----------------------------------------
This issue is Sponsored by: Black Hat DC
Attend Black Hat DC, February 18-21, the Washington, DC version of the world's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content-including a focus on wireless security and offensive attack analysis. Network with 400+ delegates and review products from leading vendors in a relaxed setting, including Diamond sponsor Microsoft.
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.Real Flaws in Virtual Worlds
2.Copyrights and Wrongs
II. BUGTRAQ SUMMARY
1. Exiv2 EXIF File Handling Integer Overflow Vulnerability
2. 'unp' File Name Remote Arbitrary Shell Command Injection Vulnerability
3. Mozilla Products Multiple Remote Vulnerabilities
4. Linux Kernel AACRAID Driver Local Security Bypass Vulnerability
5. Linux Kernel Fib_Semantics.C Out Of Bounds Access Vulnerability
6. Linux Kernel Parent Process Death Signal Local Security Bypass Weakness
7. Linux Kernel ELF File Cross Region Mapping Local Denial of Service Vulnerability
8. Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
9. Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
10. Perl Unicode Regular Expression Buffer Overflow Vulnerability
11. Common UNIX Printing System SNMP 'asn1_get_string()' Remote Buffer Overflow Vulnerability
12. pdftops.pl Alternate pdftops Filter for CUPS Insecure Temporary File Creation Vulnerability
13. OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
14. Ekiga GetHostAddress Remote Denial of Service Vulnerability
15. Microsoft DirectX SAMI File Parsing Stack Buffer Overflow Vulnerability
16. Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
17. Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability
18. Sun Solaris NFS 'netgroups' Security Bypass Vulnerability
19. MailMachinePRO 'showMsg.php' SQL Injection Vulnerability
20. 'libarchive' Multiple Remote Vulnerabilities
21. Million Dollar Script 'index.php' Local File Include Vulnerability
22. Joomla-SMF Forum Multiple Cross-Site Scripting Vulnerabilities
23. IBM Lotus Domino Unspecified Denial Of Service Vulnerability
24. Docebo SQL-Injection Vulnerability and Multiple Information Disclosure Vulnerabilities
25. Omegasoft Insel Authentication Bypass Vulnerability and User Enumeration Weakness
26. Novell Client for Windows 'nicm.sys 'Local Privilege Escalation Vulnerability
27. PHP Webquest 'soporte_horizontal_w.php' SQL Injection Vulnerability
28. SSH Tectia Client and Server ssh-signer Local Privilege Escalation Vulnerability
29. IceWarp Mail Server 'admin/index.html' Cross-Site Scripting Vulnerability
30. EvilBoard Cross-Site Scripting Vulnerability and SQL-Injection Vulnerability
31. Sun Solaris ICMP Unspecified Remote Denial of Service Vulnerability
32. BT Home Hub and Thomson/Alcatel Speedtouch 7G Multiple Vulnerabilities
33. HelpBox Multiple Security Vulnerabilities
34. Sun Java Runtime Environment 'jpiexp32.dll' Object Name NULL-Pointer Denial Of Service Vulnerability
35. Zero CMS Arbitrary File Upload Vulnerability and Multiple SQL-Injection Vulnerabilities
36. OpenPegasus WBEM CIM Management Server 'PAMBasicAuthenticatorUnix.cpp' Buffer Overflow Vulnerability
37. OpenPegasus Management Server PAM Authentication 'cimservera.pp' Buffer Overflow Vulnerability
38. SAM Broadcaster samPHPweb 'db.php' Remote File Include Vulnerability
39. Tuned Studios Multiple Webpage Templates 'index.php' Remote File Include Vulnerability
40. SysHotel On Line System 'index.php' Local File Include Vulnerability
41. Petris Local Buffer Overflow Vulnerability
42. libexif Image Tag Remote Integer Overflow Vulnerability
43. Microsoft Windows TCP/IP IGMP MLD Remote Buffer Overflow Vulnerability
44. ClamAV 'mspack.c' Off-By-One Buffer Overflow Vulnerability
45. Rsync Use Chroot Insecure File Creation Vulnerability
46. teTeX DVI File Parsing Multiple Vulnerabilities
47. ClamAV BZ_GET_FAST Bzip2 Decompression Vulnerability
48. libexif Image Tag Remote Denial Of Service Vulnerability
49. Sun Java System Identity Manager Multiple Input Validation Vulnerabilities
50. Squid Proxy Cache Update Reply Processing Remote Denial of Service Vulnerability
51. ClamAV 'libclamav/pe.c' MEW Packed PE File Integer Overflow Vulnerability
52. Rsync Daemon Excludes Multiple File Access Vulnerabilities
53. OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
54. OpenAFS Fileserver Denial of Service Vulnerability
55. Microsoft XML Core Services SubstringData Integer Overflow Vulnerability
56. DomPHP 'index.php' Remote File Include Vulnerability
57. Apple QuickTime RTSP Connection Status Display Remote Buffer Overflow Vulnerability
58. MTCMS Index.PHP Multiple SQL Injection Vulnerabilities
59. Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities
60. Ingate Firewall And SIParator Remote Denial of Service Vulnerability
61. VLC Media Player 'sdpplin_parse()' RTSP and Unspecified Heap Based Buffer Overflow Vulnerabilities
62. ID-Commerce 'liste.php' SQL Injection Vulnerability
63. Xen DR7 and CR4 Registers Multiple Local Denial of Service Vulnerabilities
64. Horde Products Multiple Unspecified Security Bypass Vulnerabilities
65. DomPHP 'inscription.php' SQL Injection Vulnerability
66. Dovecot Authentication Cache Security Bypass Vulnerability
67. Fail2ban Remote Denial of Service Vulnerability
68. Microsoft Windows TCP/IP ICMP Remote Denial Of Service Vulnerability
69. yaSSL Multiple Remote Buffer Overflow Vulnerabilities
70. Claws Mail Insecure Temporary File Creation Vulnerability
71. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
72. Python PyLocale_strxfrm Function Remote Information Leak Vulnerability
73. Net-SNMP GETBULK Remote Denial of Service Vulnerability
74. Hewlett-Packard OpenView OVTrace Multiple Remote Buffer Overflow Vulnerabilities
75. PCRE Regular Expression Library Multiple Integer and Buffer Overflow Vulnerabilities
76. PCRE Regular Expression Library Multiple Security Vulnerabilities
77. PCRE Regular Expression Library UTF-8 Options Multiple Remote Denial of Service Vulnerabilities
78. Microsoft Windows LSASS LPC Request Local Privilege Escalation Vulnerability
79. ISC BIND 8 Remote Cache Poisoning Vulnerability
80. Level One WBR-3460A 4-Port ADSL 2/2+ Wireless Modem Router Unauthorized Access Vulnerability
81. Multiple Browser URI Handlers Command Injection Vulnerabilities
82. Multiple Web Browsers Digest Authentication HTTP Response Splitting Vulnerability
83. Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability
84. Mozilla Firefox OnKeyDown Event File Upload Vulnerability
85. Mozilla Firefox OnUnload Javascript Browser Entrapment Vulnerability
86. Mozilla Firefox WYCIWYG:// URI Cache Zone Bypass Vulnerability
87. Mozilla Firefox 2.0.0.7 Multiple Remote Vulnerabilities
88. Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
89. Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities
90. Mozilla Firefox URLBar Null Byte File Remote Code Execution Vulnerability
91. Mozilla Firefox About:Blank IFrame Cross Domain Information Disclosure Vulnerability
92. SynCE 'vdccm' Daemon Remote Command Injection Vulnerability
93. CherryPy Cookie Session Id Information Disclosure Vulnerability
94. Creative Ensoniq PCI ES1371 WDM Driver Local Privilege Escalation Vulnerability
95. PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
96. eTicket Multiple Scripts Multiple Input Validation Vulnerabilities
97. Gateway CWebLaunchCtl ActiveX Control Command Execution and Remote Buffer Overflow Vulnerability
98. Motorola netOctopus Agent 'nantsys.sys' Local Privilege Escalation Vulnerability
99. Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability
100. Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability
III. SECURITYFOCUS NEWS
1. Malware hitches a ride on digital devices
2. Senate delays vote on spy bill
3. Researchers reverse Netflix anonymization
4. Group drafts rules to nix credit-card storage
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Software Engineer, San Jose
2. [SJ-JOB] Certification & Accreditation Engineer, Gaithersburg
3. [SJ-JOB] Software Engineer, St. Paul
4. [SJ-JOB] Security Consultant, Detroit
5. [SJ-JOB] Security Consultant, New York
6. [SJ-JOB] Sr. Security Engineer, Washington
7. [SJ-JOB] Account Manager, New York
8. [SJ-JOB] Management, Coral Gables
9. [SJ-JOB] Sales Representative, Los Angeles
10. [SJ-JOB] Security System Administrator, Purchase
11. [SJ-JOB] Director, Information Security, Brooklyn (Metrotech)
12. [SJ-JOB] Technical Writer, Basingstoke
13. [SJ-JOB] Technical Writer, Stamford
14. [SJ-JOB] Security Engineer, Fort Meade
15. [SJ-JOB] Sales Engineer, Houston
16. [SJ-JOB] Technical Support Engineer, Stamford
17. [SJ-JOB] Information Assurance Engineer, 20170
18. [SJ-JOB] Security Engineer, Washington, DC area
19. [SJ-JOB] Security Architect, Valley Forge
20. [SJ-JOB] Sales Representative, Any US location
21. [SJ-JOB] Director, Information Security, Montvale
22. [SJ-JOB] Security Consultant, Gloucestershire
23. [SJ-JOB] Quality Assurance, Huntsville
24. [SJ-JOB] Sr. Security Engineer, Huntsville
25. [SJ-JOB] Application Security Engineer, Sydney
26. [SJ-JOB] Security Engineer, Huntsville
27. [SJ-JOB] Security Consultant, Skokie
28. [SJ-JOB] Security System Administrator, Fort Meade
29. [SJ-JOB] Security Engineer, Arlington
30. [SJ-JOB] Software Engineer, Reston
31. [SJ-JOB] Information Assurance Engineer, Herndon
32. [SJ-JOB] Security Engineer, Fort Meade
33. [SJ-JOB] Security System Administrator, Arlington
34. [SJ-JOB] Jr. Security Analyst, Fort Meade
35. [SJ-JOB] Security Auditor, Arlington
36. [SJ-JOB] Information Assurance Engineer, Arlington
37. [SJ-JOB] Penetration Engineer, Herndon
38. [SJ-JOB] Security System Administrator, Fort Lauderdale, Florida
39. [SJ-JOB] Security Consultant, Columbus
40. [SJ-JOB] Security Consultant, Indianapolis
41. [SJ-JOB] Sr. Security Analyst, Lewisville
42. [SJ-JOB] Security Consultant, Cincinnati
43. [SJ-JOB] Security Engineer, Boston
44. [SJ-JOB] Management, Coral Gables
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. debuging
VII. MICROSOFT FOCUS LIST SUMMARY
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Real Flaws in Virtual Worlds
By Federico Biancuzzi
Massively multiplayer online role playing games (MMORPGs), such as World of Warcraft, have millions of subscribers interacting online, which makes security tricky business.
http://www.securityfocus.com/columnists/461
2.Copyrights and Wrongs
By Mark Rasch
On October 1, 2007, Jammie Thomas -- a single mother living in Brainerd, Minnesota -- was sued in civil court for copyright infringement by the Recording Industry Association of America. Three days later, the jury returned the verdict; Ms. Thomas was liable for willfully infringing the copyrights on 24 songs. The fine: $222,000.
http://www.securityfocus.com/columnists/460
II. BUGTRAQ SUMMARY
--------------------
1. Exiv2 EXIF File Handling Integer Overflow Vulnerability
BugTraq ID: 26918
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26918
Summary:
Exiv2 is prone to an integer-overflow vulnerability because it fails to properly verify user-supplied data when handling EXIF files.
Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploits may crash the application.
Exiv2 0.15 is reported vulnerable to this issue; other versions may also be affected.
2. 'unp' File Name Remote Arbitrary Shell Command Injection Vulnerability
BugTraq ID: 27182
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27182
Summary:
The 'unp' package is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.
Attackers can exploit this issue to execute arbitrary shell commands in the context of the application using the vulnerable version of 'unp'. This may facilitate the remote compromise of affected computers.
This issue affects unp 1.0.12; other versions may also be affected.
3. Mozilla Products Multiple Remote Vulnerabilities
BugTraq ID: 24242
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24242
Summary:
The Mozilla Foundation has released six security advisories specifying vulnerabilities in Firefox, SeaMonkey, and Thunderbird.
These vulnerabilities allow attackers to:
- Execute arbitrary code
- Cause denial-of-service conditions
- Perform cross-site scripting attacks
- Obtain potentially sensitive information
- Spoof legitimate content
Other attacks may also be possible.
4. Linux Kernel AACRAID Driver Local Security Bypass Vulnerability
BugTraq ID: 25216
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25216
Summary:
The Linux kernel is prone to a security-bypass vulnerability.
A local attacker may exploit this vulnerability to issue IOCTL commands to AACRAID devices. This may lead to denial-of-service conditions, including data loss and computer crashes.
Versions prior to 2.6.23-rc2 are vulnerable.
5. Linux Kernel Fib_Semantics.C Out Of Bounds Access Vulnerability
BugTraq ID: 23447
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/23447
Summary:
The Linux kernel is prone to an out-of-bounds-access vulnerability. This issue occurs because the semantics for IPv4 Forwarding Information Base fail to adequately bounds-check user-supplied data before accessing an array.
An attacker can exploit this issue to cause denial-of-service conditions. Arbitrary code execution may also be possible, but this has not been confirmed.
Versions prior to 2.6.21-rc6 are vulnerable.
6. Linux Kernel Parent Process Death Signal Local Security Bypass Weakness
BugTraq ID: 25387
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25387
Summary:
The Linux kernel is prone to a security-bypass weakness when dealing with signal handling.
This issue occurs because the software fails to properly validate access when the parent process tries to deliver its death signal to the child that registered it via 'prctl'.
A local attacker may exploit this issue to bypass certain security restrictions, which may lead to other attacks.
Linux kernel versions prior to 2.6.22.4 are vulnerable.
7. Linux Kernel ELF File Cross Region Mapping Local Denial of Service Vulnerability
BugTraq ID: 19702
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/19702
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability. This issue could cause an affected computer to crash.
8. Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
BugTraq ID: 24645
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24645
Summary:
The Apache HTTP Server mod_status module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
9. Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
BugTraq ID: 24215
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24215
Summary:
Apache is prone to multiple denial-of-service vulnerabilities.
An attacker with the ability to execute arbitrary server-side script-code can exploit these issues to stop arbitrary services on the affected computer in the context of the master webserver process; other attacks may also be possible.
10. Perl Unicode Regular Expression Buffer Overflow Vulnerability
BugTraq ID: 26350
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26350
Summary:
Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input.
Successfully exploiting this issue allows attackers to execute arbitrary machine code in the context of Perl applications using regular expressions in a vulnerable manner. This facilitates the remote compromise of affected computers.
Perl 5.8 is vulnerable to this issue; other versions may also be affected.
11. Common UNIX Printing System SNMP 'asn1_get_string()' Remote Buffer Overflow Vulnerability
BugTraq ID: 26917
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26917
Summary:
Common UNIX Printing System (CUPS) is prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected software. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects CUPS 1.2 and 1.3, prior to 1.3.5; other versions may also be vulnerable.
12. pdftops.pl Alternate pdftops Filter for CUPS Insecure Temporary File Creation Vulnerability
BugTraq ID: 26919
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26919
Summary:
The 'pdftops.pl' script is prone to a security vulnerability because it creates temporary files in an insecure way.
An attacker with local access could potentially exploit this issue to perform symlink attacks.
Successfully mounting a symlink attack may allow the attacker to overwrite, delete, or corrupt sensitive files in the context of the affected application, which may result in a denial of service. Other attacks may also be possible.
This issue affects versions prior to pdftops.pl 1.20.
13. OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
BugTraq ID: 25955
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25955
Summary:
OpenH323 is prone to a remote denial-of-service vulnerability because of memory mismanagement when handling user-supplied data.
Successfully exploiting this issue allows remote attackers to deny service to legitimate users.
This issue affects OpenH323 2.2.4; earlier versions may also be vulnerable. Applications using the affected library may also be vulnerable.
14. Ekiga GetHostAddress Remote Denial of Service Vulnerability
BugTraq ID: 25642
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25642
Summary:
Ekiga is prone to a remote denial-of-service vulnerability because of memory mismanagement when handling user-supplied data.
Successfully exploiting this issue allows remote attackers to deny service to legitimate users.
Ekiga 2.0.5 and prior versions are reported vulnerable.
15. Microsoft DirectX SAMI File Parsing Stack Buffer Overflow Vulnerability
BugTraq ID: 26789
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26789
Summary:
DirectX is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data
An attacker could exploit this issue to execute arbitrary code within the privileges of the currently logged-in user. Failed exploit attempts may crash the application.
NOTE: Windows Media Player 6.4 on Windows 2000 was previously stated not to be an attack vector. The vendor has corrected this information to state that it is a possible attack vector.
16. Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 25529
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25529
Summary:
Move Media Player is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into insufficiently sized memory buffers.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control (typically Internet Explorer) and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
These issues affect Move Media Player 1.0.0.1; other versions may also be vulnerable.
17. Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability
BugTraq ID: 24070
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24070
Summary:
Eggdrop Server Module is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Eggdrop 1.6.18 is known to be vulnerable; other versions may be affected as well.
18. Sun Solaris NFS 'netgroups' Security Bypass Vulnerability
BugTraq ID: 26872
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26872
Summary:
Sun Solaris is prone to a security-bypass vulnerability due to an unspecified error.
A successful attack will allow an unauthorized remote user to gain superuser access to shared NFS resources on the vulnerable system with 'netgroups' access configured.
This issue affects Sun Solaris 10 with the following kernel patches:
- kernel patches 120011-04 (and later) that are prior to 127111-05 on SPARC platforms
- kernel patches 120012-04 (and later) that are prior to 127954-03 on x86 platforms
19. MailMachinePRO 'showMsg.php' SQL Injection Vulnerability
BugTraq ID: 27030
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27030
Summary:
MailMachinePRO is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MailMachinePRO 2.2.4 is reported vulnerable; prior versions may also be vulnerable.
20. 'libarchive' Multiple Remote Vulnerabilities
BugTraq ID: 24885
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24885
Summary:
The 'libarchive' library is prone to multiple vulnerabilities because it fails to properly handle malformed TAR and PAX archives.
Successfully exploiting these issues allows remote attackers to trigger application crashes, consume excessive CPU resources, and potentially execute arbitrary machine code in the context of applications that use the affected library.
21. Million Dollar Script 'index.php' Local File Include Vulnerability
BugTraq ID: 27174
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27174
Summary:
Million Dollar Script is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this issue to retrieve potentially sensitive information in the context of the webserver process.
This issue affects Million Dollar Script 2.0.14; other versions may also be vulnerable.
22. Joomla-SMF Forum Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 27218
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27218
Summary:
Joomla-SMF Forum is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The issues affect SMF 1.1.4; other versions of SMF and Joomla-SMF may also be vulnerable.
23. IBM Lotus Domino Unspecified Denial Of Service Vulnerability
BugTraq ID: 27215
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27215
Summary:
IBM Lotus Domino is prone to a denial-of-service vulnerability.
Remote attackers can exploit this issue to deny service to legitimate users.
Versions prior to 7.0.2 Fix Pack 3 are vulnerable.
24. Docebo SQL-Injection Vulnerability and Multiple Information Disclosure Vulnerabilities
BugTraq ID: 27211
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27211
Summary:
Docebo is prone to multiple information-disclosure vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or access sensitive data that may be used to launch further attacks.
These issues affect Docebo 3.5.0.3; other versions may also be vulnerable.
25. Omegasoft Insel Authentication Bypass Vulnerability and User Enumeration Weakness
BugTraq ID: 27210
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27210
Summary:
Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness.
An attacker can exploit these issues to gain access to sensitive information and gain unauthorized access to the application.
These issues affect Omegasoft Insel 7; other versions may also be affected.
26. Novell Client for Windows 'nicm.sys 'Local Privilege Escalation Vulnerability
BugTraq ID: 27209
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27209
Summary:
Novell Client for Windows is prone to a local privilege-escalation vulnerability because it fails to adequately handle user-supplied input.
An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.
Novell Client for Windows 4.91 SP3 and SP4 are vulnerable; other versions may also be affected.
27. PHP Webquest 'soporte_horizontal_w.php' SQL Injection Vulnerability
BugTraq ID: 27192
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27192
Summary:
PHP Webquest is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
PHP Webquest 2.6 is vulnerable; other versions may also be affected.
28. SSH Tectia Client and Server ssh-signer Local Privilege Escalation Vulnerability
BugTraq ID: 27191
Remote: No
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27191
Summary:
SSH Tectia Client and Server software running on UNIX operating systems is prone to a local privilege-escalation vulnerability.
Successful exploits allow local attackers to gain superuser-level access to affected computers. This facilitates the complete compromise of affected computers.
This issue affects these versions:
SSH Tectia Client/Server 5.0 through 5.2.3
SSH Tectia Client/Server 5.3 through 5.3.5.
This issue affects only UNIX-based platforms.
29. IceWarp Mail Server 'admin/index.html' Cross-Site Scripting Vulnerability
BugTraq ID: 27189
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27189
Summary:
IceWarp Mail Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
This issue affects unknown versions of IceWarp Mail Server; we may update this BID when more details become available.
30. EvilBoard Cross-Site Scripting Vulnerability and SQL-Injection Vulnerability
BugTraq ID: 27190
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27190
Summary:
EvilBoard is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input.
A successful exploit may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
EvilBoard 0.1a is vulnerable; other versions may also be affected.
31. Sun Solaris ICMP Unspecified Remote Denial of Service Vulnerability
BugTraq ID: 22323
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/22323
Summary:
Sun Solaris is prone to a remote denial-of-service vulnerability.
A successful attack can trigger a crash in the operating system, leading to a denial-of-service condition for legitimate users.
Solaris 10 is affected by this issue.
32. BT Home Hub and Thomson/Alcatel Speedtouch 7G Multiple Vulnerabilities
BugTraq ID: 25972
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/25972
Summary:
BT Home Hub and Thomson/Alcatel Speedtouch 7G routers are prone to multiple web-interface vulnerabilities, including a cross-site request-forgery issue, a cross-site scripting issue, multiple HTML-injection issues, and multiple authentication-bypass issues.
Successful exploits of many of these issues will allow an attacker to completely compromise the affected device.
These issues affect the BT Home Hub and Thomson/Alcatel Speedtouch 7G routers.
33. HelpBox Multiple Security Vulnerabilities
BugTraq ID: 27187
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27187
Summary:
HelpBox is prone to multiple security vulnerabilities because the application fails to properly sanitize user-supplied input.
These vulnerabilities include an arbitrary-file-upload issue, multiple SQL-injection issues, multiple HTML-injection issues, and a weakness that enables attackers to identify the presence of valid user accounts.
A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, or execute arbitrary script code in the browser of an unsuspecting user.
These issues affect HelpBox 3.7.1; other versions may also be affected.
34. Sun Java Runtime Environment 'jpiexp32.dll' Object Name NULL-Pointer Denial Of Service Vulnerability
BugTraq ID: 27185
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27185
Summary:
Sun Java Runtime Environment is prone to a remote denial-of-service vulnerability when handling certain user-supplied object data.
Attackers can leverage this issue by enticing unsuspecting users to visit specially crafted webpages.
Versions prior to Sun JRE 5.0 update 14 are affected.
35. Zero CMS Arbitrary File Upload Vulnerability and Multiple SQL-Injection Vulnerabilities
BugTraq ID: 27186
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27186
Summary:
Zero CMS is prone to an arbitrary file-upload vulnerability and multiple SQL-injection vulnerabilities because the applications fails to sufficiently sanitize user-supplied input.
An attacker can exploit these issues to upload and execute arbitrary code within the context of the webserver process, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Zero CMS 1.0 Alpha is vulnerable; other versions may also be affected.
36. OpenPegasus WBEM CIM Management Server 'PAMBasicAuthenticatorUnix.cpp' Buffer Overflow Vulnerability
BugTraq ID: 27172
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27172
Summary:
OpenPegasus is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
This issue occurs in the PAM (Pluggable Authentication Module) authentication code.
Attackers can leverage this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
Versions in the OpenPegasus 2.6 series are vulnerable.
37. OpenPegasus Management Server PAM Authentication 'cimservera.pp' Buffer Overflow Vulnerability
BugTraq ID: 27188
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27188
Summary:
OpenPegasus is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
This issue occurs in the PAM (Pluggable Authentication Module) authentication code.
Attackers can leverage this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
Versions in the OpenPegasus 2.6 series are vulnerable.
38. SAM Broadcaster samPHPweb 'db.php' Remote File Include Vulnerability
BugTraq ID: 27137
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27137
Summary:
SAM Broadcaster samPHPweb is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
SAM Broadcaster samPHPweb 4.2.2 is vulnerable; other versions may also be affected.
39. Tuned Studios Multiple Webpage Templates 'index.php' Remote File Include Vulnerability
BugTraq ID: 27196
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27196
Summary:
Multiple Tuned Studios webpage templates are prone to a remote file-include vulnerability because the applications fail to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to include and execute arbitrary remote files in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
This issue affects the following templates:
Subwoofer
Freeze Theme
Orange Cutout
Lonely Maple
Endless
Classic Theme
Music Theme
40. SysHotel On Line System 'index.php' Local File Include Vulnerability
BugTraq ID: 27184
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27184
Summary:
SysHotel On Line System is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the context of the application. This may allow the attacker to access sensitive information that may aid in further attacks.
41. Petris Local Buffer Overflow Vulnerability
BugTraq ID: 16190
Remote: No
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/16190
Summary:
petris is vulnerable to a locally exploitable buffer overflow vulnerability. It has been reported that a local attacker may exploit this condition to execute attacker-supplied code with group games privileges.
Due to a lack of information, further details cannot be provided at the moment. This BID will be updated when more information becomes available.
42. libexif Image Tag Remote Integer Overflow Vulnerability
BugTraq ID: 26942
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26942
Summary:
The libexif library is prone to an integer-overflow vulnerability because the software fails to ensure that integer values are not overrun.
Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of an application using the vulnerable library. Failed attempts will likely result in denial-of-service conditions.
43. Microsoft Windows TCP/IP IGMP MLD Remote Buffer Overflow Vulnerability
BugTraq ID: 27100
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27100
Summary:
Microsoft Windows is prone to a remote buffer-overflow vulnerability because it fails to adequately handle specially crafted TCP/IP traffic.
Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers.
NOTE: A server is vulnerable if an application or a service on the server uses IP multicast. By default, no services use multicast on Microsoft Windows Server 2003.
44. ClamAV 'mspack.c' Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 26946
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26946
Summary:
ClamAV is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the 'libclamav' library. Failed exploits may crash the application.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
45. Rsync Use Chroot Insecure File Creation Vulnerability
BugTraq ID: 26638
Remote: No
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26638
Summary:
The 'rsync' utility is prone to a security vulnerability because it creates files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. This may result in denial-of-service conditions; other attacks are also possible.
This issue affects versions prior to rsync 3.0.0pre6.
46. teTeX DVI File Parsing Multiple Vulnerabilities
BugTraq ID: 26469
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26469
Summary:
teTeX is prone to multiple vulnerabilities that include buffer-overflow errors and race-condition issues.
Attackers can exploit these issues to execute arbitrary code in the context of the affected application, cause denial-of-service conditions, or obtain potentially sensitive information.
47. ClamAV BZ_GET_FAST Bzip2 Decompression Vulnerability
BugTraq ID: 27063
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27063
Summary:
ClamAV is prone to a vulnerability due to a flaw in its Bzip2 decompression support.
Successful exploits of this vulnerability may potentially allow remote attackers to execute arbitrary code in the context of the vulnerable application or to trigger denial-of-service conditions. These effects have not been confirmed.
No further technical details are currently available. We will update this BID as more information emerges.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
48. libexif Image Tag Remote Denial Of Service Vulnerability
BugTraq ID: 26976
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26976
Summary:
The libexif library is prone to a denial-of-service vulnerability because of an infinite-recursion error.
Exploiting this issue allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable library.
49. Sun Java System Identity Manager Multiple Input Validation Vulnerabilities
BugTraq ID: 27214
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27214
Summary:
Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include HTML-injection and cross-site scripting issues.
Attackers can exploit these issues to execute arbitrary HTML and script code in the context of the affected site. Successful exploits could allow an attacker to steal cookie-based authentication credentials, or control how the site is rendered to the user; other attacks are also possible.
Sun Java System Identity Manager 6.0 SP1, 6.0 SP2, 6.0 SP3, 7.0 and 7.1 are vulnerable.
50. Squid Proxy Cache Update Reply Processing Remote Denial of Service Vulnerability
BugTraq ID: 26687
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26687
Summary:
Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to perform boundary checks before copying user-supplied data into process buffers.
Successfully exploiting this issue allows remote attackers to crash the affected application, denying further service to legitimate users. Attackers may also be able to execute arbitrary code, but this has not been confirmed.
This issue affects Squid 2.6.STABLE16 and prior versions. All Squid-3 snapshots and prereleases up to the November 28 snapshot are also vulnerable.
51. ClamAV 'libclamav/pe.c' MEW Packed PE File Integer Overflow Vulnerability
BugTraq ID: 26927
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26927
Summary:
ClamAV is prone to an integer-overflow vulnerability because it fails to properly verify user-supplied data.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the 'libclamav' library. Failed exploits may crash the application.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
52. Rsync Daemon Excludes Multiple File Access Vulnerabilities
BugTraq ID: 26639
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/26639
Summary:
The 'rsync' daemon is prone to multiple file-access vulnerabilities because it fails to properly validate 'exclude'-type options set in the daemon's configuration file 'rsyncd.conf'.
Attackers can exploit these issues to read sensitive information or overwrite files with writable permissions.
53. OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
BugTraq ID: 25628
Remote: No
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/25628
Summary:
OpenSSH is prone to a local authentication-bypass vulnerability because the software fails to properly manage trusted and untrusted X11 cookies.
Successfully exploiting this issue allows local attackers to potentially launch a forwarded X11 session through SSH in an unauthorized manner. Further details are currently unavailable. We will update this BID as more information emerges.
This issue affects OpenSSH 4.6; previous versions may be affected as well.
54. OpenAFS Fileserver Denial of Service Vulnerability
BugTraq ID: 27132
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27132
Summary:
OpenAFS fileserver is prone to a denial-of-service vulnerability caused by a race-condition error.
Successfully exploiting this issue allows attackers to crash the affected fileserver, denying service to legitimate users.
The issue affects these versions:
OpenAFS 1.3.50 to 1.4.5
OpenAFS 1.5.0 to 1.5.27
55. Microsoft XML Core Services SubstringData Integer Overflow Vulnerability
BugTraq ID: 25301
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/25301
Summary:
Microsoft XML Core Services is prone to an integer-overflow vulnerability because the application fails to ensure that integer values are not overrun.
Attackers can exploit this issue by enticing unsuspecting users to view malicious web content. Specially crafted scripts could issue requests to MSXML that trigger memory corruption.
Successfully exploiting this issue allows remote attackers to corrupt heap memory and execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
56. DomPHP 'index.php' Remote File Include Vulnerability
BugTraq ID: 27226
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27226
Summary:
DomPHP is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
This issue affects DomPHP 0.81; other versions may also be vulnerable.
57. Apple QuickTime RTSP Connection Status Display Remote Buffer Overflow Vulnerability
BugTraq ID: 27225
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27225
Summary:
Apple QuickTime is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized buffer.
Attackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions.
QuickTime 7.3.1.70 is vulnerable to this issue; other versions may also be affected.
58. MTCMS Index.PHP Multiple SQL Injection Vulnerabilities
BugTraq ID: 27224
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27224
Summary:
MTCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MTCMS 2.0 is vulnerable; other versions may also be affected.
59. Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities
BugTraq ID: 27223
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27223
Summary:
Horde IMP and Groupware Webmail Edition are prone to multiple input-validation vulnerabilities because it fails to sanitize certain HTML and HTTP data.
Attackers can leverage these issues to have malicious HTML rendered in the client, to delete arbitrary email messages, or to purge deleted email messages.
IMP 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 are vulnerable; other versions may also be affected.
60. Ingate Firewall And SIParator Remote Denial of Service Vulnerability
BugTraq ID: 27222
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27222
Summary:
Ingate Firewall and SIParator products are prone to a remote denial-of-service vulnerability.
Successful exploits allow remote attackers to consume all available network ports, resulting in further calls being refused. This will deny further service to legitimate users.
Versions prior to Ingate Firewall 4.6.1 and Ingate SIParator 4.6.1 are vulnerable.
61. VLC Media Player 'sdpplin_parse()' RTSP and Unspecified Heap Based Buffer Overflow Vulnerabilities
BugTraq ID: 27221
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27221
Summary:
VLC media player is prone to two heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input.
Attackers can leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
NOTE: The exact impact of one of these issues is currently unknown. This BID will be updated as information becomes available.
VLC 0.8.6d is vulnerable; other versions may also be affected.
62. ID-Commerce 'liste.php' SQL Injection Vulnerability
BugTraq ID: 27220
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27220
Summary:
ID-Commerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
63. Xen DR7 and CR4 Registers Multiple Local Denial of Service Vulnerabilities
BugTraq ID: 27219
Remote: No
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27219
Summary:
Xen is prone to multiple local denial-of-service vulnerabilities.
An attacker can exploit these issues to crash the hypervisor, triggering denial-of-service conditions for all hosted virtual machines.
64. Horde Products Multiple Unspecified Security Bypass Vulnerabilities
BugTraq ID: 27217
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27217
Summary:
Horde products are prone to multiple unspecified security-bypass vulnerabilities.
Attackers can use these issues to bypass certain security restrictions and perform unauthorized actions; other attacks may also be possible.
These issues affect Horde 3.1.5, Mnemo 2.1.1, Nag 2.1.3, Kronolith 2.1.6, Turba 2.1.5, Horde Groupware Webmail Edition 1.0.3, and Horde Groupware 1.0.2; other versions may also be vulnerable.
Very little is known about these issues at this time. We will update this BID as more information emerges.
65. DomPHP 'inscription.php' SQL Injection Vulnerability
BugTraq ID: 27212
Remote: Yes
Last Updated: 2008-01-10
Relevant URL: http://www.securityfocus.com/bid/27212
Summary:
DomPHP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects DomPHP versions 0.81 and prior.
66. Dovecot Authentication Cache Security Bypass Vulnerability
BugTraq ID: 27093
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27093
Summary:
Dovecot is prone to a security-bypass vulnerability.
An attacker may exploit this condition to bypass certain security restrictions and obtain potentially sensitive data; other attacks are also possible.
Please note that default configurations of Dovecot are not affected by this issue. The chances of attack are further reduced because Dovecot must be configured in a specific way, making exploits highly circumstantial.
Versions higher than Dovecot 1.0.rc11 and prior to Dovecot 1.0.10 are vulnerable to this issue.
67. Fail2ban Remote Denial of Service Vulnerability
BugTraq ID: 25117
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25117
Summary:
Fail2ban is prone to a remote denial-of-service vulnerability because the application fails to properly ensure the validity of authentication-failure messages.
Successfully exploiting this issue allows remote attackers to add arbitrary IP addresses to the block list used by the application. This allows attackers to deny further network access to arbitrary IP addresses, denying service to legitimate users.
Fail2ban 0.8.0 and prior versions are vulnerable to this issue.
68. Microsoft Windows TCP/IP ICMP Remote Denial Of Service Vulnerability
BugTraq ID: 27139
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27139
Summary:
Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted TCP/IP traffic.
Attackers can exploit this issue to cause affected computers to stop responding and to automatically restart. Successful attacks will deny service to legitimate users. The discoverer of this issue reports that code execution may also be possible, but this has not been confirmed.
NOTE: ICMP RDP (Router Discovery Protocol) must be enabled for this issue to occur. Router Discovery Processing is disabled by default on Microsoft Windows Server 2000. The option is also disabled by default on Microsoft Windows XP and Windows Server 2003, unless the host receives the 'perform router discovery' option from a DHCP server.
69. yaSSL Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 27140
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27140
Summary:
yaSSL is prone to multiple remote buffer-overflow vulnerabilities.
Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the library. Failed attacks will cause denial-of-service conditions.
yaSSL 1.7.5 is vulnerable to these issues; other versions are also likely to be affected.
70. Claws Mail Insecure Temporary File Creation Vulnerability
BugTraq ID: 26676
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26676
Summary:
Claws Mail is prone to a security vulnerability because it creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
This issue affects Claws Mail 3.1.0; other versions may also be vulnerable.
71. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
BugTraq ID: 26838
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26838
Summary:
Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects the following:
- The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0
- The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0.
72. Python PyLocale_strxfrm Function Remote Information Leak Vulnerability
BugTraq ID: 23887
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/23887
Summary:
Python applications that use the 'PyLocale_strxfrm' function are prone to an information leak.
Exploiting this issue allows remote attackers to read portions of memory.
Python 2.4.4-2 and 2.5 are confirmed vulnerable to this issue.
73. Net-SNMP GETBULK Remote Denial of Service Vulnerability
BugTraq ID: 26378
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26378
Summary:
Net-SNMP is prone to a remote denial-of-service vulnerability.
Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions.
This issue affects versions prior to Net-SNMP 5.4.1.
74. Hewlett-Packard OpenView OVTrace Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 25255
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25255
Summary:
HP OpenView applications are prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on input that is supplied to opcode handlers of affected services.
These vulnerabilities affect the 'ovtrcsvc.exe' and the 'OVTrace.exe' service.
Attackers can exploit these issues to execute arbitrary code with superuser privileges.
75. PCRE Regular Expression Library Multiple Integer and Buffer Overflow Vulnerabilities
BugTraq ID: 26462
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26462
Summary:
PCRE regular-expression library is prone to multiple integer- and buffer-overflow vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library.
76. PCRE Regular Expression Library Multiple Security Vulnerabilities
BugTraq ID: 26346
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26346
Summary:
PCRE regular-expression library is prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library.
77. PCRE Regular Expression Library UTF-8 Options Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 26550
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26550
Summary:
PCRE regular-expression library is prone to multiple remote denial-of-service vulnerabilities because a memory-calculation error occurs for certain regular expressions.
Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.
These issues affect versions prior to PCRE 7.0.
78. Microsoft Windows LSASS LPC Request Local Privilege Escalation Vulnerability
BugTraq ID: 27099
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27099
Summary:
Microsoft Windows Local Security Authority Subsystem Service (LSASS) is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will facilitate in the complete compromise of affected computers.
79. ISC BIND 8 Remote Cache Poisoning Vulnerability
BugTraq ID: 25459
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25459
Summary:
BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator.
An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks.
Versions of BIND from 8.2.0 through to 8.4.7 are vulnerable to this issue.
80. Level One WBR-3460A 4-Port ADSL 2/2+ Wireless Modem Router Unauthorized Access Vulnerability
BugTraq ID: 27183
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27183
Summary:
Level One WBR-3460A 4-Port ADSL 2/2+ Wireless Modem Router is prone to a vulnerability that allows unauthorized superuser access.
The issue occurs because the device fails to properly validate users for certain communication services.
Successful exploits will completely compromise affected routers. This could aid in attacks against other computers on the network.
WBR-3460A firmware 1.00.11 and 1.00.12 are vulnerable; other versions may also be affected. Reports indicate that 1.00.06 (which comes preinstalled on the device) is not affected.
81. Multiple Browser URI Handlers Command Injection Vulnerabilities
BugTraq ID: 25053
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25053
Summary:
Multiple browsers are prone to vulnerabilities that let attackers inject commands through various protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through processes such as 'cmd.exe' by employing various URI handlers.
An attacker can exploit these issues to carry out various attacks by executing arbitrary commands on a vulnerable computer.
Exploiting these issues would permit remote attackers to influence command options that can be called through protocol handlers and to execute commands with the privileges of a user running the application. Successful attacks may result in a variety of consequences, including remote unauthorized access.
Mozilla Firefox 2.0.0.5, 3.0a6 and Netscape Navigator 9 are reported vulnerable to these issues. Other versions of these browsers and other vendors' browsers may also be affected.
82. Multiple Web Browsers Digest Authentication HTTP Response Splitting Vulnerability
BugTraq ID: 23668
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/23668
Summary:
Multiple browsers are prone to an HTTP-response-splitting vulnerability because the software fails to properly sanitize user-supplied input.
A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
This issue affects Microsoft Internet Explorer 7.0.5730.11 and Mozilla Firefox 2.0.0.3; other versions and browsers may also be affected.
83. Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability
BugTraq ID: 18308
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/18308
Summary:
Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users.
This issue is demonstrated to allow attackers to divert keystrokes from one input form in a webpage to a hidden file-upload dialog in the same page. This may allow remote attackers to initiate file uploads from unsuspecting users. Other attacks may also be possible.
Exploiting this issue requires that users manually type the full path of files that attackers wish to download. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input to exploit this issue.
Reportedly, Mozilla Suite, Mozilla Firefox, Mozilla SeaMonkey, Netscape Navigator, and Microsoft Internet Explorer are all vulnerable to this issue.
84. Mozilla Firefox OnKeyDown Event File Upload Vulnerability
BugTraq ID: 24725
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24725
Summary:
Mozilla Firefox is prone to an information-disclosure vulnerability that can allow an attacker to access sensitive files.
This issue stems from a design error resulting from the improper handling of form fields.
All versions of Firefox are considered vulnerable.
85. Mozilla Firefox OnUnload Javascript Browser Entrapment Vulnerability
BugTraq ID: 22688
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/22688
Summary:
Mozilla Firefox is prone to a vulnerability that allows attackers to trap users at a particular webpage and spoof page transitions.
Attackers may exploit this via a malicious page to spoof the contents and origin of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing.
86. Mozilla Firefox WYCIWYG:// URI Cache Zone Bypass Vulnerability
BugTraq ID: 24831
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24831
Summary:
Mozilla Firefox is prone to a cache-zone-bypass vulnerability because the application fails to properly block remote access to special internally generated URIs containing cached data.
Exploiting this issue allows remote attackers to access potentially sensitive information and to place markers with similar functionality to cookies onto targeted users' computers, regardless of cookie security settings. Information harvested in successful exploits may aid in further attacks.
Attackers may also potentially exploit this issue to perform cache-poisoning or URL-spoofing attacks.
This issue is being tracked by Mozilla's Bugzilla Bug 387333.
87. Mozilla Firefox 2.0.0.7 Multiple Remote Vulnerabilities
BugTraq ID: 26132
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/26132
Summary:
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.7 and prior versions.
These vulnerabilities allow attackers to:
- Execute arbitrary code due to memory corruption.
- Carry out content spoofing and phishing attacks.
- Gain unauthorized access to files on a user's computer running the Linux operating system.
- Execute script code with elevated privileges.
Other attacks may also be possible.
These issues are present in Firefox 2.0.0.7 and prior versions. Mozilla Thunderbird 2.0.0.7 and prior versions as well as SeaMonkey 1.1.4 and prior versions are also affected by many of these vulnerabilities.
88. Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
BugTraq ID: 25142
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25142
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a vulnerability that allows JavaScript to execute with unintended privileges.
A malicious site may be able to cause the execution of a script with Chrome privileges. Attackers could exploit this issue to execute hostile script code with privileges that exceed those that were intended. Certain Firefox extensions may not intend 'about:blank' to execute script code with Chrome privileges.
NOTE: This issue was introduced by the fix for MFSA 2007-20.
89. Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities
BugTraq ID: 24946
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24946
Summary:
The Mozilla Foundation has released four security advisories specifying multiple vulnerabilities in Firefox 2.0.0.4.
These vulnerabilities allow attackers to:
- Execute arbitrary code
- Execute code with chrome privileges
- Perform cross-site scripting attacks
- Crash Firefox in a myriad of ways, with evidence of memory corruption.
Other attacks may also be possible.
90. Mozilla Firefox URLBar Null Byte File Remote Code Execution Vulnerability
BugTraq ID: 24447
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24447
Summary:
Mozilla Firefox is prone to a remote code-execution vulnerability because it fails to adequately sanitize user-supplied input.
Attackers may exploit this issue by enticing victims into visiting a malicious site and followings links with improper file extensions.
Successful exploits may allow an attacker to crash the application or execute arbitrary code in the context of the affected application. Other attacks are also possible.
91. Mozilla Firefox About:Blank IFrame Cross Domain Information Disclosure Vulnerability
BugTraq ID: 24286
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24286
Summary:
Mozilla Firefox is prone to a cross-domain information-disclosure vulnerability because scripts may persist across navigations.
A malicious site may be able to modify the iframe of a site in an arbitrary external domain. Attackers could exploit this to gain access to sensitive information that is associated with the external domain. Other attacks are also possible, such as executing script code in other browser security zones.
This issue is being tracked by Bugzilla Bug 382686 and is reportedly related to Bug 343168.
Firefox 2.0.0.4 and prior versions are vulnerable.
92. SynCE 'vdccm' Daemon Remote Command Injection Vulnerability
BugTraq ID: 27178
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27178
Summary:
SynCE is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.
Attackers can exploit this issue to execute arbitrary commands in the context of the application, facilitating the remote compromise of affected computers.
SynCE 0.92 is vulnerable; other versions may also be affected.
93. CherryPy Cookie Session Id Information Disclosure Vulnerability
BugTraq ID: 27181
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27181
Summary:
CherryPy is prone to an information-disclosure vulnerability because it fails to properly validate user access rights before performing certain actions.
Exploiting this issue may allow an attacker to bypass certain security restrictions and obtain potentially sensitive information; other attacks are also possible.
This issue affects CherryPy 2.2.1 and 3.0.2.
94. Creative Ensoniq PCI ES1371 WDM Driver Local Privilege Escalation Vulnerability
BugTraq ID: 27179
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27179
Summary:
Creative Ensoniq PCI ES1371 WDM drivers are prone to a local privilege-escalation vulnerability.
Successful exploits allow local users to execute arbitrary machine code with kernel-level privileges, facilitating the complete compromise of affected computers.
This issue occurs when the vulnerable driver is running in a Microsoft Windows Vista environment. This occurs in VMware Server and Workstation environments when running Microsoft Vista guest operating systems with sound enabled.
This issue affects 'es1371mp.sys' 5.1.3612.0. Given the nature of the issue, other device drivers and versions may also be vulnerable, but this has not been confirmed.
95. PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
BugTraq ID: 27163
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27163
Summary:
PostgreSQL is prone to multiple remote vulnerabilities, including:
- Three privilege-escalation vulnerabilities
- Three denial-of-service vulnerabilities
An attacker can exploit these issues to gain complete control of the affected application or to cause a denial-of-service condition.
These issues affect PostgreSQL 8.2, 8.1, 8.0, 7.4, and 7.3; other versions may also be affected.
96. eTicket Multiple Scripts Multiple Input Validation Vulnerabilities
BugTraq ID: 27173
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27173
Summary:
eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, a cross-site scripting issue, and an authentication-bypass issue.
A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, or execute arbitrary script code in the browser of an unsuspecting user.
These issues affect eTicket 1.5.5.2; other versions may also be affected.
97. Gateway CWebLaunchCtl ActiveX Control Command Execution and Remote Buffer Overflow Vulnerability
BugTraq ID: 27193
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27193
Summary:
Gateway Computers CWebLaunchCtl ActiveX control is prone to an arbitrary command-execution vulnerability and a buffer-overflow vulnerability.
An attacker can exploit these issues to execute arbitrary local scripts, and to execute remote code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
weblaunch.ocx 1.0.0.1, which provides the ActiveX control, is vulnerable to both of these issues. weblaunch2.ocx is vulnerable to the command-execution issue; it may also be vulnerable to the buffer-overflow issue, but that has not been confirmed. Other versions may also be affected.
98. Motorola netOctopus Agent 'nantsys.sys' Local Privilege Escalation Vulnerability
BugTraq ID: 27175
Remote: No
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/27175
Summary:
netOctopus is prone to a local privilege-escalation vulnerability.
Exploiting this issue could allow attackers to execute arbitrary code with elevated privileges.
This issue affects netOctopus 5.1.2; other versions may also be vulnerable.
99. Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability
BugTraq ID: 24837
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/24837
Summary:
Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and 'navigatorurl' protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through the 'firefox.exe' and 'navigator.exe' processes by employing the 'firefoxurl' and 'navigatorurl' handlers.
An attacker can also employ these issues to carry out cross-browser scripting attacks by using the '-chrome' argument. This can allow the attacker to run JavaScript code with the privileges of trusted Chrome context and gain full access to Firefox and Netscape Navigator's resources.
Exploiting these issues would permit remote attackers to influence command options that can be called through the 'firefoxurl' and 'navigatorurl' handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in a variety of consequences, including remote unauthorized access.
100. Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability
BugTraq ID: 25543
Remote: Yes
Last Updated: 2008-01-09
Relevant URL: http://www.securityfocus.com/bid/25543
Summary:
Mozilla Firefox is prone to an unspecified vulnerability that lets remote attackers inject commands through the 'mailto', 'nntp', 'news', and 'snews' protocol handlers.
Remote attackers may influence command options that can be called through the various handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in various consequences, including remote unauthorized access.
NOTE: Attackers can use this issue as an attack vector for the issue described in BID 25945 (Microsoft Windows URI Handler Command Execution Vulnerability).
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Malware hitches a ride on digital devices
By: Robert Lemos
Some consumers reported that their holiday gifts came with an unwelcome passenger, a Trojan horse. Infections at the factory and in retail stores will likely become more common.
http://www.securityfocus.com/news/11499
2. Senate delays vote on spy bill
By: Robert Lemos
A bill that would modernize the United States' legal framework for eavesdropping and grant telecommunications companies retroactive immunity for wiretapping customers will have to wait until January.
http://www.securityfocus.com/news/11498
3. Researchers reverse Netflix anonymization
By: Robert Lemos
Two computer scientists show that a large set of transactional data poses privacy risks by finding a way to link movie ratings from the Netflix Prize dataset to publicly available information.
http://www.securityfocus.com/news/11497
4. Group drafts rules to nix credit-card storage
By: Robert Lemos
The organization responsible for technical and best-practice standards in the payment industry plans to require the makers of merchant software to certify that their programs do not store sensitive data.
http://www.securityfocus.com/news/11496
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Software Engineer, San Jose
http://www.securityfocus.com/archive/77/485924
2. [SJ-JOB] Certification & Accreditation Engineer, Gaithersburg
http://www.securityfocus.com/archive/77/485932
3. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/485920
4. [SJ-JOB] Security Consultant, Detroit
http://www.securityfocus.com/archive/77/485921
5. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/485922
6. [SJ-JOB] Sr. Security Engineer, Washington
http://www.securityfocus.com/archive/77/485923
7. [SJ-JOB] Account Manager, New York
http://www.securityfocus.com/archive/77/485926
8. [SJ-JOB] Management, Coral Gables
http://www.securityfocus.com/archive/77/485912
9. [SJ-JOB] Sales Representative, Los Angeles
http://www.securityfocus.com/archive/77/485913
10. [SJ-JOB] Security System Administrator, Purchase
http://www.securityfocus.com/archive/77/485919
11. [SJ-JOB] Director, Information Security, Brooklyn (Metrotech)
http://www.securityfocus.com/archive/77/485929
12. [SJ-JOB] Technical Writer, Basingstoke
http://www.securityfocus.com/archive/77/485930
13. [SJ-JOB] Technical Writer, Stamford
http://www.securityfocus.com/archive/77/485931
14. [SJ-JOB] Security Engineer, Fort Meade
http://www.securityfocus.com/archive/77/485908
15. [SJ-JOB] Sales Engineer, Houston
http://www.securityfocus.com/archive/77/485914
16. [SJ-JOB] Technical Support Engineer, Stamford
http://www.securityfocus.com/archive/77/485927
17. [SJ-JOB] Information Assurance Engineer, 20170
http://www.securityfocus.com/archive/77/485928
18. [SJ-JOB] Security Engineer, Washington, DC area
http://www.securityfocus.com/archive/77/485907
19. [SJ-JOB] Security Architect, Valley Forge
http://www.securityfocus.com/archive/77/485909
20. [SJ-JOB] Sales Representative, Any US location
http://www.securityfocus.com/archive/77/485916
21. [SJ-JOB] Director, Information Security, Montvale
http://www.securityfocus.com/archive/77/485925
22. [SJ-JOB] Security Consultant, Gloucestershire
http://www.securityfocus.com/archive/77/485910
23. [SJ-JOB] Quality Assurance, Huntsville
http://www.securityfocus.com/archive/77/485900
24. [SJ-JOB] Sr. Security Engineer, Huntsville
http://www.securityfocus.com/archive/77/485901
25. [SJ-JOB] Application Security Engineer, Sydney
http://www.securityfocus.com/archive/77/485902
26. [SJ-JOB] Security Engineer, Huntsville
http://www.securityfocus.com/archive/77/485906
27. [SJ-JOB] Security Consultant, Skokie
http://www.securityfocus.com/archive/77/485915
28. [SJ-JOB] Security System Administrator, Fort Meade
http://www.securityfocus.com/archive/77/485868
29. [SJ-JOB] Security Engineer, Arlington
http://www.securityfocus.com/archive/77/485892
30. [SJ-JOB] Software Engineer, Reston
http://www.securityfocus.com/archive/77/485899
31. [SJ-JOB] Information Assurance Engineer, Herndon
http://www.securityfocus.com/archive/77/485867
32. [SJ-JOB] Security Engineer, Fort Meade
http://www.securityfocus.com/archive/77/485869
33. [SJ-JOB] Security System Administrator, Arlington
http://www.securityfocus.com/archive/77/485885
34. [SJ-JOB] Jr. Security Analyst, Fort Meade
http://www.securityfocus.com/archive/77/485891
35. [SJ-JOB] Security Auditor, Arlington
http://www.securityfocus.com/archive/77/485871
36. [SJ-JOB] Information Assurance Engineer, Arlington
http://www.securityfocus.com/archive/77/485886
37. [SJ-JOB] Penetration Engineer, Herndon
http://www.securityfocus.com/archive/77/485893
38. [SJ-JOB] Security System Administrator, Fort Lauderdale, Florida
http://www.securityfocus.com/archive/77/485898
39. [SJ-JOB] Security Consultant, Columbus
http://www.securityfocus.com/archive/77/485859
40. [SJ-JOB] Security Consultant, Indianapolis
http://www.securityfocus.com/archive/77/485860
41. [SJ-JOB] Sr. Security Analyst, Lewisville
http://www.securityfocus.com/archive/77/485863
42. [SJ-JOB] Security Consultant, Cincinnati
http://www.securityfocus.com/archive/77/485870
43. [SJ-JOB] Security Engineer, Boston
http://www.securityfocus.com/archive/77/485858
44. [SJ-JOB] Management, Coral Gables
http://www.securityfocus.com/archive/77/485861
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. debuging
http://www.securityfocus.com/archive/82/485723
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: Black Hat DC
Attend Black Hat DC, February 18-21, the Washington, DC version of the world's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content-including a focus on wireless security and offensive attack analysis. Network with 400+ delegates and review products from leading vendors in a relaxed setting, including Diamond sponsor Microsoft.
No comments:
Post a Comment