WINDOWS CENTER: SecurityFocus Newsletter #401

SecurityFocus Newsletter #401
----------------------------------------

This Issue is Sponsored by: VeriSign

Increase customer confidence at transaction time with the latest breakthrough in online security - Extended Validation SSL from VeriSign.
Extended Validation triggers a green address bar in Microsoft IE7, which proves site identity.
Learn more at:

http://clk.atdmt.com/SFI/go/srv0890000048sfi/direct/01/

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Time for a new certification
2. 0wning Vista from the boot
II. BUGTRAQ SUMMARY
1. BitsCast PubDate Element Remote Denial Of Service Vulnerability
2. PHP Fusebox Index.PHP Cross-Site Scripting Vulnerability
3. Linux Kernel Netfilter NFNetLink_Log Multiple NULL Pointer Dereference Vulnerabilities
4. Xscreensaver Local Denial Of Service Vulnerability
5. SquirrelMail Multiple Cross Site Scripting Vulnerabilities
6. EfesTECH Haber Multiple SQL Injection Vulnerabilities
7. Beacon Splash.lang.PHP Remote File Include Vulnerability
8. PrecisionID Barcode PrecisionID_DataMatrix.DLL ActiveX Control Denial of Service Vulnerability
9. BlogMe Archshow.ASP SQL Injection Vulnerability
10. DB Software Laboratory VImpX ActiveX Control Buffer Overflow Vulnerability
11. PhpATM Index.PHP Directory Traversal Vulnerability
12. ACGV Annu ACVG.PHP Local File Include Vulnerability
13. EQDKP Show Variable Cross-Site Scripting Vulnerability
14. CommuniGate Pro Web Mail HTML Injection Vulnerability
15. IG Shop Page.PHP SQL Injection Vulnerability
16. Progress WebSpeed Denial Of Service Vulnerability
17. yEnc32 Decoder Overly Long Filename Heap Buffer Overflow Vulnerability
18. PHP ZVAL Reference Counter Integer Overflow Vulnerability
19. Microsoft Internet Explorer HTML Objects Script Errors Variant Remote Code Execution Vulnerability
20. Microsoft Internet Explorer HTML Objects Script Errors Remote Code Execution Vulnerability
21. Microsoft Internet Explorer CHTSKDIC.DLL Arbitrary Code Execution Vulnerability
22. Microsoft Internet Explorer Property Method Remote Code Execution Vulnerability
23. Microsoft Internet Explorer Object Handling Remote Code Execution Vulnerability
24. Microsoft Windows Media Server MDSAuth.DLL ActiveX Control Remote Code Execution Vulnerability
25. Adobe RoboHelp Frameset-7.HTML Cross-Site Scripting Vulnerability
26. Microsoft Windows DNS Server Escaped Zone Name Parameter Buffer Overflow Vulnerability
27. Achievo ATK.Inc Remote File Include Vulnerability
28. Microsoft Management Console Zone Bypass Vulnerability
29. Microsoft XML Core Service XMLHTTP ActiveX Control Remote Code Execution Vulnerability
30. Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability
31. Microsoft Internet Explorer Vector Markup Language Buffer Overflow Vulnerability
32. Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability
33. Jetbox CMS Email FormMail.PHP Input Validation Vulnerability
34. HP Systems Insight Manager JSessionID Session Fixation Vulnerability
35. Multiple Personal Firewall Products Local Protection Mechanism Bypass Vulnerability
36. Samba SID Names Local Privilege Escalation Vulnerability
37. Samba MS-RPC Remote Shell Command Execution Vulnerability
38. Progress OpenEdge Multiple Denial Of Service Vulnerabilities
39. Apple Safari Unspecified Local Vulnerability
40. Samba NDR MS-RPC Request Heap-Based Buffer Overflow Vulnerability
41. Multiple Products Full/Half Width Unicode Detection Evasion Vulnerability
42. W2Box Arbitrary File Upload Vulnerability
43. DeWizardX ActiveX Control Arbitrary File Overwrite Vulnerability
44. Caucho Resin Multiple Information Disclosure Vulnerabilities
45. WordPress Akismet Plugin Unspecified Vulnerability
46. Multiple Vendor C Library realpath() Off-By-One Buffer Overflow Vulnerability
47. Retired: N/X WCMS PCLTar.PHP Remote File Include Vulnerability
48. Retired: CJG Explorer Pro G_Pcltar_Lib_Dir Multiple Remote File Include Vulnerabilities
49. PHPConcept PCLTar PCLTar.PHP Remote File Include Vulnerability
50. PHP MCrypt_Create_IV Insecure Encryption Weakness
51. Microsoft Windows Vista ARP Table Entries Denial of Service Vulnerability
52. SonicBB Multiple SQL Injection Vulnerabilities
53. Multiple BEA WebLogic Applications Multiple Vulnerabilities
54. PopTop PPTP Server GRE Packet Denial Of Service Vulnerability
55. Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
56. Webdesproxy GET Request Buffer Overflow Vulnerability
57. Linksnet Newsfeed Remote File Include Vulnerability
58. TinyIdentD Remote Buffer Overflow Vulnerability
59. KTorrent Remote Directory Traversal Variant Vulnerability
60. ELinks Relative Path Arbitrary Code Execution Vulnerability
61. Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability
62. Flip Everything.PHP Remote File Include Vulnerability
63. BlueZ HIDD Bluetooh HID Command Injection Vulnerability
64. Net-SNMP TCP Disconnect Remote Denial Of Service Vulnerability
65. Sun Java RunTime Environment Multiple Buffer Overflow Vulnerabilities
66. Apache HTTP Server Tomcat Directory Traversal Vulnerability
67. Sun Java Web Start Unauthorized Access Vulnerability
68. Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities
69. Sun Java RunTime Environment GIF Images Buffer Overflow Vulnerability
70. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
71. Sun Java Runtime Environment Multiple Remote Privilege Escalation Vulnerabilities
72. MySQL IF Query Handling Remote Denial Of Service Vulnerability
73. Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
74. HP ServiceGuard For Linux Unspecified Remote Unauthorized Access Vulnerability
75. Linux Kernel Netfilter nf_conntrack IPv6 Packet Reassembly Rule Bypass Vulnerability
76. PHP sqlite_udf_decode_binary() Function Buffer Overflow Vulnerability
77. PHP Filter_Var FILTER_VALIDATE_EMAIL Newline Injection Vulnerability
78. PHP 5 PHP_Stream_Filter_Create() Function Buffer Overflow Vulnerability
79. PHP Msg_Receive() Memory Allocation Integer Overflow Vulnerability
80. PHP Folded Mail Headers Email Header Injection Vulnerability
81. PHP Zip_Entry_Read() Integer Overflow Vulnerability
82. PHP Session_Regenerate_ID Function Double Free Memory Corruption Vulnerability
83. PHP Hash Table Overwrite Arbitrary Code Execution Vulnerability
84. PHP Session_Decode Double Free Memory Corruption Vulnerability
85. PHP Mb_Parse_Str Function Register_Globals Activation Weakness
86. PHP EXT/Filter HTML Stripping Bypass Vulnerability
87. PHP PHP_Binary Heap Information Leak Vulnerability
88. PHP EXT/Filter Function Remote Buffer Overflow Vulnerability
89. PHP Shared Memory Functions Resource Verification Arbitrary Code Execution Vulnerability
90. PHP 5 Substr_Compare Integer Overflow Vulnerability
91. IFDate Administrative Authentication Bypass Vulnerability
92. HP ProCurve 9300m Switches Unspecified Denial of Service Vulnerability
93. Tools 4 Web News-Script NewsAdmin.PHP Remote File Include Vulnerability
94. Clever Components Database Comparer ActiveX Control Stack Based Buffer Overflow Vulnerability
95. MHSoftware Connect Daily Unspecified Vulnerability
96. T-Com Speedport Router Brute Force Security Bypass Weakness
97. NagiosQL Prepend_Adm.PHP Remote File Include Vulnerability
98. SonicBB Search.PHP Cross-Site Scripting Vulnerability
99. Notepad++ Ruby Source File Processing Buffer Overflow Vulnerability
100. Linux Kernel NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability
III. SECURITYFOCUS NEWS
1. Experts scramble to quash IPv6 flaw
2. E-Gold charged with money laundering
3. A Mac gets whacked, a second survives
4. MacBooks withstand mild attacks on patch day
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Technical Support Engineer, Mountain VIew
2. [SJ-JOB] Sr. Product Manager, SF Bay Area
3. [SJ-JOB] Sr. Security Analyst, Warren
4. [SJ-JOB] Security Engineer, Richmond
5. [SJ-JOB] Sales Engineer, New York
6. [SJ-JOB] Sales Engineer, New York
7. [SJ-JOB] Compliance Officer, Bozeman
8. [SJ-JOB] Sr. Security Analyst, Arlington/Fairfax
9. [SJ-JOB] Sr. Security Analyst, Montreal
10. [SJ-JOB] Security System Administrator, Charlotte
11. [SJ-JOB] Security System Administrator, Rockville
12. [SJ-JOB] Senior Software Engineer, Fort Knox
13. [SJ-JOB] Security Engineer, San Jose
14. [SJ-JOB] Technology Risk Consultant, Amsterdam
15. [SJ-JOB] Management, Superior
16. [SJ-JOB] Security Director, North Chicago
17. [SJ-JOB] Application Security Engineer, Burnaby
18. [SJ-JOB] Security Engineer, New York
19. [SJ-JOB] Security Engineer, Riyadh
20. [SJ-JOB] Penetration Engineer, London/South/UK Wide
21. [SJ-JOB] Regional Channel Manager, London
22. [SJ-JOB] Security Auditor, South UK
23. [SJ-JOB] Security Consultant, Washington DC
24. [SJ-JOB] Security Engineer, Cupertino
25. [SJ-JOB] Customer Service, Mt. View
26. [SJ-JOB] Software Engineer, Mt. View
27. [SJ-JOB] Database Security Architect, Jacksonville
28. [SJ-JOB] Software Engineer, Fort Knox
29. [SJ-JOB] Security Architect, Chicago
30. [SJ-JOB] Security System Administrator, Fort Knox
31. [SJ-JOB] Application Security Architect, Jacksonville
32. [SJ-JOB] Application Security Engineer, Chicago
33. [SJ-JOB] Security Engineer, San Francisco
34. [SJ-JOB] Security Product Marketing Manager, Cupertino
35. [SJ-JOB] Security Consultant, Chicago
36. [SJ-JOB] Forensics Engineer, Chicago
37. [SJ-JOB] Sr. Security Engineer, Boston
38. [SJ-JOB] Security Engineer, London
39. [SJ-JOB] Security Engineer, Arlington
40. [SJ-JOB] Jr. Security Analyst, Foster City
41. [SJ-JOB] Security Architect, Hertfordshire
42. [SJ-JOB] Security Consultant, Columbus
43. [SJ-JOB] Security Architect, Hertfordshire
44. [SJ-JOB] Certification & Accreditation Engineer, London
45. [SJ-JOB] Sr. Security Analyst, Dublin
46. [SJ-JOB] Certification & Accreditation Engineer, Tampa
47. [SJ-JOB] Sales Engineer, Mountain View
48. [SJ-JOB] Information Assurance Analyst, Washington
49. [SJ-JOB] Jr. Security Analyst, Washington
50. [SJ-JOB] Security Consultant, Toronto
51. [SJ-JOB] Application Security Architect, Boston
52. [SJ-JOB] Penetration Engineer, Toronto
53. [SJ-JOB] Account Manager, Southeastern United States
54. [SJ-JOB] Jr. Security Analyst, Washington
55. [SJ-JOB] CSO, Springfield
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Training Classes in SyScan'07
VII. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #341
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. understanding chkrootkit and rkhunter logs
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Time for a new certification
By Don Parker
I wrote a column for Securityfocus some time ago that aired my concerns over GIAC dropping the practical portion of their certification process. That column resulted in a lot of feedback, with most agreeing about how GIAC bungled what was up till then, the best certification around.
http://www.securityfocus.com/columnists/443

2. 0wning Vista from the boot
By Federico Biancuzzi
Federico Biancuzzi interviews Nitin and Vipin Kumar, authors of VBootkit, a rootkit that is able to load from Windows Vista boot-sectors. They discuss the "features" of their code, the support of the various versions of Vista, the possibility to place it inside the BIOS (it needs around 1500 bytes), and the chance to use it to bypass Vista's product activation or avoid DRM.
http://www.securityfocus.com/columnists/442

II. BUGTRAQ SUMMARY
--------------------
1. BitsCast PubDate Element Remote Denial Of Service Vulnerability
BugTraq ID: 23993
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23993
Summary:
BitsCast is prone to a remote denial-of-service vulnerability because it fails to adequately sanitize user-supplied input contained in RSS feeds.

An attacker can exploit this issue to crash the application, effectively denying service.

BitsCast 0.13.0 is vulnerable; other versions may also be affected.

2. PHP Fusebox Index.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 16274
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/16274
Summary:
PHP Fusebox is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

PHP Fusebox 4.0.6 is vulnerable; other versions may also be affected.

3. Linux Kernel Netfilter NFNetLink_Log Multiple NULL Pointer Dereference Vulnerabilities
BugTraq ID: 22946
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22946
Summary:
The Linux kernel is prone to multiple NULL-pointer dereference vulnerabilities.

A local attacker can exploit these issues to crash the affected kernel, denying service to legitimate users.

4. Xscreensaver Local Denial Of Service Vulnerability
BugTraq ID: 23783
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23783
Summary:
Xscreensaver is prone to a local denial-of-service vulnerability.

Successful exploits will cause the xscreensaver daemon to crash, unlock the screen, and allow unauthorized access to the vulnerable computer.

Xscreensaver versions prior to 5.02 are vulnerable to this issue.

5. SquirrelMail Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 23910
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23910
Summary:
SquirrelMail is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

6. EfesTECH Haber Multiple SQL Injection Vulnerabilities
BugTraq ID: 23960
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23960
Summary:
EfesTECH Haber is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

EfesTECH Haber 5.0 is vulnerable to these issues; other versions may also be affected.

7. Beacon Splash.lang.PHP Remote File Include Vulnerability
BugTraq ID: 23959
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23959
Summary:
Beacon is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects Beacon 0.2.0; other versions may also be vulnerable.

8. PrecisionID Barcode PrecisionID_DataMatrix.DLL ActiveX Control Denial of Service Vulnerability
BugTraq ID: 23957
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23957
Summary:
PrecisionID Barcode ActiveX control is prone to a denial-of-service vulnerability because it fails to perform adequate checks on user-supplied input data.

Attackers can exploit this issue to crash the browsers of unsuspecting users, resulting in a denial of service. Remote code execution may also be possible, but has not been confirmed.

PrecisionID Barcode ActiveX control 1.3 is vulnerable; other versions may also be affected.

9. BlogMe Archshow.ASP SQL Injection Vulnerability
BugTraq ID: 23956
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23956
Summary:
BlogMe is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

BlogMe 3.0 is vulnerable; other versions may also be affected.

10. DB Software Laboratory VImpX ActiveX Control Buffer Overflow Vulnerability
BugTraq ID: 23953
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23953
Summary:
The 'VImpX.ocx' ActiveX control shipped with the VImpX application is prone to a buffer-overflow vulnerability. The software fails to perform sufficient boundary checks of user-supplied input before copying it to an insufficiently sized memory buffer.

VImpX 4.7.3.0 on Windows XP Service Pack 2 is reported vulnerable to this issue; other products may be vulnerable as well.

11. PhpATM Index.PHP Directory Traversal Vulnerability
BugTraq ID: 23952
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23952
Summary:
phpATM is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process. Information obtained may aid in further attacks.

This issue affects phpATM 1.30; other versions may also be affected.

12. ACGV Annu ACVG.PHP Local File Include Vulnerability
BugTraq ID: 23842
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23842
Summary:
ACGV Annu is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an unauthorized user to view files and execute local scripts.

13. EQDKP Show Variable Cross-Site Scripting Vulnerability
BugTraq ID: 23951
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23951
Summary:
EQDKP is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

EQDKP 1.3.2c and prior versions are affected.

14. CommuniGate Pro Web Mail HTML Injection Vulnerability
BugTraq ID: 23950
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23950
Summary:
CommuniGate Pro is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.

CommuniGate Pro 5.1.8 and earlier versions are vulnerable to this issue.

Note that this issue is present only when using Microsoft Internet Explorer.

15. IG Shop Page.PHP SQL Injection Vulnerability
BugTraq ID: 23949
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23949
Summary:
iG Shop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

iG Shop 1.4 is vulnerable; other versions may also be affected.

16. Progress WebSpeed Denial Of Service Vulnerability
BugTraq ID: 23778
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23778
Summary:
WebSpeed is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input.

Successful exploits can allow attackers to cause the application to become unresponsive, denying service to legitimate users.

17. yEnc32 Decoder Overly Long Filename Heap Buffer Overflow Vulnerability
BugTraq ID: 23948
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23948
Summary:
yEnc32 Decoder is prone to a heap-based buffer-overflow issue because it fails to properly check boundaries on user-supplied data before copying it into an insufficiently sized memory buffer.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

yEnc32 Decoder 1.0.7.207 is vulnerable.

18. PHP ZVAL Reference Counter Integer Overflow Vulnerability
BugTraq ID: 22765
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22765
Summary:
PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values are not overrun.

A local attacker can exploit this vulnerability to execute arbitrary PHP scripts within the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

Note: According to 'MOPB-04-2007:PHP 4 unserialize() ZVAL Reference Counter Overflow', this issue may be remotely triggered in PHP 4.4.4 environments because many legacy PHP applications still use 'unserialize()' on user-supplied data. 'Unserialize()' uses the '__wakeup()' method of deserialized objects in an unsafe manner that may lead to remote arbitrary code execution. This BID has been changed to reflect the possibility of remote exploitation in PHP 4.4.4 environments.

19. Microsoft Internet Explorer HTML Objects Script Errors Variant Remote Code Execution Vulnerability
BugTraq ID: 23770
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23770
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

This vulnerability is related to how the browser handles script errors in certain situations. An attacker could exploit this issue to execute arbitrary code in the context of the user running the affected browser.

This issue affects Internet Explorer 7 running on Windows XP SP2, Windows Server 2003 SP1 and SP2, and on Windows Vista.

Microsoft states that this vulnerability is a variant of the issue discussed in BID 23772 (Microsoft Internet Explorer HTML Objects Script Errors Remote Code Execution Vulnerability).

20. Microsoft Internet Explorer HTML Objects Script Errors Remote Code Execution Vulnerability
BugTraq ID: 23772
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23772
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

This issue affects Internet Explorer 7 running on Windows XP SP2, Windows Server 2003 SP1 and SP2, and on Windows Vista.

21. Microsoft Internet Explorer CHTSKDIC.DLL Arbitrary Code Execution Vulnerability
BugTraq ID: 19529
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/19529
Summary:
Microsoft Internet Explorer is prone to an arbitrary code-execution vulnerability because the application fails to load a DLL library when instantiated as an ActiveX control.

An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users and may cause arbitrary code to run within the context of the user running the application.

22. Microsoft Internet Explorer Property Method Remote Code Execution Vulnerability
BugTraq ID: 23769
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23769
Summary:
Microsoft Internet Explorer is prone to remote code-execution vulnerability.

A remote attacker can exploit this issue to execute arbitrary code in the context of the user running the vulnerable application.

23. Microsoft Internet Explorer Object Handling Remote Code Execution Vulnerability
BugTraq ID: 23771
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23771
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

This vulnerability is related to how the browser handles uninitialized or deleted objects. An attacker could exploit this issue to execute arbitrary code in the context of the user running the affected browser.

24. Microsoft Windows Media Server MDSAuth.DLL ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 23827
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23827
Summary:
The Microsoft Windows Media Server ActiveX control is prone to a remote code-execution vulnerability.

An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document.

Successful exploits will allow attackers to overwrite certain files to execute arbitrary code. This will result in a complete compromise of affected computers. Failed exploit attempts will likely result in denial-of-service conditions.

25. Adobe RoboHelp Frameset-7.HTML Cross-Site Scripting Vulnerability
BugTraq ID: 23878
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23878
Summary:
RoboHelp is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

26. Microsoft Windows DNS Server Escaped Zone Name Parameter Buffer Overflow Vulnerability
BugTraq ID: 23470
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23470
Summary:
Microsoft Windows Domain Name System (DNS) Server Service is prone to a stack-based buffer-overflow vulnerability in its Remote Procedure Call (RPC) interface.

A remote attacker may exploit this issue to run arbitrary code in the context of the DNS Server Service. The DNS service runs in the 'SYSTEM' context.

Successfully exploiting this issue allows attackers to execute arbitrary code, facilitating the remote compromise of affected computers.

Windows Server 2000 Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2 are confirmed vulnerable to this issue.

Microsoft Windows 2000 Professional SP4, Windows XP SP2, and Windows Vista are not affected by this vulnerability.

27. Achievo ATK.Inc Remote File Include Vulnerability
BugTraq ID: 23992
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23992
Summary:
Achievo is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Achievo 1.1.0 is vulnerable to this issue; other versions may also be affected.

28. Microsoft Management Console Zone Bypass Vulnerability
BugTraq ID: 19417
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/19417
Summary:
Microsoft Management Console (MMC) is prone to a cross-zone scripting vulnerability because the operating system fails to properly restrict access to MMC components, allowing the MMC files to be referenced from the Internet Zone in some cases.

Exploiting this vulnerability could let an attacker execute arbitrary code, completely compromising the computer.

29. Microsoft XML Core Service XMLHTTP ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 20915
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/20915
Summary:
Microsoft XML Core Service is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code within the affected application, facilitating the remote compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

30. Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability
BugTraq ID: 16644
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/16644
Summary:
The Microsoft Windows Media Player plugin for non-Microsoft browsers is prone to a buffer-overflow vulnerability. The application fails to do proper boundary checks on user-supplied data before using it in a finite-sized buffer.

An attacker can exploit this issue to execute arbitrary code on the victim user's computer in the context of the victim user. This may facilitate a compromise of the affected computer.

This issue is exploitable only through non-Microsoft browsers that have the Media Player plugin installed. Possible browsers include Firefox .9 and later and Netscape 8; other browsers with the plugin installed may also be affected.

31. Microsoft Internet Explorer Vector Markup Language Buffer Overflow Vulnerability
BugTraq ID: 20096
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/20096
Summary:
Microsoft Internet Explorer is prone to a buffer-overflow vulnerability that arises because of an error in the processing of Vector Markup Language documents.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. The method currently used to exploit this issue will typically terminate Internet Explorer.

This vulnerability is currently being exploited in the wild as 'Trojan.Vimalov'.

This vulnerability affects Internet Explorer version 6.0 on a fully patched system. Previous versions may also be affected.

Update: Microsoft Outlook 2003 is also an attack vector for this issue, since it uses Internet Explorer to render HTML email. Reportedly, attacks are possible even when active scripting has been disabled for email viewing.

32. Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 17462
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/17462
Summary:
The Microsoft MDAC RDS.Dataspace ActiveX control is vulnerable to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page.

33. Jetbox CMS Email FormMail.PHP Input Validation Vulnerability
BugTraq ID: 23989
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23989
Summary:
Jetbox CMS is prone to an input-validation vulnerabilitiy because it fails to adequately sanitize user-supplied input.

Attackers can exploit this issue to send spam email in the context of the application.

Jetbox 2.1 is vulnerable; other versions may also be affected.

34. HP Systems Insight Manager JSessionID Session Fixation Vulnerability
BugTraq ID: 23988
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23988
Summary:
HP Systems Insight Manager is prone to a session-fixation vulnerability. This issue stems from a design error in the application.

An attacker can exploit this issue to gain administrative access on the affected computer. Successfully exploiting this issue will result in the complete compromise of affected computers.

35. Multiple Personal Firewall Products Local Protection Mechanism Bypass Vulnerability
BugTraq ID: 23987
Remote: No
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23987
Summary:
Multiple personal firewall products are prone to a vulnerability that lets attackers bypass protection mechanisms. This issue occurs because the applications fail to properly implement protection mechanisms based on valid process identifiers.

Exploiting this issue allows local attackers to bypass protection mechanisms implemented to restrict access to the memory space of critical processes. This allows attackers to execute arbitrary code with elevated privileges; other attacks are also possible.

The following applications are vulnerable to this issue:
- Comodo Firewall Pro 2.4.18.184
- Comodo Personal Firewall 2.3.6.81
- ZoneAlarm Pro 6.1.744.001

Other applications and versions may also be affected.

36. Samba SID Names Local Privilege Escalation Vulnerability
BugTraq ID: 23974
Remote: No
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23974
Summary:
Samba is prone to a local privilege-escalation vulnerability due to a logic error in the 'smbd' daemon's internal security stack.

An attacker can exploit this issue to temporarily perform SMB/CIFS operations with superuser privileges. The attacker may leverage this issue to gain superuser access to the server.

Samba 3.0.23d through 3.0.25pre2 are vulnerable.

37. Samba MS-RPC Remote Shell Command Execution Vulnerability
BugTraq ID: 23972
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23972
Summary:
Samba is prone to a vulnerability that allows attackers to execute arbitrary shell commands because the software fails to sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary shell commands on an affected computer with the privileges of the application.

This issue affects Samba 3.0.0 to 3.0.25rc3.

38. Progress OpenEdge Multiple Denial Of Service Vulnerabilities
BugTraq ID: 23926
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23926
Summary:
OpenEdge is prone to multiple denial-of-service vulnerabilities because it fails to properly sanitize user-supplied input.

Successful exploits can allow attackers to cause the application to become unresponsive, denying service to legitimate users.

This issue affects OpenEdge 10b; other versions may also be vulnerable.

39. Apple Safari Unspecified Local Vulnerability
BugTraq ID: 23825
Remote: No
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23825
Summary:
Apple Safari is prone to an unspecified local vulnerability.

Few technical details are currently available. We will update this BID as more information emerges.

40. Samba NDR MS-RPC Request Heap-Based Buffer Overflow Vulnerability
BugTraq ID: 23973
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23973
Summary:
Samba is prone to multiple remote heap-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker can exploit these issues to execute arbitrary code with superuser-level privileges, facilitating the complete remote compromise of affected computers. Failed exploit attempts will result in a denial of service.

These issues affect Samba 3.0.25rc3 and prior versions.

41. Multiple Products Full/Half Width Unicode Detection Evasion Vulnerability
BugTraq ID: 23980
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23980
Summary:
Multiple products are reportedly prone to a vulnerability that may allow malicious HTTP traffic to bypass detection.

Attackers may send this type of HTTP data to evade detection and perform further attacks.

Cisco has stated that all IOS releases that support the Firewall/IPS feature set are affected. Although we currently have no definitive list of such versions, Symantec is investigating the matter and will update this BID's list of vulnerable systems appropriately.

42. W2Box Arbitrary File Upload Vulnerability
BugTraq ID: 23975
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23975
Summary:
w2box is prone to an arbitrary-file-upload vulnerability.

An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.

w2box 4.0.0Beta4 is vulnerable to this issue.

43. DeWizardX ActiveX Control Arbitrary File Overwrite Vulnerability
BugTraq ID: 23986
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23986
Summary:
The DeWizardX ActiveX control is prone to an arbitrary-file-overwrite vulnerability.

An attacker can exploit this issue to overwrite arbitrary files on the affected computer. Successful attacks may aid in further attacks against the computer. Failed attempts will likely cause denial-of-service
conditions.

44. Caucho Resin Multiple Information Disclosure Vulnerabilities
BugTraq ID: 23985
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23985
Summary:
Caucho Resin is prone to multiple information-disclosure vulnerabilities because it fails to adequately sanitize user-supplied data.

Attackers can exploit these issues to access potentially sensitive data that may aid in further attacks.

Resin 3.1.0 is vulnerable; other versions may also be affected.

NOTE: According to the application's 3.1.1 change log, these issues affect the server only when installed on Microsoft Windows.

45. WordPress Akismet Plugin Unspecified Vulnerability
BugTraq ID: 23965
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23965
Summary:
The WordPress Akismet plugin is prone to an unspecified vulnerability.

Few technical details are currently available. We will update this BID as more information emerges.

46. Multiple Vendor C Library realpath() Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 8315
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/8315
Summary:
The 'realpath()' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that was reported to affect the implementation of 'realpath()' in WU-FTPD has lead to the discovery that at least one implementation of the C library is also vulnerable. FreeBSD has announced that the off-by-one stack- buffer-overflow vulnerability is present in their libc. Other systems are also likely vulnerable.

Reportedly, this vulnerability has been successfully exploited against WU-FTPD to execute arbitrary instructions.

NOTE: Patching the C library alone may not remove all instances of this vulnerability. Statically linked programs may need to be rebuilt with a patched version of the C library. Also, some applications may implement their own version of 'realpath()'. These applications would require their own patches. FreeBSD has published a large list of applications that use 'realpath()'. Administrators of FreeBSD and other systems are urged to review it. For more information, see the advisory 'FreeBSD-SA-03:08.realpath'.

47. Retired: N/X WCMS PCLTar.PHP Remote File Include Vulnerability
BugTraq ID: 23708
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23708
Summary:
N/X WCMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

N/X WCMS 4.5 is vulnerable; other versions may also be affected.

NOTE: This BID is being retired because this issue is a duplicate of the vulnerability discussed in BID 23613 (PHPConcept PCLTar PCLTar.PHP Remote File Include Vulnerability).

48. Retired: CJG Explorer Pro G_Pcltar_Lib_Dir Multiple Remote File Include Vulnerabilities
BugTraq ID: 23955
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23955
Summary:
CJG Explorer Pro is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects CJG Explorer Pro 3.2; other versions may also be affected.

NOTE: This BID is being retired because this issue is a duplicate of the vulnerability discussed in BID 23613 (PHPConcept PCLTar PCLTar.PHP Remote File Include Vulnerability).

49. PHPConcept PCLTar PCLTar.PHP Remote File Include Vulnerability
BugTraq ID: 23613
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23613
Summary:
PclTar is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise applications that use the affected library as well as the underlying system; other attacks are also possible.

NOTE: This vulnerability was originally thought to affect Joomla! directly. Further analysis has revealed that the issue affects the PclTar library. This record has been updated accordingly.

50. PHP MCrypt_Create_IV Insecure Encryption Weakness
BugTraq ID: 23984
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23984
Summary:
PHP is prone to an insecure-encryption weakness.

Successfully exploiting this issue would allow an attacker to obtain information about the initialization vector. Information obtained may allow the attacker to access sensitive information or gain unauthorized access to the affected application.

51. Microsoft Windows Vista ARP Table Entries Denial of Service Vulnerability
BugTraq ID: 23266
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23266
Summary:
Microsoft Windows Vista is prone to a denial-of-service vulnerability.

Remote attackers may exploit this issue by submitting malicious ARP requests to the vulnerable computer. To exploit this issue, attackers must have access to the local network segment of a target computer.

Remote attackers can exploit this issue to cause the network interface to stop responding, denying further service to legitimate users.

52. SonicBB Multiple SQL Injection Vulnerabilities
BugTraq ID: 23964
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23964
Summary:
SonicBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

SonicBB 1.0 is vulnerable; other versions may also be affected.

53. Multiple BEA WebLogic Applications Multiple Vulnerabilities
BugTraq ID: 23979
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23979
Summary:
Multiple BEA WebLogic applications are affected by multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, directory-traversal, security-bypass, brute-force, and denial-of-service issues.

An attacker can exploit these issues to gain privileged access to affected applications, to access potentially sensitive information that could aid in further attacks, or to deny service to legitimate users. Successful attacks can result in the compromise of the applications. Other attacks are also possible.

54. PopTop PPTP Server GRE Packet Denial Of Service Vulnerability
BugTraq ID: 23886
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23886
Summary:
PoPToP PPTP Server is prone to a denial-of-service vulnerability because it fails to adequately handle certain malformed packet data.

Attackers can exploit this issue to disconnect arbitrary PPTP connections.

PoPToP PPTP Server 1.3.4 is vulnerable; other versions may also be affected.

55. Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
BugTraq ID: 23983
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23983
Summary:
Geeklog Media Gallery is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Versions of Geeklog Media Gallery prior to 1.4.8a are vulnerable.

56. Webdesproxy GET Request Buffer Overflow Vulnerability
BugTraq ID: 23962
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23962
Summary:
Webdesproxy is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.

Attackers can exploit this issue to cause denial-of-service conditions and possibly to execute arbitrary code with the privileges of the application.

57. Linksnet Newsfeed Remote File Include Vulnerability
BugTraq ID: 23982
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23982
Summary:
Linksnet Newsfeed is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Linksnet Newsfeed 1.0 is vulnerable; other versions may also be affected.

58. TinyIdentD Remote Buffer Overflow Vulnerability
BugTraq ID: 23981
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23981
Summary:
TinyIdentD is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of the running application.

TinyIdentD 2.2 and previous versions are vulnerable to this issue.

59. KTorrent Remote Directory Traversal Variant Vulnerability
BugTraq ID: 23745
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23745
Summary:
KTorrent is prone to a remote directory-traversal vulnerability.

An attacker can exploit this issue by using modified '..' sequences to overwrite arbitrary files on a victim user's system.

This issue is due to an incomplete vendor fix of the issue discussed in BID 22930.

Versions of KTorrent prior to 2.1.3 are vulnerable to this issue.

60. ELinks Relative Path Arbitrary Code Execution Vulnerability
BugTraq ID: 23844
Remote: No
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23844
Summary:
ELinks is prone to an arbitrary code-execution vulnerability.

An attacker can exploit this issue to potentially execute arbitrary code with the privileges of the user running the affected application.

This issue requires an attacker to trick an unsuspecting victim into running the vulnerable application in an attacker-controlled directory.

This issue affects ELinks 0.11.1; other versions may also be vulnerable.

61. Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability
BugTraq ID: 23991
Remote: Yes
Last Updated: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/23991
Summary:
Media Player Classic is prone to a denial-of-service vulnerability when processing a malformed MPA file.

A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects Media Player Classic 6.4.9.0; other versions may also be affected.

62. Flip Everything.PHP Remote File Include Vulnerability
BugTraq ID: 23805
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23805
Summary:
Flip is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Flip 2.0.1 is vulnerable to this issue.

63. BlueZ HIDD Bluetooh HID Command Injection Vulnerability
BugTraq ID: 22076
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22076
Summary:
BlueZ hidd is prone to a device-command-injection vulnerability.

A remote attacker can exploit this issue to gain control of mouse and keyboard HIDs (human interface device). This will allow the attacker to interact with the targeted computer in the context of the currently logged-in user.

Versions prior to 2.25 are vulnerable.

64. Net-SNMP TCP Disconnect Remote Denial Of Service Vulnerability
BugTraq ID: 23762
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23762
Summary:
Net-SNMP is prone to a remote denial-of-service vulnerability. The issue is exposed when Net-SNMP is configured to communicate over TCP; Net-SNMP using UDP is unaffected.

This issue affects Net-SNMP when running in 'master agentx' mode. An attacker can exploit this issue to cause the affected service to crash, effectively denying service to legitimate users.

65. Sun Java RunTime Environment Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 21675
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/21675
Summary:
The Java Runtime Environment is prone to multiple buffer-overflow vulnerabilities the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

A local attacker can exploit these issues to execute arbitrary code with administrative privileges. A successful exploit attempt will lead to the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.

66. Apache HTTP Server Tomcat Directory Traversal Vulnerability
BugTraq ID: 22960
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22960
Summary:
Apache HTTP servers running with the Tomcat servlet container are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows attackers to access arbitrary files in the Tomcat webroot. This can expose sensitive information that could help the attacker launch further attacks.

Versions in the 5.0 series prior to 5.5.22 and in the 6.0 series prior to 6.0.10 are vulnerable.

67. Sun Java Web Start Unauthorized Access Vulnerability
BugTraq ID: 23728
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23728
Summary:
Sun Java Web Start is prone to a vulnerability that may allow remote attackers to gain unauthorized access to a vulnerable computer.

The vendor has reported that this vulnerability allows untrusted applications to gain read/write privileges to local files on a vulnerable computer.

The following versions for Windows, Solaris and Linux platforms are vulnerable:

Java Web Start in JDK and JRE 5.0 Update 10 and earlier
Java Web Start in SDK and JRE 1.4.2_13 and earlier

68. Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities
BugTraq ID: 13873
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/13873
Summary:
Multiple vendors are prone to HTTP-request-smuggling issues. Attackers can piggyback an HTTP request inside of another HTTP request. By leveraging failures to implement the HTTP/1.1 RFC properly, attackers can launch cache-poisoning, cross-site scripting, session-hijacking, and other attacks.

69. Sun Java RunTime Environment GIF Images Buffer Overflow Vulnerability
BugTraq ID: 22085
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22085
Summary:
The Java Runtime Environment is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

An attacker may exploit this issue by enticing a victim into opening a maliciously crafted Java applet.

The attacker can exploit these issues to execute arbitrary code with the privileges of the victim. Failed exploit attempts will likely result in denial-of-service conditions.

This issue is being tracked by BugID: 6445518

70. OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
BugTraq ID: 19849
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/19849
Summary:
OpenSSL is prone to a vulnerability that may allow an attacker to forge an RSA signature. The attacker may be able to forge a PKCS #1 v1.5 signature when an RSA key with exponent 3 is used.

An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key.

All versions of OpenSSL prior to and including 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.

71. Sun Java Runtime Environment Multiple Remote Privilege Escalation Vulnerabilities
BugTraq ID: 21673
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/21673
Summary:
The Sun Java Runtime Environment is prone to multiple remote privilege-escalation vulnerabilities.

An attacker can execute arbitrary code and commands in the context of a user who invokes the Java applet or application.

A successful attack can facilitate privilege escalation.

72. MySQL IF Query Handling Remote Denial Of Service Vulnerability
BugTraq ID: 23911
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23911
Summary:
MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted queries.

An attacker can exploit this issue to crash the application, denying access to legitimate users.

NOTE: An attacker must be able to execute arbitrary SELECT statements against the database to exploit this issue. This may be through legitimate means or by exploiting other latent SQL-injection vulnerabilities.

Versions prior to 5.0.40 are vulnerable.

73. Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
BugTraq ID: 23977
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23977
Summary:
Exim is prone to a remote buffer-overflow vulnerability when used in conjunction with remote SpamAssassin servers. This issue occurs because the application fails to properly bounds-check user-supplied input prior to copying it to an insufficiently sized memory buffer.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts may result in denial-of-service conditions.

Exim 4.66 is vulnerable to this issue; other versions may also be affected.

74. HP ServiceGuard For Linux Unspecified Remote Unauthorized Access Vulnerability
BugTraq ID: 22574
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22574
Summary:
HP Serviceguard for Linux is prone to an unauthorized-access vulnerability.

An attacker can exploit this issue to gain remote unauthorized access to affected computers.

75. Linux Kernel Netfilter nf_conntrack IPv6 Packet Reassembly Rule Bypass Vulnerability
BugTraq ID: 23976
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23976
Summary:
The Linux kernel is prone to a vulnerability that lets attackers bypass firewall rules. This issue occurs because the Linux 'netfilter' code fails to properly classify network packets.

Successfully exploiting this issue allows attackers to bypass firewall rules, potentially aiding them in further network-based attacks.

Linux kernel versions in the 2.6 series prior to 2.6.20.3 are vulnerable to this issue.

76. PHP sqlite_udf_decode_binary() Function Buffer Overflow Vulnerability
BugTraq ID: 23235
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23235
Summary:
PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers.

An attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.

This issue affects PHP versions prior to 4.4.5 and 5.2.1.

77. PHP Filter_Var FILTER_VALIDATE_EMAIL Newline Injection Vulnerability
BugTraq ID: 23359
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23359
Summary:
PHP is prone to an email-newline-injection vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow a malicious user to create arbitrary email headers, and then create and transmit spam messages from the affected computer.

78. PHP 5 PHP_Stream_Filter_Create() Function Buffer Overflow Vulnerability
BugTraq ID: 23237
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23237
Summary:
PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers.

An attacker can exploit this issue remotely by supplying a 'php://filter' URL to one of the file functions.

The attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.

Successful exploits for this issue will depend on the application's heap-memory implementation. PHP version 5.2.0 introduced a new memory manager that makes all little-endian platforms exploitable.

This issue affects PHP versions prior to 5.2.1.

79. PHP Msg_Receive() Memory Allocation Integer Overflow Vulnerability
BugTraq ID: 23236
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23236
Summary:
PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory.

Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects PHP versions prior to 4.4.5 and 5.2.1.

80. PHP Folded Mail Headers Email Header Injection Vulnerability
BugTraq ID: 23145
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23145
Summary:
PHP is prone to an email-header-injection vulnerability because it fails to properly sanitize user-supplied input when constructing email messages.

Exploiting this issue allows a malicious user to create arbitrary email headers, and then create and transmit spam messages from the affected computer.

The following versions are vulnerable:

PHP 4 up to and including 4.4.6
PHP 5 up to and including 5.2.1

81. PHP Zip_Entry_Read() Integer Overflow Vulnerability
BugTraq ID: 23169
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23169
Summary:
PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a heap-based buffer overflow.

Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects PHP versions prior to 4.4.5.

82. PHP Session_Regenerate_ID Function Double Free Memory Corruption Vulnerability
BugTraq ID: 22968
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22968
Summary:
PHP is prone to a double-free memory-corruption vulnerability.

Attackers may be able to exploit this issue to execute arbitrary code in the context of the webserver process or to cause denial-of-service conditions.

This issue is proven to be locally exploitable. Remote attack vectors may also be possible, but this is yet to be confirmed.

This issue affects PHP versions 5 to 5.2.1. PHP version 4 is vulnerable only if successful remote exploits are proven.

83. PHP Hash Table Overwrite Arbitrary Code Execution Vulnerability
BugTraq ID: 23119
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23119
Summary:
PHP is prone to an arbitrary-code-execution vulnerability.

An attacker may exploit this issue to execute arbitrary code within the context of the affected webserver.

This issue affects PHP 4 (prior to 4.4.5) and PHP 5 (prior to 5.2.1).

84. PHP Session_Decode Double Free Memory Corruption Vulnerability
BugTraq ID: 23121
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23121
Summary:
PHP is prone to a double-free memory-corruption vulnerability.

Attackers may be able to exploit this issue to execute arbitrary code in the context of the webserver process or to cause denial-of-service conditions.

This issue is proven to be locally exploitable. Remote attack vectors may also be possible, but this is yet to be confirmed.

This issue affects PHP versions 4.4.5 and 4.4.6.

85. PHP Mb_Parse_Str Function Register_Globals Activation Weakness
BugTraq ID: 23016
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23016
Summary:
PHP is prone to a weakness that allows attackers to enable the 'register_globals' directive because the application fails to handle a memory-limit exception.

Enabling the PHP 'register_globals' directive may allow attackers to further exploit latent vulnerabilities in PHP scripts.

This issue is related to the weakness found in the non-multibyte 'parse_str()' from BID 15249 - PHP Parse_Str Register_Globals Activation Weakness.

This issue affects PHP versions 4 to 4.4.6 and 5 to 5.2.1.

86. PHP EXT/Filter HTML Stripping Bypass Vulnerability
BugTraq ID: 22914
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22914
Summary:
The PHP ext/filter content filter is prone to a filter-bypass vulnerability.

Successful exploitation can allow an attacker to bypass the security filter responsible for blocking potentially malicious HTML content.

An attacker can exploit this issue in PHP applications that use the vulnerable filter to potentially inject malicious HTML content.

87. PHP PHP_Binary Heap Information Leak Vulnerability
BugTraq ID: 22805
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22805
Summary:
PHP 'php_binary' serialization handler is prone to a heap-information leak.

The vulnerability arises because of a missing boundary check in the extraction of variable names. A local attacker can exploit this issue to obtain sensitive information (such as heap offsets and canaries) that may aid in other attacks.

These versions are affected:

PHP4 versions prior to 4.4.5
PHP5 versions prior to 5.2.1

Updates are available.

88. PHP EXT/Filter Function Remote Buffer Overflow Vulnerability
BugTraq ID: 22922
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22922
Summary:
PHP is prone to a remote buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers.

PHP 5.2.0 is reported vulnerable; other versions may also be affected.

This issue was originally reported as an unspecified vulnerability in BID 22496 (PHP Version 5.2.0 and Prior Multiple Vulnerabilities). Due to the availability of more details, this issue is being assigned a new BID.

89. PHP Shared Memory Functions Resource Verification Arbitrary Code Execution Vulnerability
BugTraq ID: 22862
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22862
Summary:
PHP shared memory functions (shmop) are prone to an arbitrary-code-execution vulnerability.

An attacker may exploit this issue to execute arbitrary code within the context of the affected webserver. The attacker may also gain access to RSA keys of the SSL certificate.

This issue affects PHP 4 versions prior to 4.4.5 and PHP 5 versions prior to 5.2.1.

90. PHP 5 Substr_Compare Integer Overflow Vulnerability
BugTraq ID: 22851
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/22851
Summary:
PHP 5 'substr_compare()' function is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun.

A local attacker can exploit this vulnerability to obtain sensitive information (such as stack offsets, variables, and canaries) that may aid in other attacks.

PHP 5 version 5.2.1 and earlier are reported vulnerable to this issue.

91. IFDate Administrative Authentication Bypass Vulnerability
BugTraq ID: 23971
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23971
Summary:
iFdate is prone to a vulnerability that will let attackers trivially gain administrative access to the application.

This issue stems from insufficient access validation.

iFdate 2.0 and later versions are vulnerable.

92. HP ProCurve 9300m Switches Unspecified Denial of Service Vulnerability
BugTraq ID: 23791
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23791
Summary:
HP ProCurve 9300m Switches are prone to an unspecified remote denial-of-service vulnerability. This issue most likely occurs because the device fails to properly sanitize user-supplied input.

An attacker can exploit this issue to crash an affected device, effectively denying service to legitimate users.

This issue affects HP ProCurve 9300m Switches running software versions 08.0.01c to 08.0.01j.

93. Tools 4 Web News-Script NewsAdmin.PHP Remote File Include Vulnerability
BugTraq ID: 23970
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23970
Summary:
Tools 4 Web News-Script is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

News-Script 2.0 is vulnerable; other versions may also be affected.

94. Clever Components Database Comparer ActiveX Control Stack Based Buffer Overflow Vulnerability
BugTraq ID: 23969
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23969
Summary:
Database Comparer ActiveX control is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it into an insufficiently sized memory buffer.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Database Comparer 2.2; other versions may also be affected.

95. MHSoftware Connect Daily Unspecified Vulnerability
BugTraq ID: 23968
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23968
Summary:
NetWin Webmail is prone to an unspecified vulnerability.

No technical details are currently available. We will update this BID as more information emerges.

Versions of Connect Daily prior to 3.3.3 are vulnerable.

96. T-Com Speedport Router Brute Force Security Bypass Weakness
BugTraq ID: 23967
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23967
Summary:
T-Com Speedport firmware is prone to a security-bypass weakness because it fails to protect against brute-force attacks.

An attacker can exploit this issue to perform brute-force attacks in an attempt to gain administrative access.

Successful attacks can result in the complete compromise of the affected device.

Speedport w700v is vulnerable; other versions may also be affected.

97. NagiosQL Prepend_Adm.PHP Remote File Include Vulnerability
BugTraq ID: 23966
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23966
Summary:
NagiosQL is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects NagiosQL 2.0; other versions may also be vulnerable.

98. SonicBB Search.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 23963
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23963
Summary:
SonicBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

99. Notepad++ Ruby Source File Processing Buffer Overflow Vulnerability
BugTraq ID: 23961
Remote: Yes
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23961
Summary:
Notepad++ is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer while importing Ruby source files.

This issue allows attackers to execute arbitrary machine code in the context of the user running the affected application.

Notepad++ 4.1 is vulnerable to this issue; previous versions may be affected as well.

100. Linux Kernel NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability
BugTraq ID: 23677
Remote: No
Last Updated: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23677
Summary:
The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted.

A local attacker may exploit this issue to trigger an infinite-recursion stack-based overflow in the kernel. This results in a denial of service to legitimate users.

Versions prior to 2.6.20.8 are vulnerable.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Experts scramble to quash IPv6 flaw
By: Robert Lemos
Only a few weeks after researchers raised the design issue in the next-generation Internet protocol, two drafts to the Internet Engineering Task Force propose different fixes.
http://www.securityfocus.com/news/11463

2. E-Gold charged with money laundering
By: Robert Lemos
Federal prosecutors claim the company and its owners violated federal funds transfer laws, saying it knowingly served online scammers, identity thieves and child pornographers.
http://www.securityfocus.com/news/11462

3. A Mac gets whacked, a second survives
By: Robert Lemos
Researchers use a previously unknown flaw in Apple's Safari browser to compromise a MacBook Pro and win the PWN to Own contest, but does the hack actually prove anything?
http://www.securityfocus.com/news/11461

4. MacBooks withstand mild attacks on patch day
By: Robert Lemos
On the same day that Apple releases an update for its Mac OS X, security professionals at a conference in Canada show little initial interest in attempting to crack the security of two MacBook Pros.
http://www.securityfocus.com/news/11460

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Technical Support Engineer, Mountain VIew
http://www.securityfocus.com/archive/77/468427

2. [SJ-JOB] Sr. Product Manager, SF Bay Area
http://www.securityfocus.com/archive/77/468428

3. [SJ-JOB] Sr. Security Analyst, Warren
http://www.securityfocus.com/archive/77/468429

4. [SJ-JOB] Security Engineer, Richmond
http://www.securityfocus.com/archive/77/468430

5. [SJ-JOB] Sales Engineer, New York
http://www.securityfocus.com/archive/77/468421

6. [SJ-JOB] Sales Engineer, New York
http://www.securityfocus.com/archive/77/468422

7. [SJ-JOB] Compliance Officer, Bozeman
http://www.securityfocus.com/archive/77/468423

8. [SJ-JOB] Sr. Security Analyst, Arlington/Fairfax
http://www.securityfocus.com/archive/77/468424

9. [SJ-JOB] Sr. Security Analyst, Montreal
http://www.securityfocus.com/archive/77/468418

10. [SJ-JOB] Security System Administrator, Charlotte
http://www.securityfocus.com/archive/77/468420

11. [SJ-JOB] Security System Administrator, Rockville
http://www.securityfocus.com/archive/77/468415

12. [SJ-JOB] Senior Software Engineer, Fort Knox
http://www.securityfocus.com/archive/77/468417

13. [SJ-JOB] Security Engineer, San Jose
http://www.securityfocus.com/archive/77/468416

14. [SJ-JOB] Technology Risk Consultant, Amsterdam
http://www.securityfocus.com/archive/77/468414

15. [SJ-JOB] Management, Superior
http://www.securityfocus.com/archive/77/468412

16. [SJ-JOB] Security Director, North Chicago
http://www.securityfocus.com/archive/77/468409

17. [SJ-JOB] Application Security Engineer, Burnaby
http://www.securityfocus.com/archive/77/468410

18. [SJ-JOB] Security Engineer, New York
http://www.securityfocus.com/archive/77/468411

19. [SJ-JOB] Security Engineer, Riyadh
http://www.securityfocus.com/archive/77/468408

20. [SJ-JOB] Penetration Engineer, London/South/UK Wide
http://www.securityfocus.com/archive/77/468406

21. [SJ-JOB] Regional Channel Manager, London
http://www.securityfocus.com/archive/77/468405

22. [SJ-JOB] Security Auditor, South UK
http://www.securityfocus.com/archive/77/468403

23. [SJ-JOB] Security Consultant, Washington DC
http://www.securityfocus.com/archive/77/468402

24. [SJ-JOB] Security Engineer, Cupertino
http://www.securityfocus.com/archive/77/468404

25. [SJ-JOB] Customer Service, Mt. View
http://www.securityfocus.com/archive/77/468398

26. [SJ-JOB] Software Engineer, Mt. View
http://www.securityfocus.com/archive/77/468400

27. [SJ-JOB] Database Security Architect, Jacksonville
http://www.securityfocus.com/archive/77/468399

28. [SJ-JOB] Software Engineer, Fort Knox
http://www.securityfocus.com/archive/77/468393

29. [SJ-JOB] Security Architect, Chicago
http://www.securityfocus.com/archive/77/468397

30. [SJ-JOB] Security System Administrator, Fort Knox
http://www.securityfocus.com/archive/77/468394

31. [SJ-JOB] Application Security Architect, Jacksonville
http://www.securityfocus.com/archive/77/468396

32. [SJ-JOB] Application Security Engineer, Chicago
http://www.securityfocus.com/archive/77/468391

33. [SJ-JOB] Security Engineer, San Francisco
http://www.securityfocus.com/archive/77/468392

34. [SJ-JOB] Security Product Marketing Manager, Cupertino
http://www.securityfocus.com/archive/77/468386

35. [SJ-JOB] Security Consultant, Chicago
http://www.securityfocus.com/archive/77/468390

36. [SJ-JOB] Forensics Engineer, Chicago
http://www.securityfocus.com/archive/77/468385

37. [SJ-JOB] Sr. Security Engineer, Boston
http://www.securityfocus.com/archive/77/468384

38. [SJ-JOB] Security Engineer, London
http://www.securityfocus.com/archive/77/468383

39. [SJ-JOB] Security Engineer, Arlington
http://www.securityfocus.com/archive/77/468382

40. [SJ-JOB] Jr. Security Analyst, Foster City
http://www.securityfocus.com/archive/77/468377

41. [SJ-JOB] Security Architect, Hertfordshire
http://www.securityfocus.com/archive/77/468378

42. [SJ-JOB] Security Consultant, Columbus
http://www.securityfocus.com/archive/77/468374

43. [SJ-JOB] Security Architect, Hertfordshire
http://www.securityfocus.com/archive/77/468375

44. [SJ-JOB] Certification & Accreditation Engineer, London
http://www.securityfocus.com/archive/77/468376

45. [SJ-JOB] Sr. Security Analyst, Dublin
http://www.securityfocus.com/archive/77/468372

46. [SJ-JOB] Certification & Accreditation Engineer, Tampa
http://www.securityfocus.com/archive/77/468371

47. [SJ-JOB] Sales Engineer, Mountain View
http://www.securityfocus.com/archive/77/468373

48. [SJ-JOB] Information Assurance Analyst, Washington
http://www.securityfocus.com/archive/77/468367

49. [SJ-JOB] Jr. Security Analyst, Washington
http://www.securityfocus.com/archive/77/468369

50. [SJ-JOB] Security Consultant, Toronto
http://www.securityfocus.com/archive/77/468370

51. [SJ-JOB] Application Security Architect, Boston
http://www.securityfocus.com/archive/77/468364

52. [SJ-JOB] Penetration Engineer, Toronto
http://www.securityfocus.com/archive/77/468366

53. [SJ-JOB] Account Manager, Southeastern United States
http://www.securityfocus.com/archive/77/468363

54. [SJ-JOB] Jr. Security Analyst, Washington
http://www.securityfocus.com/archive/77/468365

55. [SJ-JOB] CSO, Springfield
http://www.securityfocus.com/archive/77/468236

V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Training Classes in SyScan'07
http://www.securityfocus.com/archive/82/468113

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #341
http://www.securityfocus.com/archive/88/468188

VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. understanding chkrootkit and rkhunter logs
http://www.securityfocus.com/archive/91/467957

X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: VeriSign

http://clk.atdmt.com/SFI/go/srv0890000048sfi/direct/01/

News

Tuesday, May 15, 2007

SecurityFocus Newsletter #401

No comments:

WINDOWS CENTER

Blog Archive