, Raleigh
http://www.securityfocus.com/archive/77/452859

6. [SJ-JOB] Associate Software Engineer, Alexandria
http://www.securityfocus.com/archive/77/452860

7. [SJ-JOB] Security Consultant, Atlanta
http://www.securityfocus.com/archive/77/452768

8. [SJ-JOB] Database Security Architect, Riyadh
http://www.securityfocus.com/archive/77/452710

9. [SJ-JOB] Channel / Business Development, Hampshire
http://www.securityfocus.com/archive/77/452711

10. [SJ-JOB] Sr. Security Analyst, DC
http://www.securityfocus.com/archive/77/452712

11. [SJ-JOB] Forensics Engineer, London
http://www.securityfocus.com/archive/77/452714

12. [SJ-JOB] Sr. Security Analyst, Las Vegas
http://www.securityfocus.com/archive/77/452602

13. [SJ-JOB] Software Engineer, San Diego
http://www.securityfocus.com/archive/77/452603

14. [SJ-JOB] Security Consultant, dubai
http://www.securityfocus.com/archive/77/452612

15. [SJ-JOB] Application Security Engineer, Dubai
http://www.securityfocus.com/archive/77/452604

16. [SJ-JOB] Security Engineer, Dubai
http://www.securityfocus.com/archive/77/452605

17. [SJ-JOB] Auditor, Montreal
http://www.securityfocus.com/archive/77/452607

18. [SJ-JOB] Evangelist, Minneapolis
http://www.securityfocus.com/archive/77/452578

19. [SJ-JOB] Channel / Business Development, Cincinnati
http://www.securityfocus.com/archive/77/452564

20. [SJ-JOB] Sales Representative, Pompano Beach
http://www.securityfocus.com/archive/77/452568

21. [SJ-JOB] Security Engineer, Dubai
http://www.securityfocus.com/archive/77/452570

22. [SJ-JOB] Auditor, Dubai
http://www.securityfocus.com/archive/77/452621

23. [SJ-JOB] MOD CLAS Consultant, Berkshire
http://www.securityfocus.com/archive/77/452562

24. [SJ-JOB] Application Security Architect, Various
http://www.securityfocus.com/archive/77/452614

25. [SJ-JOB] MOD CLAS Consultant, London
http://www.securityfocus.com/archive/77/452474

26. [SJ-JOB] Security Consultant, West England
http://www.securityfocus.com/archive/77/452477

27. [SJ-JOB] MOD CLAS Consultant, Multiple
http://www.securityfocus.com/archive/77/452478

28. [SJ-JOB] Application Security Architect, Baltimore
http://www.securityfocus.com/archive/77/452475

29. [SJ-JOB] Software Engineer, Boston
http://www.securityfocus.com/archive/77/452476

30. [SJ-JOB] Security Engineer, London + Hants (Hook)
http://www.securityfocus.com/archive/77/452434

31. [SJ-JOB] Application Security Architect, Columbia
http://www.securityfocus.com/archive/77/452436

32. [SJ-JOB] Application Security Engineer, Redmond
http://www.securityfocus.com/archive/77/452437

33. [SJ-JOB] Penetration Engineer, London/South/UK Wide
http://www.securityfocus.com/archive/77/452438

34. [SJ-JOB] Security Consultant, Manchester - UK
http://www.securityfocus.com/archive/77/452435

35. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/452389

36. [SJ-JOB] Security Architect, Telford, Shropshire
http://www.securityfocus.com/archive/77/452392

37. [SJ-JOB] Security Consultant, Any Major U.S. City
http://www.securityfocus.com/archive/77/452394

38. [SJ-JOB] Channel / Business Development, New York
http://www.securityfocus.com/archive/77/452375

39. [SJ-JOB] Security Architect, Portsmouth
http://www.securityfocus.com/archive/77/452378

40. [SJ-JOB] Security Engineer, Pompano Beach
http://www.securityfocus.com/archive/77/452390

41. [SJ-JOB] Security Engineer, Hackensack
http://www.securityfocus.com/archive/77/452391

42. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/452377

43. [SJ-JOB] Sales Engineer, New York
http://www.securityfocus.com/archive/77/452380

44. [SJ-JOB] Security Consultant, Telford, Shropshire
http://www.securityfocus.com/archive/77/452381

45. [SJ-JOB] Sr. Product Manager, Sunnyvale
http://www.securityfocus.com/archive/77/452332

46. [SJ-JOB] VP of Regional Sales, New York
http://www.securityfocus.com/archive/77/452333

47. [SJ-JOB] Security Engineer, Palo Alto
http://www.securityfocus.com/archive/77/452355

48. [SJ-JOB] Security Researcher, Palo Alto
http://www.securityfocus.com/archive/77/452398

49. [SJ-JOB] Information Assurance Engineer, VARIOUS
http://www.securityfocus.com/archive/77/452335

50. [SJ-JOB] Security Engineer, Chicago
http://www.securityfocus.com/archive/77/452342

51. [SJ-JOB] Sales Representative, New York
http://www.securityfocus.com/archive/77/452354

V. INCIDENTS LIST SUMMARY
---------------------------
1. "Ticken" web attacks?
http://www.securityfocus.com/archive/75/451859

VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. kernel bug in 2.1.1.1
http://www.securityfocus.com/archive/82/452820

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. 'conflict' between offline files and SMB signing?
http://www.securityfocus.com/archive/88/452549

2. SecurityFocus Microsoft Newsletter #318
http://www.securityfocus.com/archive/88/452452

VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. Portsentry and Snort Question
http://www.securityfocus.com/archive/91/452881

2. Red Hat vs Debian Linux: overall security
http://www.securityfocus.com/archive/91/452878

3. How to check UID of process on the other side of local TCP/UDP connection
http://www.securityfocus.com/archive/91/452761

X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics

ALERT: Learn to Think Like a Hacker- Simulate a Hacker Breaking into Your Web Apps
The speed with which Web Applications are developed make them prime targets for attackers, often these applications were developed so quickly that they are not coded properly or subjected to any security testing. Hackers know this and use it as their weapon. Download this *FREE* test guide from SPI Dynamics to check for Web application vulnerabilities.

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000Ce5v

No comments:

Blog Archive