News

Loading...

Wednesday, March 14, 2007

SecurityFocus Newsletter #392

SecurityFocus Newsletter #392
----------------------------------------

This Issue is Sponsored by: SPI Dynamics

As web applications become increasingly complex, tremendous amounts of sensitive data - personal, medical and financial - are exchanged, and stored. Consumers expect and demand security ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper
Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000Cjrj


------------------------------------------------------------------
I. FRONT AND CENTER
1. Blanket Discovery for Stolen Laptops
2. Notes On Vista Forensics, Part One
II. BUGTRAQ SUMMARY
1. PHP ZendEngine Variable Destruction Remote Denial of Service Vulnerability
2. SpamAssassin Long URI Handling Remote Denial of Service Vulnerability
3. News File Grabber Subject Line Stack Buffer Overflow Vulnerability
4. GnuPG Parse_User_ID Remote Buffer Overflow Vulnerability
5. GnuPG Parse_Comment Remote Buffer Overflow Vulnerability
6. GnuPG OpenPGP Packet Processing Function Pointer Overwrite Vulnerability
7. GnuPG Make_Printable_String Remote Buffer Overflow Vulnerability
8. KTorrent Multiple Remote Vulnerabilities
9. Adobe JRun Unspecified Denial Of Service Vulnerability
10. PHP Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
11. WebCreator Multiple Remote File Include Vulnerabilities
12. McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities
13. CARE2X Multiple Remote File Include Vulnerabilities
14. JGBBS Search.ASP SQL injection Vulnerability
15. MySQL Commander Remote File Include Vulnerability
16. Microsoft Windows WinMM.DLL WAV Files Remote Denial of Service Vulnerability
17. XML-RPC for PHP Remote Code Injection Vulnerability
18. Linux Kernel Subthread Exec Local Denial Of Service Vulnerability
19. Microsoft Windows GDI Kernel Local Privilege Escalation Vulnerability
20. AssetMan PDF_File Parameter Directory Traversal Vulnerability
21. PHP ZVAL Reference Counter Integer Overflow Vulnerability
22. AstroCam Remote Denial Of Service Vulnerability
23. PHP EXT/Filter Function Remote Buffer Overflow Vulnerability
24. SpamAssassin Malformed Email Header Remote Denial Of Service Vulnerability
25. Asterisk SIP Channel Driver Remote Denial of Service Vulnerability
26. ClipShare ADODB-Connection.Inc.PHP Remote File Include Vulnerability
27. PostgreSQL Information Disclosure and Denial of Service Vulnerabilities
28. Wireshark Multiple Protocol Denial of Service Vulnerabilities
29. Samba Deferred CIFS File Open Denial of Service Vulnerability
30. ISC BIND Remote Fetch Context Denial of Service Vulnerability
31. ISC BIND Remote DNSSEC Validation Denial of Service Vulnerability
32. Samba Server VFS Plugin AFSACL.SO Remote Format String Vulnerability
33. Squid Proxy ACL Queue Overload Remote Denial of Service Vulnerability
34. WarFTP Username Stack-Based Buffer-Overflow Vulnerability
35. Squid Proxy FTP URI Remote Denial of Service Vulnerability
36. GD Graphics Library Remote Integer Overflow Vulnerability
37. GD Graphics Library Multiple Unspecified Remote Buffer overflow Vulnerabilities
38. GD Graphics Library JIS-Encoded Font Buffer Overflow Vulnerability
39. OpenBSD ICMPV6 Packet Handling Remote Buffer Overflow Vulnerability
40. Blojsom Cross-Site Scripting Vulnerability
41. Todd Miller Sudo Local Privilege Escalation Vulnerability
42. Adobe ColdFusion Multiple Input Validation Vulnerabilities
43. Apple Mac OS X QuickDraw GetSrcBits32ARGB Remote Memory Corruption Vulnerability
44. KSirc IRC Client Remote PRIVMSG Denial of Service Vulnerability
45. Apple Mac OS X QuickDraw InternalUnpackBits Remote Memory Corruption Vulnerability
46. Mozilla Thunderbird/SeaMonkey/Firefox Multiple Remote Vulnerabilities
47. OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
48. Apple Mac OS X FPathConf System Call Local Denial of Service Vulnerability
49. Apple Mac OS X Multiple Applications Multiple Vulnerabilities
50. Apple Mac OS X ImageIO GIF Image Integer Overflow Vulnerability
51. GNU Tar GNUTYPE_NAMES Remote Directory Traversal Vulnerability
52. Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
53. Adobe Flash Player Plugin HTTP Header Injection Weakness
54. OpenSSH Duplicated Block Remote Denial of Service Vulnerability
55. GNU Tar Invalid Headers Buffer Overflow Vulnerability
56. OpenSSH SCP Shell Command Execution Vulnerability
57. Apple Mac OS X DMG UFS UFS_LookUp Denial Of Service Vulnerability
58. Apple Mac OS X UDTO Disk Image Remote Denial of Service Vulnerability
59. Apple Mac OS X DMG UFS FFS_MountFS Integer Overflow Vulnerability
60. Silc Server New Channel Remote Denial Of Service Vulnerability
61. Amarok Magnature Shell Command Injection Vulnerability
62. GnuPG Signed Message Arbitrary Content Injection Weakness
63. Mozilla Firefox Location.Hostname Dom Property Cookie Theft Vulnerability
64. Mozilla Firefox Popup Blocker Cross Zone Security Bypass Weakness
65. Mozilla Firefox 2 Password Manager Cross-Site Information Disclosure Weakness
66. Apple Mac OS X AppleTalk _ATPsndrsp Function Remote Heap Overflow Vulnerability
67. Apple Mac OS X UDIF Disk Image Remote Denial Of Service Vulnerability
68. Apple Mac OS X AppleTalk Local Memory Corruption Vulnerability
69. MySQL Server Date_Format Denial Of Service Vulnerability
70. MySQL Privilege Elevation and Security Bypass Vulnerabilities
71. MySQL MERGE Privilege Revoke Bypass Vulnerability
72. MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
73. MySQL Mysql_real_escape Function SQL Injection Vulnerability
74. MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
75. Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
76. Apple Mac OS X Mach-O Binary Loading Integer Overflow Vulnerability
77. Mozilla Firefox OnUnload Memory Corruption Vulnerability
78. Apple iLife iPhoto PhotoCast XML Remote Format String Vulnerability
79. Linux Kernel Netfilter NFNetLink_Log Multiple NULL Pointer Dereference Vulnerabilities
80. NetBSD Kernel Unspecified Local Buffer Overflow Vulnerability
81. Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
82. Apache HTTP Server Tomcat Directory Traversal Vulnerability
83. PHProjekt Multiple Cross Site Scripting Vulnerabilities
84. PHProjekt Arbitrary File Upload Vulnerability
85. PHProjekt Multiple SQL Injection Vulnerabilities
86. Apple Software Update Format String Vulnerability
87. Weekly Drawing Contest Contest.PHP Remote Authentication Bypass Vulnerability
88. Weekly Drawing Contest Check_Vote.PHP Local File Include Vulnerability
89. X-Ice News System DevAMI.ASP SQL Injection Vulnerability
90. Xine DirectShow Loader Remote Buffer Overflow Vulnerability
91. Linux Kernel IPV6_Getsockopt_Sticky Memory Leak Information Disclosure Vulnerability
92. Unrarlib URarLib_Get Function Buffer Overflow Vulnerability
93. NewsBin Pro Long File Name Buffer Overflow Vulnerability
94. Mozilla Thunderbird/Seamonkey Rich Text Integer Overflow Vulnerability
95. Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
96. News Reactor Long File Name Buffer Overflow Vulnerability
97. RETIRED: Moodle Filter.PHP Remote File Include Vulnerability
98. PennMUSH Multiple Command Denial Of Service Vulnerabilities
99. Open Educational System Multiple Remote File Include Vulnerabilities
100. News Rover Subject Line Stack Buffer Overflow Vulnerability
III. SECURITYFOCUS NEWS
1. Tor hack proposed to catch criminals
2. Stormy weather for malware defenses
3. Maynor reveals missing Apple flaws
4. Legal threats scuttle RFID flaw demo
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Security Consultant, Merseyside
2. [SJ-JOB] Application Security Engineer, Cleveland
3. [SJ-JOB] VP / Dir / Mgr engineering, New York
4. [SJ-JOB] Security Auditor, New York
5. [SJ-JOB] Security Consultant, Calgary
6. [SJ-JOB] Director, Information Security, New York
7. [SJ-JOB] Security Architect, Leawood
8. [SJ-JOB] Security Consultant, Hyderabad
9. [SJ-JOB] Sr. Security Engineer, Hyderabad
10. [SJ-JOB] Security Engineer, Los Angeles
11. [SJ-JOB] Sr. Security Analyst, Indianapolis
12. [SJ-JOB] Security Architect, Bellevue
13. [SJ-JOB] Security Architect, Atlanta
14. [SJ-JOB] Security Architect, Charlotte
15. [SJ-JOB] Security Architect, Houston
16. [SJ-JOB] Technical Support Engineer, Wokingham
17. [SJ-JOB] Security Architect, Framingham
18. [SJ-JOB] Security Architect, Lisle
19. [SJ-JOB] Security Architect, Framingham
20. [SJ-JOB] Security Architect, San Francisco
21. [SJ-JOB] Security Architect, Princeton
22. [SJ-JOB] Security Architect, Prague
23. [SJ-JOB] Security Engineer, Prague
24. [SJ-JOB] Security Engineer, Lovendegem
25. [SJ-JOB] Forensics Engineer, Lovendegem
26. [SJ-JOB] Security Auditor, Lovendegem
27. [SJ-JOB] Security Consultant, Lovendegem
28. [SJ-JOB] Account Manager, Lovendegem
29. [SJ-JOB] Sales Representative, Washington
30. [SJ-JOB] CHECK Team Leader, Hyderabad
31. [SJ-JOB] Security Researcher, San Francisco
32. [SJ-JOB] Security Researcher, San Jose
33. [SJ-JOB] Security Engineer, Amsterdam
34. [SJ-JOB] Security Engineer, Cleveland
35. [SJ-JOB] Application Security Architect, New York
36. [SJ-JOB] Sr. Security Engineer, St. Louis
37. [SJ-JOB] Security Architect, St. Louis
38. [SJ-JOB] Security Consultant, Anywhere
39. [SJ-JOB] Security Consultant, Virtual
40. [SJ-JOB] Software Engineer, Milpitas
41. [SJ-JOB] Manager, Information Security, Milpitas
42. [SJ-JOB] Security Researcher, Redmond
43. [SJ-JOB] Developer, Redmond
44. [SJ-JOB] Security Director, New York
45. [SJ-JOB] Technical Writer, Idaho Falls
46. [SJ-JOB] Sr. Security Analyst, Westlake Village
47. [SJ-JOB] Sr. Security Analyst, Long Island
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007
2. MS07-016 FTP Response DOS PoC
3. SyScan'07 - Call for Paper - NEW UPDATES
4. Black Hat USA CFP Now Open!
VII. MICROSOFT FOCUS LIST SUMMARY
VIII. SUN FOCUS LIST SUMMARY
1. Dealing with BSM Audit Logs
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Blanket Discovery for Stolen Laptops
By Mark Rasch
Mark Rasch discusses the legal issues behind the discovery and recovery of stolen laptops that use LoJack-style homing devices to announce their location, and the location of the thieves, anywhere in the world.
http://www.securityfocus.com/columnists/438

2. Notes On Vista Forensics, Part One
By Jamie Morris
This article, the first in a two-part series, takes a high level look at what we know now about those changes in Windows Vista which seem likely to have the most impact on computer forensic investigations, starting with the built-in encryption, backup, and system protection features.
http://www.securityfocus.com/infocus/1889


II. BUGTRAQ SUMMARY
--------------------
1. PHP ZendEngine Variable Destruction Remote Denial of Service Vulnerability
BugTraq ID: 22764
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22764
Summary:
PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input.

An attacker who can run PHP code on a vulnerable computer may exploit this vulnerability to crash PHP and the webserver, denying service to legitimate users.

This issue affects all versions of PHP.

2. SpamAssassin Long URI Handling Remote Denial of Service Vulnerability
BugTraq ID: 22584
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22584
Summary:
SpamAssassin is prone to a remote denial-of-service vulnerability.

This issue arises when the application handles excessively long URIs.

SpamAssassin versions prior to 3.1.8 are vulnerable to this issue.

3. News File Grabber Subject Line Stack Buffer Overflow Vulnerability
BugTraq ID: 22617
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22617
Summary:
News File Grabber is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of the affected application.

This issue affects version 4.1.0.1; other versions may also be affected.

4. GnuPG Parse_User_ID Remote Buffer Overflow Vulnerability
BugTraq ID: 18554
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/18554
Summary:
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.

GnuPG versions 1.4.3 and 1.9.20 are vulnerable to this issue; previous versions may also be affected.

5. GnuPG Parse_Comment Remote Buffer Overflow Vulnerability
BugTraq ID: 19110
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/19110
Summary:
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.

GnuPG version 1.4.4 is vulnerable to this issue; previous versions may also be affected.

6. GnuPG OpenPGP Packet Processing Function Pointer Overwrite Vulnerability
BugTraq ID: 21462
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/21462
Summary:
GnuPG is prone to a vulnerability that could permit an attacker to overwrite a function pointer.

This issue occurs because of a design error when dealing with OpenPGP packets. Attackers may exploit this issue to execute arbitrary code.

Successful exploits may result in the remote compromise of computers using the vulnerable application.

7. GnuPG Make_Printable_String Remote Buffer Overflow Vulnerability
BugTraq ID: 21306
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/21306
Summary:
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.

GnuPG versions 1.4.5 and 2.0.0 are vulnerable to this issue; previous versions may also be affected.

8. KTorrent Multiple Remote Vulnerabilities
BugTraq ID: 22930
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22930
Summary:
KTorrent is prone to multiple remote vulnerabilities, including a directory-traversal vulnerability and an unspecified vulnerability when processing messages with invalid chunk indexes.

Very little information is known about one of these issues. This BID will be updated as soon as more information becomes available.

An attacker can exploit the directory-traversal issue to overwrite arbitrary files on the user's system. Presumably, the unspecified vulnerability when processing messages with invalid chunk indexes will allow attackers to execute arbitrary code or to cause a denial of service, but this has not been confirmed.

Versions prior to 2.1.2 are vulnerable to these issues.

9. Adobe JRun Unspecified Denial Of Service Vulnerability
BugTraq ID: 22958
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22958
Summary:
Adobe JRun is prone to a denial-of-service vulnerability. This issue occurs because the application fails to handle exceptional conditions.

An attacker can exploit this issue to crash the affected application, denying service to legitimate to legitimate users.

This issue affects Microsoft IIS 6 installations running JRun 4 Updater 6.

10. PHP Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
BugTraq ID: 22954
Remote: No
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22954
Summary:
PHP is prone to multiple 'safe_mode' and 'open_basedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations.

These vulnerabilities would be issues in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code; in such cases, the 'safe_mode' and 'open_basedir' restrictions are expected to isolate users from each other.

PHP versions 5.2.1 and prior are vulnerable to these issues.

11. WebCreator Multiple Remote File Include Vulnerabilities
BugTraq ID: 22953
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22953
Summary:
WebCreator is prone to multiple remote file-include vulnerabilities.

An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

WebCreator versions 0.2.6-rc3 and prior are vulnerable to these issues.

12. McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities
BugTraq ID: 22952
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22952
Summary:
The SiteManager.DLL ActiveX control shipped with McAfee EPolicy Orchestrator is prone to multiple buffer-overflow vulnerabilities. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

Various versions of McAfee EPolicy Orchestrator and ProtectionPilot are vulnerable to these issues.

13. CARE2X Multiple Remote File Include Vulnerabilities
BugTraq ID: 22951
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22951
Summary:
CARE2X is prone to multiple remote file-include vulnerabilities.

An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

Version 1.1 is vulnerable to these issues.

14. JGBBS Search.ASP SQL injection Vulnerability
BugTraq ID: 22943
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22943
Summary:
JGBBS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

Exploiting this vulnerability could permit remote attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks.

JGBBS version 3.0 beta 1 is affected by this issue.

15. MySQL Commander Remote File Include Vulnerability
BugTraq ID: 22941
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22941
Summary:
MySQL Commander is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects MySQL Commander 2.7 and prior versions.

16. Microsoft Windows WinMM.DLL WAV Files Remote Denial of Service Vulnerability
BugTraq ID: 22938
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22938
Summary:
Microsoft Windows is prone to a denial-of-service vulnerability.

A remote attacker may exploit this vulnerability by presenting a malicious WAV file to a victim user.

Successful exploits will result in excessive CPU consumption, effectively denying service.

Specific information regarding affected versions of Microsoft Windows is currently unavailable. This BID will be updated as more information is disclosed.

17. XML-RPC for PHP Remote Code Injection Vulnerability
BugTraq ID: 14088
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/14088
Summary:
XML-RPC for PHP is affected by a remote code-injection vulnerability.

An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access.

XML-RPC for PHP 1.1 and prior versions are affected by this issue. Other applications using this library are also affected.

18. Linux Kernel Subthread Exec Local Denial Of Service Vulnerability
BugTraq ID: 14054
Remote: No
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/14054
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability that occurs when a call to 'exec()' is made for a subthread that has a timer pending.

A local attacker may exploit this issue to crash the kernel, effectively denying service for legitimate users.

19. Microsoft Windows GDI Kernel Local Privilege Escalation Vulnerability
BugTraq ID: 20940
Remote: No
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/20940
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability because data structures mapped by the GDI Kernel can be re-mapped as read-write by other processes.

An attacker could exploit this issue to execute arbitrary machine code with SYSTEM-level privileges. A successful exploit could result in the complete compromise of the affected computer. Failed attempts could cause denial-of-service conditions.

20. AssetMan PDF_File Parameter Directory Traversal Vulnerability
BugTraq ID: 22921
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/22921
Summary:
AssetMan is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve the contents of arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.

AssetMan 2.4a and prior versions are vulnerable to this issue.

21. PHP ZVAL Reference Counter Integer Overflow Vulnerability
BugTraq ID: 22765
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/22765
Summary:
PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values are not overrun.

A local attacker can exploit this vulnerability to execute arbitrary PHP scripts within the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

Note: According to 'MOPB-04-2007:PHP 4 unserialize() ZVAL Reference Counter Overflow', this issue may be remotely triggered in PHP 4.4.4 environments because many legacy PHP applications still use 'unserialize()' on user-supplied data. 'Unserialize()' uses the '__wakeup()' method of deserialized objects in an unsafe manner that may lead to remote arbitrary code execution. This BID has been changed to reflect the possibility of remote exploitation in PHP 4.4.4 environments.

22. AstroCam Remote Denial Of Service Vulnerability
BugTraq ID: 22924
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/22924
Summary:
AstroCam is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to shut down the process through the web interface, denying access to legitimate users.

Versions prior to 2.6.6 are vulnerable.

23. PHP EXT/Filter Function Remote Buffer Overflow Vulnerability
BugTraq ID: 22922
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/22922
Summary:
PHP is prone to a remote buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers.

An attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.

PHP 5.2.0 is reported vulnerable; other versions may also be affected.

This issue was originally reported as an unspecified vulnerability in BID 22496 (PHP Version 5.2.0 and Prior Multiple Vulnerabilities). Due to the availability of more details, this issue is being assigned a new BID.

24. SpamAssassin Malformed Email Header Remote Denial Of Service Vulnerability
BugTraq ID: 13978
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/13978
Summary:
SpamAssassin is prone to a remote denial-of-service vulnerability because the application fails to properly handle overly long email headers.

Further details regarding this vulnerability are currently not available. This BID will be updated as more information is disclosed.

An attacker may cause SpamAssassin to take inordinate amounts of time to check a specially crafted email message. By sending many malicious messages, the attacker may be able to cause extremely large delays in email delivery, denying service to legitimate users.

25. Asterisk SIP Channel Driver Remote Denial of Service Vulnerability
BugTraq ID: 22838
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/22838
Summary:
Asterisk is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users.

Asterisk versions prior to 1.2.16 and 1.4.1 are vulnerable to this issue.

26. ClipShare ADODB-Connection.Inc.PHP Remote File Include Vulnerability
BugTraq ID: 22928
Remote: Yes
Last Updated: 2007-03-12
Relevant URL: http://www.securityfocus.com/bid/22928
Summary:
ClipShare is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects version 1.5.3; other versions may also be vulnerable.

27. PostgreSQL Information Disclosure and Denial of Service Vulnerabilities
BugTraq ID: 22387
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22387
Summary:
PostgreSQL is prone to information-disclosure and denial-of-service vulnerabilities; fixes are available.

An attacker can exploit these vulnerabilities to cause the backend database to crash and reveal sensitive information. This may lead to other attacks.

These issues affect versions 8.0, 8.1, and 8.2. The second issue described also affects version 7.3 and 7.4.

28. Wireshark Multiple Protocol Denial of Service Vulnerabilities
BugTraq ID: 22352
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22352
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issues may permit attackers to cause crashes and deny service to legitimate users of the application.

Wireshark versions prior to 0.99.5 are affected.

29. Samba Deferred CIFS File Open Denial of Service Vulnerability
BugTraq ID: 22395
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22395
Summary:
The smbd daemon is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to consume excessive memory resources, ultimately crashing the affected application.

This issue affects Samba versions 3.0.6 through 3.0.23d, inclusive.

30. ISC BIND Remote Fetch Context Denial of Service Vulnerability
BugTraq ID: 22229
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22229
Summary:
ISC BIND is prone to a remote denial-of-service vulnerability because the application fails to properly handle unexpected DNS requests.

Successfully exploiting this issue allows remote attackers to crash affected DNS servers, denying further service to legitimate users.

31. ISC BIND Remote DNSSEC Validation Denial of Service Vulnerability
BugTraq ID: 22231
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22231
Summary:
ISC BIND is prone to a remote denial-of-service vulnerability because the application fails to properly handle malformed DNSSEC validation requests.

Successfully exploiting this issue allows remote attackers to crash affected DNS servers, denying further service to legitimate users.

32. Samba Server VFS Plugin AFSACL.SO Remote Format String Vulnerability
BugTraq ID: 22403
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22403
Summary:
Samba is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of users running the affected application. This facilitates the remote compromise of affected computers.

Samba versions 3.06 to 3.0.23d are vulnerable.

33. Squid Proxy ACL Queue Overload Remote Denial of Service Vulnerability
BugTraq ID: 22203
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22203
Summary:
Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to handle excessive data.

Successfully exploiting this issue allows remote attackers to crash affected proxy applications, denying further service to legitimate users.

34. WarFTP Username Stack-Based Buffer-Overflow Vulnerability
BugTraq ID: 22944
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22944
Summary:
WarFTP is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

Exploiting this issue could lead to denial-of-service conditions and to the execution of arbitrary machine code in the context of the application.

Version 1.65 is vulnerable; other versions may also be affected.

35. Squid Proxy FTP URI Remote Denial of Service Vulnerability
BugTraq ID: 22079
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22079
Summary:
Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests.

Successfully exploiting this issue allows remote attackers to crash affected proxy applications, denying futher service to legitimate users.

Squid versions from 2.5.STABLE11 to 2.6.STABLE6 are vulnerable to this issue.

36. GD Graphics Library Remote Integer Overflow Vulnerability
BugTraq ID: 11523
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/11523
Summary:
The GD Graphics Library (gdlib) is affected by an integer overflow that facilitates a heap overflow. This issue is due to the library's failure to do proper sanity checking on size values contained within image-format files.

An attacker may leverage this issue to manipulate process heap memory, potentially leading to code execution and compromise of the computer running the affected library.

37. GD Graphics Library Multiple Unspecified Remote Buffer overflow Vulnerabilities
BugTraq ID: 11663
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/11663
Summary:
Multiple unspecified remote buffer-overflow vulnerabilities have been identified in the GD Graphics Library. These issues are due to the library's failure to do sufficient bounds-checking before processing user-specified strings.

An attacker may leverage these issues to remotely execute arbitrary code on a computer with the privileges of a user that views a malicious image file. This may facilitate unauthorized access or privilege escalation.

38. GD Graphics Library JIS-Encoded Font Buffer Overflow Vulnerability
BugTraq ID: 22289
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22289
Summary:
The GD graphics library is prone to a buffer-overflow vulnerability.

An attacker can exploit this issue to cause denial-of-service conditions in applications implementing the affected library. Arbitrary code execution may also be possible; this has not been confirmed.

39. OpenBSD ICMPV6 Packet Handling Remote Buffer Overflow Vulnerability
BugTraq ID: 22901
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22901
Summary:
OpenBSD is prone to a remote buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

A remote attacker can exploit this issue to execute arbitrary code with kernel-level privileges or to crash the affected computer. Successful exploits will result in a complete compromise of vulnerable computers or cause denial-of-service conditions.

40. Blojsom Cross-Site Scripting Vulnerability
BugTraq ID: 20026
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/20026
Summary:
Blojsom is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

41. Todd Miller Sudo Local Privilege Escalation Vulnerability
BugTraq ID: 15191
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/15191
Summary:
Sudo is prone to a local privilege-escalation vulnerability.

The vulnerability presents itself because the application fails to properly sanitize malicious data supplied through environment variables.

A successful attack may result in a complete compromise.

42. Adobe ColdFusion Multiple Input Validation Vulnerabilities
BugTraq ID: 21532
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21532
Summary:
Adobe ColdFusion is prone to multiple input-validation vulnerabilities, including two information-disclosure issues and one cross-site scripting issue.

An attacker can exploit these issues to gain sensitive information, including cookie-based authentication credentials, which can aid in further attacks.

Adobe ColdFusion MX7 is vulnerable; MX6 may also be affected.

43. Apple Mac OS X QuickDraw GetSrcBits32ARGB Remote Memory Corruption Vulnerability
BugTraq ID: 22207
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22207
Summary:
Mac OS X QuickDraw is prone to a remote memory-corruption vulnerability because the software fails to properly handle malformed PICT image files.

Successfully exploiting this issue allows remote attackers to corrupt memory and crash the affected software. Attackers may also be able to execute arbitrary machine code, but this has not been confirmed.

Mac OS X 10.4.8 is vulnerable to this issue; other versions are also likely affected, since the vulnerable component has been included in Apple operating systems since System 6.0.4

44. KSirc IRC Client Remote PRIVMSG Denial of Service Vulnerability
BugTraq ID: 21790
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21790
Summary:
KSirc is prone to a remote denial-of-service vulnerability.

The issue arises when the client handles excessive string data. By exploiting this issue, a remote attacker may cause an affected client to crash.

KSirc 1.3.12 is vulnerable to this issue; other versions may also be affected.

The vendor states this issue cannot be exploited to execute arbitrary code. Successful exploits will, however, result in denial-of-service conditions in the client.

45. Apple Mac OS X QuickDraw InternalUnpackBits Remote Memory Corruption Vulnerability
BugTraq ID: 22228
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22228
Summary:
Mac OS X QuickDraw is prone to a remote memory-corruption vulnerability because the software fails to properly handle malformed PICT image files.

Successfully exploiting this issue allows remote attackers to corrupt memory and to crash the affected software. Attackers may also be able to execute arbitrary machine code, but this has not been confirmed.

Mac OS X 10.4.8 is vulnerable to this issue; other versions are also likely affected, since the vulnerable component has been included in Apple operating systems since System 6.0.4.

46. Mozilla Thunderbird/SeaMonkey/Firefox Multiple Remote Vulnerabilities
BugTraq ID: 22694
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22694
Summary:
The Mozilla Foundation has released six security advisories specifying vulnerabilities in Firefox, SeaMonkey, and Thunderbird.

These vulnerabilities allow attackers to:

- Execute arbitrary code
- Cause denial-of-service conditions
- Perform cross-site scripting attacks
- Obtain potentially sensitive information
- Spoof legitimate content

Other attacks may also be possible.

47. OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
BugTraq ID: 20245
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/20245
Summary:
OpenSSH-Portable is prone to an information-disclosure weakness. The issue stems from a GSSAPI authentication abort.

Reportedly, attackers may leverage a GSSAPI authentication abort to determine the presence and validity of usernames on unspecified platforms.

This issue occurs when OpenSSH-Portable is configured to accept GSSAPI authentication.

OpenSSH-Portable 4.3p1 and prior versions exhibit this weakness.

48. Apple Mac OS X FPathConf System Call Local Denial of Service Vulnerability
BugTraq ID: 20982
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/20982
Summary:
Apple Mac OS X is prone to a local denial-of-service vulnerability because the kernel fails to properly handle the execution of a system call.

Exploiting this issue allows local, unprivileged users to crash affected kernels, denying further service to legitimate users.

49. Apple Mac OS X Multiple Applications Multiple Vulnerabilities
BugTraq ID: 22948
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22948
Summary:
Mac OS X is prone to multiple vulnerabilities including stack-based buffer-overflow issues, denial-of-service vulnerabilities, two memory-corruption issues, an integer-overflow issue, two authentication-bypass issues, an information-disclosure vulnerability, and an insecure command-execution issue.

An attacker can exploit these issues to execute arbitrary code in the context of the user running the application, cause denial-of-service conditions, compromise the application, and access or modify data.

Few details regarding these issues are currently available. Separate BIDs for each issue will be created as new information becomes available.

Mac OS X and Mac OS X Server versions 10.3.9 and 10.4 through 10.4.8 are vulnerable.

50. Apple Mac OS X ImageIO GIF Image Integer Overflow Vulnerability
BugTraq ID: 22630
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22630
Summary:
Apple Mac OS X ImageIO is prone to an integer-overflow vulnerability because it fails to handle specially crafted image files.

A remote attacker can exploit this issue to cause denial-of-service conditions and potentially to execute code, but this has not been confirmed.

This issue affects Mac OS X 10.4.8; previous versions may also be affected.

51. GNU Tar GNUTYPE_NAMES Remote Directory Traversal Vulnerability
BugTraq ID: 21235
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21235
Summary:
GNU Tar is prone to a vulnerability that may allow an attacker to place files and overwrite files in arbitrary locations on a vulnerable computer. These issues present themselves when the application processes malicious archives.

A successful attack can allow the attacker to place potentially malicious files and overwrite files on a computer in the context of the user running the affected application. Successful exploits may aid in further attacks.

52. Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
BugTraq ID: 20241
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/20241
Summary:
Portable OpenSSH is prone to a remote code-execution vulnerability. The issue derives from a race condition in a vulnerable signal handler.

Reportedly, under specific conditions, it is theoretically possible to execute code remotely prior to authentication when GSSAPI authentication is enabled. This has not been confirmed; the chance of a successful exploit of this nature is considered minimal.

On non-Portable OpenSSH implementations, this same race condition can be exploited to cause a pre-authentication denial of service.

This issue occurs when OpenSSH and Portable OpenSSH are configured to accept GSSAPI authentication.

53. Adobe Flash Player Plugin HTTP Header Injection Weakness
BugTraq ID: 20592
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/20592
Summary:
Adobe Flash Player Plugin is prone to a weakness that permits the injection of arbitrary HTTP headers because it fails to sanitize user-supplied input.

A successful attack may allow attackers to perform arbitrary HTTP requests facilitating cross-site request forgery, cross-site scripting, HTTP request smuggling, and other attacks.

Since this weakness would typically be used as one component in a larger attack scenario, the consequences of an attack will depend on the vulnerabilities exploited along with this weakness.

Version 9.0.16 for Windows and 7.0.63 for Linux are affected by this issue.

54. OpenSSH Duplicated Block Remote Denial of Service Vulnerability
BugTraq ID: 20216
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/20216
Summary:
OpenSSH is prone to a remote denial-of-service vulnerability because it fails to properly handle incoming duplicate blocks.

Remote attackers may exploit this issue to consume excessive CPU resources, potentially denying service to legitimate users.

This issue occurs only when OpenSSH is configured to accept SSH Version One traffic.

55. GNU Tar Invalid Headers Buffer Overflow Vulnerability
BugTraq ID: 16764
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/16764
Summary:
GNU Tar is prone to a buffer overflow when handling invalid headers. Successful exploitation could potentially lead to arbitrary code execution, but this has not been confirmed.

Tar versions 1.14 and above are vulnerable.

56. OpenSSH SCP Shell Command Execution Vulnerability
BugTraq ID: 16369
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/16369
Summary:
OpenSSH is prone to an SCP shell command-execution vulnerability because the application fails to properly sanitize user-supplied input before using it in a 'system()' function call.

This issue allows attackers to execute arbitrary shell commands with the privileges of users executing a vulnerable version of SCP.

This issue reportedly affects version 4.2 of OpenSSH. Other versions may also be affected.

57. Apple Mac OS X DMG UFS UFS_LookUp Denial Of Service Vulnerability
BugTraq ID: 22036
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22036
Summary:
Apple Mac OS X is prone to a remote denial-of-service vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images.

A successful exploit can allow a remote attacker to cause kernel panic, resulting in a denial-of-service condition.

Mac OS X 10.4.8 is vulnerable; other versions may also be affected.

58. Apple Mac OS X UDTO Disk Image Remote Denial of Service Vulnerability
BugTraq ID: 21236
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21236
Summary:
Apple Mac OS X is prone to a remote denial-of-service vulnerability when handling specially crafted UDTO disk image files.

Successfully exploiting this issue allows remote users to crash affected computers, denying service to legitimate users. Attackers may also be able to exploit this issue for remote code execution, but this is reportedly unlikely.

Mac OS X 10.4.8 is vulnerable to this issue; other versions may also be affected.

59. Apple Mac OS X DMG UFS FFS_MountFS Integer Overflow Vulnerability
BugTraq ID: 21993
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21993
Summary:
Apple Mac OS X is prone to a remote integer-overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images.

A successful exploit can allow a remote attacker to execute arbitrary code with kernel-level privileges, leading to the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

Mac OS X 10.4.8 and freeBSD 6.1 are vulnerable; other versions may also be affected.

60. Silc Server New Channel Remote Denial Of Service Vulnerability
BugTraq ID: 22846
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22846
Summary:
SILC Server is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions.

An attacker can exploit this issue to crash the affected server, effectively denying service to legitimate users.

This issue affects version 1.0.2; other versions may also be affected.

61. Amarok Magnature Shell Command Injection Vulnerability
BugTraq ID: 22568
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22568
Summary:
Amarok Magnature is prone to a shell command-injection vulnerability.

Commands executed through this vulnerability could permit an attacker to gain access to a vulnerable system.

62. GnuPG Signed Message Arbitrary Content Injection Weakness
BugTraq ID: 22757
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22757
Summary:
GnuPG is prone to a weakness that may allow an attacker to add arbitrary content into a message without the end user knowing.

An attacker may be able to exploit this issue in applications using GnuPG to add arbitrary content into a signed and/or encrypted message.

Exploiting this issue depends on the individual application's use of GnuPG. Individual records will be created detailing this issue in affected applications.

63. Mozilla Firefox Location.Hostname Dom Property Cookie Theft Vulnerability
BugTraq ID: 22566
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22566
Summary:
Mozilla Firefox is prone to a vulnerability that allows attackers to steal cookies. This issue occurs because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue to manipulate cookie-based authentication credentials for third-party web pages or to control how the site is rendered to the user. Exploiting this issue may allow the attacker to bypass the same-origin policy for cross-window/cross-frame data access; other attacks are also possible.

This issue affects version 2.0.0.1; prior versions may also be affected.

64. Mozilla Firefox Popup Blocker Cross Zone Security Bypass Weakness
BugTraq ID: 22396
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22396
Summary:
Mozilla Firefox is prone to a cross-zone security-bypass weakness. This issue allows attackers to open 'file://' URIs from remote websites.

By exploiting this issue in conjunction with other weaknesses or vulnerabilities, attackers may be able to execute arbitrary script code with the elevated privileges that are granted to scripts when they are executed from local sources.

Mozilla Firefox 1.5.0.9 is affected by this issue; other versions may be affected as well.

65. Mozilla Firefox 2 Password Manager Cross-Site Information Disclosure Weakness
BugTraq ID: 21240
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21240
Summary:
Mozilla Firefox is reportedly prone to an information-disclosure weakness because it fails to properly notify users of the automatic population of form fields in disparate URLs deriving from the same domain.

Exploiting this issue may allow attackers to obtain user credentials that have been saved in forms deriving from the same website where attack code resides. The most common manifestation of this condition would typically be in blogs or forums. This may allow attackers to access potentially sensitive information that would facilitate the success of phishing attacks.

Initial reports and preliminary testing indicate that this issue affects only Firefox 2.

66. Apple Mac OS X AppleTalk _ATPsndrsp Function Remote Heap Overflow Vulnerability
BugTraq ID: 22041
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22041
Summary:
Apple Mac OS X AppleTalk is prone to a heap-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer.

An attacker could leverage this issue to have arbitrary code execute with administrative privileges. A successful exploit could result in the complete compromise of the affected system.

Apple Mac OS X version 10.4.8 is reported vulnerable; other versions may be vulnerable as well.

67. Apple Mac OS X UDIF Disk Image Remote Denial Of Service Vulnerability
BugTraq ID: 21201
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21201
Summary:
Apple Mac OS X is prone to a remote denial-of-service vulnerability when handling specially crafted UDIF disk image files.

Successfully exploiting this issue allows remote users to crash affected computers, denying service to legitimate users.

Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.

Note: Further information from Alastair Houghton reports that this issue cannot be exploited to execute arbitrary code. See the references for details.

68. Apple Mac OS X AppleTalk Local Memory Corruption Vulnerability
BugTraq ID: 21317
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21317
Summary:
Apple Mac OS X is prone to a local memory-corruption vulnerability. This issue occurs when the operating system fails to handle specially crafted arguments to an IOCTL call.

Due to the nature of this issue, an attacker may be able to execute arbitrary machine code in the context of the affected kernel, but this has not been confirmed. Failed exploit attempts result in kernel panics, denying service to legitimate users.

Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.

69. MySQL Server Date_Format Denial Of Service Vulnerability
BugTraq ID: 19032
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/19032
Summary:
MySQL is prone to a remote denial-of-service vulnerability because the database server fails to properly handle unexpected input.

This issue allows remote attackers to crash affected database servers, denying service to legitimate users. Attackers must be able to execute arbitrary SQL statements on affected servers, which requires valid credentials to connect to affected servers.

Attackers may exploit this issue in conjunction with latent SQL-injection vulnerabilities in other applications.

Versions of MySQL prior to 4.1.18, 5.0.19, and 5.1.6 are vulnerable to this issue.

70. MySQL Privilege Elevation and Security Bypass Vulnerabilities
BugTraq ID: 19559
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/19559
Summary:
MySQL is prone to these vulnerabilities:

- A privilege-elevation vulnerability. A user with privileges to execute SUID routines may gain elevated privileges by executing certain commands and code with higher privileges.

- A security-bypass vulnerability. A user can bypass restrictions and create new databases.

MySQL 5.0.24 and prior versions are affected by these issues.

71. MySQL MERGE Privilege Revoke Bypass Vulnerability
BugTraq ID: 19279
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/19279
Summary:
MySQL is prone to a vulnerability that allows users with revoked privileges to a particular table to access these tables without permission.

Exploiting this issue allows attackers to access data when access privileges have been revoked. The specific impact of this issue depends on the data that the attacker may retrieve.

72. MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
BugTraq ID: 18439
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/18439
Summary:
MySQL is susceptible to a remote denial-of-service vulnerability. This issue is due to the database server's failure to properly handle unexpected input.

This issue allows remote attackers to crash affected database servers, denying service to legitimate users. Attackers must be able to execute arbitrary SQL statements on affected servers, which requires valid credentials to connect to affected servers.

Attackers may exploit this issue in conjunction with latent SQL-injection vulnerabilities in other applications.

Versions of MySQL prior to 4.1.18, 5.0.19, and 5.1.6 are vulnerable to this issue.

73. MySQL Mysql_real_escape Function SQL Injection Vulnerability
BugTraq ID: 18219
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/18219
Summary:
MySQL is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise an application using a vulnerable database or to compromise the database itself.

MySQL versions prior to 5.0.22-1-0.1 and prior to 4.1.20 are vulnerable. Other versions may also be affected.

74. MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
BugTraq ID: 17780
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/17780
Summary:
MySQL is prone to multiple remote vulnerabilities:

- A buffer-overflow vulnerability due to insufficient bounds-checking of user-supplied data before copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code in the context of affected database servers. Failed exploit attempts will likely crash the server, denying further service to legitimate users.

- Two information-disclosure vulnerabilities due to insufficient input-sanitization and bounds-checking of user-supplied data. These issues allow remote users to gain access to potentially sensitive information that may aid them in further attacks.

75. Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
BugTraq ID: 21349
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21349
Summary:
Apple Mac OS X is prone to a local memory-corruption vulnerability. This issue occurs when the operating system fails to handle specially crafted arguments to a system call.

Attackers may exploit this issue to cause a kernel panic, effectively denying further service to legitimate users. Due to the nature of this issue, successful exploits may potentially result in the execution of arbitrary machine code in the context of the affected kernel, but this has not been confirmed.

Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.

76. Apple Mac OS X Mach-O Binary Loading Integer Overflow Vulnerability
BugTraq ID: 21291
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21291
Summary:
Apple Mac OS X is prone to a local integer-overflow vulnerability. This issue occurs when the operating system fails to handle specially crafted binaries.

A successful exploit would allow a local attacker to execute arbitrary code with kernel-level privileges, leading to the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

77. Mozilla Firefox OnUnload Memory Corruption Vulnerability
BugTraq ID: 22679
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22679
Summary:
Mozilla Firefox is prone to a remote memory-corruption vulnerability.

Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the affected application. This could facilitate the remote compromise of affected computers.

Mozilla Firefox version 2.0.0.1 is vulnerable to this issue; other versions are also likely affected.

78. Apple iLife iPhoto PhotoCast XML Remote Format String Vulnerability
BugTraq ID: 21871
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/21871
Summary:
iLife iPhoto is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers.

Version 6.0.5 (316) is vulnerable; other versions may also be affected.

79. Linux Kernel Netfilter NFNetLink_Log Multiple NULL Pointer Dereference Vulnerabilities
BugTraq ID: 22946
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22946
Summary:
The Linux kernel is prone to multiple NULL-pointer dereference vulnerabilities.

A local attacker can exploit these issues to crash the affected kernel, denying service to legitimate users.

80. NetBSD Kernel Unspecified Local Buffer Overflow Vulnerability
BugTraq ID: 22945
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22945
Summary:
NetBSD is prone to an unspecified kernel heap-based buffer-overflow vulnerability.

Attackers may exploit this issue to execute arbitrary machine code in the context of the affected kernel. Failed attempts may result in denial-of-service conditions. Successful exploits will likely result in a complete compromise of the affected computer.

Reportedly, this issue also affects older versions of OpenBSD and FreeBSD.

81. Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
BugTraq ID: 22961
Remote: No
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22961
Summary:
Norton Personal Firewall 2006 is prone to a local denial-of-service vulnerability. This issue occurs when attackers send malformed data to the 'SymEvent' driver.

A local authenticated attacker may exploit this issue to crash affected computers, denying service to legitimate users.

This issue is reportedly a regression from the vulnerability described in BID 20051 (Symantec Multiple Products SymEvent Driver Local Denial of Service Vulnerability). Symantec is currently investigating this issue; this BID will be updated as more information becomes available.

82. Apache HTTP Server Tomcat Directory Traversal Vulnerability
BugTraq ID: 22960
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22960
Summary:
Apache HTTP servers running with the Tomcat servlet container are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows attackers to access arbitrary files in the Tomcat webroot. This can expose sensitive information that could aid in further attacks.

Versions in the 5.0 series prior to 5.5.22 and versions in the 6.0 series prior to 6.0.10 are vulnerable.

83. PHProjekt Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 22957
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22957
Summary:
PHProjekt is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.

PHProjekt versions 5.2.0 and prior are vulnerable to these issues.

84. PHProjekt Arbitrary File Upload Vulnerability
BugTraq ID: 22956
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22956
Summary:
PHProjekt is prone to an arbitrary file-upload vulnerability.

Exploiting this issue could allow an attacker to upload and execute arbitrary script code in the context of the affected webserver process. This may help the attacker compromise the application; other attacks are possible.

Versions prior to 5.2.1 are vulnerable to this issue.

85. PHProjekt Multiple SQL Injection Vulnerabilities
BugTraq ID: 22955
Remote: Yes
Last Updated: 2007-03-14
Relevant URL: http://www.securityfocus.com/bid/22955
Summary:
PHProjekt is prone to multiple SQL-injection vulnerabilities because the application failso properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

PHProjekt versions 5.2.0 and prior are vulnerable to these issues.

86. Apple Software Update Format String Vulnerability
BugTraq ID: 22222
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22222
Summary:
Apple Software Update is prone to a format-string vulnerability.

This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.

A successful attack may crash the application or possibly lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the user running the application.

87. Weekly Drawing Contest Contest.PHP Remote Authentication Bypass Vulnerability
BugTraq ID: 22947
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22947
Summary:
Weekly Drawing Contest is prone to a vulnerability that allows remote attackers to bypass authentication.

Successfully exploiting this issue allows remote attackers to gain administrative access to the vulnerable application.

88. Weekly Drawing Contest Check_Vote.PHP Local File Include Vulnerability
BugTraq ID: 22937
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22937
Summary:
Weekly Drawing Contest is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an unauthorized user to view local files on the affected webserver.

This issue affects version 0.0.1; other versions may also be affected.

89. X-Ice News System DevAMI.ASP SQL Injection Vulnerability
BugTraq ID: 22939
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22939
Summary:
X-ice News System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. Successful attacks can facilitate unauthorized access.

Version 1.0 is vulnerable; other versions may also be affected.

90. Xine DirectShow Loader Remote Buffer Overflow Vulnerability
BugTraq ID: 22933
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22933
Summary:
Xine is prone to a remote buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied input into finite-sized buffers.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers.

91. Linux Kernel IPV6_Getsockopt_Sticky Memory Leak Information Disclosure Vulnerability
BugTraq ID: 22904
Remote: No
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22904
Summary:
Linux Kernel is prone to an information-disclosure vulnerability because it fails to handle unexpected user-supplied input.

Successful exploits will allow attackers to obtain portions of kernel memory. Information harvested may be used in further attacks.

Kernel versions 2.6.0 up to 2.6.20.1 are vulnerable to this issue.

92. Unrarlib URarLib_Get Function Buffer Overflow Vulnerability
BugTraq ID: 22942
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22942
Summary:
The 'unrarlib' library is prone to a buffer-overflow vulnerability because the library fails to perform proper bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

Attackers can exploit this vulnerability to execute attacker-supplied code in the context of an application that relies on the affected library.

93. NewsBin Pro Long File Name Buffer Overflow Vulnerability
BugTraq ID: 22940
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22940
Summary:
NewsBin Pro is prone to a remote buffer-overflow because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.

This issue affects version 4.32; other versions may also be affected.

94. Mozilla Thunderbird/Seamonkey Rich Text Integer Overflow Vulnerability
BugTraq ID: 22845
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22845
Summary:
Thunderbird and Seamonkey are prone to an integer-overflow vulnerability because they fail to handle excessively large specially formatted email messages.

A remote attacker can exploit this issue to execute arbitrary code; failed exploit attempts will likely result in denial-of-service conditions.

This issue affects Thunderbird versions prior to 1.5.0.10 and Seamonkey versions prior to 1.0.8.

95. Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
BugTraq ID: 22826
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22826
Summary:
Mozilla Firefox is prone to a remote code-execution vulnerability due to a design error.

Attackers may exploit this issue by enticing victims into visiting a malicious site.

Successful exploits may allow an attacker to crash the application or execute arbitrary code in the context of the affected application.

96. News Reactor Long File Name Buffer Overflow Vulnerability
BugTraq ID: 22936
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22936
Summary:
News Reactor is prone to a remote buffer-overflow because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.

This issue affects version 20070220; other versions may also be affected.

97. RETIRED: Moodle Filter.PHP Remote File Include Vulnerability
BugTraq ID: 22931
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22931
Summary:
Moodle is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Version 1.7.1 is vulnerable; other versions may also be affected.

RETIRED: This issue is being retired because the vendor reports that the specified script is not part of the Moodle application.

98. PennMUSH Multiple Command Denial Of Service Vulnerabilities
BugTraq ID: 22935
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22935
Summary:
PennMUSH is prone to multiple remote denial-of-service vulnerabilities.

Successful exploitation will cause the affected server to crash, effectively denying service to legitimate users.

PennMUSH versions prior to 1.8.2p3 are vulnerable to these issues.

99. Open Educational System Multiple Remote File Include Vulnerabilities
BugTraq ID: 22934
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22934
Summary:
Open Educational System is prone to multiple remote file-include vulnerabilities.

An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

Version 0.1 beta is vulnerable to these issues.

100. News Rover Subject Line Stack Buffer Overflow Vulnerability
BugTraq ID: 22618
Remote: Yes
Last Updated: 2007-03-13
Relevant URL: http://www.securityfocus.com/bid/22618
Summary:
News Rover is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of the affected application.

This issue affects version 4.1.0.1; other versions may also be affected.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Tor hack proposed to catch criminals
By: Robert Lemos
A security researcher unveils a project that aims to identify sources on the pro-privacy network, but does the initiative help track down criminals or just hurt legitimate users?

http://www.securityfocus.com/news/11447

2. Stormy weather for malware defenses
By: Robert Lemos
The misnamed Storm Worm, actually a Trojan horse, underscores the difficulties that evolving tactics pose for defenders. <em>The second article in a two-part series.</em>
http://www.securityfocus.com/news/11446

3. Maynor reveals missing Apple flaws
By: Robert Lemos
Security researcher David Maynor shows off the code for exploiting a vulnerability in the native Mac OS X wireless drivers revealed last summer as well as e-mails showing he notified Apple.
http://www.securityfocus.com/news/11445

4. Legal threats scuttle RFID flaw demo
By: Robert Lemos
Security technology giant HID uses patent claims to silence a security researcher scheduled to detail issues in radio-frequency identification (RFID) technology at a conference this week.
http://www.securityfocus.com/news/11444

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Security Consultant, Merseyside
http://www.securityfocus.com/archive/77/462782

2. [SJ-JOB] Application Security Engineer, Cleveland
http://www.securityfocus.com/archive/77/462731

3. [SJ-JOB] VP / Dir / Mgr engineering, New York
http://www.securityfocus.com/archive/77/462733

4. [SJ-JOB] Security Auditor, New York
http://www.securityfocus.com/archive/77/462734

5. [SJ-JOB] Security Consultant, Calgary
http://www.securityfocus.com/archive/77/462730

6. [SJ-JOB] Director, Information Security, New York
http://www.securityfocus.com/archive/77/462732

7. [SJ-JOB] Security Architect, Leawood
http://www.securityfocus.com/archive/77/462713

8. [SJ-JOB] Security Consultant, Hyderabad
http://www.securityfocus.com/archive/77/462714

9. [SJ-JOB] Sr. Security Engineer, Hyderabad
http://www.securityfocus.com/archive/77/462724

10. [SJ-JOB] Security Engineer, Los Angeles
http://www.securityfocus.com/archive/77/462725

11. [SJ-JOB] Sr. Security Analyst, Indianapolis
http://www.securityfocus.com/archive/77/462726

12. [SJ-JOB] Security Architect, Bellevue
http://www.securityfocus.com/archive/77/462712

13. [SJ-JOB] Security Architect, Atlanta
http://www.securityfocus.com/archive/77/462718

14. [SJ-JOB] Security Architect, Charlotte
http://www.securityfocus.com/archive/77/462719

15. [SJ-JOB] Security Architect, Houston
http://www.securityfocus.com/archive/77/462693

16. [SJ-JOB] Technical Support Engineer, Wokingham
http://www.securityfocus.com/archive/77/462656

17. [SJ-JOB] Security Architect, Framingham
http://www.securityfocus.com/archive/77/462694

18. [SJ-JOB] Security Architect, Lisle
http://www.securityfocus.com/archive/77/462653

19. [SJ-JOB] Security Architect, Framingham
http://www.securityfocus.com/archive/77/462655

20. [SJ-JOB] Security Architect, San Francisco
http://www.securityfocus.com/archive/77/462657

21. [SJ-JOB] Security Architect, Princeton
http://www.securityfocus.com/archive/77/462654

22. [SJ-JOB] Security Architect, Prague
http://www.securityfocus.com/archive/77/462594

23. [SJ-JOB] Security Engineer, Prague
http://www.securityfocus.com/archive/77/462593

24. [SJ-JOB] Security Engineer, Lovendegem
http://www.securityfocus.com/archive/77/462566

25. [SJ-JOB] Forensics Engineer, Lovendegem
http://www.securityfocus.com/archive/77/462567

26. [SJ-JOB] Security Auditor, Lovendegem
http://www.securityfocus.com/archive/77/462570

27. [SJ-JOB] Security Consultant, Lovendegem
http://www.securityfocus.com/archive/77/462574

28. [SJ-JOB] Account Manager, Lovendegem
http://www.securityfocus.com/archive/77/462573

29. [SJ-JOB] Sales Representative, Washington
http://www.securityfocus.com/archive/77/462568

30. [SJ-JOB] CHECK Team Leader, Hyderabad
http://www.securityfocus.com/archive/77/462571

31. [SJ-JOB] Security Researcher, San Francisco
http://www.securityfocus.com/archive/77/462401

32. [SJ-JOB] Security Researcher, San Jose
http://www.securityfocus.com/archive/77/462363

33. [SJ-JOB] Security Engineer, Amsterdam
http://www.securityfocus.com/archive/77/462410

34. [SJ-JOB] Security Engineer, Cleveland
http://www.securityfocus.com/archive/77/462411

35. [SJ-JOB] Application Security Architect, New York
http://www.securityfocus.com/archive/77/462413

36. [SJ-JOB] Sr. Security Engineer, St. Louis
http://www.securityfocus.com/archive/77/462318

37. [SJ-JOB] Security Architect, St. Louis
http://www.securityfocus.com/archive/77/462319

38. [SJ-JOB] Security Consultant, Anywhere
http://www.securityfocus.com/archive/77/462320

39. [SJ-JOB] Security Consultant, Virtual
http://www.securityfocus.com/archive/77/462321

40. [SJ-JOB] Software Engineer, Milpitas
http://www.securityfocus.com/archive/77/462256

41. [SJ-JOB] Manager, Information Security, Milpitas
http://www.securityfocus.com/archive/77/462257

42. [SJ-JOB] Security Researcher, Redmond
http://www.securityfocus.com/archive/77/462258

43. [SJ-JOB] Developer, Redmond
http://www.securityfocus.com/archive/77/462261

44. [SJ-JOB] Security Director, New York
http://www.securityfocus.com/archive/77/462254

45. [SJ-JOB] Technical Writer, Idaho Falls
http://www.securityfocus.com/archive/77/462255

46. [SJ-JOB] Sr. Security Analyst, Westlake Village
http://www.securityfocus.com/archive/77/462155

47. [SJ-JOB] Sr. Security Analyst, Long Island
http://www.securityfocus.com/archive/77/462156

V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007
http://www.securityfocus.com/archive/82/462583

2. MS07-016 FTP Response DOS PoC
http://www.securityfocus.com/archive/82/462352

3. SyScan'07 - Call for Paper - NEW UPDATES
http://www.securityfocus.com/archive/82/462580

4. Black Hat USA CFP Now Open!
http://www.securityfocus.com/archive/82/462350

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
VIII. SUN FOCUS LIST SUMMARY
----------------------------
1. Dealing with BSM Audit Logs
http://www.securityfocus.com/archive/92/449244

IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics

As web applications become increasingly complex, tremendous amounts of sensitive data - personal, medical and financial - are exchanged, and stored. Consumers expect and demand security ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper
Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000Cjrj

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Blog Archive