News

Tuesday, April 24, 2007

SecurityFocus Newsletter #398

SecurityFocus Newsletter #398
----------------------------------------

This Issue is Sponsored by: SPI Dynamics

ALERT: "How a Hacker Launches a SQL Injection Attack!"- SPI Dynamics White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving
hackers complete access to all your backend systems! Firewalls and IDS will not stop
such attacks because SQL Injections are NOT seen as intruders. Download this *FREE*
white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8O


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Online Impersonations: No Validation Required
2. 0wning Vista from the boot
II. BUGTRAQ SUMMARY
1. Advanced Webhost Billing System Cart2.PHP Remote File Include Vulnerability
2. USP FOSS Distribution Download.PHP Directory Traversal Vulnerability
3. ImageMagick DCM XWD Formats Multiple Integer Overflow Vulnerabilities
4. X.Org LibXFont Multiple Integer Overflow Vulnerabilities
5. UPHP Free Ring Index.PHP SQL Injection Vulnerability
6. JCHit Counter Imgsrv.PHP Directory Traversal Vulnerability
7. AMSN Malformed Message Denial Of Service Vulnerability
8. WSFTP Null Pointer Dereference Remote Denial of Service Vulnerability
9. Photofiltre Studio Malformed TIF File Buffer Overflow Vulnerability
10. Supasite Multiple Remote File Include Vulnerabilities
11. PHP Turbulence Turbulence.PHP Remote File Include Vulnerability
12. Microsoft Windows DNS Server Escaped Zone Name Parameter Buffer Overflow Vulnerability
13. 3proxy HTTP Proxy Request Buffer Overflow Vulnerability
14. Sun Solaris IP Implementation Remote Denial of Service Vulnerability
15. NeatUpload HTTPWorkerRequest.FlushResponse Information Disclosure Vulnerability
16. Gimp XCF_load_vector Function Buffer Overflow Vulnerability
17. Lighttpd Multiple Remote Denial of Service Vulnerabilities
18. KTorrent Multiple Remote Vulnerabilities
19. Vixie Cron ST_Nlink Check Local Denial of Service Vulnerability
20. Man Command -H Flag Local Buffer Overflow Vulnerability
21. Horde Framework Login.PHP Cross-Site Scripting Vulnerability
22. Vixie Cron Crontab File Disclosure Vulnerability
23. Avahi Compressed DNS Denial Of Service Vulnerability
24. Extremail Buffer Overflow And DNS Spoofing Vulnerabilities
25. FreePBX SIP Packet Multiple HTML Injection Vulnerabilities
26. Exponent CMS Multiple Input Validation Vulnerabilities
27. Xaraya Roles Module Form Handler Security Bypass Vulnerability
28. Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
29. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
30. ImageMagick XGetPixel/XInitImage Multiple Integer Overflow Vulnerabilities
31. HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
32. Cdelia Software ImageProcessing Malformed BMP File Denial of Service Vulnerability
33. MadWIFI Ad-Hoc Mode Denial of Service Vulnerability
34. Claroline RootSys Remote File Include Vulnerability
35. DMCMS Upload_File.PHP Arbitrary File Upload Vulnerability
36. Nullsoft Winamp PLS File Remote Denial of Service Vulnerability
37. Mod_Perl Path_Info Remote Denial Of Service Vulnerability
38. YA Book City Field HTML-injection Vulnerability
39. XnView XPMHeaders Buffer Overflow Vulnerability
40. phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
41. ACDSee XPMHeaders Buffer Overflow Vulnerability
42. GNU Mailutils Imap4D Search Command Remote Format String Vulnerability
43. GPB Bulletin Board Multiple Remote File Include Vulnerabilities
44. Nullsoft Winamp MIDI File Processing Denial of Service Vulnerability
45. X.Org X11 XC-MISC Extension Integer Overflow Vulnerability
46. Clam AntiVirus ClamAV Multiple Remote Vulnerabilities
47. NetSprint Toolbar ActiveX Denial of Service Vulnerability
48. Adobe Photoshop Multiple File Format Buffer Overflow Vulnerability
49. Second Sight Software Multiple ActiveX Controls Multiple Buffer Overflow Vulnerabilities
50. Cisco Multiple Devices Crafted IP Option Multiple Remote Code Execution Vulnerability
51. Opera Web Browser Running Adobe Flash Player Unspecified Vulnerability
52. Linksys SPA941 \377 Character Denial of Service Vulnerability
53. PostgreSQL SECURITY DEFINER Function Local Privilege Escalation Vulnerability
54. Opera FTP PASV Port-Scanning Vulnerability
55. Pagode Navigator_ok.PHP Directory Traversal Vulnerability
56. Apple Quicktime Unspecified Java Handling Arbitrary Code Execution Vulnerability
57. Phorum Multiple Input Validation Vulnerabilities
58. Linux Kernel NFSACL Denial of Service Vulnerability
59. IPv6 Protocol Type 0 Route Header Denial of Service Vulnerability
60. Multiple Web Browser UTF-7 Cross-Domain Character-Set-Inheritance Vulnerability
61. MADWiFi IEEE80211_Output.C Unencrypted Data Packet Multiple Vulnerabilities
62. Network Audio System Local Privilege Escalation and Denial of Service Vulnerabilities
63. Linux Kernel BINFMT_ELF PT_INTERP Local Information Disclosure Vulnerability
64. Apple Mac OS X 2007-004 Multiple Security Vulnerabilities
65. ZZipLib ZZip_Open_Shared_IO Stack Buffer Overflow Vulnerability
66. FreeRADIUS Multiple RLM_SQLCounter Buffer Overflow Vulnerabilities
67. FreeRadius RLM_SQLCounter SQL Injection Vulnerability
68. Blender KMZ/KML Remote Command Execution Vulnerability
69. Maran PHP Forum Forum_write.PHP Arbitrary File Upload Vulnerability
70. MPlayer DMO File Parsing Buffer Overflow Vulnerability
71. Joomla! PCLTar.PHP Remote File Include Vulnerability
72. MyBulletinBoard Calendar.PHP SQL Injection Vulnerability
73. LMS RTMessageAdd.PHP Remote File Include Vulnerability
74. Post Revolution Dir Multiple Remote File Include Vulnerabilities
75. Sendmail Unspecified Denial Of Service Vulnerability
76. Mephisto Blog Author Comment HTML Injection Vulnerability
77. Check Point Zone Alarm Srescan.SYS Multiple Local Privilege Escalation Vulnerabilities
78. Novell Groupwise WebAccess GWINTER.EXE Remote Buffer Overflow Vulnerability
79. Linux Kernel Key_Alloc_Serial() Local Denial of Service Vulnerability
80. EsForum Forum.PHP SQL Injection Vulnerability
81. Corel Paint Shop Pro Photo Malformed CLP File Buffer Overflow Vulnerability
82. ACVSWS Transport.PHP Remote File Include Vulnerability
83. PHPMySpace Gold Article.PHP SQL Injection Vulnerability
84. OpenSSH S/Key Remote Information Disclosure Vulnerability
85. File117 Multiple Remote File Include Vulnerabilities
86. PHPMyBibli Init.Inc.PHP Remote File Include Vulnerability
87. Allfaclassifieds Level2.PHP Remote File Include Vulnerability
88. Ripe Website Manager Multiple Input Validation Vulnerabilities
89. Microgaming Download Helper ActiveX Control Remote Buffer Overflow Vulnerability
90. Linux Kernel L2CAP and HCI Setsockopt Memory Leak Information Disclosure Vulnerability
91. McAfee VirusScan On-Access Scanner File Name Buffer Overflow Vulnerability
92. TJSChat You.PHP Cross-Site Scripting Vulnerability
93. Mozilla Firefox/SeaMonkey/Thunderbird Multiple Remote Vulnerabilities
94. WEBinsta FM Manager Admin Cookies Remote File Include Vulnerability
95. MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
96. MadWifi Auth Frame IBSS Remote Denial of Service Vulnerability
97. Big Blue Guestbook Comment HTML Injection Vulnerability
98. Yate SIP Protocol Denial of Service Vulnerability
99. Oracle April 2007 Security Update Multiple Vulnerabilities
100. Courier-IMAP XMAILDIR Shell Command Injection Vulnerability
III. SECURITYFOCUS NEWS
1. A Mac gets whacked, a second survives
2. MacBooks withstand mild attacks on patch day
3. Attackers improve on JavaScript trickery
4. U.S. agencies get 'C-' for computer security
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Channel / Business Development, New York
2. [SJ-JOB] Security Auditor, Berkshire
3. [SJ-JOB] Sr. Security Analyst, Schaumburg
4. [SJ-JOB] Sr. Security Analyst, Riyadh
5. [SJ-JOB] Sr. Security Analyst, chennai
6. [SJ-JOB] Penetration Engineer, Mumbai, Pune
7. [SJ-JOB] Security System Administrator, Riyadh
8. [SJ-JOB] Technology Risk Consultant, Riyadh
9. [SJ-JOB] Security System Administrator, Plymouth or London
10. [SJ-JOB] CISO, Tokyo
11. [SJ-JOB] Security Architect, Frankfurt am Main
12. [SJ-JOB] Application Security Engineer, Gurgaon
13. [SJ-JOB] Security Product Marketing Manager, San Jose
14. [SJ-JOB] Penetration Engineer, Munich
15. [SJ-JOB] Application Security Engineer, Seattle area
16. [SJ-JOB] Manager, Information Security, Wilson
17. [SJ-JOB] Manager, Information Security, Raleigh
18. [SJ-JOB] Auditor, Jacksonville /Gainesville
19. [SJ-JOB] Manager, Information Security, Boston
20. [SJ-JOB] Security Engineer, Northern
21. [SJ-JOB] Security System Administrator, London
22. [SJ-JOB] Sales Representative, Atlanta
23. [SJ-JOB] Security Consultant, Edinburgh
24. [SJ-JOB] Training / Awareness Specialist, Northern
25. [SJ-JOB] Security Consultant, Various
26. [SJ-JOB] Management, Northern
27. [SJ-JOB] Security Consultant, Bentonville
28. [SJ-JOB] Channel / Business Development, Boston
29. [SJ-JOB] CISO, Columbus
30. [SJ-JOB] Security System Administrator, Springfield
31. [SJ-JOB] Sales Engineer, Houston
32. [SJ-JOB] Sales Engineer, Austin
33. [SJ-JOB] Sales Engineer, Denver
34. [SJ-JOB] Sales Engineer, Dallas
35. [SJ-JOB] Quality Assurance, Bay Area
36. [SJ-JOB] Director, Information Security, Charlotte
37. [SJ-JOB] Channel / Business Development, London
38. [SJ-JOB] Technical Support Engineer, Mountain View
39. [SJ-JOB] Security Consultant, London
40. [SJ-JOB] Sr. Security Analyst, Bethesda
41. [SJ-JOB] Security Consultant, New York
42. [SJ-JOB] Security Engineer, London
43. [SJ-JOB] Channel / Business Development, London
44. [SJ-JOB] Security Engineer, Westbury
45. [SJ-JOB] Security System Administrator, Woking, Surrey
46. [SJ-JOB] Manager, Information Security, London
47. [SJ-JOB] Security Consultant, Dulles
48. [SJ-JOB] Sr. Security Engineer, Fort Lauderdale
49. [SJ-JOB] Channel / Business Development, Irvine
50. [SJ-JOB] CISO, Mountain View
51. [SJ-JOB] Sales Engineer, Phoenix
52. [SJ-JOB] Security Engineer, Mountain View
53. [SJ-JOB] Management, Mountain View
54. [SJ-JOB] Sr. Security Analyst, Fort Lauderdale
55. [SJ-JOB] Software Engineer, Mountain View
56. [SJ-JOB] Sales Engineer, Englewood
57. [SJ-JOB] Security Architect, Norcross/Lawrenceville
58. [SJ-JOB] Security Architect, Fort Lauderdale
59. [SJ-JOB] Security Director, Chantilly
60. [SJ-JOB] Penetration Engineer, Leeds
61. [SJ-JOB] Security Engineer, Pittsburgh
62. [SJ-JOB] Application Security Architect, Hong Kong
63. [SJ-JOB] Sr. Security Engineer, Frederick
64. [SJ-JOB] Sales Engineer, Atlanta
65. [SJ-JOB] Channel / Business Development, Redwood City
66. [SJ-JOB] CHECK Team Leader, Leeds
67. [SJ-JOB] Channel / Business Development, Dallas
68. [SJ-JOB] Instructor, Irving
69. [SJ-JOB] Sales Engineer, NYC, Boston, Chicago, DC
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Yet another SQL injection framework
2. CfP Hack.lu 2007
3. SyScan'07 Call for Papers - End 30th April 2007
VII. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #338
VIII. SUN FOCUS LIST SUMMARY
1. Sun Application Server Drop Privs
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Online Impersonations: No Validation Required
By Dr. Neal Krawetz
It is said that imitation is the sincerest form of flattery. Unfortunately, online social networks provide no method for distinguishing an impersonation from the real thing. While your online words and actions may circulate for years, so do those of an impersonator.
http://www.securityfocus.com/columnists/441

2. 0wning Vista from the boot
By Federico Biancuzzi
Federico Biancuzzi interviews Nitin and Vipin Kumar, authors of VBootkit, a rootkit that is able to load from Windows Vista boot-sectors. They discuss the "features" of their code, the support of the various versions of Vista, the possibility to place it inside the BIOS (it needs around 1500 bytes), and the chance to use it to bypass Vista's product activation or avoid DRM.
http://www.securityfocus.com/columnists/442


II. BUGTRAQ SUMMARY
--------------------
1. Advanced Webhost Billing System Cart2.PHP Remote File Include Vulnerability
BugTraq ID: 23633
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23633
Summary:
Advanced Webhost Billing System is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects Advanced Webhost Billing System 2.4.0; other versions may also be vulnerable.

2. USP FOSS Distribution Download.PHP Directory Traversal Vulnerability
BugTraq ID: 23632
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23632
Summary:
USP FOSS Distribution is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

A remote attacker can exploit this issue to retrieve the contents of arbitrary files in the context of the webserver process.

This issue affects USP FOSS Distribution 1.01; other versions may also be affected.

3. ImageMagick DCM XWD Formats Multiple Integer Overflow Vulnerabilities
BugTraq ID: 23347
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23347
Summary:
ImageMagick is prone to multiple integer-overflow vulnerabilities because it fails to adequately handle user-supplied data.

An attacker can exploit these issues to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause denial-of-service conditions.

ImageMagick 6.2.9 through 6.3.3-4 are vulnerable.

4. X.Org LibXFont Multiple Integer Overflow Vulnerabilities
BugTraq ID: 23283
Remote: No
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23283
Summary:
The 'libXfont' library is prone to multiple local integer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data.

An attacker can exploit these vulnerabilities to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions.

These issues affect libXfont 1.2.2; other versions may also be vulnerable.

5. UPHP Free Ring Index.PHP SQL Injection Vulnerability
BugTraq ID: 23586
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23586
Summary:
uPHP Free Ring is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

uPHP Free Ring 0.9 is vulnerable; other versions may also be affected.

6. JCHit Counter Imgsrv.PHP Directory Traversal Vulnerability
BugTraq ID: 23585
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23585
Summary:
JCHit Counter is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

A remote attacker can exploit this issue to retrieve the contents of arbitrary files in the context of the webserver process.

This issue affects JCHit Counter 1.0.0; other versions may also be affected.

7. AMSN Malformed Message Denial Of Service Vulnerability
BugTraq ID: 23583
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23583
Summary:
aMsn is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects aMsn 0.96 and prior versions.

8. WSFTP Null Pointer Dereference Remote Denial of Service Vulnerability
BugTraq ID: 23584
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23584
Summary:
WSFTP is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users.

9. Photofiltre Studio Malformed TIF File Buffer Overflow Vulnerability
BugTraq ID: 23582
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23582
Summary:
Photofiltre Studio is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue by enticing a victim to load a malicious TIF file. If successful, the attacker can execute arbitrary code in the context of the affected application.

This issue affects Photofiltre Studio 8.1.1; other versions may also be affected.

10. Supasite Multiple Remote File Include Vulnerabilities
BugTraq ID: 23581
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23581
Summary:
is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

These issues affect Supasite 1.23b and prior versions.

11. PHP Turbulence Turbulence.PHP Remote File Include Vulnerability
BugTraq ID: 23580
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23580
Summary:
PHP Turbulence is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects PHP Turbulence 0.0.1 alpha; other versions may also be affected.

12. Microsoft Windows DNS Server Escaped Zone Name Parameter Buffer Overflow Vulnerability
BugTraq ID: 23470
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23470
Summary:
Microsoft Windows Domain Name System (DNS) Server Service is prone to a stack-based buffer-overflow vulnerability in its Remote Procedure Call (RPC) interface.

A remote attacker may exploit this issue to run arbitrary code in the context of the DNS Server Service. The DNS service runs in the 'SYSTEM' context.

Successfully exploiting this issue allows attackers to execute arbitrary code, facilitating the remote compromise of affected computers.

Windows Server 2000 Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2 are confirmed vulnerable to this issue.

Microsoft Windows 2000 Professional SP4, Windows XP SP2, and Windows Vista are not affected by this vulnerability.

13. 3proxy HTTP Proxy Request Buffer Overflow Vulnerability
BugTraq ID: 23545
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23545
Summary:
3proxy is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.

Attackers can exploit this issue to cause denial-of-service conditions and possibly to execute arbitrary code with the privileges of the application.

3proxy 0.5 to 0.5.3g and 0.6b-devel before 20070413 are vulnerable to this issue.

14. Sun Solaris IP Implementation Remote Denial of Service Vulnerability
BugTraq ID: 23468
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23468
Summary:
Sun Solaris is prone to a local and remote denial-of-service vulnerability because the software fails to handle exceptional conditions.

An attacker can exploit this issue to exhaust CPU resources and cause a denial-of-service condition against network services provided by the system or local services.

This issue affects Solaris 8 and Solaris 9.

15. NeatUpload HTTPWorkerRequest.FlushResponse Information Disclosure Vulnerability
BugTraq ID: 23578
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/23578
Summary:
NeatUpload is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to access sensitive information that may lead to further attacks.

This issue affects NeatUpload 1.2.11 to 1.2.16, 1.1.18 to 1.1.23, and trunk.379 to trunk.445.

16. Gimp XCF_load_vector Function Buffer Overflow Vulnerability
BugTraq ID: 18877
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/18877
Summary:
Gimp is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input data before copying it to an insufficiently sized memory buffer.

An attacker may cause malicious code to execute by forcing the application to read raw data from a malicious image file, with the privileges of the user running the GIMP application.

17. Lighttpd Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 23515
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/23515
Summary:
Lighttpd is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly handle unexpected conditions.

Successfully exploiting these issues allows remote attackers to trigger an infinite loop, consuming excessive CPU resources, or to crash affected servers via a NULL-pointer dereference. This will deny further service to legitimate users.

Lighttpd versions prior to 1.4.14 are vulnerable.

18. KTorrent Multiple Remote Vulnerabilities
BugTraq ID: 22930
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/22930
Summary:
KTorrent is prone to multiple remote vulnerabilities, including a directory-traversal vulnerability and an unspecified vulnerability when processing messages with invalid chunk indexes.

Very little information is known about one of these issues. This BID will be updated as soon as more information becomes available.

An attacker can exploit the directory-traversal issue to overwrite arbitrary files on the user's system. Presumably, the unspecified vulnerability when processing messages with invalid chunk indexes will allow attackers to execute arbitrary code or to cause a denial of service, but this has not been confirmed.

Versions prior to 2.1.2 are vulnerable to these issues.

19. Vixie Cron ST_Nlink Check Local Denial of Service Vulnerability
BugTraq ID: 23520
Remote: No
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/23520
Summary:
Vixie Cron is prone to a local denial-of-service vulnerability.

This issue occurs when attackers create hard file links to cron files belonging to both privileged and normal users.

A local attacker may exploit this issue to prevent cron files owned by privileged and non-privileged users from being executed at startup or on the next reload of the cron database.

Vixie Cron versions prior to 4.1-r10 are vulnerable.

20. Man Command -H Flag Local Buffer Overflow Vulnerability
BugTraq ID: 23355
Remote: No
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/23355
Summary:
The 'man' command is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation.

NOTE: Presumably, this issue is exploitable only when 'man' has been installed setuid.

Exploiting this issue allows attackers to execute malicious machine code with the privileges of the 'man' utility. This can result in the compromise of affected computers. Failed exploit attempts will likely result in denial-of-service conditions.

21. Horde Framework Login.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 22984
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/22984
Summary:
Horde Framework is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials.

This issue affects versions prior to 3.1.4.

22. Vixie Cron Crontab File Disclosure Vulnerability
BugTraq ID: 13024
Remote: No
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/13024
Summary:
Vixie cron crontab is reported prone to an information-disclosure vulnerability that may allow local attackers to access users' crontab files.

Reportedly, this issue arises due to a design error resulting in the insecure creation of a temporary file in the '/tmp' directory. This occurs when crontab is executed with the '-e' option used for editing the current crontab.

Attackers may leverage this issue to access potentially sensitive data, which they may use to carry out further attacks against a computer.

Vixie cron 4.1-24_FC3 running on Fedora Core 3 is reported vulnerable. Other versions on different operating systems may be affected as well.

This issue may be specific to Red Hat operating systems and may be related to BID 1845 (HP-UX crontab /tmp File Vulnerability).

23. Avahi Compressed DNS Denial Of Service Vulnerability
BugTraq ID: 21881
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/21881
Summary:
Avahi is prone to a denial-of-service vulnerability.

A remote attacker may exploit this issue to cause the application to crash, denying further service to legitimate users.

Versions prior to 0.6.16 are vulnerable to this issue.

24. Extremail Buffer Overflow And DNS Spoofing Vulnerabilities
BugTraq ID: 23577
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/23577
Summary:
eXtremail is prone to a buffer-overflow issue and DNS-spoofing vulnerabilities that could allow malicious users to trigger denial-of-service conditions, execute remote code with superuser privileges, and perform DNS-spoofing attacks on clients on unprotected networks.

These issues affect eXtremail 2.1 and 2.1.1; other versions may also be affected.

25. FreePBX SIP Packet Multiple HTML Injection Vulnerabilities
BugTraq ID: 23575
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/23575
Summary:
FreePBX is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content.

Attacker-supplied HTML and script code may be executed in the context of the affected web application, potentially allowing the attacker to steal cookie-based authentication credentials, control how the web application is displayed to the user, or manipulate the underlying PBX application; other attacks are also possible.

FreePBX 2.2. series is vulnerable to these issues.

26. Exponent CMS Multiple Input Validation Vulnerabilities
BugTraq ID: 23574
Remote: Yes
Last Updated: 2007-04-20
Relevant URL: http://www.securityfocus.com/bid/23574
Summary:
Exponent CMS is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the context of the webserver process, control how the site is rendered to the user, compromise the application, obtain sensitive information, and access or modify data.

27. Xaraya Roles Module Form Handler Security Bypass Vulnerability
BugTraq ID: 23631
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23631
Summary:
Xaraya is prone to a vulnerability that will let attackers gain administrative access to the application.

Successful exploits may result in a complete compromise of vulnerable applications.

This issue affects versions of Xaraya prior to 1.1.3.

28. Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
BugTraq ID: 23467
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23467
Summary:
Aircrack-ng Airodump-ng is prone to a remote buffer-overflow because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

Only applications running with '-w or --write' parameters are vulnerable to this issue.

An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.

Airodump-ng 0.7 is vulnerable to this issue; other versions may also be vulnerable.

29. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
BugTraq ID: 19849
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/19849
Summary:
OpenSSL is prone to a vulnerability that may allow an attacker to forge an RSA signature. The attacker may be able to forge a PKCS #1 v1.5 signature when an RSA key with exponent 3 is used.

An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key.

All versions of OpenSSL prior to and including 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.

30. ImageMagick XGetPixel/XInitImage Multiple Integer Overflow Vulnerabilities
BugTraq ID: 23300
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23300
Summary:
ImageMagick is prone to multiple integer-overflow vulnerabilities because it fails to properly validate user-supplied data.

An attacker can exploit these issues to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause denial-of-service conditions.

31. HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
BugTraq ID: 23630
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23630
Summary:
HP StorageWorks Command View Advanced Edition for XP is prone to a local unauthorized-access vulnerability.

An attacker can exploit this issue to gain unauthorized access to users' accounts on an affected application.

This issue affects the vulnerable products when any of the following packages are installed:

HP StorageWorks Command View Device Manager
HP StorageWorks Command View Global Link Availability Manager
HP StorageWorks Command View Replication Monitor
HP StorageWorks Command View Tiered Storage Manager
HP StorageWorks Command View Tuning Manager

32. Cdelia Software ImageProcessing Malformed BMP File Denial of Service Vulnerability
BugTraq ID: 23629
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23629
Summary:
Cdelia Software ImageProcessing is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

33. MadWIFI Ad-Hoc Mode Denial of Service Vulnerability
BugTraq ID: 23433
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23433
Summary:
MADWifi is prone to a denial-of-service vulnerability when running in 'Ad-Hoc' mode.

Attackers can exploit this issue to crash affected computers, denying service to legitimate users.

Versions prior to 0.9.3 are vulnerable.

34. Claroline RootSys Remote File Include Vulnerability
BugTraq ID: 23609
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23609
Summary:
Claroline is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

35. DMCMS Upload_File.PHP Arbitrary File Upload Vulnerability
BugTraq ID: 23628
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23628
Summary:
DMCMS is prone to an arbitrary-file-upload vulnerability.

An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.

36. Nullsoft Winamp PLS File Remote Denial of Service Vulnerability
BugTraq ID: 23627
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23627
Summary:
Nullsoft Winamp is prone to a denial-of-service vulnerability when processing malformed PLS files.

Successfully exploiting this issue allows remote attackers to crash affected applications.

This issue is reported to affect Winamp 5.33; other versions may also be affected.

37. Mod_Perl Path_Info Remote Denial Of Service Vulnerability
BugTraq ID: 23192
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23192
Summary:
The 'mod_perl' module is prone to a remote denial-of-service vulnerability.

Successful exploits may allow remote attackers to cause denial-of-service conditions on the webserver running the mod_perl module.

38. YA Book City Field HTML-injection Vulnerability
BugTraq ID: 23626
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23626
Summary:
YA Book is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input before displaying it in dynamically generated content.

An attacker could exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting victim in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

YA Book 0.98-alpha is vulnerable to this issue; prior versions may also be affected.

39. XnView XPMHeaders Buffer Overflow Vulnerability
BugTraq ID: 23625
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23625
Summary:
XnView is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial of service.

This issue affects XnView 1.90.3; other versions may also be vulnerable.

40. phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 23624
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23624
Summary:
phpMyAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

phpMyAdmin versions prior to 2.10.1 are vulnerable to this issue.

41. ACDSee XPMHeaders Buffer Overflow Vulnerability
BugTraq ID: 23620
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23620
Summary:
ACDSee is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial of service.

This issue affects ACDSee 9.0; other versions may also be vulnerable.

42. GNU Mailutils Imap4D Search Command Remote Format String Vulnerability
BugTraq ID: 14794
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/14794
Summary:
The 'imap4d' daemon is prone to a remote format-string vulnerability.

The issue presents itself when the service handles malicious search commands from a client.

A successful attack may allow attackers to execute arbitrary code, which may help them gain unauthorized access or escalate privileges in the context of the server.

This issue has been confirmed in GNU Mailutils 0.6; other versions may be vulnerable as well.

43. GPB Bulletin Board Multiple Remote File Include Vulnerabilities
BugTraq ID: 23622
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23622
Summary:
GPB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

GPB 2001.11.14-1 is vulnerable; other versions may also be affected.

44. Nullsoft Winamp MIDI File Processing Denial of Service Vulnerability
BugTraq ID: 23568
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23568
Summary:
Nullsoft Winamp is prone to a denial-of-service vulnerability when processing malformed MIDI files.

Successfully exploiting this issue allows remote attackers to crash affected applications. Code execution may also be possible, but this has not been confirmed.

This issue is reported to affect Winamp 5.3; other versions may also be affected.

45. X.Org X11 XC-MISC Extension Integer Overflow Vulnerability
BugTraq ID: 23284
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23284
Summary:
X11 is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied input.

An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions.

46. Clam AntiVirus ClamAV Multiple Remote Vulnerabilities
BugTraq ID: 23473
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23473
Summary:
ClamAV is prone to a file-descriptor leakage vulnerability and a buffer-overflow vulnerability.

A successful attack may allow an attacker to obtain sensitive information, cause denial-of-service conditions, and execute arbitrary code in the context of the user running the affected application.

ClamAV versions prior to 0.90.2 are vulnerable to these issues.

47. NetSprint Toolbar ActiveX Denial of Service Vulnerability
BugTraq ID: 23530
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23530
Summary:
NetSprint Toolbar ActiveX control is prone to a denial-of-service vulnerability.

Exploiting this issue allows remote attackers to crash applications that employ the vulnerable controls (typically Microsoft Internet Explorer). Attackers may potentially be able to exploit this issue to execute code, but this has not been confirmed.

NetSprint Toolbar ActiveX Control 1.1 is vulnerable to this issue; other versions may also be vulnerable.

48. Adobe Photoshop Multiple File Format Buffer Overflow Vulnerability
BugTraq ID: 23621
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23621
Summary:
Adobe Photoshop is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue by enticing a victim to load a malicious file. If successful, the attacker can execute arbitrary code in the context of the affected application.

This issue affects Photoshop CS2 and CS3.

49. Second Sight Software Multiple ActiveX Controls Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 23554
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23554
Summary:
Second Sight Software ActiveGS and ActiveMod ActiveX controls are prone to multiple buffer-overflow vulnerabilities because the software fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX controls and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

50. Cisco Multiple Devices Crafted IP Option Multiple Remote Code Execution Vulnerability
BugTraq ID: 22211
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/22211
Summary:
Multiple Cisco switches and routers running Cisco IOS and Cisco IOS XR are prone to multiple remote code-execution vulnerabilities. These issues occur because the devices fail to handle specially crafted network packets.

An attacker can exploit these issues to execute arbitrary code within the context of the affected device. Failed exploit attempts will result in a denial of service.

These issues affect only devices that are configured to handle Internet Protocol version 4 (IPv4) packets. These issues do not affect devices that are configured to handle only Internet Protocol version 6 (IPV6) packets.

These issues are being tracked by Cisco Bug IDs CSCeh52410 and CSCec71950.

51. Opera Web Browser Running Adobe Flash Player Unspecified Vulnerability
BugTraq ID: 23437
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23437
Summary:
Opera Web Browser is prone to an unspecified vulnerability when running Adobe Flash Player.

Currently very little is known regarding this issue. This BID will be updated as more information becomes available.

Opera Web Browser versions prior to 9.20 are vulnerable.
Adobe Flash Player versions prior to 9.0.28.0 are vulnerable.

52. Linksys SPA941 \377 Character Denial of Service Vulnerability
BugTraq ID: 23619
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23619
Summary:
Linksys SPA941 phones are prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to cause the device to reboot, effectively denying service to legitimate users.

53. PostgreSQL SECURITY DEFINER Function Local Privilege Escalation Vulnerability
BugTraq ID: 23618
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23618
Summary:
PostgreSQL is prone to a local privilege-escalation vulnerability.

Exploiting this issue allows local attackers to escalate privileges in the context of the 'security_definer' function.

PostgreSQL versions prior to 8.2.4, 8.1.9, 8.0.13, 7.4.17, and 7.3.19 are vulnerable to this issue.

54. Opera FTP PASV Port-Scanning Vulnerability
BugTraq ID: 23089
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23089
Summary:
Opera is prone to vulnerability that may allow attackers to obtain potentially sensitive information.

A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive information about services that are running on the affected computer. Information obtained may aid attackers in further attacks.

55. Pagode Navigator_ok.PHP Directory Traversal Vulnerability
BugTraq ID: 23617
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23617
Summary:
Pagode is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

A remote attacker can exploit this issue to retrieve the contents of arbitrary files in the context of the webserver process.

This issue affects Pagode 0.5.8; other versions may also be affected.

56. Apple Quicktime Unspecified Java Handling Arbitrary Code Execution Vulnerability
BugTraq ID: 23608
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23608
Summary:
QuickTime is prone to a vulnerability that may aid in the remote compromise of a vulnerable computer.

The issue occurs when a Java-enabled browser is used to view a malicious website. QuickTime must also be installed. Few details are currently available regarding this issue. This BID will be updated as more information emerges.

This issue is exploitable through both Safari and Mozilla Firefox running on Mac OS X. Reports indicate that Firefox on Microsoft Windows platforms may also be an exploit vector.

57. Phorum Multiple Input Validation Vulnerabilities
BugTraq ID: 23616
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23616
Summary:
Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied input.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify sensitive data, or exploit latent vulnerabilities in the underlying database implementation.

Phorum 5.1.20 is affected; prior versions may also be vulnerable.

58. Linux Kernel NFSACL Denial of Service Vulnerability
BugTraq ID: 22625
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/22625
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.

This issue affects the Linux kernel 2.6 series up to 2.6.20.

59. IPv6 Protocol Type 0 Route Header Denial of Service Vulnerability
BugTraq ID: 23615
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23615
Summary:
IPv6 protocol implementations are prone to a denial-of-service vulnerability due to a design error.

Exploiting this issue allows attackers to cause denial-of-service conditions.

This issue is related to the issue discussed in BID 22210 (Cisco IOS IPv6 Source Routing Remote Memory Corruption Vulnerability).

60. Multiple Web Browser UTF-7 Cross-Domain Character-Set-Inheritance Vulnerability
BugTraq ID: 22701
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/22701
Summary:
Opera Web Browser and Microsoft Internet Explorer are prone to a cross-domain character-set-inheritance vulnerability.

Exploiting this issue can allow attackers to perform cross-site scripting attacks on unsuspecting users. If successful, attackers can steal cookie-based authentication credentials.

Opera Web Browser 9 series and Microsoft Internet Explorer 7 series are affected.

61. MADWiFi IEEE80211_Output.C Unencrypted Data Packet Multiple Vulnerabilities
BugTraq ID: 23434
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23434
Summary:
MADWiFi is prone to a denial-of-service vulnerability, an information-disclosure issue, and a packet-spoofing vulnerability. These issues occur because of a design error.

An attacker can exploit these issues to spoof network traffic, crash arbitrary processes, and gain access to sensitive information.

These issues affect versions prior to 0.9.3.

62. Network Audio System Local Privilege Escalation and Denial of Service Vulnerabilities
BugTraq ID: 23017
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23017
Summary:
Network Audio System is prone to local privilege-escalation and denial-of-service vulnerabilities.

An attacker can exploit these issues to execute arbitrary commands with root privileges or to overwrite arbitrary system files, resulting in denial-of-service conditions.

Network Audio System version 1.8a is affected; other versions may also be vulnerable.

63. Linux Kernel BINFMT_ELF PT_INTERP Local Information Disclosure Vulnerability
BugTraq ID: 22903
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/22903
Summary:
The Linux kernel is prone to a vulnerability in the Linux ELF binary loader. Exploiting this issue can allow local attackers to gain access to privileged information.

An attacker may be able to obtain sensitive data that can potentially be used to gain elevated privileges.

This issue is a variant of the vulnerability assigned CVE candidate ID CAN-2004-1073, which is documented in BID 11646.

Linux Kernel versions in the 2.6.0 branch prior to 2.6.20 are vulnerable; versions in the 2.4.0 branch may also be affected.

64. Apple Mac OS X 2007-004 Multiple Security Vulnerabilities
BugTraq ID: 23569
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23569
Summary:
Apple Mac OS X is prone to multiple security vulnerabilities.

These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation.

Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present.

Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues.

65. ZZipLib ZZip_Open_Shared_IO Stack Buffer Overflow Vulnerability
BugTraq ID: 23013
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23013
Summary:
ZZIPlib is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue may allow attackers to execute arbitrary machine code in the context of applicaitons using the library. Failed exploit attempts will likely result in a denial-of-service condition.

Versions prior to 0.13.49 are vulnerable.

66. FreeRADIUS Multiple RLM_SQLCounter Buffer Overflow Vulnerabilities
BugTraq ID: 17293
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/17293
Summary:
FreeRADIUS is prone to multiple buffer-overflow vulnerabilities. These issues are due to a failure in the application to do proper bounds checking on user-supplied data.

Reportedly, these issues may result in a denial-of-service condition only. Attackers cannot exploit these issues to gain unauthorized remote access.

67. FreeRadius RLM_SQLCounter SQL Injection Vulnerability
BugTraq ID: 17294
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/17294
Summary:
FreeRADIUS is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.

Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

68. Blender KMZ/KML Remote Command Execution Vulnerability
BugTraq ID: 22770
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/22770
Summary:
Blender is prone to a remote command-execution vulnerability.

An attacker could exploit this issue by enticing an unsuspecting victim to open a malicious file. A successful exploit will allow arbitrary Python commands to run within the privileges of the currently logged-in user.

69. Maran PHP Forum Forum_write.PHP Arbitrary File Upload Vulnerability
BugTraq ID: 23614
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23614
Summary:
Maran PHP Forum is prone to an arbitrary-file-upload vulnerability.

An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.

Maran PHP Forum 09.04.2006 is vulnerable.

70. MPlayer DMO File Parsing Buffer Overflow Vulnerability
BugTraq ID: 22771
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/22771
Summary:
MPlayer is susceptible to a buffer-overflow vulnerability when it attempts to process malformed video files. This issue occurs because the application fails to perform proper bounds-checking on user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.

MPlayer version 1.0rc1 is vulnerable to this issue; previous versions may also be affected.

71. Joomla! PCLTar.PHP Remote File Include Vulnerability
BugTraq ID: 23613
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23613
Summary:
Joomla! is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects Joomla! 1.5.0 Beta; other versions may also be vulnerable.

72. MyBulletinBoard Calendar.PHP SQL Injection Vulnerability
BugTraq ID: 23612
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23612
Summary:
MyBulletinBoard is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user input.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

MyBulletinBoard 1.2.5 and prior versions are vulnerable; other versions may also be affected.

73. LMS RTMessageAdd.PHP Remote File Include Vulnerability
BugTraq ID: 23611
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23611
Summary:
LMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects LMS 1.5.3 and 1.5.4; earlier versions may also be vulnerable.

74. Post Revolution Dir Multiple Remote File Include Vulnerabilities
BugTraq ID: 23607
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23607
Summary:
Post Revolution is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Post Revolution 7.0 RC2 and 6.6 are vulnerable; other versions may also be affected.

75. Sendmail Unspecified Denial Of Service Vulnerability
BugTraq ID: 23606
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23606
Summary:
Sendmail is prone to a denial-of-service vulnerability.

No further information is available at the moment.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

Insufficient information is currently available to determine whether this is only an HP-specific issue. This BID will be updated as soon as more information emerges.

This issue may have already been disclosed in a previous BID, but not enougyh information is available for a proper correlation at this time. This BID may be retired as more information emerges.

76. Mephisto Blog Author Comment HTML Injection Vulnerability
BugTraq ID: 23137
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23137
Summary:
Mephisto Blog is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

Mephisto Blog 0.7.3 is vulnerable to this issue.

77. Check Point Zone Alarm Srescan.SYS Multiple Local Privilege Escalation Vulnerabilities
BugTraq ID: 23579
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23579
Summary:
Check Point ZoneAlarm is prone to multiple local privilege-escalation vulnerabilities.

On a default installation, only certain restricted accounts can access the vulnerable sections of the application.

An attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. A successful exploit will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

Check Point ZoneAlarm versions using ZoneAlarm Spyware Removal Engine (SRE) versions prior to 5.0.156.0 are vulnerable to this issue; other products using the vulnerable engine are reported vulnerable.

78. Novell Groupwise WebAccess GWINTER.EXE Remote Buffer Overflow Vulnerability
BugTraq ID: 23556
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23556
Summary:
Novell Groupwise WebAccess is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

79. Linux Kernel Key_Alloc_Serial() Local Denial of Service Vulnerability
BugTraq ID: 22539
Remote: No
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/22539
Summary:
The Linux Kernel is prone to a denial-of-service vulnerability.

A successful attack can allow local attackers to trigger a crash and deny service to legitimate users.

Kernel versions 2.6.x are vulnerable.

80. EsForum Forum.PHP SQL Injection Vulnerability
BugTraq ID: 23605
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23605
Summary:
EsForum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

EsForum 3.0 is vulnerable; other versions may also be affected.

81. Corel Paint Shop Pro Photo Malformed CLP File Buffer Overflow Vulnerability
BugTraq ID: 23604
Remote: Yes
Last Updated: 2007-04-24
Relevant URL: http://www.securityfocus.com/bid/23604
Summary:
Corel Paint Shop Pro Photo is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue by enticing a victim to load a malicious CLP file. If successful, the attacker can execute arbitrary code in the context of the affected application.

This issue affects Corel Paint Shop Pro Photo 11.20; other versions may also be affected.

82. ACVSWS Transport.PHP Remote File Include Vulnerability
BugTraq ID: 23603
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23603
Summary:
acvsws_php5 is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

83. PHPMySpace Gold Article.PHP SQL Injection Vulnerability
BugTraq ID: 23602
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23602
Summary:
phpMySpace Gold is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

phpMySpace Gold 8.10 is vulnerable; other versions may also be affected.

84. OpenSSH S/Key Remote Information Disclosure Vulnerability
BugTraq ID: 23601
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23601
Summary:
OpenSSH contains an information-disclosure vulnerability when S/Key authentication is enabled. This issue occurs because the application fails to properly obscure the existence of valid usernames in authentication attempts.

Exploiting this vulnerability allows remote users to test for the existence of valid usernames. Knowledge of system users may aid in further attacks.

85. File117 Multiple Remote File Include Vulnerabilities
BugTraq ID: 23600
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23600
Summary:
File117 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

86. PHPMyBibli Init.Inc.PHP Remote File Include Vulnerability
BugTraq ID: 23599
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23599
Summary:
PHPMyBibli is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects PHPMyBibli 1.32; other versions may also be vulnerable.

87. Allfaclassifieds Level2.PHP Remote File Include Vulnerability
BugTraq ID: 23598
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23598
Summary:
Allfaclassifieds is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Allfaclassifieds 6.04 is vulnerable; other versions may also be affected.

88. Ripe Website Manager Multiple Input Validation Vulnerabilities
BugTraq ID: 23597
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23597
Summary:
Ripe Website Manager is prone to multiple input-validation vulnerabilities, including a cross-site scripting issue and an SQL-injection issue.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

This issue affects Ripe Website Manager 0.8.4 and prior versions.

89. Microgaming Download Helper ActiveX Control Remote Buffer Overflow Vulnerability
BugTraq ID: 23595
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23595
Summary:
Microgaming Download Helper ActiveX control is prone to a stack-based buffer-overflow vulnerability because it fails to sufficiently check boundaries of user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue by enticing victims into opening a malicious HTML document.

Exploiting this issue allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

90. Linux Kernel L2CAP and HCI Setsockopt Memory Leak Information Disclosure Vulnerability
BugTraq ID: 23594
Remote: No
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23594
Summary:
Linux Kernel is prone to an information-disclosure vulnerability because it fails to handle unexpected user-supplied input.

Successful exploits will allow attackers to view portions of kernel memory. Information harvested may be used in further attacks.

Kernel versions 2.4.34.2 and prior are vulnerable to this issue.

91. McAfee VirusScan On-Access Scanner File Name Buffer Overflow Vulnerability
BugTraq ID: 23543
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23543
Summary:
McAfee VirusScan On-Access Scanner is prone to a filename-buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. Failed exploit attempts may disable the On-Access Scanner component of McAfee VirusScan.

McAfee VirusScan On-Access Scanner 8.0i Enterprise Patch 11 and earlier versions are vulnerable to this issue.

92. TJSChat You.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 23593
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23593
Summary:
TJSChat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

This issue affects TJSChat 0.95; other versions may also be affected.

93. Mozilla Firefox/SeaMonkey/Thunderbird Multiple Remote Vulnerabilities
BugTraq ID: 21668
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/21668
Summary:
The Mozilla Foundation has released nine security advisories specifying vulnerabilities in Firefox, SeaMonkey, and Thunderbird.

These vulnerabilities allow attackers to:

- execute arbitrary code
- perform cross-site scripting attacks
- inject arbitrary content
- gain escalated privileges
- crash affected applications and potentially execute arbitrary code.

Other attacks may also be possible.

94. WEBinsta FM Manager Admin Cookies Remote File Include Vulnerability
BugTraq ID: 23592
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23592
Summary:
WEBinsta FM Manager is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

WEBinsta FM Manager 0.4.1 is vulnerable; other versions may also be affected.

95. MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
BugTraq ID: 23436
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23436
Summary:
MADWifi is prone to a denial-of-service vulnerability because if fails to properly handle certain network packets.

An attacker may exploit this issue by submitting a maliciously crafted packet to the vulnerable computer.

Attackers can exploit this issue to switch a communication channel, causing loss of communication and thus denying service to legitimate users.

Versions prior to 0.9.3 are vulnerable.

96. MadWifi Auth Frame IBSS Remote Denial of Service Vulnerability
BugTraq ID: 23431
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23431
Summary:
MADWifi is prone to a remote denial-of-service vulnerability because the application fails to handle certain AUTH frames from an IBSS node.

An attacker can exploit this issue to cause the affected computer to crash, denying further service to legitimate users.

This issue affects MADWifi 0.9.3 and prior versions.

97. Big Blue Guestbook Comment HTML Injection Vulnerability
BugTraq ID: 23591
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23591
Summary:
Big Blue Guestbook is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would run in the browser of an unsuspecting victim in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

98. Yate SIP Protocol Denial of Service Vulnerability
BugTraq ID: 23590
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23590
Summary:
Yate is prone to a remote denial-of-service vulnerability because it fails to handle exceptional conditions.

Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users.

This issue affects Yate 1.1.0 and prior versions.

99. Oracle April 2007 Security Update Multiple Vulnerabilities
BugTraq ID: 23532
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23532
Summary:
Oracle has released a Critical Patch Update advisory for April 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well.

The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise.

100. Courier-IMAP XMAILDIR Shell Command Injection Vulnerability
BugTraq ID: 23589
Remote: Yes
Last Updated: 2007-04-23
Relevant URL: http://www.securityfocus.com/bid/23589
Summary:
Courier-IMAP is prone to a shell-command-injection vulnerability.

Commands executed through this vulnerability could permit an attacker to gain access to a vulnerable system.

Courier-IMAP versions for Gentoo prior to 4.0.6-r2 are vulnerable to this issue.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. A Mac gets whacked, a second survives
By: Robert Lemos
Researchers use a previously unknown flaw in Apple's Safari browser to compromise a MacBook Pro and win the PWN to Own contest, but does the hack actually prove anything?
http://www.securityfocus.com/news/11461

2. MacBooks withstand mild attacks on patch day
By: Robert Lemos
On the same day that Apple releases an update for its Mac OS X, security professionals at a conference in Canada show little initial interest in attempting to crack the security of two MacBook Pros.
http://www.securityfocus.com/news/11460

3. Attackers improve on JavaScript trickery
By: Robert Lemos
Latest malicious software throws in more obfuscation and works harder to foil defenders' attempts at reverse engineering.
http://www.securityfocus.com/news/11459

4. U.S. agencies get 'C-' for computer security
By: Robert Lemos
In an annual report card mandated by federal law, two dozen federal agencies improve their average grade slightly from last year's 'D+'.
http://www.securityfocus.com/news/11458

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Channel / Business Development, New York
http://www.securityfocus.com/archive/77/466536

2. [SJ-JOB] Security Auditor, Berkshire
http://www.securityfocus.com/archive/77/466539

3. [SJ-JOB] Sr. Security Analyst, Schaumburg
http://www.securityfocus.com/archive/77/466542

4. [SJ-JOB] Sr. Security Analyst, Riyadh
http://www.securityfocus.com/archive/77/466546

5. [SJ-JOB] Sr. Security Analyst, chennai
http://www.securityfocus.com/archive/77/466547

6. [SJ-JOB] Penetration Engineer, Mumbai, Pune
http://www.securityfocus.com/archive/77/466548

7. [SJ-JOB] Security System Administrator, Riyadh
http://www.securityfocus.com/archive/77/466532

8. [SJ-JOB] Technology Risk Consultant, Riyadh
http://www.securityfocus.com/archive/77/466538

9. [SJ-JOB] Security System Administrator, Plymouth or London
http://www.securityfocus.com/archive/77/466543

10. [SJ-JOB] CISO, Tokyo
http://www.securityfocus.com/archive/77/466504

11. [SJ-JOB] Security Architect, Frankfurt am Main
http://www.securityfocus.com/archive/77/466512

12. [SJ-JOB] Application Security Engineer, Gurgaon
http://www.securityfocus.com/archive/77/466519

13. [SJ-JOB] Security Product Marketing Manager, San Jose
http://www.securityfocus.com/archive/77/466520

14. [SJ-JOB] Penetration Engineer, Munich
http://www.securityfocus.com/archive/77/466531

15. [SJ-JOB] Application Security Engineer, Seattle area
http://www.securityfocus.com/archive/77/466540

16. [SJ-JOB] Manager, Information Security, Wilson
http://www.securityfocus.com/archive/77/466526

17. [SJ-JOB] Manager, Information Security, Raleigh
http://www.securityfocus.com/archive/77/466530

18. [SJ-JOB] Auditor, Jacksonville /Gainesville
http://www.securityfocus.com/archive/77/466534

19. [SJ-JOB] Manager, Information Security, Boston
http://www.securityfocus.com/archive/77/466549

20. [SJ-JOB] Security Engineer, Northern
http://www.securityfocus.com/archive/77/466510

21. [SJ-JOB] Security System Administrator, London
http://www.securityfocus.com/archive/77/466516

22. [SJ-JOB] Sales Representative, Atlanta
http://www.securityfocus.com/archive/77/466517

23. [SJ-JOB] Security Consultant, Edinburgh
http://www.securityfocus.com/archive/77/466518

24. [SJ-JOB] Training / Awareness Specialist, Northern
http://www.securityfocus.com/archive/77/466527

25. [SJ-JOB] Security Consultant, Various
http://www.securityfocus.com/archive/77/466529

26. [SJ-JOB] Management, Northern
http://www.securityfocus.com/archive/77/466535

27. [SJ-JOB] Security Consultant, Bentonville
http://www.securityfocus.com/archive/77/466511

28. [SJ-JOB] Channel / Business Development, Boston
http://www.securityfocus.com/archive/77/466513

29. [SJ-JOB] CISO, Columbus
http://www.securityfocus.com/archive/77/466525

30. [SJ-JOB] Security System Administrator, Springfield
http://www.securityfocus.com/archive/77/466528

31. [SJ-JOB] Sales Engineer, Houston
http://www.securityfocus.com/archive/77/466523

32. [SJ-JOB] Sales Engineer, Austin
http://www.securityfocus.com/archive/77/466524

33. [SJ-JOB] Sales Engineer, Denver
http://www.securityfocus.com/archive/77/466533

34. [SJ-JOB] Sales Engineer, Dallas
http://www.securityfocus.com/archive/77/466490

35. [SJ-JOB] Quality Assurance, Bay Area
http://www.securityfocus.com/archive/77/466493

36. [SJ-JOB] Director, Information Security, Charlotte
http://www.securityfocus.com/archive/77/466495

37. [SJ-JOB] Channel / Business Development, London
http://www.securityfocus.com/archive/77/466488

38. [SJ-JOB] Technical Support Engineer, Mountain View
http://www.securityfocus.com/archive/77/466489

39. [SJ-JOB] Security Consultant, London
http://www.securityfocus.com/archive/77/466496

40. [SJ-JOB] Sr. Security Analyst, Bethesda
http://www.securityfocus.com/archive/77/466503

41. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/466522

42. [SJ-JOB] Security Engineer, London
http://www.securityfocus.com/archive/77/466478

43. [SJ-JOB] Channel / Business Development, London
http://www.securityfocus.com/archive/77/466480

44. [SJ-JOB] Security Engineer, Westbury
http://www.securityfocus.com/archive/77/466487

45. [SJ-JOB] Security System Administrator, Woking, Surrey
http://www.securityfocus.com/archive/77/466498

46. [SJ-JOB] Manager, Information Security, London
http://www.securityfocus.com/archive/77/466505

47. [SJ-JOB] Security Consultant, Dulles
http://www.securityfocus.com/archive/77/466466

48. [SJ-JOB] Sr. Security Engineer, Fort Lauderdale
http://www.securityfocus.com/archive/77/466486

49. [SJ-JOB] Channel / Business Development, Irvine
http://www.securityfocus.com/archive/77/466494

50. [SJ-JOB] CISO, Mountain View
http://www.securityfocus.com/archive/77/466506

51. [SJ-JOB] Sales Engineer, Phoenix
http://www.securityfocus.com/archive/77/466460

52. [SJ-JOB] Security Engineer, Mountain View
http://www.securityfocus.com/archive/77/466470

53. [SJ-JOB] Management, Mountain View
http://www.securityfocus.com/archive/77/466477

54. [SJ-JOB] Sr. Security Analyst, Fort Lauderdale
http://www.securityfocus.com/archive/77/466481

55. [SJ-JOB] Software Engineer, Mountain View
http://www.securityfocus.com/archive/77/466457

56. [SJ-JOB] Sales Engineer, Englewood
http://www.securityfocus.com/archive/77/466458

57. [SJ-JOB] Security Architect, Norcross/Lawrenceville
http://www.securityfocus.com/archive/77/466467

58. [SJ-JOB] Security Architect, Fort Lauderdale
http://www.securityfocus.com/archive/77/466468

59. [SJ-JOB] Security Director, Chantilly
http://www.securityfocus.com/archive/77/466502

60. [SJ-JOB] Penetration Engineer, Leeds
http://www.securityfocus.com/archive/77/466461

61. [SJ-JOB] Security Engineer, Pittsburgh
http://www.securityfocus.com/archive/77/466469

62. [SJ-JOB] Application Security Architect, Hong Kong
http://www.securityfocus.com/archive/77/466476

63. [SJ-JOB] Sr. Security Engineer, Frederick
http://www.securityfocus.com/archive/77/466509

64. [SJ-JOB] Sales Engineer, Atlanta
http://www.securityfocus.com/archive/77/466451

65. [SJ-JOB] Channel / Business Development, Redwood City
http://www.securityfocus.com/archive/77/466452

66. [SJ-JOB] CHECK Team Leader, Leeds
http://www.securityfocus.com/archive/77/466459

67. [SJ-JOB] Channel / Business Development, Dallas
http://www.securityfocus.com/archive/77/466447

68. [SJ-JOB] Instructor, Irving
http://www.securityfocus.com/archive/77/466454

69. [SJ-JOB] Sales Engineer, NYC, Boston, Chicago, DC
http://www.securityfocus.com/archive/77/466448

V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Yet another SQL injection framework
http://www.securityfocus.com/archive/82/466299

2. CfP Hack.lu 2007
http://www.securityfocus.com/archive/82/466292

3. SyScan'07 Call for Papers - End 30th April 2007
http://www.securityfocus.com/archive/82/466293

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #338
http://www.securityfocus.com/archive/88/466639

VIII. SUN FOCUS LIST SUMMARY
----------------------------
1. Sun Application Server Drop Privs
http://www.securityfocus.com/archive/92/466736

IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics

ALERT: "How a Hacker Launches a SQL Injection Attack!"- SPI Dynamics White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving
hackers complete access to all your backend systems! Firewalls and IDS will not stop
such attacks because SQL Injections are NOT seen as intruders. Download this *FREE*
white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8O

No comments:

Blog Archive