News

Tuesday, December 12, 2006

SecurityFocus Newsletter #380

SecurityFocus Newsletter #380
----------------------------------------

This Issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!"- White Paper
Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=70160000000CehF

------------------------------------------------------------------
I. FRONT AND CENTER
1. Password Management Concerns with IE and Firefox, part one
2. Password Management Concerns with IE and Firefox, part two
3. Christmas Shopping: Vista Over XP?
II. BUGTRAQ SUMMARY
1. GNOME Evolution Multiple Format String Vulnerabilities
2. Firebird Remote Pre-Authentication Database Name Buffer Overrun Vulnerability
3. MailEnable IMAP Service Unspecified Remote Buffer Overflow Vulnerability
4. Amateras SNS Unspecified Cross-Site Scripting Vulnerability
5. Linux Kernel IBMTR.C Remote Denial of Service Vulnerability
6. Ruby on Rails Routing Denial of Service Vulnerability
7. Intel Network Drivers Local Privilege Escalation Vulnerability
8. Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
9. DUDirectory Multiple SQL Injection Vulnerabilities
10. Net-SNMP SNMPD.Conf Tokens Security Restriction Bypass Vulnerability
11. Apache Libapreq2 Quadratic Behavior Denial of Service Vulnerability
12. DIA XFIG File Import Multiple Remote Buffer Overflow Vulnerabilities
13. GDB DWARF Multiple Buffer Overflow Vulnerabilities
14. GNU Mailman Attachment Scrubber Malformed MIME Message Denial Of Service Vulnerability
15. Microsoft December Advance Notification Multiple Vulnerabilities
16. Awrate Toroot Parameter Multiple Remote File Include Vulnerabilities
17. PHP Html_Entity_Decode() Information Disclosure Vulnerability
18. Microsoft Word Unspecified Remote Code Execution Vulnerability
19. FFmpeg Image File Multiple Buffer Overflow Vulnerabilities
20. Linux Kernel IP ID Information Disclosure Weakness
21. Samba Machine Trust Account Local Information Disclosure Vulnerability
22. Info-ZIP UnZip File Name Buffer Overflow Vulnerability
23. OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability
24. OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability
25. Apache mod_python Module Publisher Handler Information Disclosure Vulnerability
26. PHP League Multiple Remote File Include Vulnerabilities
27. GNOME Evolution Inline XML File Attachment Buffer Overflow Vulnerability
28. F-PROT Antivirus CHM File Heap Buffer Overflow Vulnerability.
29. F-PROT Antivirus ACE Remote Denial Of Service Vulnerability
30. Sun Solaris LD.SO Multiple Local Vulnerabilities
31. OpenSSH Duplicated Block Remote Denial of Service Vulnerability
32. OpenSSH SCP Shell Command Execution Vulnerability
33. OpenSSL Insecure Protocol Negotiation Weakness
34. cURL / libcURL URL Parser Buffer Overflow Vulnerability
35. Zoo Misc.c Buffer Overflow Vulnerability
36. SquirrelMail Multiple Cross Site Scripting and Input Validation Vulnerabilities
37. ProNews Change.PHP Authentication Bypass Vulnerability
38. GNU GV Stack Buffer Overflow Vulnerability
39. GraceNote CDDBControl ActiveX Control Remote Buffer Overflow Vulnerability
40. RETIRED: AOL CDDBControl ActiveX Control Buffer Overflow Vulnerability
41. GnuPG OpenPGP Packet Processing Function Pointer Overwrite Vulnerability
42. GNU Tar GNUTYPE_NAMES Remote Directory Traversal Vulnerability
43. KDE JPEG KFile Info Plug-in EXIF Local Denial of Service Vulnerability
44. Infinite Core Technologies ICT INDEX.PHP SQL Injection Vulnerability
45. Expinion.net iNews Publisher Articles.ASP Multiple Cross Site Scripting Vulnerabilities
46. ProNews Multiple Input Validation Vulnerabilities
47. LibPNG Graphics Library PNG_SET_SPLT Remote Denial of Service Vulnerability
48. KDPics Multiple Input Validation Vulnerabilities
49. Texinfo File Handling Buffer Overflow Vulnerability
50. AnnonceScriptHP Multiple Input Validation Vulnerabilities
51. wvWare Multiple Integer Overflow Vulnerabilities
52. LibPNG Graphics Library Chunk Error Processing Buffer Overflow Vulnerability
53. Messageriescripthp Multiple Input Validation Vulnerabilities
54. GnuPG Make_Printable_String Remote Buffer Overflow Vulnerability
55. KOffice PPT Files Integer Overflow Vulnerability
56. Linux Kernel Get_FDB_Entries Buffer Overflow Vulnerability
57. MaviPortal Arama.ASP Cross-Site Scripting Vulnerability
58. Linux Kernel IPV6 Seqfile Handling Local Denial of Service Vulnerability
59. Linux Kernel S/390 Copy_From_User Local Information Disclosure Vulnerability
60. Linux Kernel ATM SkBuff Dereference Remote Denial of Service Vulnerability
61. Ã?ilem Haber Free Edition Hata.ASP Cross-Site Scripting Vulnerability
62. Linux Kernel Itanium PerfMonCTL Local Denial of Service Vulnerability
63. Clam Anti-Virus MIME Attachments Denial Of Service Vulnerability
64. Multiple Trend Micro Antivirus RAR Archive Remote Denial Of Service Vulnerability
65. PHP Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
66. JAB Guest Book HTML Injection Vulnerability
67. OpenMPT Multiple Remote Code Execution Vulnerabilities
68. CA Multiple BrightStor ARCserve Backup Discovery Service Remote Buffer Overflow Vulnerability
69. Microsoft Windows DNS Client Buffer Overrun Vulnerability
70. Mozilla Client Products Multiple Remote Vulnerabilities
71. Sophos Antivirus Multiple Denial of Service and Memory Corruption Vulnerabilities
72. Xine-Lib RuleMatches Remote Buffer Overflow Vulnerability
73. Golden FTP Server Remote Denial of Service Vulnerability
74. CMS Made Simple SearchInput Cross-Site Scripting Vulnerability
75. Linux Kernel Multiple Vulnerabilities
76. Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
77. PHPBB Toplist Multiple HTML Injection Vulnerabilities
78. MidiCart PHP Multiple Input Validation and Authenication Bypass Vulnerabilities
79. MADWiFi Linux Kernel Device Driver Multiple Remote Buffer Overflow Vulnerabilities
80. Multiple Vendor TCP/IP Implementation ICMP Remote Denial Of Service Vulnerabilities
81. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
82. CM68 News Oldnews.Inc.PHP Remote File Include Vulnerability
83. Mozilla Suite, Firefox, SeaMonkey, and Thunderbird Multiple Remote Vulnerabilities
84. Mozilla Firefox Large History File Buffer Overflow Vulnerability
85. Web Hosting Manager Multiple Cross-Site Scripting Vulnerabilities
86. CPanel BoxTrapper Manage.HTML Cross-Site Scripting Vulnerability
87. Multiple Mozilla Products IFRAME JavaScript Execution Vulnerability
88. Multiple Mozilla Products Memory Corruption/Code Injection/Access Restriction Bypass Vulnerabilities
89. JCE Admin Component for Joomla Multiple Cross Site Scripting Vulnerabilities
90. Windows Media Player ASX PlayList File Heap Overflow Vulnerability
91. L2TPNS Heartbeat Handling Denial of Service Vulnerability
92. JCE Admin Component for Joomla Multiple Local File-Include Vulnerabilities
93. ProFTPD SReplace Remote Buffer Overflow Vulnerability
94. CPanel Multiple HTML Injection Vulnerabilities
95. XMPlay Playlist Files Remote Buffer Overflow Vulnerability
96. XPDF Multiple Unspecified Vulnerabilities
97. GNUTLS LibTASN1 DER Decoding Denial of Service Vulnerabilities
98. Linksys WIP330 PhoneCtrl.exe Denial Of Service Vulnerability
99. Mozilla Multiple Products Remote Vulnerabilities
100. MailEnable IMAP Service Remote Denial of Service Vulnerability
III. SECURITYFOCUS NEWS
1. MySpace teams to create sex-offender database
2. Social sites' insecurity increasingly worrisome
3. Bot spreads through antivirus, Windows flaws
4. Viruses go virtual
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Forensics Engineer, London
2. [SJ-JOB] Security Consultant, Myrtle Beach
3. [SJ-JOB] Security Engineer, Sydney
4. [SJ-JOB] Jr. Security Analyst, Chicago
5. [SJ-JOB] Jr. Security Analyst, Atlanta
6. [SJ-JOB] Security Consultant, Bedford
7. [SJ-JOB] Penetration Engineer, London
8. [SJ-JOB] Sr. Security Engineer, Kirkland
9. [SJ-JOB] Security Consultant, Bedford
10. [SJ-JOB] Security Engineer, Mountain View
11. [SJ-JOB] Security Engineer, London
12. [SJ-JOB] Application Security Architect, Towson
13. [SJ-JOB] Quality Assurance, Cupertino
14. [SJ-JOB] Account Manager, Washington
15. [SJ-JOB] Sales Engineer, Chicago
16. [SJ-JOB] Sales Engineer, New York
17. [SJ-JOB] Management, Chicago
18. [SJ-JOB] Account Manager, Chicago
19. [SJ-JOB] Account Manager, New York
20. [SJ-JOB] Management, Detroit
21. [SJ-JOB] Management, St. Louis
22. [SJ-JOB] Management, San Jose
23. [SJ-JOB] Management, Los Angeles
24. [SJ-JOB] Application Security Architect, Hampshire
25. [SJ-JOB] Security Consultant, London & Hampshire
26. [SJ-JOB] CHECK Team Leader, Hampshire
27. [SJ-JOB] Security Engineer, London
28. [SJ-JOB] Penetration Engineer, London & Oxfordshire
29. [SJ-JOB] Account Manager, London
30. [SJ-JOB] Security Product Marketing Manager, Sunnyvale
31. [SJ-JOB] Sr. Security Analyst, Schaumburg
32. [SJ-JOB] Manager, Information Security, Scotland
33. [SJ-JOB] Security Consultant, GURGAON, DELHI, HARYANA, FARIDABAD, NOIDA
34. [SJ-JOB] Security Engineer, London
35. [SJ-JOB] Sr. Security Analyst, Schaumburg
36. [SJ-JOB] Penetration Engineer, London
37. [SJ-JOB] Security Engineer, London
38. [SJ-JOB] Sr. Security Analyst, Pretoria
39. [SJ-JOB] Sales Engineer, Remote
40. [SJ-JOB] Security Engineer, London
41. [SJ-JOB] Application Security Architect, Boston
42. [SJ-JOB] Director, Information Security, New York
43. [SJ-JOB] Manager, Information Security, Cheltenham
44. [SJ-JOB] Security Engineer, Sydney
45. [SJ-JOB] Security Consultant, London
46. [SJ-JOB] Penetration Engineer, Rishon LeTzion
V. INCIDENTS LIST SUMMARY
1. New UDP port probed (36970)
2. Thousands of attempts to port 35825 and 11090
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Meteor FTP PoC for WinXP
VII. MICROSOFT FOCUS LIST SUMMARY
1. IIS http error log entries...
2. Windows folder Sharing watch
3. SecurityFocus Microsoft Newsletter #320
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. Pandora FMS 1.2 released
2. Selecting OS for High-availability/mission-critical web portal
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Password Management Concerns with IE and Firefox, part one
By Mikhael Felker
This two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and Firefox. The article specifically addresses IE 6 and 7 and Firefox 1.5 and 2.0.
http://www.securityfocus.com/infocus/1882

2. Password Management Concerns with IE and Firefox, part two
By Mikhael Felker
This two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and Firefox. The article specifically addresses IE 6 and 7 and Firefox 1.5 and 2.0.
http://www.securityfocus.com/infocus/1883

3. Christmas Shopping: Vista Over XP?
By Federico Biancuzzi
Microsoft has announced Vista's release dates. From a security standpoint what choice should consumers take during this Christmas shopping season? Most will be faced with Windows XP only or Windows XP with Microsoft's Express Upgrade option to Vista. Federico Biancuzzi interviewed a wide range of security researchers and anti-virus folks to get some consensus on the security of Vista over Windows XP for consumers, with some advice for corporate users as well.
http://www.securityfocus.com/columnists/425


II. BUGTRAQ SUMMARY
--------------------
1. GNOME Evolution Multiple Format String Vulnerabilities
BugTraq ID: 14532
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/14532
Summary:
Evolution is affected by multiple format-string vulnerabilities.

These issues can allow remote attackers to execute arbitrary code in the context of the client.

Evolution versions 1.5 to 2.3.6.1 are affected.

2. Firebird Remote Pre-Authentication Database Name Buffer Overrun Vulnerability
BugTraq ID: 10446
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/10446
Summary:
Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names.

A remote attacker may exploit this vulnerability, without requiring valid authentication credentials, to influence the execution flow of the affected Firebird database server. Ultimately, this may lead to the execution of attacker-supplied code in the context of the affected software.

3. MailEnable IMAP Service Unspecified Remote Buffer Overflow Vulnerability
BugTraq ID: 21492
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21492
Summary:
MailEnable is prone to a buffer-overflow vulnerability in the IMAP service because the application fails to properly bounds-check unspecified user-supplied data.

This issue is reported to affect the following MailEnable versions, but other versions may also be vulnerable:

1.6-1.84 Professional Edition
1.1-1.41 Enterprise Edition
2.0-2.35 Professional Edition
2.0-2.35 Enterprise Edition

4. Amateras SNS Unspecified Cross-Site Scripting Vulnerability
BugTraq ID: 21489
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21489
Summary:
Amateras SNS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Amateras SNS 3.11 and prior versions are vulnerable to this issue.

5. Linux Kernel IBMTR.C Remote Denial of Service Vulnerability
BugTraq ID: 21490
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21490
Summary:
The Linux kernel is prone to a remote denial-of-service vulnerability.

This vulnerability resides in the 'drivers/net/tokenring/ibmtr.c' file.

Exploiting this vulnerability can allow remote attackers to crash the affected kernel, resulting in denial-of-service conditions. Attackers may also be able to execute arbitrary code, but this has not been confirmed.

Kernel versions from 2.6.0 up to and including 2.6.19 are vulnerable to this issue.

6. Ruby on Rails Routing Denial of Service Vulnerability
BugTraq ID: 19454
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/19454
Summary:
Ruby on Rails is prone to a vulnerability in its routing functionality that may result in denial-of-service or data loss issues.

Attackers may exploit this issue by issuing HTTP GET requests to predictable URIs to affected webservers.

This issue affects Ruby on Rails versions 1.1.0, 1.1.1, 1.1.2, 1.1.4, and 1.1.5.

7. Intel Network Drivers Local Privilege Escalation Vulnerability
BugTraq ID: 21456
Remote: No
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21456
Summary:
Intel LAN drivers are prone to a local privilege-escalation vulnerability because they fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can trigger this issue to corrupt memory and to execute code with kernel-level privileges.

A successful attack can result in a complete compromise of the affected computer due to privilege escalation.

All PCI, PCI-X, and PCIe Intel network adapter drivers are vulnerable.

8. Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
BugTraq ID: 20241
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/20241
Summary:
Portable OpenSSH is prone to a remote code-execution vulnerability. The issue derives from a race condition in a vulnerable signal handler.

Reportedly, under specific conditions, it is theoretically possible to execute code remotely prior to authentication when GSSAPI authentication is enabled. This has not been confirmed; the chance of a successful exploit of this nature is considered minimal.

On non-Portable OpenSSH implementations, this same race condition can be exploited to cause a pre-authentication denial of service.

This issue occurs when OpenSSH and Portable OpenSSH are configured to accept GSSAPI authentication.

9. DUDirectory Multiple SQL Injection Vulnerabilities
BugTraq ID: 21485
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21485
Summary:
DUdirectory is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in SQL queries.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

10. Net-SNMP SNMPD.Conf Tokens Security Restriction Bypass Vulnerability
BugTraq ID: 21503
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21503
Summary:
The net-snmp package is prone to a security restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations and potentially execute code.

Exploiting this vulnerability allows an attacker to obtain write access to read-only users or SNMP communities.

This issue is reported to affect version 5.3; other versions may also be vulnerable.

11. Apache Libapreq2 Quadratic Behavior Denial of Service Vulnerability
BugTraq ID: 16710
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/16710
Summary:
Libapreq2 is prone to a vulnerability that may allow attackers to trigger a denial-of-service condition.


Libapreq2 versions prior to 2.0.7 are vulnerable.

12. DIA XFIG File Import Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 17310
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/17310
Summary:
Dia is affected by multiple remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied input before copying it into insufficiently sized memory buffers.

These issues allow remote attackers to execute arbitrary machine code in the context of the user running the affected application to open attacker-supplied malicious XFig files.

13. GDB DWARF Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 19802
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/19802
Summary:
GDB is prone to multiple buffer-overflow vulnerabilities because of insufficient bounds-checking when handling DWARF and DWARF2 data.

Attackers could leverage this issue to run arbitrary code outside of a restricted environment; this may lead to privilege escalation.

14. GNU Mailman Attachment Scrubber Malformed MIME Message Denial Of Service Vulnerability
BugTraq ID: 17311
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/17311
Summary:
GNU Mailman is prone to denial-of-service attacks. This issue affects the attachment-scrubber utility.

The vulnerability could be triggered by mailing-list posts and will affect the availability of mailing lists hosted by the application.

This issue presents itself only when Mailman is used in conjunction with Python email version 2.5.

15. Microsoft December Advance Notification Multiple Vulnerabilities
BugTraq ID: 21482
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/21482
Summary:
Microsoft has released advance notification that the vendor will be releasing six security bulletins in all (five for Windows and one for Microsoft Visual Studio) on December 12, 2006. The highest severity rating for these issues is 'Critical'.

Further details about these issues are not currently available. Individual BIDs will be created for each issue; this record will be removed when the security bulletins are released.

16. Awrate Toroot Parameter Multiple Remote File Include Vulnerabilities
BugTraq ID: 21407
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/21407
Summary:
The awrate application is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.

A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

17. PHP Html_Entity_Decode() Information Disclosure Vulnerability
BugTraq ID: 17296
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/17296
Summary:
PHP 'html_entity_decode()' function is prone to an information-disclosure vulnerability. This issue arises when a script using the function accepts data from a remote untrusted source and returns the function's result to an attacker.

Information that the attacker gathers by exploiting this vulnerability may aid in other attacks.

PHP versions prior to 5.1.3-RC1 are vulnerable to this issue.

18. Microsoft Word Unspecified Remote Code Execution Vulnerability
BugTraq ID: 21451
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/21451
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker could exploit this issue by enticing a victim to open a malicious Word file. If the vulnerability is successfully exploited, this could result in the execution of arbitrary code in the context of the currently logged-in user.

This issue is being actively exploited in the wild by two trojans.

19. FFmpeg Image File Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 20009
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/20009
Summary:
FFmpeg is prone to multiple remote buffer-overflow vulnerabilities because the application using this library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

These issues allow attackers to execute arbitrary machine code within the context of the affected application.

Versions prior to 0.4.9_p20060530 are vulnerable to this issue.

20. Linux Kernel IP ID Information Disclosure Weakness
BugTraq ID: 17109
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/17109
Summary:
The Linux kernel is prone to a remote information-disclosure weakness. This issue is due to an implementation flaw of a zero 'ip_id' information-disclosure countermeasure.

This issue allows remote attackers to use affected computers in stealth network port and trust scans.

The Linux kernel 2.6 series, as well as some kernels in the 2.4 series, are affected by this weakness.

21. Samba Machine Trust Account Local Information Disclosure Vulnerability
BugTraq ID: 17314
Remote: No
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/17314
Summary:
Samba is susceptible to a local information-disclosure vulnerability. This issue is due to a design error that potentially leads to sensitive information being written to log files. This occurs when the debugging level has been set to 5 or higher.

This issue allows local attackers to gain access to the machine trust account of affected computers. Attackers may then impersonate the affected server in the domain. By impersonating the member server, attackers may gain access to further sensitive information, including the users and groups in the domain; other information may also be available. This may aid attackers in further attacks.

Samba versions 3.0.21 through to 3.0.21c that use the 'winbindd' daemon are susceptible to this issue.

22. Info-ZIP UnZip File Name Buffer Overflow Vulnerability
BugTraq ID: 15968
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/15968
Summary:
Info-ZIP 'unzip' is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

This issue allows attackers to execute arbitrary machine code in the context of users running the affected application.

23. OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability
BugTraq ID: 20249
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/20249
Summary:
OpenSSL is prone to a buffer-overflow vulnerability because the library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users.

24. OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability
BugTraq ID: 20246
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/20246
Summary:
OpenSSL is prone to a denial-of-service vulnerability.

A malicious server could cause a vulnerable client application to crash, effectively denying service.

25. Apache mod_python Module Publisher Handler Information Disclosure Vulnerability
BugTraq ID: 12519
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/12519
Summary:
The mod_python module publisher handler is prone to a remote information-disclosure vulnerability. This issue may allow remote unauthorized attackers to gain access to sensitive objects.

Information obtained through the exploitation of this issue may aid attackers in launching further attacks against an affected server.

All versions of mod_python are considered vulnerable at the moment.

26. PHP League Multiple Remote File Include Vulnerabilities
BugTraq ID: 20756
Remote: Yes
Last Updated: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/20756
Summary:
Php League is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

Version 0.81 is vulnerable to these issues; other versions may also be affected.

27. GNOME Evolution Inline XML File Attachment Buffer Overflow Vulnerability
BugTraq ID: 16408
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/16408
Summary:
GNOME Evolution email client is prone to a denial-of-service vulnerability when processing messages containing inline XML file attachments with excessively long strings.

28. F-PROT Antivirus CHM File Heap Buffer Overflow Vulnerability.
BugTraq ID: 21086
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21086
Summary:
F-PROT Antivirus is prone to a remote heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue to execute arbitrary machine code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.

This vulnerability is reported on F-PROT Antivirus versions 3.16f and 4.6.6; other versions may also be affected.

29. F-PROT Antivirus ACE Remote Denial Of Service Vulnerability
BugTraq ID: 21420
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21420
Summary:
F-PROT Antivirus is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain file types, resulting in excessive consumption of system resources.

An attacker may exploit this issue to crash the affected application, denying further service to legitimate users.

F-PROT Antivirus version 4.6.6 is vulnerable; other versions may also be affected.

30. Sun Solaris LD.SO Multiple Local Vulnerabilities
BugTraq ID: 21564
Remote: No
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21564
Summary:
Solaris 'ld.so' is prone to a local directory-traversal vulnerability and a local stack-based buffer-overflow vulnerability.

Note that each of these issues cannot be exploited singularly but can be exploited in tandem to potentially execute arbitrary code with superuser privileges. Furthermore, attackers must have access to a dynamically linked setuid-privileged executable.

31. OpenSSH Duplicated Block Remote Denial of Service Vulnerability
BugTraq ID: 20216
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20216
Summary:
OpenSSH is prone to a remote denial-of-service vulnerability because it fails to properly handle incoming duplicate blocks.

Remote attackers may exploit this issue to consume excessive CPU resources, potentially denying service to legitimate users.

This issue occurs only when OpenSSH is configured to accept SSH Version One traffic.

32. OpenSSH SCP Shell Command Execution Vulnerability
BugTraq ID: 16369
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/16369
Summary:
OpenSSH is prone to an SCP shell command-execution vulnerability because the application fails to properly sanitize user-supplied input before using it in a 'system()' function call.

This issue allows attackers to execute arbitrary shell commands with the privileges of users executing a vulnerable version of SCP.

This issue reportedly affects version 4.2 of OpenSSH. Other versions may also be affected.

33. OpenSSL Insecure Protocol Negotiation Weakness
BugTraq ID: 15071
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/15071
Summary:
OpenSSL is susceptible to a remote protocol-negotiation weakness. This issue is due to the implementation of the 'SSL_OP_MSIE_SSLV2_RSA_PADDING' option to maintain compatibility with third-party software.

This issue presents itself when two peers try to negotiate the protocol they wish to communicate with. Attackers who can intercept and modify the SSL communications may exploit this weakness to force SSL version 2 to be chosen.

The attacker may then exploit various insecurities in SSL version 2 to gain access to or tamper with the cleartext communications between the targeted client and server.

Note that the 'SSL_OP_MSIE_SSLV2_RSA_PADDING' option is enabled with the frequently used 'SSL_OP_ALL' option.

SSL peers that are configured to disallow SSL version 2 are not affected by this issue.

34. cURL / libcURL URL Parser Buffer Overflow Vulnerability
BugTraq ID: 15756
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/15756
Summary:
cURL and libcURL are prone to a buffer-overflow vulnerability. This issue is due to a failure in the library to perform proper bounds checks on user-supplied data before using it in a finite-sized buffer.

The issues occur when the URL parser function handles an excessively long URL string.

An attacker can exploit this issue to crash the affected library, effectively denying service. Arbitrary code execution may also be possible, which may facilitate a compromise of the underlying system.

35. Zoo Misc.c Buffer Overflow Vulnerability
BugTraq ID: 16790
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/16790
Summary:
Zoo is prone to a buffer-overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before using it in a finite-sized buffer.

An attacker can exploit this issue to execute arbitrary code in the context of the victim user running the affected application.

36. SquirrelMail Multiple Cross Site Scripting and Input Validation Vulnerabilities
BugTraq ID: 21414
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21414
Summary:
SquirrelMail is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

Versions prior to 1.4.9a are vulnerable.

37. ProNews Change.PHP Authentication Bypass Vulnerability
BugTraq ID: 21559
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21559
Summary:
ProNews is prone to an authentication-bypass vulnerability because the software fails to perform sufficient authentication checking.

An attacker can exploit this issue to modify data on an affected website; other attacks may also be possible.

Version 1.5 is vulnerable; other versions may also be affected.

38. GNU GV Stack Buffer Overflow Vulnerability
BugTraq ID: 20978
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20978
Summary:
GNU gv is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application. Failed attempts will likely crash the application, resulting in denial-of-service conditions.

Version 3.6.2 is reported vulnerable; other versions may also be affected.

NOTE: Various other applications may employ embedded GNU gv code and could also be vulnerable as a result.

39. GraceNote CDDBControl ActiveX Control Remote Buffer Overflow Vulnerability
BugTraq ID: 18678
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/18678
Summary:
GraceNote CDDBControl ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

Invoking the object from a malicious website or HTML email may trigger the condition. If the vulnerability were successfully exploited, this would corrupt process memory, resulting in arbitrary code execution. Arbitrary code would run in the context of the client application using the affected ActiveX control.

AOL versions 7.0 revision 4114.563, 8.0 revision 4129.230, and 9.0 Security Edition revision 4156.910 include the vulnerable software. Other versions may also be affected.

40. RETIRED: AOL CDDBControl ActiveX Control Buffer Overflow Vulnerability
BugTraq ID: 21488
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21488
Summary:
AOL CDDBControl ActiveX control is prone to a stack-based buffer-overflow vulnerability.

An attacker can invoke the object from a malicious web page to trigger the condition. If the vulnerability is successfully exploited, the attacker may be able to exploit the condition to corrupt process memory, resulting in arbitrary code execution with the privileges of the currently logged-in user. A denial-of-service condition may arise as well.

This issue affects AOL 7.0 revision 4114.563, AOL 8.0 revision 4129.230, and AOL 9.0 Security Edition revision 4156.910. Other versions may also be affected.

UPDATE: This BID is retired because it is a duplicate of the one described in BID 18678 (GraceNote CDDBControl ActiveX Control Remote Buffer Overflow Vulnerability).

41. GnuPG OpenPGP Packet Processing Function Pointer Overwrite Vulnerability
BugTraq ID: 21462
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21462
Summary:
GnuPG is prone to a vulnerability that could permit an attacker to overwrite a function pointer.

This issue occurs because of a design error when dealing with OpenPGP packets. Attackers may exploit this issue to execute arbitrary code.

Successful exploits may result in the remote compromise of computers using the vulnerable application.

42. GNU Tar GNUTYPE_NAMES Remote Directory Traversal Vulnerability
BugTraq ID: 21235
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21235
Summary:
GNU Tar is prone to a vulnerability that may allow an attacker to place files and overwrite files in arbitrary locations on a vulnerable computer. These issues present themselves when the application processes malicious archives.

A successful attack can allow the attacker to place potentially malicious files and overwrite files on a computer in the context of the user running the affected application. Successful exploits may aid in further attacks.

43. KDE JPEG KFile Info Plug-in EXIF Local Denial of Service Vulnerability
BugTraq ID: 21384
Remote: No
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21384
Summary:
The JPEG kfile-info plugin is prone to a denial-of-service vulnerability due to a parsing bug.

An attacker can exploit this issue to crash the application that invoked the plugin.

KDE versions 3.1.0 to 3.5.5 are vulnerable.

Other applications that use this plugin may also be affected.

44. Infinite Core Technologies ICT INDEX.PHP SQL Injection Vulnerability
BugTraq ID: 18644
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/18644
Summary:
Infinite Core Technologies ICT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

An attacker may be able to exploit this issue to modify the logic of SQL queries. Successful exploits may allow the attacker to compromise the software, retrieve information, or modify data; other consequences are possible as well.

The vendor refutes this issue.

45. Expinion.net iNews Publisher Articles.ASP Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 21296
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21296
Summary:
iNews Publisher is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.

Note: The vendor refutes this issue, stating that the application is not vulnerable to the specified vulnerabilities.

46. ProNews Multiple Input Validation Vulnerabilities
BugTraq ID: 21516
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21516
Summary:
ProNews is prone to multiple input-validation vulnerabilities, including multiple HTML-injection issues, an SQL-injection issue, and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input.

A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.

ProNews version 1.5 is vulnerable to these issues.

47. LibPNG Graphics Library PNG_SET_SPLT Remote Denial of Service Vulnerability
BugTraq ID: 21078
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21078
Summary:
LibPNG is reported prone to a denial-of-service vulnerability. The library fails to perform proper bounds-checking of user-supplied input, which leads to an out-of-bounds read error.

Attackers may exploit this vulnerability to crash an application that relies on the affected library.

48. KDPics Multiple Input Validation Vulnerabilities
BugTraq ID: 21515
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21515
Summary:
KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize user-supplied input.

A successful exploit may allow unauthorized users to view files, to execute arbitrary scripts within the context of the browser, and to steal cookie-based authentication credentials. Other attacks are also possible.

KDPics 1.16 and prior versions are vulnerable.

49. Texinfo File Handling Buffer Overflow Vulnerability
BugTraq ID: 20959
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20959
Summary:
Texinfo is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue allows attackers to cause the affected applications using Texinfo to crash, denying service to legitimate users. Arbitrary code execution may also be possible, but this has not been confirmed.

50. AnnonceScriptHP Multiple Input Validation Vulnerabilities
BugTraq ID: 21514
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21514
Summary:
AnnonceScriptHP is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify sensitive data, or exploit latent vulnerabilities in the underlying database implementation.

AnnonceScriptHP V2.0 is vulnerable.

51. wvWare Multiple Integer Overflow Vulnerabilities
BugTraq ID: 20761
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20761
Summary:
wvWare is prone to multiple integer-overflow vulnerability because the library fails to properly bounds-check user-supplied input.

An attacker can exploit these vulnerabilities to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will likely result in denial-of-service conditions.

wvWare 1.2.2 and prior versions are vulnerable.

52. LibPNG Graphics Library Chunk Error Processing Buffer Overflow Vulnerability
BugTraq ID: 18698
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/18698
Summary:
LibPNG is reported prone to a buffer-overflow vulnerability. The library fails to perform proper bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

This vulnerability may be exploited to execute attacker-supplied code in the context of an application that relies on the affected library.

53. Messageriescripthp Multiple Input Validation Vulnerabilities
BugTraq ID: 21513
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21513
Summary:
Messageriescripthp is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Messageriescripthp V2.0 is vulnerable to this issue.

54. GnuPG Make_Printable_String Remote Buffer Overflow Vulnerability
BugTraq ID: 21306
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21306
Summary:
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.

GnuPG versions 1.4.5 and 2.0.0 are vulnerable to this issue; previous versions may also be affected.

55. KOffice PPT Files Integer Overflow Vulnerability
BugTraq ID: 21354
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21354
Summary:
KOffice is prone to an integer-overflow vulnerability because it fails to properly validate user-supplied data.

An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause denial-of-service conditions.

KOffice versions prior to 1.6.1 are affected.

56. Linux Kernel Get_FDB_Entries Buffer Overflow Vulnerability
BugTraq ID: 21353
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21353
Summary:
The Linux kernel is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

Attackers may potentially exploit this issue to execute arbitrary code within the context of the affected kernel, but this has not been confirmed. Successfully exploiting this issue would cause the complete compromise of the affected computer.

Little information is currently known about this vulnerability. Due to the fact that the affected function is in the network-bridging code, remote attacks may be possible.

Linux kernel versions prior to 2.6.18.4 are vulnerable to this issue.

57. MaviPortal Arama.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 21512
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21512
Summary:
MaviPortal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

58. Linux Kernel IPV6 Seqfile Handling Local Denial of Service Vulnerability
BugTraq ID: 20847
Remote: No
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20847
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability. This issue is due to a design error in the way seqfiles are handled in the kernel.

This vulnerability allows local users to cause an infinite loop, resulting in a crash and denying further service to legitimate users.

This issue affects the Linux kernel 2.6 series up to 2.6.18-stable.

59. Linux Kernel S/390 Copy_From_User Local Information Disclosure Vulnerability
BugTraq ID: 20379
Remote: No
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20379
Summary:
The Linux kernel is prone to a local information-disclosure vulnerability on the S/390 architecture because the kernel fails to properly initialize kernel memory before returning it to user-space programs.

Successfully exploiting this issue allows local attackers to gain access to potentially sensitive information contained in kernel memory, aiding them in further attacks.

Linux kernel versions prior to 2.6.19-rc1 on the S/390 architecture are vulnerable to this issue.

60. Linux Kernel ATM SkBuff Dereference Remote Denial of Service Vulnerability
BugTraq ID: 20363
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20363
Summary:
The Linux kernel is prone to a remote denial-of-service vulnerability.

This issue is triggered when the kernel processes incoming ATM data.

Exploiting this vulnerability may allow remote attackers to crash the affected kernel, resulting in denial-of-service conditions.

This issue affects only systems that have ATM hardware and are configured for ATM kernel support.

Kernel versions from 2.6.0 up to and including 2.6.17 are vulnerable to this issue.

61. Ã?ilem Haber Free Edition Hata.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 21511
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21511
Summary:
Ã?ilem Haber Free Edition is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

62. Linux Kernel Itanium PerfMonCTL Local Denial of Service Vulnerability
BugTraq ID: 20361
Remote: No
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20361
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

An attacker can exploit this issue to crash the kernel, denying further service to legitimate users. It is conjectured that this issue may also be exploited to gain elevated privileges, but this has not been confirmed.

This issue is exploitable only on the Itanium architecture running Linux kernel versions prior to 2.6.18.

63. Clam Anti-Virus MIME Attachments Denial Of Service Vulnerability
BugTraq ID: 21510
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21510
Summary:
ClamAV is prone to a denial-of-service vulnerability because it fails to handle specific MIME attachments.

A successful exploit of this issue will cause the application to crash, resulting in a denial-of-service condition.

ClamAV versions prior to 0.88.4-2 are vulnerable; other versions may also be affected.

64. Multiple Trend Micro Antivirus RAR Archive Remote Denial Of Service Vulnerability
BugTraq ID: 21509
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21509
Summary:
Multiple Trend Micro antivirus applications are prone to a remote denial-of-service vulnerability because the software fails to properly handle certain file types, resulting in the excessive consumption of system resources.

An attacker may exploit this issue to crash affected computers, denying further service to users.

Trend Micro PC Cillin Internet Security 2006, Trend Micro Office Scan 7.3, and Trend Micro Server Protect 5.58 are vulnerable. Other versions may also be affected.

65. PHP Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
BugTraq ID: 21508
Remote: No
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21508
Summary:
PHP is prone to a 'safe_mode' and 'open_basedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations.

This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code; in such cases, the 'safe_mode' and 'open_basedir' restrictions are expected to isolate users from each other.

PHP version 5.2.0 is vulnerable to this issue.

66. JAB Guest Book HTML Injection Vulnerability
BugTraq ID: 21429
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21429
Summary:
JAB Guest Book is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.

67. OpenMPT Multiple Remote Code Execution Vulnerabilities
BugTraq ID: 19448
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/19448
Summary:
OpenMPT is prone to multiple remote code-execution vulnerabilities because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

These issues allow remote attackers to execute arbitrary machine code in the context of affected servers. This facilitates the remote compromise of affected computers.

These versions are affected:

- 1.17.02.43 and earlier
- SVN versions 157 and earlier.

68. CA Multiple BrightStor ARCserve Backup Discovery Service Remote Buffer Overflow Vulnerability
BugTraq ID: 21502
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21502
Summary:
Computer Associates BrightStor ARCserve Backup is affected by a remote buffer-overflow vulnerability because the application fails to perform proper bounds-checking on data supplied to the application.

A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. Failed exploit attempts may cause denial-of-service conditions. Successful exploits can lead to a complete compromise of affected computers.

This issue affects multiple BrightStor ARCserve Backup application agents and the base product.

69. Microsoft Windows DNS Client Buffer Overrun Vulnerability
BugTraq ID: 19404
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/19404
Summary:
Microsoft Windows is prone to a remotely exploitable buffer overrun condition in the DNS client.

This issue is exposed when a client handles a malicious response from a DNS server. Attackers may leverage this to execute arbitrary code and launch a complete compromise of the affected computer.

70. Mozilla Client Products Multiple Remote Vulnerabilities
BugTraq ID: 20957
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20957
Summary:
The Mozilla Foundation has released two security advisories specifying vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird.

These vulnerabilities allow attackers to:

- Crash the applications and potentially execute arbitrary machine code in the context of the vulnerable applications.
- Run arbitrary JavaScript bytecode.

Other attacks may also be possible.

The issues described here will be split into individual BIDs as more information becomes available.

These issues are fixed in:

- Mozilla Firefox version 1.5.0.8
- Mozilla Thunderbird version 1.5.0.8
- Mozilla SeaMonkey version 1.0.6

71. Sophos Antivirus Multiple Denial of Service and Memory Corruption Vulnerabilities
BugTraq ID: 20816
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/20816
Summary:
Sophos Antivirus is prone to multiple denial-of-service and memory corruption vulnerabilities.

A remote attacker may trigger these issues to deny service to legitimate users or execute arbitrary machine code in the context of the vulnerable application. This may result in a complete compromise of affected computers.

72. Xine-Lib RuleMatches Remote Buffer Overflow Vulnerability
BugTraq ID: 21435
Remote: Yes
Last Updated: 2006-12-12
Relevant URL: http://www.securityfocus.com/bid/21435
Summary:
xine-lib library running on real media is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged in user. Failed exploit attempts will result in a denial-of-service.

73. Golden FTP Server Remote Denial of Service Vulnerability
BugTraq ID: 21530
Remote: Yes
Last Updated: 2006-12-11
Relevant URL: http://www.securityfocus.com/bid/21530
Summary:
Golden FTP Server is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users.

Version 1.92 is vulnerable; other versions may also be affected.

74. CMS Made Simple SearchInput Cross-Site Scripting Vulnerability
BugTraq ID: 21527
Remote: Yes
Last Updated: 2006-12-11
Relevant URL: http://www.securityfocus.com/bid/21527
Summary:
CMS Made Simple is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

This issue affects version 0.10.2; other versions may also be vulnerable.

75. Linux Kernel Multiple Vulnerabilities
BugTraq ID: 21523
Remote: No
Last Updated: 2006-12-10
Relevant URL: http://www.securityfocus.com/bid/21523
Summary:
Linux Kernel is prone to multiple vulnerabilities that can allow local attackers to carry out various attacks, including denial-of-service attacks.

Kernel 2.6.8 and prior versions are reported affected.

76. Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
BugTraq ID: 21338
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21338
Summary:
Adobe Reader and Acrobat with AcroPDF.dll ActiveX control are prone to multiple remote code-execution vulnerabilities.

Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers.

These versions are affected:

Adobe Reader 7.0.0 to 7.0.8
Adobe Acrobat Standard 7.0.0 to 7.0.8
Adobe Acrobat Professional 7.0.0 to 7.0.8.

77. PHPBB Toplist Multiple HTML Injection Vulnerabilities
BugTraq ID: 21506
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21506
Summary:
phpBB Toplist is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data.

Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.

Version 1.3.1 is vulnerable to this issue; other versions may also be affected.

78. MidiCart PHP Multiple Input Validation and Authenication Bypass Vulnerabilities
BugTraq ID: 21500
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21500
Summary:
MidiCart PHP is prone to an input-validation vulnerability and an authentication-bypass vulnerability.

Attackers could exploit these issues to manipulate price totals calculated by the application or to upload arbitrary script code and have it execute in the context of the application. This may result in the compromise of the application; other attacks are possible.

NOTE: MidiCart ASP may also be affected.

79. MADWiFi Linux Kernel Device Driver Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 21486
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21486
Summary:
The MADWiFi device driver is prone to multiple remote stack-based buffer-overflow vulnerabilities because the software fails to do proper bounds-checking of user-supplied data before copying it to an insufficiently sized memory buffer.

These issues affect only computers with the vulnerable device driver compiled, installed, and enabled on Linux operating systems. Also, victims must be running a local application to scan available access points for the return packets.

A remote attacker may exploit these issues to cause denial-of-service conditions or to possibly execute arbitrary code in the context of the affected kernel. Successful exploits can result in a complete compromise of affected computers.

Versions of the MADWiFi device driver prior to 0.9.2.1 are vulnerable.

80. Multiple Vendor TCP/IP Implementation ICMP Remote Denial Of Service Vulnerabilities
BugTraq ID: 13124
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/13124
Summary:
Multiple vendor implementations of TCP/IP Internet Control Message Protocol (ICMP) are reported prone to several denial-of-service attacks.

ICMP is employed by network nodes to determine certain automatic actions to take based on network failures reported by an ICMP message.

Reportedly, the RFC doesn't recommend security checks for ICMP error messages. As long as an ICMP message contains a valid source and destination IP address and port pair, it will be accepted for an associated connection.

The following individual attacks are reported:

- A blind connection-reset attack. This attack takes advantage of the specification that describes that on receiving a 'hard' ICMP error, the corresponding connection should be aborted. The Mitre ID CAN-2004-0790 is assigned to this issue.

A remote attacker may exploit this issue to terminate target TCP connections and deny service for legitimate users.

- An ICMP Source Quench attack. This attack takes advantage of the specification that a host must react to receive ICMP Source Quench messages by slowing transmission on the associated connection. The Mitre ID CAN-2004-0791 is assigned to this issue.

A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users.

- An attack against ICMP PMTUD is reported to affect multiple vendors when they are configured to employ PMTUD. By sending a suitable forged ICMP message to a target host, an attacker may reduce the MTU for a given connection. The Mitre ID CAN-2004-1060 is assigned to this issue.

A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users.

**Update: Microsoft platforms are also reported prone to these issues.

81. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
BugTraq ID: 19849
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/19849
Summary:
OpenSSL is prone to a vulnerability that may allow an attacker to forge an RSA signature. The attacker may be able to forge a PKCS #1 v1.5 signature when an RSA key with exponent 3 is used.

An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key.

All versions of OpenSSL prior to and including 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.

82. CM68 News Oldnews.Inc.PHP Remote File Include Vulnerability
BugTraq ID: 21499
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21499
Summary:
CM68 News is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Version 12.02.06 is vulnerable to this issue; other versions may also be affected.

83. Mozilla Suite, Firefox, SeaMonkey, and Thunderbird Multiple Remote Vulnerabilities
BugTraq ID: 17516
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/17516
Summary:
The Mozilla Foundation has released nine security advisories specifying security vulnerabilities in Mozilla Suite, Firefox, SeaMonkey, and Thunderbird.

These vulnerabilities allow attackers to:

- execute arbitrary machine code in the context of the vulnerable application
- crash affected applications
- gain elevated privileges in JavaScript code, potentially allowing remote machine code execution
- gain access to potentially sensitive information
- bypass security checks
- spoof window contents.

Other attacks may also be possible.

The issues described here will be split into individual BIDs as the information embargo on the Mozilla Bugzilla entries is lifted and as further information becomes available. This BID will then be retired.

These issues are fixed in:
- Mozilla Firefox versions 1.0.8 and 1.5.0.2
- Mozilla Thunderbird versions 1.0.8 and 1.5.0.2
- Mozilla Suite version 1.7.13
- Mozilla SeaMonkey version 1.0.1

84. Mozilla Firefox Large History File Buffer Overflow Vulnerability
BugTraq ID: 15773
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/15773
Summary:
Mozilla Firefox is reportedly prone to a remote denial-of-service vulnerability.

This issue presents itself when the browser handles a large entry in the 'history.dat' file. An attacker may trigger this issue by enticing a user to visit a malicious website and by supplying excessive data to be stored in the affected file.

This may cause a denial-of-service condition.

**UPDATE: Proof-of-concept exploit code has been published. The author of the code attributes the crash to a buffer-overflow condition. Symantec has not reproduced the alleged flaw.

85. Web Hosting Manager Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 21498
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21498
Summary:
Web Hosting Manager is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.

An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Version 3.1.0 is vulnerable to these issue; other versions may also be affected.

Note that to exploit these issues, an attacker must have authenticated access to the affected application.

86. CPanel BoxTrapper Manage.HTML Cross-Site Scripting Vulnerability
BugTraq ID: 21497
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21497
Summary:
cPanel BoxTrapper is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

cPanel 11 is vulnerable to this issue; other versions may also be affected.

87. Multiple Mozilla Products IFRAME JavaScript Execution Vulnerability
BugTraq ID: 16770
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/16770
Summary:
Multiple Mozilla products are prone to a script-execution vulnerability.

The vulnerability presents itself when an attacker supplies a specially crafted email to a user containing malicious script code in an IFRAME and the user tries to reply to the mail. Arbitrary JavaScript can be executed even if the user has disabled JavaScript execution in the client.

The following mozilla products are vulnerable to this issue:
- Mozilla Thunderbird, versions prior to 1.5.0.2, and prior to 1.0.8
- Mozilla SeaMonkey, versions prior to 1.0.1
- Mozilla Suite, versions prior to 1.7.13

88. Multiple Mozilla Products Memory Corruption/Code Injection/Access Restriction Bypass Vulnerabilities
BugTraq ID: 16476
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/16476
Summary:
Multiple Mozilla products are prone to multiple vulnerabilities. These issues include various memory-corruption, code-injection, and access-restriction-bypass vulnerabilities. Other undisclosed issues may have also been addressed in the various updated vendor applications.

Successful exploitation of these issues may permit an attacker to execute arbitrary code in the context of the affected application. This may facilitate a compromise of the affected computer; other attacks are also possible.

89. JCE Admin Component for Joomla Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 21496
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21496
Summary:
JCE Admin Component is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.

JCE Admin 1.1.0 beta 2 and prior versions are vulnerable to these issues.

90. Windows Media Player ASX PlayList File Heap Overflow Vulnerability
BugTraq ID: 21247
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21247
Summary:
Windows Media Player is prone to a heap-overflow issue.

Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
Attackers may also be able to execute arbitrary code in the context of the application, but this has not been confirmed. This could lead to remote unauthorized access.

This issue affects Windows Media Player version 10.00.00.4036; other versions may also be affected.

91. L2TPNS Heartbeat Handling Denial of Service Vulnerability
BugTraq ID: 21443
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21443
Summary:
The l2tpns program is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied data.

Attackers can exploit this issue to crash the affected application, effectively denying service to legitimate users. Attackers may be able to exploit this issue to execute arbitrary code, but this has not been confirmed.

92. JCE Admin Component for Joomla Multiple Local File-Include Vulnerabilities
BugTraq ID: 21491
Remote: No
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21491
Summary:
JCE Admin Component for Joomla is prone to multiple local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Successful exploits may allow remote attackers to view arbitrary files and to execute local scripts in the context of the webserver process. Other attacks may also possible.

JCE Admin Component 1.1.0 beta 2 and prior versions are vulnerable.

93. ProFTPD SReplace Remote Buffer Overflow Vulnerability
BugTraq ID: 20992
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/20992
Summary:
ProFTPD is prone to an remote buffer-overflow vulnerability. This issue is due to an off-by-one error, allowing attackers to corrupt memory.

Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the server application, facilitating the compromise of affected computers.

ProFTPD versions prior to 1.3.0a are vulnerable to this issue.

Update: This BID was recently updated to state that 'CommandBufferSize' was affected by a denial-of-service issue, but according to the vendor, that directive is not vulnerable.

94. CPanel Multiple HTML Injection Vulnerabilities
BugTraq ID: 21387
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21387
Summary:
cPanel is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.

Successful exploits may allow attacker-supplied HTML and script code to execute in the context of the affected site, which may allow the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. Other attacks are also possible.

cPanel version 11 Beta is vulnerable; other versions may also be affected.

95. XMPlay Playlist Files Remote Buffer Overflow Vulnerability
BugTraq ID: 21206
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21206
Summary:
XMPlay is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data prior to loading malformed playlist files.

An attacker can exploit this issue to execute arbitrary code within the context of the application or trigger a denial-of-service condition.

XMPlay 3.3.0.4 is vulnerable to this issue; other versions may also be affected.

96. XPDF Multiple Unspecified Vulnerabilities
BugTraq ID: 16748
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/16748
Summary:
The 'xpdf' utility is reportedly prone to multiple unspecified security vulnerabilities. The cause and impact of these issues are currently unknown.

All versions of xpdf are considered vulnerable at the moment. This BID will update when more information becomes available.

97. GNUTLS LibTASN1 DER Decoding Denial of Service Vulnerabilities
BugTraq ID: 16568
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/16568
Summary:
Libtasn1 is prone to multiple denial-of-service vulnerabilities. A remote attacker can send specifically crafted data to trigger these flaws, leading to denial-of-service condition.

These issues have been addressed in Libtasn1 versions 0.2.18; earlier versions are vulnerable.

98. Linksys WIP330 PhoneCtrl.exe Denial Of Service Vulnerability
BugTraq ID: 21475
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21475
Summary:
Linksys WIP330 'PhoneCtrl.exe' is prone to a denial-of-service vulnerability when the device is full port-range scanning.

Exploiting this issue allows remote attackers to crash and reboot affected devices, denying service to legitimate users.

Linksys WIP330 firmware version 1.00.06a is affected by this issue; other versions may also be affected.

99. Mozilla Multiple Products Remote Vulnerabilities
BugTraq ID: 19181
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/19181
Summary:
The Mozilla Foundation has released thirteen security advisories specifying vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird.

These vulnerabilities allow attackers to:

- execute arbitrary machine code in the context of the vulnerable application
- crash affected applications
- run arbitrary script code with elevated privileges
- gain access to potentially sensitive information
- carry out cross-domain scripting attacks.

Other attacks may also be possible.

The issues described here will be split into individual BIDs as more information becomes available.

These issues are fixed in:

- Mozilla Firefox version 1.5.0.5
- Mozilla Thunderbird version 1.5.0.5
- Mozilla SeaMonkey version 1.0.3

100. MailEnable IMAP Service Remote Denial of Service Vulnerability
BugTraq ID: 21493
Remote: Yes
Last Updated: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21493
Summary:
MailEnable is prone to a remote denial-of-service vulnerability.

This issue affects the IMAP service and allows remote attackers to crash the application, denying further service to legitimate users.

The following versions are vulnerable:

1.6-1.83 Professional Edition
1.1-1.40 Enterprise Edition
2.0-2.34 Professional Edition
2.0-2.34 Enterprise Edition

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. MySpace teams to create sex-offender database
By: Robert Lemos
The social networking site has paired up with an ID verification firm to build a national database of convicted sex offenders, a technology the service hopes will enable it to keep predators out of its community.
http://www.securityfocus.com/news/11428

2. Social sites' insecurity increasingly worrisome
By: Robert Lemos
Security issues at MySpace and other sites have raised fears over protecting users against Trojan horse programs masquerading as user-created content.
http://www.securityfocus.com/news/11427

3. Bot spreads through antivirus, Windows flaws
By: Robert Lemos
University campuses are dealing with a spate of infections caused by a bot program that compromises computers running unpatched versions of Windows and an older version of Symantec's antivirus software.
http://www.securityfocus.com/news/11426

4. Viruses go virtual
By: Robert Lemos
Online worlds--from Second Life to the World of Warcraft--pave the way to a virtual future, replete with tailored viruses and digital diseases.
http://www.securityfocus.com/news/11425

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Forensics Engineer, London
http://www.securityfocus.com/archive/77/454206

2. [SJ-JOB] Security Consultant, Myrtle Beach
http://www.securityfocus.com/archive/77/454208

3. [SJ-JOB] Security Engineer, Sydney
http://www.securityfocus.com/archive/77/454209

4. [SJ-JOB] Jr. Security Analyst, Chicago
http://www.securityfocus.com/archive/77/454207

5. [SJ-JOB] Jr. Security Analyst, Atlanta
http://www.securityfocus.com/archive/77/454212

6. [SJ-JOB] Security Consultant, Bedford
http://www.securityfocus.com/archive/77/454177

7. [SJ-JOB] Penetration Engineer, London
http://www.securityfocus.com/archive/77/454179

8. [SJ-JOB] Sr. Security Engineer, Kirkland
http://www.securityfocus.com/archive/77/454168

9. [SJ-JOB] Security Consultant, Bedford
http://www.securityfocus.com/archive/77/454169

10. [SJ-JOB] Security Engineer, Mountain View
http://www.securityfocus.com/archive/77/454178

11. [SJ-JOB] Security Engineer, London
http://www.securityfocus.com/archive/77/454161

12. [SJ-JOB] Application Security Architect, Towson
http://www.securityfocus.com/archive/77/454162

13. [SJ-JOB] Quality Assurance, Cupertino
http://www.securityfocus.com/archive/77/454163

14. [SJ-JOB] Account Manager, Washington
http://www.securityfocus.com/archive/77/454091

15. [SJ-JOB] Sales Engineer, Chicago
http://www.securityfocus.com/archive/77/454099

16. [SJ-JOB] Sales Engineer, New York
http://www.securityfocus.com/archive/77/454100

17. [SJ-JOB] Management, Chicago
http://www.securityfocus.com/archive/77/454090

18. [SJ-JOB] Account Manager, Chicago
http://www.securityfocus.com/archive/77/454092

19. [SJ-JOB] Account Manager, New York
http://www.securityfocus.com/archive/77/454115

20. [SJ-JOB] Management, Detroit
http://www.securityfocus.com/archive/77/454038

21. [SJ-JOB] Management, St. Louis
http://www.securityfocus.com/archive/77/454039

22. [SJ-JOB] Management, San Jose
http://www.securityfocus.com/archive/77/454036

23. [SJ-JOB] Management, Los Angeles
http://www.securityfocus.com/archive/77/454037

24. [SJ-JOB] Application Security Architect, Hampshire
http://www.securityfocus.com/archive/77/453926

25. [SJ-JOB] Security Consultant, London & Hampshire
http://www.securityfocus.com/archive/77/453943

26. [SJ-JOB] CHECK Team Leader, Hampshire
http://www.securityfocus.com/archive/77/453925

27. [SJ-JOB] Security Engineer, London
http://www.securityfocus.com/archive/77/453928

28. [SJ-JOB] Penetration Engineer, London & Oxfordshire
http://www.securityfocus.com/archive/77/453929

29. [SJ-JOB] Account Manager, London
http://www.securityfocus.com/archive/77/453924

30. [SJ-JOB] Security Product Marketing Manager, Sunnyvale
http://www.securityfocus.com/archive/77/453891

31. [SJ-JOB] Sr. Security Analyst, Schaumburg
http://www.securityfocus.com/archive/77/453892

32. [SJ-JOB] Manager, Information Security, Scotland
http://www.securityfocus.com/archive/77/453893

33. [SJ-JOB] Security Consultant, GURGAON, DELHI, HARYANA, FARIDABAD, NOIDA
http://www.securityfocus.com/archive/77/453899

34. [SJ-JOB] Security Engineer, London
http://www.securityfocus.com/archive/77/453894

35. [SJ-JOB] Sr. Security Analyst, Schaumburg
http://www.securityfocus.com/archive/77/453896

36. [SJ-JOB] Penetration Engineer, London
http://www.securityfocus.com/archive/77/453751

37. [SJ-JOB] Security Engineer, London
http://www.securityfocus.com/archive/77/453750

38. [SJ-JOB] Sr. Security Analyst, Pretoria
http://www.securityfocus.com/archive/77/453752

39. [SJ-JOB] Sales Engineer, Remote
http://www.securityfocus.com/archive/77/453753

40. [SJ-JOB] Security Engineer, London
http://www.securityfocus.com/archive/77/453749

41. [SJ-JOB] Application Security Architect, Boston
http://www.securityfocus.com/archive/77/453721

42. [SJ-JOB] Director, Information Security, New York
http://www.securityfocus.com/archive/77/453661

43. [SJ-JOB] Manager, Information Security, Cheltenham
http://www.securityfocus.com/archive/77/453658

44. [SJ-JOB] Security Engineer, Sydney
http://www.securityfocus.com/archive/77/453659

45. [SJ-JOB] Security Consultant, London
http://www.securityfocus.com/archive/77/453660

46. [SJ-JOB] Penetration Engineer, Rishon LeTzion
http://www.securityfocus.com/archive/77/453662

V. INCIDENTS LIST SUMMARY
---------------------------
1. New UDP port probed (36970)
http://www.securityfocus.com/archive/75/453979

2. Thousands of attempts to port 35825 and 11090
http://www.securityfocus.com/archive/75/453547

VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Meteor FTP PoC for WinXP
http://www.securityfocus.com/archive/82/454056

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. IIS http error log entries...
http://www.securityfocus.com/archive/88/454160

2. Windows folder Sharing watch
http://www.securityfocus.com/archive/88/454132

3. SecurityFocus Microsoft Newsletter #320
http://www.securityfocus.com/archive/88/453645

VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. Pandora FMS 1.2 released
http://www.securityfocus.com/archive/91/454078

2. Selecting OS for High-availability/mission-critical web portal
http://www.securityfocus.com/archive/91/453320

X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!"- White Paper
Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=70160000000CehF

No comments:

Blog Archive