The Week in Photos: Moon, MacBooks, and MythBusters

February 29, 2008

View online | Manage newsletters | Unsubscribe | Send us feedback

		This week's top photo galleries 1 NASA tunes up trucks for the moon NASA is developing robotic trucks and rovers that will explore the lunar surface when astronauts return to the moon--probably around 2020. 2 First U.S. spy satellite photos--ever! In the heat of the Cold War, the U.S. government's National Reconnaissance Office kept watch from the heavens on military activity behind the Iron Curtain. 3 Apple adds multitouch, power to MacBooks Apple boosts the power of its MacBook and MacBook Pro lineups. Plus, it borrows the Multi-Touch pad from MacBook Air. 4 Sony's gadget bonanza The consumer electronics giant is hosting an open house in Las Vegas, where it's showing off MP3 players, laptops, and more. 5 Wireless-sensor making is a snap A Lego-like wireless-sensor platform developed at Ireland's Tyndall National Institute lets you stack and combine boards in a variety of ways. 6 The Morph concept phone Nokia Research Center is collaborating with University of Cambridge on development of a nanotech concept handset that can stretch and bend. 7 Geek heaven at WonderCon Dressed like Jedis and superheroes, fans converge on San Francisco for a heaping dose of comics and pop culture. 8 Turning green into gold Start-ups at the Cleantech Forum show off electric car rental hubs, batteries that won't explode, and drugs grown from plants. 9 MythBusters ready to swim with the sharks Can magnets control sharks' movements? During their Shark Week episode, the MythBusters will look into several commonly held ideas about the creatures. 10 Today's Venus weather forecast: Sulfuric acid clouds The Venus Express is able to cut through some of the planet's haze to discover dramatic global weather patterns and acid clouds. More from CNET News.com:  Latest image galleries:  Get more news:  News.com Extra:  Business Tech:  Cutting Edge:  Access:  Threats:  Media 2.0:  Digital Life:
	Sign up for more free newsletters from CNET! To manage your account settings or to remove yourself from all CNET communications, please visit our Subscription Center. The e-mail address for your subscription is boy.blogger@gmail.com Unsubscribe from this e-mail | FAQ | Advertise | Privacy Policy
	Copyright 2008 CNET Networks, Inc. All rights reserved. CNET Networks, Inc. 235 Second Street San Francisco, CA 94105 U.S.A.

Novell Reports Financial Results for First Fiscal Quarter 2008

Novell Reports Financial Results for First Fiscal Quarter 2008

-Product revenue grew 9 percent year-over-year

-Achieved non-GAAP operating margin of 10 percent

WALTHAM, Mass. – Feb. 28, 2008 – Novell, Inc. (NASDAQ:NOVL) today announced financial results for its first fiscal quarter ended Jan. 31, 2008. For the quarter, Novell reported net revenue of $231 million. This compares to net revenue of $218 million for the first fiscal quarter 2007. Income from operations for the first fiscal quarter 2008 was $8 million, compared to a loss from operations of $21 million for the first fiscal quarter 2007. Income from continuing operations in the first fiscal quarter 2008 was $15 million, or $0.04 per share. This compares to a loss from continuing operations of $12 million, or $0.04 loss per share, for the first fiscal quarter 2007. Foreign currency exchange rates favorably impacted revenue and unfavorably impacted operating expenses by $7 million and did not materially impact income from operations year-over-year.

On a non-GAAP basis, income from operations for the first fiscal quarter 2008 was $24 million. This compares to non-GAAP loss from operations of $1 million in the year-ago quarter. Non-GAAP income from continuing operations for the first fiscal quarter 2008 was $29 million, or $0.08 per share. This compares to non-GAAP income from continuing operations of $3 million, or $0.01 per share, for the first fiscal quarter 2007.

For the first fiscal quarter 2008, Novell reported $30 million of revenue from Open Platform Solutions of which $28 million was from Linux* Platform Products, up 65 percent year-over-year. Revenue from Identity and Security Management was $32 million, of which Identity and Access Management was $28 million, up 15 percent year-over-year. Revenue from Systems and Resource Management was $37 million, up 5 percent year-over-year. Workgroup revenue of $90 million was up 1 percent year-over-year.

 

“We are very pleased with our results this quarter. We delivered product revenue growth across all business units and continued expense control this quarter,” said Ron Hovsepian, president and CEO of Novell. “These results are indicative that our strategic initiatives are yielding tangible results and that we are on the right path to achieve long-term, sustainable profitability.”

Cash, cash equivalents and short-term investments were $1.8 billion at Jan. 31, 2008, consistent with the year-ago quarter. Days sales outstanding in accounts receivable was 51 days at the end of the first fiscal quarter 2008, down from 57 days at the end of the year-ago quarter. Total deferred revenue was $723 million at the end of the first fiscal quarter 2008, down from $728 million at the end of the year-ago quarter. Cash flow from operations was a negative $26 million for the first fiscal quarter 2008, which includes $31 million in special interest and restructuring payments. This compares to cash flow from operations of $348 million in the first fiscal quarter 2007, which includes the $348 million payment from Microsoft and $8 million in special interest payments.

Full details on Novell's reported results, including a reconciliation of the non-GAAP results, are included in the financial schedules that are a part of this release.

Financial Outlook

As a result of our acquisition of PlateSpin and our first fiscal quarter 2008 performance, Novell® management issues the following financial guidance:

For the full fiscal year 2008:

-Net revenue is expected to be between $940 million and $970 million, exceeding previously stated guidance of between $920 million and $945 million.

-Non-GAAP operating margin is expected to be between 7 and 9 percent, excluding all acquisition- related intangible asset amortization.

Conference Call Notification and Web Access Detail

A live Webcast of a Novell conference call to discuss the quarter will be broadcast at 5:00 PM ET Feb. 28, 2008, from Novell's Investor Relations Web page: http://www.novell.com/company/ir/qresults/. The domestic conference call dial-in number is 866-335-5255, password “Novell”, and the international dial-in number is +1-706-679-2263, password “Novell”.

The call will be archived on the Novell Web site approximately two hours after its conclusion and will remain on the Web site until March 14, 2008. The call will also be available for telephone playback through midnight ET, March 14, 2008. The domestic toll-free replay number is 800-642-1687, and the international replay number is +1-706-645-9291. Replay listeners must enter conference ID number 33480646.

A copy of this press release is posted on Novell's Web site at: http://www.novell.com/company/ir/qresults/.

Non-GAAP Financial Measures

We supplement our consolidated unaudited condensed financial statements presented in accordance with GAAP with certain non-GAAP financial measures. These non-GAAP measures include adjusted income (loss) from operations, operating margin, income from continuing operations, net income, income per share from continuing operations and net income per share both of which are based on an adjusted number of diluted weighted average shares. We provide non-GAAP financial measures to enhance an overall understanding of our current financial performance and prospects for the future and enable investors to evaluate our performance in the same way that management does. Management uses these same non-GAAP financial measures to evaluate performance, allocate resources, and determine bonuses. The non-GAAP financial measures do not replace the presentation of our GAAP financial results, but they eliminate expenses and gains that are unusual, that are excluded from analysts' consensus estimates, and/or that arise outside of the ordinary course of business, such as, but not limited to, stock-based compensation expenses, restructuring expenses, asset impairments, litigation judgments and settlements, the write-off of acquired in-process research and development, and gains (losses) on the sale of business operations, long-term investments, and property, plant and equipment.

Legal Notice Regarding Forward-Looking Statements

This press release includes statements that are not historical in nature and that may be characterized as “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act, including those related to future financial and operating results, future opportunities, the benefits and synergies of the company's brands, strategies and acquisitions, and the growth of the market for Linux Platform Products, Identity and Access Management, and Systems and Resource Management. You should be aware that Novell's actual results could differ materially from those contained in the forward-looking statements, which are based on current expectations of Novell management and are subject to a number of risks and uncertainties, including, but not limited to, Novell's completion of announced acquisitions, Novell's ability to transform its business through the implementation of its strategic plan, Novell's ability to realize the benefits anticipated from the Microsoft transaction and other transactions, Novell's ability to realize the benefits anticipated from its restructuring plan, and the expected charges to be incurred and payments to be made under the restructuring plan, Novell's ability to achieve its expense targets, Novell's success in executing its Linux Platform Products, Identity and Access Management, and Systems and Resource Management strategies, Novell's ability to take a competitive position in the Linux Platform Products, Identity and Access Management, and Systems and Resource Management industries, business conditions and the general economy, market opportunities, potential new business strategies, competitive factors, sales and marketing execution, shifts in technologies or market demand, Novell's ability to integrate acquiredoperations and employees, and the other factors described in Novell's Annual Report on Form 10-K filed with the Securities and Exchange Commission on Dec. 21, 2007. Novell disclaims any intention or obligation to update any forward-looking statements as a result of developments occurring after the date of this press release except as required by the securities laws.

About Novell

Novell, Inc. (Nasdaq: NOVL) delivers infrastructure software for the Open Enterprise. Novell is a leader in desktop to data center operating systems based on Linux and the software required to secure and manage mixed IT environments. Novell helps customers around the world minimize cost, complexity and risk, allowing them to focus on innovation and growth. For more information, visit www.novell.com. 

###

*Linux is a registered trademark of Linus Torvalds. All other third-party trademarks are the property of their respective owners.

Press Contact:Investor Relations Contact:

Bruce LowryprSusan Walker White

NovellNovell

415-383-8408800-317-3195

blowry@novell.com                  swhite@novell.com  

--- You are currently subscribed to press_releases as: [boy.blogger@gmail.com] To unsubscribe, please visit http://www.novell.com/info/list/index.html or forward this message to leave-3827856-50512639.4476602c1d822b8fcf4342584de82d18@list.novell.com

3 Million Malicious Web Pages Plague the Internet

SECURITY UPDATE
A Penton Media Property
February 27, 2008

If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-251997-0-0-0-1-2-207

----------------------------------------
ADVERTISEMENT
Shavlik Technologies

The Essential Guide to Creating an Environment for Sustaining Compliance

Compliance is not a single, point-in-time project. Mandates change,
systems change, businesses change. New mandates are created. This guide
will discuss compliance solutions that provide an important way to
reduce costs, while improving compliance and helping realize business
value from compliance efforts. The solution should help you:

* Improve your security posture
* Ensure that in making your organization more secure you're also
complying with multiple mandates
* Generate reports about your security posture that link back to
internal and external mandates, demonstrating you are in compliance

Download now to learn how to create an environment for sustaining
compliance.

http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-251998-0-0-0-1-2-207
----------------------------------------

IN FOCUS

--3 Million Malicious Web Pages Plague the Internet
by Mark Joseph Edwards, News Editor
Last week, in "Online Fraud Continues to Escalate" (URL below), I
presented an overview of data collected and analyzed by Cyveillance. You
recall that the data revealed several interesting statistics, including
that in fourth quarter 2007, 51 percent of phishing pages were hosted on
compromised servers.

www.windowsitpro.com/Windows/Article/ArticleID/98332/98332.html
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-251999-0-0-0-1-2-207)

Google released a report that reveals still more staggering figures.
From January through October 2007, Niels Provos and Panayiotis
Mavrommatis (both of Google), along with Moheeb Abu Rajab and Fabian
Monrose of Johns Hopkins University, subjected approximately 66.5
million Web pages to in-depth analysis, which revealed that more than
3.4 million malicious Web pages are plaguing the Internet with drive-by
downloads.

A drive-by download is a situation in which a computer becomes infected
with some sort of malware when its user simply visits a Web page. Such
infections typically take advantage of vulnerabilities in browsers,
browser components (typically add-ons), and OSs.

One question that might arise is this: If Google indexes billions of Web
pages, then why were only 66.5 million pages subjected to in-depth
inspection? The answer is both simple and complicated. Put simply, the
team sifted Google's multibillion-page haystack to find suspicious
needles by using a somewhat complex methodology. In short, the team used
automation to analyze page content for specific factors such as
"out-of-place" iFrames, iFrames that pulled content from known malware
sites, and obfuscated JavaScripts.

That led to the discovery of a huge pile of needles (66.5 million),
which were then further subjected to scrutiny in a second phase of
processing. The second phase involved building a big honeynet of virtual
machines running Windows, unpatched copies of Microsoft Internet
Explorer (IE), and various antivirus packages. That setup was combined
with various heuristics to determine whether a page was most likely
malicious as opposed to only being suspicious.

In the report, the team wrote that, "To limit false positives, we choose
a conservative decision criteria [sic] that uses an empirically derived
threshold to mark a URL as malicious. This threshold is set such that it
will be met if we detect changes in the system state, including the file
system as well as creation of new processes. A visited URL is marked as
malicious if it meets the threshold and one of the incoming HTTP
responses is marked as malicious by at least one anti-virus scanner. ...
Finally, a URL that meets the threshold requirement but has no incoming
payload flagged by any of the anti-virus engines, is marked as
suspicious."

The team was also able to map malware distribution networks. By
analyzing page content relationships, the team determined how pages fell
into a hierarchy. Landing sites led to malicious pages, and malicious
pages led to malware distribution sites.

The mapping revealed that approximately 181,700 sites host the 3.4
million malicious drive-by download pages discovered. The mapping also
revealed approximately 9,340 malware distribution sites behind those
pages. Eighty percent of all sites that contain drive-by downloads are
hosted in China and the United States, with China being by far the most
prevalent location. The percentages are similar for distribution sites.
China leads the pack, with the United States following in a distant
second place.

The report contains a ton of useful information and loads of statistics
that you will undoubtedly find incredibly interesting. For example, the
researchers revealed that "1.3 percent of the incoming search queries to
Google's search engine return at least one link to a malicious site."
The team also revealed that if someone visits a malicious URL with an
unprotected Windows system, an average of 8 executable files are
downloaded to the system, and in extreme cases, the number can be as
high as 60! If that's not valuable data to help bolster security
budgets, then I don't know what is.

To learn more, get a copy of the team's 22-page report in PDF format at
the URL below.
research.google.com/archive/provos-2008a.pdf
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252000-0-0-0-1-2-207)

----------------------------------------
ADVERTISEMENT
Dell

The Essential Guide to Exchange 2007 Storage Sizing

Whether you're familiar with Exchange storage sizing already or coming
to it fresh, proper storage sizing continues to be critical to the
success and long-term health of your Exchange 2007 deployment. Mistakes
in storage sizing can be difficult and costly to fix, and there's a lot
of confusion and myths floating around. In this guide, I'll explain the
fundamental concepts underlying Exchange storage sizing, explore the
relationship between storage performance and capacity, and show you
which factors you need to consider as you're planning your Exchange 2007
storage deployment.

http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252001-0-0-0-1-2-207
----------------------------------------

SECURITY NEWS AND FEATURES

--OpenDNS Launches User-Driven Web Filter
OpenDNS opened up access to its new domain tagging system that lets
users decide how sites should be categorized. The categorizations can
then be used to control Web access.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252002-0-0-0-1-2-207

--GadgetTrak Releases Device Tracking Software for Windows
GadgetTrak's new device tracking software for Windows eliminates the
middle man.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252003-0-0-0-1-2-207

--Symantec Offers Online Backups for SMBs
Symantec launched two new online backup solutions, both of which should
be attractive to small and midsized businesses.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252004-0-0-0-1-2-207

--Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts,
which inform you about recently discovered security vulnerabilities. You
can also find information about these discoveries at
www.windowsitpro.com/departments/departmentid/752/752.html
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252005-0-0-0-1-2-207)

GIVE AND TAKE

--SECURITY MATTERS BLOG: cDc Releases Goolag Scanner
by Mark Joseph Edwards
Cult of the Dead Cow (cDc) released Goolag Scanner, a tool that helps
people find vulnerabilities in Web sites by using data gleaned from
Google.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252006-0-0-0-1-2-207

--FAQ: Automate Windows Server Role and Feature Installation
by John Savill
Q: How do I use the answer file to automate role and feature
installation?

Find the answer at
www.windowsitpro.com/Article/ArticleID/98052
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252007-0-0-0-1-2-207)

--SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and solutions in
Security Pro VIP's Reader to Reader column. Email your contributions to
r2r@securityprovip.com (mailto:r2r@securityprovip.com). If we print your
submission, you'll get $100. We edit submissions for style, grammar, and
length.

PRODUCTS

--IPsec VPN Client
by Renee Munshi
NCP Engineering released a new version of Secure Entry Client for 64-bit
Windows XP. Secure Entry Client, an IPsec VPN client, also supports
certificates with 4,096-bit key lengths and offers the OTP Mobile
2-factor authentication solution. OTP Mobile by T-Systems and T-Mobile
calculates a one-time password for the VPN when a user presses a button
on his or her mobile phone. Secure Entry Client now supports 32- and
64-bit Windows Vista and Windows XP, Windows 2000, Windows Mobile, and
Windows CE and is compatible with IPsec VPN gateways from SonicWALL,
NETGEAR, Cisco Systems, Check Point Software Technologies, and others.
For more information, go to
www.ncp.de/index.php?id=187&L=1
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252008-0-0-0-1-2-207.

RESOURCES AND EVENTS

Today's hackers are going after your enterprise data using tools and
services provided by a sophisticated, fast-growing criminal support
industry. Even more surprising--and worrying--is how ineffective today's
standard enterprise security practices are at stopping these
sophisticated attacks. Attend this Web seminar to learn how high-tech
criminals compromise your computers and profit by putting your
enterprise's confidential information up for sale.
www.windowsitpro.com/go/seminars/Bit9/ConfidentialData/?code=022008er
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252009-0-0-0-1-2-207)

Extended Validation (EV) is a new standard in SSL certificates that
assists in building consumer confidence. This white paper explains what
drove the development of this standard, discloses how the standard
addresses contemporary security challenges, and delves into the
integration of EV certificates into new high-security browsers such as
Internet Explorer 7.0.
www.windowsitpro.com/go/wp/thawte/evssl/?code=022008E&R
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252010-0-0-0-1-2-207)

Implementing and automating effective email retention policies are
absolutely essential.
However, it's tough to know whether your retention policies dovetail
effectively with today's complex regulations, standards, and guidelines
for maintaining business records. Attend this Web seminar to learn how
to solve your thorniest email management, retention, and compliance
challenges.
www.windowsitpro.com/go/seminars/MessageOne/retention/?partnerref=022008er
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252011-0-0-0-1-2-207)

FEATURED WHITE PAPER

The explosion of electronically stored information and email has
pressured IT organizations to manage their data more effectively. An
automated archiving solution offers companies a way to capture a variety
of data types and manage the data for compliance and litigation
readiness. This white paper looks at 10 best practices that enable IT to
plan, evaluate, and implement an enterprise archiving solution.
www.windowsitpro.com/go/wp/quest/archiving/?code=022008e&r
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252012-0-0-0-1-2-207)

ANNOUNCEMENTS

Check out all the info-packed publications offered by Windows IT Pro!
If you're receiving the HTML version of this email newsletter, click
"Our Publications" in the menu bar; otherwise, click the link below:
store.pentontech.com/index.cfm?s=1&cid=18000306&promotionid=18003253&code=
(http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252013-0-0-0-1-2-207)

CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).

http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252014-0-0-0-1-2-207

http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252015-0-0-0-1-2-207

You are subscribed to this newsletter as boy.blogger@gmail.com

Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252016-0-0-0-1-2-207.

To unsubscribe:
http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252017-0-0-0-1-2-207&list_id=803&email=boy.blogger@gmail.com&message_id=2905

Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.

To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252018-0-0-0-1-2-207

About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://ct.email.windowsitpro.com/rd/cts?d=33-2905-803-202-62923-252019-0-0-0-1-2-207

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2008, Penton Media, Inc. All rights reserved.

SecurityFocus Newsletter #442

SecurityFocus Newsletter #442
----------------------------------------

This issue is Sponsored by: CISO Executive Summit & Roundtable-Middle East, 12th-14th May, Bahrain, Ritz-Carlton

Over 20 speakers from across The Middle East, Europe, U.S & Asia will gather together for the MIS training.s CISO Executive Summit Middle East, Sheraton Bahrain Hotel, Kingdom of Bahrain 12-14 May 2008. This dynamic international speaker line up will provide a broad perspective on the security threats faced today and in the future. Take away actionable strategies that will enable you to limit the risk within your organisation. International case studies from the industries leading associations and organisations will provide you with the knowledge to identify the warning signs of key threats to your company.
Register now at www.mistieruope.com/CISOME

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. The Laws of Full Disclosure
2. Tweaking Social Security to Combat Fraud
II. BUGTRAQ SUMMARY
1. Symantec Decomposer RAR File Remote Buffer Overflow Vulnerability
2. Double-Take Denial of Service and Information Disclosure Vulnerabilities
3. phpProfiles 'body_comm.inc.php' Remote File Include Vulnerability
4. Linux Kernel Sbus PROM Driver Multiple Integer Overflow Vulnerabilities
5. CruxCMS 'search.php' Cross-Site Scripting Vulnerability
6. Highwood Design hwdVideoShare 'Itemid' Parameter SQL Injection Vulnerability
7. VMware Products Shared Folders 'MultiByteToWideChar()' Variant Directory Traversal Vulnerability
8. PADL 'nss_ldap' Race Condition Security Vulnerability
9. Mozilla Firefox Domain Extensions Insecure Cookie Access Vulnerability
10. xdg-utils 'xdg-open' and 'xdg-email' Multiple Remote Command Execution Vulnerabilities
11. ClamAV Heap Corruption and Integer Overflow Vulnerabilities
12. Joomla!, Mambo and PHP-Nuke Quran Component SQL Injection Vulnerability
13. ImageMagick Blob.C Off-By-One Buffer Overflow Vulnerability
14. ImageMagick ReadDIBImage Integer Overflow Vulnerability
15. ImageMagick ReadBlob Multiple Remote Denial Of Service Vulnerabilities
16. ImageMagick DCM, DIB, XBM, XCF, and XWD Image Files Multiple Integer Overflow Vulnerabilities
17. BEA Systems Multiple Products BEA08-183.00 to BEA08-200.00 Multiple Vulnerabilities
18. Wireshark 0.99.6 Multiple Remote Vulnerabilities
19. Wireshark 0.99.6 Multiple Denial of Service Vulnerabilities
20. Multiple Horde Products Security Bypass Vulnerability
21. BestWebApp Dating Site Multiple Input Validation Vulnerabilities
22. PCRE Character Class Buffer Overflow Vulnerability
23. PCRE Regular Expression Library Multiple Integer and Buffer Overflow Vulnerabilities
24. Linux Kernel ALSA snd-page-alloc Local Proc File Information Disclosure Vulnerability
25. Linux Kernel IPv6 TCP Sockets Local Denial of Service Vulnerability
26. Linux Kernel Bluetooth CAPI Packet Remote Buffer Overflow Vulnerability
27. Symantec Decomposer Resource Consumption Denial of Service Vulnerability
28. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.11 Multiple Remote Vulnerabilities
29. QEMU Translation Block Local Denial of Service Vulnerability
30. QEMU Multiple Local Vulnerabilities
31. Mozilla Firefox chrome:// URI JavaScript File Request Information Disclosure Vulnerability
32. MPlayer 'demux_audio.c' Remote Stack Based Buffer Overflow Vulnerability
33. Asterisk IAX2 Channel Driver IAX2_Write Function Remote Stack Buffer Overflow Vulnerability
34. Nukedit 'email' Parameter SQL Injection Vulnerability
35. Multiple Web Browser BMP Partial Palette Information Disclosure and Denial Of Service Vulnerability
36. ZyXEL Gateway Products Multiple Vulnerabilities
37. Novell Client 'nwspool.dll' EnumPrinters RPC Request Buffer Overflow Vulnerability
38. Ghostscript Unspecified Buffer Overflow Vulnerability
39. InterVideo WinDVD Media Center Remote Denial of Service Vulnerabilities
40. activePDF Server Packet Processing Remote Heap Overflow Vulnerability
41. Spyce Sample Scripts Multiple Input Validation Vulnerabilities
42. CUPS Multiple Remote Denial of Service Vulnerabilities
43. Asterisk Multiple Remote Denial of Service Vulnerabilities
44. CUPS 'process_browse_data()' Remote Double Free Denial of Service Vulnerability
45. Softbiz Jokes and Funny Pictures Script 'sbcat_id' Parameter SQL Injection Vulnerability
46. Xpdf Multiple Remote Stream.CC Vulnerabilities
47. Aeries Browser Interface 'LostPwd.asp' SQL Injection Vulnerability
48. The SWORD Project Diatheke Unspecified Remote Command Execution Vulnerability
49. Rising Web Scan Object 'OL2005.dll' ActiveX Control Remote Code Execution Vulnerability
50. Move Media Player Quantum Streaming 'qsp2ie07074039.dl ActiveX Control Buffer Overflow Vulnerability
51. DrBenHur.com DBHcms 'mod.extmanager.php' Remote File Include Vulnerability
52. SurgeFTP 'Content-Length' Parameter NULL Pointer Denial Of Service Vulnerability
53. SurgeMail Real CGI executables Remote Buffer Overflow Vulnerability
54. SurgeMail and WebMail 'Page' Command Remote Format String Vulnerability
55. PORAR Webboard 'question.asp' SQL Injection Vulnerability
56. Alkacon OpenCms 'tree_files.jsp' Cross-Site Scripting Vulnerability
57. phpRaider Resistance Field HTML Injection Vulnerability
58. H-Sphere SiteStudio Unspecified Vulnerability
59. WordPress Sniplets Plugin Multiple Input Validation Vulnerabilities
60. KAME Project IPv6 IPComp Header Denial Of Service Vulnerability
61. Galore Simple Shop 'section' Parameter SQL Injection Vulnerability
62. MyServer Mutltiple HTTP Methods '204 Not Content' Error Remote Denial of Service Vulnerabilities
63. Matt's Whois 'mwhois.php' Cross-Site Scripting Vulnerability
64. wyrd Insecure Temporary File Creation Vulnerability
65. PHP-Nuke Kose_Yazilari Module 'artid' Parameter Multiple SQL Injection Vulnerabilities
66. XOOPS XM-Memberstats Module 'letter' and 'sortby' Parameters Multiple SQL Injection Vulnerabilities
67. PHP-Nuke Sell Module 'cid' Parameter SQL Injection Vulnerability
68. Joomla! and Mambo 'com_wines' Component 'id' Parameter SQL Injection Vulnerability
69. Joomla! and Mambo 'com_inter' Component 'id' Parameter SQL Injection Vulnerability
70. Gary's Cookbook 'id' Parameter SQL Injection Vulnerability
71. Joomla! and Mambo 'com_blog' Component 'pid' Parameter SQL Injection Vulnerability
72. Multiple Vendor PEAP Certificate Verification Security Bypass Vulnerability
73. Linux Kernel Prior to 2.6.24.1 'copy_from_user_mmap_sem()' Memory Access Vulnerability
74. IncrediMail IMMenuShellExt ActiveX Control Remote Buffer Overflow Vulnerability
75. Pagetool Index.PHP SQL Injection Vulnerability
76. F5 BIG-IP Application Security Manager 'report_type' Cross-Site Scripting Vulnerability
77. Symark PowerBroker Client Multiple Local Buffer Overflow Vulnerabilities
78. Mozilla Thunderbird External-Body MIME Remote Heap Buffer Overflow Vulnerability
79. Microsoft Word Unspecified Remote Code Execution Vulnerability
80. Various IP Security Camera ActiveX Controls 'url' Attribute Buffer Overflow Vulnerability
81. VideoLAN VLC Media Player MP4 Demuxer Remote Code Execution Vulnerability
82. Nortel UNIStim IP Phone Remote Ping Denial of Service Vulnerability
83. S9Y Serendipity 'Real Name' Field HTML Injection Vulnerability
84. KVM Block Device Backend Local Security Bypass Vulnerability
85. MiniNuke 'members.asp' SQL Injection Vulnerability
86. Joomla! and Mambo 'com_publication' Component 'pid' Parameter SQL Injection Vulnerability
87. Sun Solaris Internet Protocol 'ip(7P)' Security Bypass and Denial Of Service Vulnerability
88. TikiWiki 'tiki-edit_article.php' Cross-Site Scripting Vulnerability
89. Fujitsu Interstage Application Server Single Sign-On Buffer Overflow Vulnerability
90. OpenBSD IPv6 Routing Headers Remote Denial of Service Vulnerability
91. Portail Web Php Multiple Remote And Local File Include Vulnerabilities
92. LWS php User Base 'unverified.inc.php' Local File Include Vulnerability
93. LWS php User Base 'header.inc.php' Remote File Include Vulnerability
94. LWS php Download Manager 'body.inc.php' Local File Include Vulnerability
95. PHPEcho CMS 'Smarty.class.php' Remote File Include Vulnerability
96. auraCMS 'lihatberita' Module 'id' Parameter SQL Injection Vulnerability
97. Joomla! and Mambo 'com_hello_world' Component 'id' Parameter SQL Injection Vulnerability
98. PHP-Nuke Gallery Module 'aid' Parameter SQL Injection Vulnerability
99. PHP-Nuke Sections Module 'artid' Parameter SQL Injection Vulnerability
100. PHP-Nuke Recipe Module 'recipeid' Parameter SQL Injection Vulnerability
III. SECURITYFOCUS NEWS
1. Worries over "good worms" rise again
2. Federal agencies miss deadline on secure configs
3. Universities fend off phishing attacks
4. Antivirus firms, test labs to form standards group
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Technical Support Engineer, San Mateo
2. [SJ-JOB] Disaster Recovery Coordinator, Kansas City
3. [SJ-JOB] Penetration Engineer, Redmond
4. [SJ-JOB] Security Consultant, New York
5. [SJ-JOB] Sales Engineer, San Jose
6. [SJ-JOB] Customer Support, South Plainfield
7. [SJ-JOB] Security Consultant, Copenhagen
8. [SJ-JOB] Sales Engineer, Reston
9. [SJ-JOB] Sales Engineer, Alpharetta
10. [SJ-JOB] Customer Support, South Plainfield
11. [SJ-JOB] Sales Engineer, Reston
12. [SJ-JOB] Software Engineer, Alpharetta
13. [SJ-JOB] Sales Engineer, San Jose
14. [SJ-JOB] Sales Engineer, Philadelphia
15. [SJ-JOB] Customer Support, South Plainfield
16. [SJ-JOB] Security Engineer, Canberra
17. [SJ-JOB] Sales Engineer, Canberra
18. [SJ-JOB] Sales Engineer, Ottawa
19. [SJ-JOB] Security Researcher, South Plainfield
20. [SJ-JOB] Certification & Accreditation Engineer, Arlinton
21. [SJ-JOB] Information Assurance Analyst, Herndon
22. [SJ-JOB] Security Architect, South Plainfield
23. [SJ-JOB] Certification & Accreditation Engineer, Arlington
24. [SJ-JOB] Sr. Security Engineer, South Plainfield
25. [SJ-JOB] Sr. Security Analyst, Arlington
26. [SJ-JOB] Sr. Security Engineer, South Plainfield
27. [SJ-JOB] Senior Software Engineer, South Plainfield
28. [SJ-JOB] Security Consultant, Copenhagen
29. [SJ-JOB] Sr. Security Engineer, South Plainfield
30. [SJ-JOB] Sales Engineer, Deerfield Beach
31. [SJ-JOB] Sr. Security Engineer, South Plainfield
32. [SJ-JOB] Security Consultant, Boston
33. [SJ-JOB] Sr. Security Engineer, South Plainfield
34. [SJ-JOB] Application Security Architect, South Plainfield
35. [SJ-JOB] Security Consultant, Dallas
36. [SJ-JOB] Principal Software Engineer, Deerfield Beach
37. [SJ-JOB] Security Architect, LONDON
38. [SJ-JOB] Sales Engineer, Dallas
39. [SJ-JOB] Sales Engineer, Chicago
40. [SJ-JOB] Security Engineer, Chicago
41. [SJ-JOB] Management, Pentagon City
42. [SJ-JOB] Jr. Security Analyst, Washington, DC
43. [SJ-JOB] Manager, Information Security, Chicago
44. [SJ-JOB] Management, Reston
45. [SJ-JOB] Security Engineer, Reston
46. [SJ-JOB] Director, Computer Security, New Jersey
47. [SJ-JOB] Management, San Mateo
48. [SJ-JOB] Training / Awareness Specialist, San Mateo
49. [SJ-JOB] Security Engineer, New Jersey
50. [SJ-JOB] Security Engineer, Arlington
51. [SJ-JOB] Management, Alpharetta
52. [SJ-JOB] Security Consultant, Los Angeles
53. [SJ-JOB] Sales Engineer, New York
54. [SJ-JOB] Auditor, Columbia
55. [SJ-JOB] Application Security Engineer, Ottawa
56. [SJ-JOB] Sales Representative, Boston
57. [SJ-JOB] Software Engineer, Palm Beach Gardens
58. [SJ-JOB] Sales Representative, Atlanta
59. [SJ-JOB] Database Security Architect, Houston
60. [SJ-JOB] Technology Risk Consultant, Various
61. [SJ-JOB] Information Assurance Analyst, London
62. [SJ-JOB] Sales Representative, Chicago
63. [SJ-JOB] Security Consultant, Thousand Oaks
64. [SJ-JOB] Security Engineer, Huntsville
65. [SJ-JOB] Forensics Engineer, Various
66. [SJ-JOB] Application Security Engineer, Dover
67. [SJ-JOB] Security Consultant, Various
68. [SJ-JOB] Security Engineer, Arlington
69. [SJ-JOB] Penetration Engineer, Dallas
70. [SJ-JOB] Threat Analyst, Huntsville
71. [SJ-JOB] Sr. Security Engineer, Stamford
72. [SJ-JOB] Sr. Security Engineer, Washington, DC Metro Area
73. [SJ-JOB] Chief Scientist, Huntsville
74. [SJ-JOB] Chief Scientist, Huntsville
75. [SJ-JOB] Security Engineer, Huntsville
76. [SJ-JOB] Security Engineer, Kansas City
77. [SJ-JOB] Security Engineer, San Francisco
78. [SJ-JOB] Certification & Accreditation Engineer, Washington DC
79. [SJ-JOB] Security Consultant, Thousand Oaks
80. [SJ-JOB] Security Engineer, Seattle
81. [SJ-JOB] Sr. Security Engineer, Austin/Richardson
82. [SJ-JOB] Security Consultant, Thousand Oaks
83. [SJ-JOB] Security Engineer, Arlington
84. [SJ-JOB] Information Assurance Engineer, Annapolis Junction
85. [SJ-JOB] Senior Software Engineer, St. Paul
86. [SJ-JOB] Management, Phoenix
87. [SJ-JOB] Management, New York
88. [SJ-JOB] CISO, London
89. [SJ-JOB] Application Security Architect, Washington
90. [SJ-JOB] Software Engineer, Columbia
V. INCIDENTS LIST SUMMARY
1. CanSecWest 2008 Mar 26-28
2. Possible Mail server compromise ?
VI. VULN-DEV RESEARCH LIST SUMMARY
1. GNU objdump 2.15 [FreeBSD] 2004-05-23 shows: ... "BFD: Please report this bug." While analyzing crafted ELF.
VII. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. CanSecWest 2008 Mar 26-28
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.The Laws of Full Disclosure
By Federico Biancuzzi
Full disclosure has a long tradition in the security community worldwide, yet different European countries have different views on the legality of vulnerability research. SecurityFocus contributor Federico Biancuzzi investigates the subject of full disclosure and the law by interviewing lawyers from twelve EU countries: Belgium, Denmark, Finland, France, Germany,Greece, Hungary, Ireland, Italy, Poland, Romania, and the UK.
http://www.securityfocus.com/columnists/466

2. Tweaking Social Security to Combat Fraud
By Tim Mullen
Americans lost over 45 billion dollars in identity-related fraud in 2007. Reports are so commonplace that we've actually become de-sensitized to them. "200,000 victims reported..." "500,000 victims reported..." Even figures into the millions don't seem to faze us anymore. And that is a Bad Thing.

http://www.securityfocus.com/columnists/465

II. BUGTRAQ SUMMARY
--------------------
1. Symantec Decomposer RAR File Remote Buffer Overflow Vulnerability
BugTraq ID: 27913
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27913
Summary:
Symantec Decomposer is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue to execute arbitrary machine code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following products are affected:

- Symantec Scan Engine 5.1.4.24 and prior
- Symantec AntiVirus Scan Engine 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS ISA 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS SharePoint 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Messaging 4.3.16.39 and prior
- Symantec AntiVirus for Network Attached Storage 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Clearswift 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Caching 4.3.16.39 and prior
- Symantec AntiVirus/Filtering for Domino MPE(AIX, Linux, Solaris) prior to 3.2.2
- Symantec Mail Security for Microsoft Exchange 4.6.5.12 and prior as well as 5.0.4.363.and prior

2. Double-Take Denial of Service and Information Disclosure Vulnerabilities
BugTraq ID: 27951
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27951
Summary:
Double-Take is prone to multiple remote multiple denial-of-service and information-disclosure vulnerabilities.

An attacker can exploit these issues to obtain sensitive information or crash the affected application, denying service to legitimate users.

These issues affect Double-Take 5.0.0.2865 and 4.5; other versions may also be affected.

3. phpProfiles 'body_comm.inc.php' Remote File Include Vulnerability
BugTraq ID: 27952
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27952
Summary:
phpProfiles is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

phpProfiles 4.5.2 is vulnerable; other versions may also be affected.

4. Linux Kernel Sbus PROM Driver Multiple Integer Overflow Vulnerabilities
BugTraq ID: 10632
Remote: No
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/10632
Summary:
The OpenPROM Linux kernel driver contains multiple integer-overflow vulnerabilities.

Two vulnerabilities reside in the OpenPROM driver; both involve overflowing an integer value. These values are used to allocate kernel memory and then to copy data into the kernel. Attackers could exploit this to overwrite large amounts of kernel memory.

Exploits could crash the system or possibly execute code in the context of the kernel.

NOTE: Some versions of the Linux kernel are vulnerable to both overflows; other versions are prone to only one. Kernel version 2.6.6 does not appear to be vulnerable.

5. CruxCMS 'search.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27588
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27588
Summary:
CruxCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

CruxCMS 3.0 is vulnerable; other versions may also be affected.

6. Highwood Design hwdVideoShare 'Itemid' Parameter SQL Injection Vulnerability
BugTraq ID: 27907
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27907
Summary:
hwdVideoShare is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

7. VMware Products Shared Folders 'MultiByteToWideChar()' Variant Directory Traversal Vulnerability
BugTraq ID: 27944
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27944
Summary:
Multiple VMware products are prone to a directory-traversal vulnerability that affects shared folders.

Attackers who can access a guest operating system can exploit this issue to gain full read and write access to the filesystem of the host operating system. Successful attacks could compromise the affected host OS. Other attacks are possible.

NOTE: This vulnerability occurs only on Windows hosts when 'Shared Folders' is enabled and when a shared folder exists.

The issue affects the following:

VMware Workstation 6.0.2, 5.5.4, and earlier
VMware Player 2.0.2, 1.0.4, and earlier
VMware ACE 2.0.2, 1.0.2, and earlier.

NOTE: This issue occurs because of a fix that was introduced to address a similar issue (CVE-2007-1744) that is documented in BID 23721 (VMware Workstation Shared Folders Directory Traversal Vulnerability).

8. PADL 'nss_ldap' Race Condition Security Vulnerability
BugTraq ID: 26452
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/26452
Summary:
PADL 'nss_ldap' is prone to a race-condition security vulnerability; fixes are available.

An attacker may exploit this condition to obtain potentially sensitive data or to launch other attacks against an application that employs the vulnerable function.

The issue affects versions prior to PADL 'nss_ldap' Build 259.

9. Mozilla Firefox Domain Extensions Insecure Cookie Access Vulnerability
BugTraq ID: 27950
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27950
Summary:
Mozilla Firefox is prone to a vulnerability that allows attackers to set cookies for certain domain extensions.

The browser does not have any security provisions to prevent cookies from being set for extensions with embedded dots. Attackers can leverage this issue to set cookies in a manner that could aid in other web-based attacks.

Mozilla Firefox 2.x is vulnerable; other versions may also be affected.

10. xdg-utils 'xdg-open' and 'xdg-email' Multiple Remote Command Execution Vulnerabilities
BugTraq ID: 27528
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27528
Summary:
The 'xdg-utils' package is prone to a remote command-execution vulnerabilities.

An attacker could exploit this issue by enticing an unsuspecting victim to open a malicious file.

Successful exploits will allow attackers to execute arbitrary commands with the privileges of the user running the affected application.

11. ClamAV Heap Corruption and Integer Overflow Vulnerabilities
BugTraq ID: 27751
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27751
Summary:
ClamAV is prone to a heap-corruption vulnerability and an integer-overflow vulnerability.

Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected computers. Failed exploit attempts likely result in application crashes.

Versions prior to ClamAV 0.92.1 are affected by these issues.

12. Joomla!, Mambo and PHP-Nuke Quran Component SQL Injection Vulnerability
BugTraq ID: 27842
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27842
Summary:
The 'Quran' component for Joomla!, Mambo, and PHP-Nuke is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

This issue affects Quran 1.1 and prior versions.

13. ImageMagick Blob.C Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 25766
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/25766
Summary:
ImageMagick is prone to an off-by-one buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.

Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running the application.

Versions prior to ImageMagick 6.3.5-9 are vulnerable.

14. ImageMagick ReadDIBImage Integer Overflow Vulnerability
BugTraq ID: 25765
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/25765
Summary:
ImageMagick is prone to an integer-overflow vulnerability because it fails to properly validate user-supplied data.

An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause denial-of-service conditions.

Versions prior to ImageMagick 6.3.5-9 are vulnerable to this issue.

15. ImageMagick ReadBlob Multiple Remote Denial Of Service Vulnerabilities
BugTraq ID: 25764
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/25764
Summary:
ImageMagick is prone to multiple remote denial-of-service vulnerabilities.

An attacker could exploit these issues by enticing an unsuspecting victim to open a malicious image file.

Successfully exploiting these issues will allow the attacker to consume excessive amounts of CPU resources on affected computers, denying service to legitimate users.

These issues affect ImageMagick 6.3.4; prior versions are also affected.

16. ImageMagick DCM, DIB, XBM, XCF, and XWD Image Files Multiple Integer Overflow Vulnerabilities
BugTraq ID: 25763
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/25763
Summary:
ImageMagick is prone to multiple integer-overflow vulnerabilities because it fails to adequately handle user-supplied data.

An attacker can exploit these issues to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause denial-of-service conditions.

These issues affect versions prior to ImageMagick 6.3.5-9.

17. BEA Systems Multiple Products BEA08-183.00 to BEA08-200.00 Multiple Vulnerabilities
BugTraq ID: 27893
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27893
Summary:
BEA has released 17 advisories identifying various vulnerabilities affecting WebLogic Server, WebLogic Portal, WebLogic Workshop, AquaLogic Interaction, BEA Plumtree Foundation, AquaLogic Collaboration, and BEA Plumtree Collaboration. These issues present remote and local threats and may facilitate attacks affecting the integrity, confidentiality, and availability of vulnerable computers.

18. Wireshark 0.99.6 Multiple Remote Vulnerabilities
BugTraq ID: 26532
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/26532
Summary:
Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities.

Exploiting these issues may allow attackers to cause crashes and deny service to legitimate users of the application. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

Versions prior to Wireshark 0.99.7 are affected.

19. Wireshark 0.99.6 Multiple Denial of Service Vulnerabilities
BugTraq ID: 27071
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27071
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issues may allow attackers to cause crashes and deny service to legitimate users of the application. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

Versions prior to Wireshark 0.99.7 are affected.

20. Multiple Horde Products Security Bypass Vulnerability
BugTraq ID: 27844
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27844
Summary:
Horde products are prone to a security-bypass vulnerability.

Attackers can use this issue to bypass certain security restrictions and edit arbitrary contacts in shared and personal address books. This may aid in further attacks.

This issue affects Horde Groupware 1.0.3, Horde Groupware Webmail Edition 1.0.4, and Turba Contact Manager 2.1.6; other versions may also be vulnerable.

21. BestWebApp Dating Site Multiple Input Validation Vulnerabilities
BugTraq ID: 21158
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/21158
Summary:
BestWebApp Dating Site is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input.

An attacker could exploit these issues to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

22. PCRE Character Class Buffer Overflow Vulnerability
BugTraq ID: 27786
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27786
Summary:
PCRE regular-expression library is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of an application using the library. Failed exploit attempts will likely cause denial-of-service conditions.

The issue affects versions prior to PCRE 7.6.

23. PCRE Regular Expression Library Multiple Integer and Buffer Overflow Vulnerabilities
BugTraq ID: 26462
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/26462
Summary:
PCRE regular-expression library is prone to multiple integer- and buffer-overflow vulnerabilities.

Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library.

24. Linux Kernel ALSA snd-page-alloc Local Proc File Information Disclosure Vulnerability
BugTraq ID: 25807
Remote: No
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/25807
Summary:
The Linux kernel is prone to an information-disclosure vulnerability.

Successful exploits will allow attackers to obtain portions of kernel memory. Information harvested may aid in further attacks.

Versions of the Linux kernel prior to 2.6.22.8 are vulnerable.

25. Linux Kernel IPv6 TCP Sockets Local Denial of Service Vulnerability
BugTraq ID: 23104
Remote: No
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/23104
Summary:
The Linux kernel is prone to a denial-of-service vulnerability.

Exploiting this issue allows local attackers to cause the kernel to crash, effectively denying service to legitimate users. Attackers may also be able to execute arbitrary code with elevated privileges, but this has not been confirmed.

This issue affects the Linux kernel 2.6 series.

26. Linux Kernel Bluetooth CAPI Packet Remote Buffer Overflow Vulnerability
BugTraq ID: 21604
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/21604
Summary:
The Linux kernel is prone to a remote buffer-overflow vulnerability because the kernel fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker may exploit this issue to execute arbitrary code with kernel-level privileges, facilitating the complete compromise of affected computers. Failed exploit attempts will result in denial-of-service conditions.

Versions prior to 2.4.33.5 are vulnerable to this issue.

27. Symantec Decomposer Resource Consumption Denial of Service Vulnerability
BugTraq ID: 27911
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27911
Summary:
Symantec Decomposer is prone to a denial-of-service vulnerability because it fails to adequately parse certain user-supplied input.

Attackers can exploit this issue to exhaust memory resources and cause denial-of-service conditions.

The following products are affected:
- Symantec Scan Engine 5.1.4.24 and prior
- Symantec AntiVirus Scan Engine 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS ISA 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS SharePoint 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Messaging 4.3.16.39 and prior
- Symantec AntiVirus for Network Attached Storage 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Clearswift 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Caching 4.3.16.39 and prior
- Symantec AntiVirus/Filtering for Domino MPE(AIX, Linux, Solaris) prior to 3.2.2
- Symantec Mail Security for Microsoft Exchange 4.6.5.12 and prior as well as 5.0.4.363.and prior

28. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.11 Multiple Remote Vulnerabilities
BugTraq ID: 27683
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27683
Summary:
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.11 and prior versions.

Exploiting these issues can allow attackers to:

- remotely execute arbitrary code
- cause denial-of-service conditions
- hide contents of security warnings
- access sensitive information
- escape sandbox and execute scripts with chrome privileges
- inject script code into other sites and violate the same-origin policy

Other attacks are possible.

These issues are present in Firefox 2.0.0.11 and prior versions. Mozilla Thunderbird 2.0.0.9 and prior versions as well as SeaMonkey 1.1.7 and prior versions are also affected by many of these vulnerabilities.

29. QEMU Translation Block Local Denial of Service Vulnerability
BugTraq ID: 26666
Remote: No
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/26666
Summary:
QEMU is prone to a local denial-of-service vulnerability because it fails to perform adequate boundary checks when handling user-supplied input.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of the issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

QEMU 0.9.0 is vulnerable; other versions may also be affected.

30. QEMU Multiple Local Vulnerabilities
BugTraq ID: 23731
Remote: No
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/23731
Summary:
QEMU is prone to multiple locally exploitable buffer-overflow and denial-of-service vulnerabilities. The buffer-overflow issues occur because the software fails to properly check boundaries of user-supplied input when copying it to insufficiently sized memory buffers. The denial-of-service issues stem from design errors.

Attackers may be able to exploit these issues to escalate privileges, execute arbitrary code, or trigger denial-of-service conditions in the context of the affected applications.

31. Mozilla Firefox chrome:// URI JavaScript File Request Information Disclosure Vulnerability
BugTraq ID: 27406
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27406
Summary:
Mozilla Firefox is prone to an information-disclosure vulnerability because it fails to restrict access to local JavaScript, images and stylesheets files.

Attackers can exploit this issue to gain access to potentially sensitive information that could aid in further attacks.

Firefox 2.0.0.11 is vulnerable; other versions may also be affected.

NOTE: For an exploit to succeed, a user must have an addon installed that does not store its contents in a '.jar' file. The attacker would have to target a specific addon that uses "flat" packaging.

32. MPlayer 'demux_audio.c' Remote Stack Based Buffer Overflow Vulnerability
BugTraq ID: 27441
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27441
Summary:
MPlayer is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

MPlayer 1.0 rc2 is vulnerable; other versions may also be affected.

33. Asterisk IAX2 Channel Driver IAX2_Write Function Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 24949
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/24949
Summary:
Asterisk is prone to a remote stack-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

Successful exploits may allow an attacker to execute arbitrary machine code to compromise an affected computer or to cause a denial-of-service condition.

34. Nukedit 'email' Parameter SQL Injection Vulnerability
BugTraq ID: 28009
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/28009
Summary:
Nukedit is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

35. Multiple Web Browser BMP Partial Palette Information Disclosure and Denial Of Service Vulnerability
BugTraq ID: 27826
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27826
Summary:
Firefox and Opera browsers are prone to a vulnerability that can result in information disclosure or a denial of service.

An attacker can exploit this issue to harvest sensitive information that may be used to launch further attacks or to crash the affected application, denying service to legitimate users.

Mozilla Firefox 2.0.0.11 and Opera 9.50 Beta are affected.

36. ZyXEL Gateway Products Multiple Vulnerabilities
BugTraq ID: 27918
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27918
Summary:
ZyXEL gateway products are prone to multiple vulnerabilities, including privilege-escalation, unauthorized-access, HTML-injection, session-hijacking, and information-disclosure issues.

Attackers can exploit these issues to gain elevated privileges, execute HTML or script code in the context of vulnerable sections of the web interface, and perform other attacks that may facilitate a complete compromise of the affected device.

37. Novell Client 'nwspool.dll' EnumPrinters RPC Request Buffer Overflow Vulnerability
BugTraq ID: 27741
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/27741
Summary:
Novell Client is prone to a buffer-overflow vulnerability.

A remote attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges, facilitating the compromise of affected computers. Failed exploit attempts will likely crash the application, denying service to legitimate users.

NOTE: This issue may have been caused by an incomplete patch for the vulnerability documented in BID 25092 ('Novell Client NWSPOOL.DLL Unspecified Buffer Overflow Vulnerability').

Novell Client 4.91 SP2 through SP4 are vulnerable; other versions may also be affected.

38. Ghostscript Unspecified Buffer Overflow Vulnerability
BugTraq ID: 28017
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/28017
Summary:
Ghostscript is prone to an unspecified buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.

39. InterVideo WinDVD Media Center Remote Denial of Service Vulnerabilities
BugTraq ID: 28016
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/28016
Summary:
InterVideo WinDVD Media Center is prone to multiple remote denial-of-service vulnerabilities arising from NULL-pointer dereference errors.

Successful attacks will deny service to legitimate users.

InterVideo WinDVD Media Center 2.11.15.0 is vulnerable; other versions may be affected as well.

40. activePDF Server Packet Processing Remote Heap Overflow Vulnerability
BugTraq ID: 28013
Remote: Yes
Last Updated: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/28013
Summary:
activePDF Server is prone to a remote heap-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the affected application. Failed attacks will likely cause denial-of-service conditions.

This issue affects the activePDF Server 3.8.4 and 3.8.5.14; other versions may be affected as well.

41. Spyce Sample Scripts Multiple Input Validation Vulnerabilities
BugTraq ID: 27898
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27898
Summary:
Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The attacker can also obtain a server's webroot path.

The issues affect Spyce 2.1.3; other versions may also be vulnerable.

42. CUPS Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 27988
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27988
Summary:
CUPS is prone to two remote denial-of-service vulnerabilities.

Attackers may exploit these issues to crash the application, denying service to legitimate users. Remote code execution may also be possible, but this has not been confirmed.

CUPS 1.1.17 and 1.1.22 are vulnerable to these issues; other versions may also be affected.

43. Asterisk Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 24950
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/24950
Summary:
Asterisk is prone to multiple remote denial-of-service vulnerabilities.

Exploiting these issues allows remote attackers to cause the application to crash, effectively denying service to legitimate users.

44. CUPS 'process_browse_data()' Remote Double Free Denial of Service Vulnerability
BugTraq ID: 27906
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27906
Summary:
CUPS is prone to a remote denial-of-service vulnerability because it fails to protect against a double-free condition.

Attackers may exploit this issue to crash the application, denying service to legitimate users. Remote code execution may also be possible, but this has not been confirmed.

CUPS 1.3.5 is vulnerable to this issue; other versions may also be affected.

45. Softbiz Jokes and Funny Pictures Script 'sbcat_id' Parameter SQL Injection Vulnerability
BugTraq ID: 27973
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27973
Summary:
The Jokes and Funny Pictures script from Softbiz is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

46. Xpdf Multiple Remote Stream.CC Vulnerabilities
BugTraq ID: 26367
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/26367
Summary:
Xpdf is prone to multiple remote vulnerabilities because of flaws in various functions in the 'Stream.cc' source file.

Attackers exploit these issues by coercing users to view specially crafted PDF files with the affected application.

Successfully exploiting these issues allows attackers to execute arbitrary machine code in the context of the vulnerable application. This facilitates the remote compromise of affected computers.

Xpdf 3.02pl1 is vulnerable to these issues; other versions may also be affected.

47. Aeries Browser Interface 'LostPwd.asp' SQL Injection Vulnerability
BugTraq ID: 26962
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/26962
Summary:
Aeries Browser Interface is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

48. The SWORD Project Diatheke Unspecified Remote Command Execution Vulnerability
BugTraq ID: 27987
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27987
Summary:
The SWORD Project's Diatheke front-end is prone to a vulnerability that can allow arbitrary shell commands to run.

Successful exploits will compromise the application and possibly the underlying webserver.

SWORD 1.5.9 is vulnerable; other versions may also be affected.

49. Rising Web Scan Object 'OL2005.dll' ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 27997
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27997
Summary:
Rising Web Scan Object 'OL2005.dll' ActiveX control is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).

This issue affects Rising Web Scan Object 'OL2005.dll' 18.0.0.7; other versions may also be affected.

50. Move Media Player Quantum Streaming 'qsp2ie07074039.dl ActiveX Control Buffer Overflow Vulnerability
BugTraq ID: 27995
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27995
Summary:
Move Media Player Quantum Streaming 'qsp2ie07074039.dll' ActiveX control is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into insufficiently sized memory buffers.

Exploiting this issue may allow remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control (typically Internet Explorer) and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

This issue affects Quantum Streaming 'qsp2ie07074039.dll' ActiveX control 7.7.4.39; other versions may also be vulnerable.

51. DrBenHur.com DBHcms 'mod.extmanager.php' Remote File Include Vulnerability
BugTraq ID: 27996
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27996
Summary:
DrBenHur.com DBHcms is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

This issue affects DBHcms 1.1.4 and prior versions.

52. SurgeFTP 'Content-Length' Parameter NULL Pointer Denial Of Service Vulnerability
BugTraq ID: 27993
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27993
Summary:
SurgeFTP is prone to a remote denial-of-service vulnerability because it fails to perform adequately boundary checks on user-supplied input.

Exploiting this issue will cause the server to copy data to a NULL pointer, which will crash the server, denying access to legitimate users.

SurgeFTP 2.3a2 is vulnerable; other versions may also be affected.

53. SurgeMail Real CGI executables Remote Buffer Overflow Vulnerability
BugTraq ID: 27992
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27992
Summary:
SurgeMail is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected service. Failed exploit attempts likely result in denial-of-service conditions.

SurgeMail 38k4 and prior versions are vulnerable.

54. SurgeMail and WebMail 'Page' Command Remote Format String Vulnerability
BugTraq ID: 27990
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27990
Summary:
SurgeMail and WebMail are prone to a remote format-string vulnerability because the applications fail to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

A remote attacker may execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial of service.

This issue affects the following:

SurgeMail 38k4, beta 39a and earlier
Netwin WebMail 3.1s and earlier

55. PORAR Webboard 'question.asp' SQL Injection Vulnerability
BugTraq ID: 27989
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27989
Summary:
PORAR Webboard is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

56. Alkacon OpenCms 'tree_files.jsp' Cross-Site Scripting Vulnerability
BugTraq ID: 27986
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27986
Summary:
Alkacon OpenCms is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

OpenCms 7.0.3 is vulnerable; other versions may also be affected.

57. phpRaider Resistance Field HTML Injection Vulnerability
BugTraq ID: 27976
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27976
Summary:
phpRaider is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.

phpRaider 1.0.7 is vulnerable; other versions may also be affected.

58. H-Sphere SiteStudio Unspecified Vulnerability
BugTraq ID: 28002
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28002
Summary:
H-Sphere SiteStudio is prone to an unspecified vulnerability.

Very few technical details are currently available. We will update this BID as more information emerges.

Successful attacks can compromise the application.

Versions prior to H-Sphere SiteStudio 1.8b are affected.

59. WordPress Sniplets Plugin Multiple Input Validation Vulnerabilities
BugTraq ID: 27985
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27985
Summary:
WordPress Sniplets plugin is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include multiple cross-site scripting vulnerabilities, a remote file-include vulnerability, and a remote command-execution vulnerability.

A successful exploit may allow an attacker to compromise the application, steal cookie-based authentication credentials, and execute arbitrary code and commands within the context of the webserver process.

WordPress Sniplets 1.1.2 is vulnerable; other versions may also be affected.

60. KAME Project IPv6 IPComp Header Denial Of Service Vulnerability
BugTraq ID: 27642
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27642
Summary:
The KAME project is prone to a denial-of-service vulnerability.

Successfully exploiting this issue allows remote attackers to crash affected computers, denying service to legitimate users.

Operating systems that have IPv6 networking derived from the KAME project's IPv6 implementation may be vulnerable to this issue. Please see the references for a list of vendors that may be affected by this issue.

61. Galore Simple Shop 'section' Parameter SQL Injection Vulnerability
BugTraq ID: 27977
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27977
Summary:
Simple Shop component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

62. MyServer Mutltiple HTTP Methods '204 Not Content' Error Remote Denial of Service Vulnerabilities
BugTraq ID: 27981
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27981
Summary:
MyServer is prone to multiple remote denial-of-service vulnerabilities because it fails to adequately handle HTTP method requests that return a '204 No Content' error.

Successful attacks will deny service to legitimate users.

MyServer 0.8.11 is vulnerable; other versions may also be affected.

63. Matt's Whois 'mwhois.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27974
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27974
Summary:
Matt's Whois is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

64. wyrd Insecure Temporary File Creation Vulnerability
BugTraq ID: 27848
Remote: No
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27848
Summary:
The 'wyrd' program is prone to a security vulnerability that allows attackers to create temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

This issue affects wyrd 1.4.3-b3; other versions may also be vulnerable.

65. PHP-Nuke Kose_Yazilari Module 'artid' Parameter Multiple SQL Injection Vulnerabilities
BugTraq ID: 27991
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27991
Summary:
The Kose_Yazilari module for PHP-Nuke is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

66. XOOPS XM-Memberstats Module 'letter' and 'sortby' Parameters Multiple SQL Injection Vulnerabilities
BugTraq ID: 27979
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27979
Summary:
XOOPS XM-Memberstats is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues affect XOOPS XM-Memberstats 2.0e; other versions may also be affected.

67. PHP-Nuke Sell Module 'cid' Parameter SQL Injection Vulnerability
BugTraq ID: 27980
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27980
Summary:
The 'Sell' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

68. Joomla! and Mambo 'com_wines' Component 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 27975
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27975
Summary:
The 'com_wines' component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

69. Joomla! and Mambo 'com_inter' Component 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 27994
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27994
Summary:
The Joomla! and Mambo 'com_inter' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

70. Gary's Cookbook 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 27972
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27972
Summary:
Gary's Cookbook module for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

71. Joomla! and Mambo 'com_blog' Component 'pid' Parameter SQL Injection Vulnerability
BugTraq ID: 27971
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27971
Summary:
The 'com_blog' component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

72. Multiple Vendor PEAP Certificate Verification Security Bypass Vulnerability
BugTraq ID: 27935
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27935
Summary:
Multiple VoIP products are prone to a security-bypass vulnerability in their PEAP implementation because their software fails to properly validate server certificates.

Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks by impersonating trusted authentication servers. This will aid in further attacks.

The following products are prone to this issue:
- Vocera Communications System badges
- Cisco Wireless IP Phone 7921

Other devices and packages may also be affected.

73. Linux Kernel Prior to 2.6.24.1 'copy_from_user_mmap_sem()' Memory Access Vulnerability
BugTraq ID: 27796
Remote: No
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27796
Summary:
The Linux kernel is prone to a memory-access vulnerability because it fails to adequately validate a user-supplied pointer value.

A local attacker can exploit this issue to read arbitrary memory locations on the affected computer.

This issue affects Linux Kernel 2.6.22 through 2.6.24.

74. IncrediMail IMMenuShellExt ActiveX Control Remote Buffer Overflow Vulnerability
BugTraq ID: 23674
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/23674
Summary:
IncrediMail is prone to a stack-based buffer-overflow vulnerability because it fails to sufficiently check boundaries of user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue by enticing victims into opening a malicious webpage or HTML email that invokes the affected control.

Successful exploits will corrupt process memory, allowing attacker-supplied arbitrary code to run in the context of the client application using the affected ActiveX control.

75. Pagetool Index.PHP SQL Injection Vulnerability
BugTraq ID: 24640
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/24640
Summary:
Pagetool is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Pagetool 1.07 is vulnerable to this issue; other versions may also be vulnerable.

76. F5 BIG-IP Application Security Manager 'report_type' Cross-Site Scripting Vulnerability
BugTraq ID: 27462
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27462
Summary:
F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected device. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

This issue affects F5 BIG-IP Application Security Manager 9.4.3; other versions may also be vulnerable.

77. Symark PowerBroker Client Multiple Local Buffer Overflow Vulnerabilities
BugTraq ID: 28015
Remote: No
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28015
Summary:
Symark PowerBroker Client is prone to multiple local buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. The issues affect the following setuid binaries: 'pbksh', 'pbsh' and 'pbrun'.

Attackers can exploit these issues to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers.

These issues affect versions 2.8 2.8 upto and including 5.0.1

78. Mozilla Thunderbird External-Body MIME Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 28012
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28012
Summary:
Mozilla Thunderbird is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data.

Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the vulnerable application; failed exploit attempts will likely crash the application. This may facilitate the remote compromise of affected computers.

The issue affects Mozilla Thunderbird versions prior to 2.0.0.12.

79. Microsoft Word Unspecified Remote Code Execution Vulnerability
BugTraq ID: 28011
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28011
Summary:
Microsoft Word is prone to an unspecified remote code-execution vulnerability.

Very few details are available regarding this issue. We will update this BID as more information emerges.

It is unknown at this time which specific versions of the application are affected.

80. Various IP Security Camera ActiveX Controls 'url' Attribute Buffer Overflow Vulnerability
BugTraq ID: 28010
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28010
Summary:
Various IP Security Camera ActiveX controls are prone to a remote buffer-overflow vulnerability because the applications fail to properly bounds-check user-supplied data before copying it into insufficiently sized memory buffers.

Exploiting this issue may allow remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control (typically Internet Explorer) and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

This issue affects the following ActiveX controls:

- D-Link MPEG4 SHM Audio Control ('VAPGDecoder.dll') 1.7.0.5.
- 4xem VatCtrl Class ('VATDecoder.dll') 1.0.0.51.
- Vivotek RTSP MPEG4 SP Control ('RtspVapgDecoderNew.dll') 2.0.0.39.

81. VideoLAN VLC Media Player MP4 Demuxer Remote Code Execution Vulnerability
BugTraq ID: 28007
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28007
Summary:
VideoLAN VLC media player is prone to a remote code-execution vulnerability because it fails to adequately parse specially crafted MP4 files.

An attacker can exploit this issue to execute arbitrary code, which can result in the complete compromise of the computer. Failed exploit attempts will result in a denial-of-service condition.

VideoLAN VLC media player versions prior to 0.8.6e are vulnerable.

82. Nortel UNIStim IP Phone Remote Ping Denial of Service Vulnerability
BugTraq ID: 28004
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28004
Summary:
Nortel UNIStim IP Phone products are prone to a remote denial-of-service vulnerability because the software fails to properly handle unexpected network datagrams.

Successfully exploiting this issue allows remote attackers to crash affected phones, denying service to legitimate users.

Phones with firmware 0604DAS is vulnerable to this issue; other versions are also reportedly affected, but specific version information is not currently available.

83. S9Y Serendipity 'Real Name' Field HTML Injection Vulnerability
BugTraq ID: 28003
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28003
Summary:
Serendipity is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.

Serendipity versions prior to 1.3-beta1 are vulnerable.

84. KVM Block Device Backend Local Security Bypass Vulnerability
BugTraq ID: 28001
Remote: No
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28001
Summary:
KVM (Kernel-based Virtual Machine) is prone to a local security-bypass vulnerability because it fails to validate user-supplied input.

Local attackers can leverage this issue to access memory outside of the virtualization jail. This could allow attackers to write to arbitrary host memory locations or crash the underlying KVM host. Other attacks may also be possible.

85. MiniNuke 'members.asp' SQL Injection Vulnerability
BugTraq ID: 28000
Remote: Yes
Last Updated: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28000
Summary:
MiniNuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

86. Joomla! and Mambo 'com_publication' Component 'pid' Parameter SQL Injection Vulnerability
BugTraq ID: 27970
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27970
Summary:
The Joomla! and Mambo 'com_publication' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

87. Sun Solaris Internet Protocol 'ip(7P)' Security Bypass and Denial Of Service Vulnerability
BugTraq ID: 27967
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27967
Summary:
Sun Solaris is prone to a security-bypass and denial-of-service vulnerability because of an unspecified error in the Internet Protocol implementation.

A successful attack of this issue will allow privileged remote users to bypass firewall rules or create denial-of-service conditions.

This issue affects Solaris 8, 9, and 10 for SPARC and x86 platforms.

88. TikiWiki 'tiki-edit_article.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27968
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27968
Summary:
TikiWiki is prone a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

The issue affects versions prior to TikiWiki 1.9.10.1.

89. Fujitsu Interstage Application Server Single Sign-On Buffer Overflow Vulnerability
BugTraq ID: 27966
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27966
Summary:
Fujitsu Interstage Application Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the affected application. Failed attacks will likely cause denial-of-service conditions.

This issue affects the following applications:

Interstage Application Server Enterprise Edition 8.0.0, 8.0.1, 8.0.2, 8.0.3, 9.0.0, and 9.0.0A
Interstage Application Server Standard-J Edition 8.0.0, 8.0.1, 8.0.2, 8.0.3, 9.0.0, and 9.0.0A
Interstage Apworks Enterprise Edition 8.0.0
Interstage Apworks Standard-J Edition 8.0.0
Interstage Studio Enterprise Edition 8.0.1 and 9.0.0
Interstage Studio Standard-J Edition 8.0.1 and 9.0.0

90. OpenBSD IPv6 Routing Headers Remote Denial of Service Vulnerability
BugTraq ID: 27965
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27965
Summary:
OpenBSD is prone to a remote denial-of-service vulnerability because of a flaw in the affected kernel when processing certain TCP packets.

Exploiting this issue allows remote attackers to trigger kernel panics, denying further service to legitimate users.

OpenBSD 4.2 is vulnerable to this issue; other versions may also be affected.

91. Portail Web Php Multiple Remote And Local File Include Vulnerabilities
BugTraq ID: 27962
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27962
Summary:
Portail Web Php is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to execute arbitrary local and remote scripts in the context of the webserver process or access potentially sensitive information. This may result in a compromise of the application and the underlying system; other attacks are also possible.

These issues affect Portail Web Php 2.5.1.1 and prior versions.

92. LWS php User Base 'unverified.inc.php' Local File Include Vulnerability
BugTraq ID: 27964
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27964
Summary:
LWS php User Base is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an attacker to access potentially sensitive information and execute arbitrary local scripts in the context of the affected application.

This issue affects php User Base 1.3 BETA; other versions may also be vulnerable.

93. LWS php User Base 'header.inc.php' Remote File Include Vulnerability
BugTraq ID: 27963
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27963
Summary:
LWS php User Base is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

php User Base 1.3 BETA is vulnerable; other versions may also be affected.

94. LWS php Download Manager 'body.inc.php' Local File Include Vulnerability
BugTraq ID: 27961
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27961
Summary:
LWS php Download Manager is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an attacker to access potentially sensitive information and execute arbitrary local scripts in the context of the affected application.

This issue affects php Download Manager 1.1 and 1.0; other versions may also be vulnerable.

95. PHPEcho CMS 'Smarty.class.php' Remote File Include Vulnerability
BugTraq ID: 27960
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27960
Summary:
PHPEcho CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

PHPEcho CMS 2.0-rc3 is vulnerable; other versions may also be affected.

96. auraCMS 'lihatberita' Module 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 27959
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27959
Summary:
auraCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

97. Joomla! and Mambo 'com_hello_world' Component 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 27956
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27956
Summary:
The Joomla! and Mambo 'com_hello_world' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

98. PHP-Nuke Gallery Module 'aid' Parameter SQL Injection Vulnerability
BugTraq ID: 27957
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27957
Summary:
The Gallery module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Gallery 1.3 is vulnerable; other versions may also be affected.

99. PHP-Nuke Sections Module 'artid' Parameter SQL Injection Vulnerability
BugTraq ID: 27958
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27958
Summary:
The Sections module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

100. PHP-Nuke Recipe Module 'recipeid' Parameter SQL Injection Vulnerability
BugTraq ID: 27955
Remote: Yes
Last Updated: 2008-02-25
Relevant URL: http://www.securityfocus.com/bid/27955
Summary:
The Recipe module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recipe 1.3 is vulnerable; other versions may also be affected.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Worries over "good worms" rise again
By: Robert Lemos
A Microsoft researcher studies the use of self-propagation for patching, but for most of the security industry, any worm is a bad worm.
http://www.securityfocus.com/news/11506

2. Federal agencies miss deadline on secure configs
By: Robert Lemos
The U.S. government has made progress on moving to a standard configuration for Windows XP and Windows Vista systems, but work remains.
http://www.securityfocus.com/news/11505

3. Universities fend off phishing attacks
By: Robert Lemos
Online fraudsters send e-mail messages that masquerade as help-desk requests for usernames and passwords.
http://www.securityfocus.com/news/11504

4. Antivirus firms, test labs to form standards group
By: Robert Lemos
The makers of antivirus software as well as independent and media-sponsored testing labs have agreed to create an industry group to standardize on methods of evaluating anti-malware programs.
http://www.securityfocus.com/news/11502

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Technical Support Engineer, San Mateo
http://www.securityfocus.com/archive/77/488605

2. [SJ-JOB] Disaster Recovery Coordinator, Kansas City
http://www.securityfocus.com/archive/77/488619

3. [SJ-JOB] Penetration Engineer, Redmond
http://www.securityfocus.com/archive/77/488578

4. [SJ-JOB] Security Consultant, New York
http://www.securityfocus.com/archive/77/488604

5. [SJ-JOB] Sales Engineer, San Jose
http://www.securityfocus.com/archive/77/488610

6. [SJ-JOB] Customer Support, South Plainfield
http://www.securityfocus.com/archive/77/488566

7. [SJ-JOB] Security Consultant, Copenhagen
http://www.securityfocus.com/archive/77/488574

8. [SJ-JOB] Sales Engineer, Reston
http://www.securityfocus.com/archive/77/488577

9. [SJ-JOB] Sales Engineer, Alpharetta
http://www.securityfocus.com/archive/77/488603

10. [SJ-JOB] Customer Support, South Plainfield
http://www.securityfocus.com/archive/77/488557

11. [SJ-JOB] Sales Engineer, Reston
http://www.securityfocus.com/archive/77/488575

12. [SJ-JOB] Software Engineer, Alpharetta
http://www.securityfocus.com/archive/77/488580

13. [SJ-JOB] Sales Engineer, San Jose
http://www.securityfocus.com/archive/77/488582

14. [SJ-JOB] Sales Engineer, Philadelphia
http://www.securityfocus.com/archive/77/488559

15. [SJ-JOB] Customer Support, South Plainfield
http://www.securityfocus.com/archive/77/488561

16. [SJ-JOB] Security Engineer, Canberra
http://www.securityfocus.com/archive/77/488562

17. [SJ-JOB] Sales Engineer, Canberra
http://www.securityfocus.com/archive/77/488563

18. [SJ-JOB] Sales Engineer, Ottawa
http://www.securityfocus.com/archive/77/488558

19. [SJ-JOB] Security Researcher, South Plainfield
http://www.securityfocus.com/archive/77/488564

20. [SJ-JOB] Certification & Accreditation Engineer, Arlinton
http://www.securityfocus.com/archive/77/488565

21. [SJ-JOB] Information Assurance Analyst, Herndon
http://www.securityfocus.com/archive/77/488573

22. [SJ-JOB] Security Architect, South Plainfield
http://www.securityfocus.com/archive/77/488581

23. [SJ-JOB] Certification & Accreditation Engineer, Arlington
http://www.securityfocus.com/archive/77/488549

24. [SJ-JOB] Sr. Security Engineer, South Plainfield
http://www.securityfocus.com/archive/77/488554

25. [SJ-JOB] Sr. Security Analyst, Arlington
http://www.securityfocus.com/archive/77/488555

26. [SJ-JOB] Sr. Security Engineer, South Plainfield
http://www.securityfocus.com/archive/77/488556

27. [SJ-JOB] Senior Software Engineer, South Plainfield
http://www.securityfocus.com/archive/77/488576

28. [SJ-JOB] Security Consultant, Copenhagen
http://www.securityfocus.com/archive/77/488579

29. [SJ-JOB] Sr. Security Engineer, South Plainfield
http://www.securityfocus.com/archive/77/488550

30. [SJ-JOB] Sales Engineer, Deerfield Beach
http://www.securityfocus.com/archive/77/488552

31. [SJ-JOB] Sr. Security Engineer, South Plainfield
http://www.securityfocus.com/archive/77/488560

32. [SJ-JOB] Security Consultant, Boston
http://www.securityfocus.com/archive/77/488544

33. [SJ-JOB] Sr. Security Engineer, South Plainfield
http://www.securityfocus.com/archive/77/488546

34. [SJ-JOB] Application Security Architect, South Plainfield
http://www.securityfocus.com/archive/77/488547

35. [SJ-JOB] Security Consultant, Dallas
http://www.securityfocus.com/archive/77/488548

36. [SJ-JOB] Principal Software Engineer, Deerfield Beach
http://www.securityfocus.com/archive/77/488541

37. [SJ-JOB] Security Architect, LONDON
http://www.securityfocus.com/archive/77/488542

38. [SJ-JOB] Sales Engineer, Dallas
http://www.securityfocus.com/archive/77/488543

39. [SJ-JOB] Sales Engineer, Chicago
http://www.securityfocus.com/archive/77/488545

40. [SJ-JOB] Security Engineer, Chicago
http://www.securityfocus.com/archive/77/488553

41. [SJ-JOB] Management, Pentagon City
http://www.securityfocus.com/archive/77/488534

42. [SJ-JOB] Jr. Security Analyst, Washington, DC
http://www.securityfocus.com/archive/77/488536

43. [SJ-JOB] Manager, Information Security, Chicago
http://www.securityfocus.com/archive/77/488538

44. [SJ-JOB] Management, Reston
http://www.securityfocus.com/archive/77/488539

45. [SJ-JOB] Security Engineer, Reston
http://www.securityfocus.com/archive/77/488540

46. [SJ-JOB] Director, Computer Security, New Jersey
http://www.securityfocus.com/archive/77/488518

47. [SJ-JOB] Management, San Mateo
http://www.securityfocus.com/archive/77/488519

48. [SJ-JOB] Training / Awareness Specialist, San Mateo
http://www.securityfocus.com/archive/77/488520

49. [SJ-JOB] Security Engineer, New Jersey
http://www.securityfocus.com/archive/77/488533

50. [SJ-JOB] Security Engineer, Arlington
http://www.securityfocus.com/archive/77/488523

51. [SJ-JOB] Management, Alpharetta
http://www.securityfocus.com/archive/77/488526

52. [SJ-JOB] Security Consultant, Los Angeles
http://www.securityfocus.com/archive/77/488530

53. [SJ-JOB] Sales Engineer, New York
http://www.securityfocus.com/archive/77/488537

54. [SJ-JOB] Auditor, Columbia
http://www.securityfocus.com/archive/77/488535

55. [SJ-JOB] Application Security Engineer, Ottawa
http://www.securityfocus.com/archive/77/488513

56. [SJ-JOB] Sales Representative, Boston
http://www.securityfocus.com/archive/77/488516

57. [SJ-JOB] Software Engineer, Palm Beach Gardens
http://www.securityfocus.com/archive/77/488521

58. [SJ-JOB] Sales Representative, Atlanta
http://www.securityfocus.com/archive/77/488527

59. [SJ-JOB] Database Security Architect, Houston
http://www.securityfocus.com/archive/77/488529

60. [SJ-JOB] Technology Risk Consultant, Various
http://www.securityfocus.com/archive/77/488504

61. [SJ-JOB] Information Assurance Analyst, London
http://www.securityfocus.com/archive/77/488508

62. [SJ-JOB] Sales Representative, Chicago
http://www.securityfocus.com/archive/77/488517

63. [SJ-JOB] Security Consultant, Thousand Oaks
http://www.securityfocus.com/archive/77/488522

64. [SJ-JOB] Security Engineer, Huntsville
http://www.securityfocus.com/archive/77/488507

65. [SJ-JOB] Forensics Engineer, Various
http://www.securityfocus.com/archive/77/488510

66. [SJ-JOB] Application Security Engineer, Dover
http://www.securityfocus.com/archive/77/488512

67. [SJ-JOB] Security Consultant, Various
http://www.securityfocus.com/archive/77/488524

68. [SJ-JOB] Security Engineer, Arlington
http://www.securityfocus.com/archive/77/488505

69. [SJ-JOB] Penetration Engineer, Dallas
http://www.securityfocus.com/archive/77/488509

70. [SJ-JOB] Threat Analyst, Huntsville
http://www.securityfocus.com/archive/77/488532

71. [SJ-JOB] Sr. Security Engineer, Stamford
http://www.securityfocus.com/archive/77/488501

72. [SJ-JOB] Sr. Security Engineer, Washington, DC Metro Area
http://www.securityfocus.com/archive/77/488525

73. [SJ-JOB] Chief Scientist, Huntsville
http://www.securityfocus.com/archive/77/488528

74. [SJ-JOB] Chief Scientist, Huntsville
http://www.securityfocus.com/archive/77/488531

75. [SJ-JOB] Security Engineer, Huntsville
http://www.securityfocus.com/archive/77/488503

76. [SJ-JOB] Security Engineer, Kansas City
http://www.securityfocus.com/archive/77/488506

77. [SJ-JOB] Security Engineer, San Francisco
http://www.securityfocus.com/archive/77/488511

78. [SJ-JOB] Certification & Accreditation Engineer, Washington DC
http://www.securityfocus.com/archive/77/488497

79. [SJ-JOB] Security Consultant, Thousand Oaks
http://www.securityfocus.com/archive/77/488498

80. [SJ-JOB] Security Engineer, Seattle
http://www.securityfocus.com/archive/77/488499

81. [SJ-JOB] Sr. Security Engineer, Austin/Richardson
http://www.securityfocus.com/archive/77/488500

82. [SJ-JOB] Security Consultant, Thousand Oaks
http://www.securityfocus.com/archive/77/488502

83. [SJ-JOB] Security Engineer, Arlington
http://www.securityfocus.com/archive/77/488487

84. [SJ-JOB] Information Assurance Engineer, Annapolis Junction
http://www.securityfocus.com/archive/77/488488

85. [SJ-JOB] Senior Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/488491

86. [SJ-JOB] Management, Phoenix
http://www.securityfocus.com/archive/77/488494

87. [SJ-JOB] Management, New York
http://www.securityfocus.com/archive/77/488496

88. [SJ-JOB] CISO, London
http://www.securityfocus.com/archive/77/488489

89. [SJ-JOB] Application Security Architect, Washington
http://www.securityfocus.com/archive/77/488490

90. [SJ-JOB] Software Engineer, Columbia
http://www.securityfocus.com/archive/77/488495

V. INCIDENTS LIST SUMMARY
---------------------------
1. CanSecWest 2008 Mar 26-28
http://www.securityfocus.com/archive/75/488624

2. Possible Mail server compromise ?
http://www.securityfocus.com/archive/75/487488

VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. GNU objdump 2.15 [FreeBSD] 2004-05-23 shows: ... "BFD: Please report this bug." While analyzing crafted ELF.
http://www.securityfocus.com/archive/82/488729

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter
http://www.securityfocus.com/archive/88/488429

VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. CanSecWest 2008 Mar 26-28
http://www.securityfocus.com/archive/91/488611

X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: CISO Executive Summit & Roundtable-Middle East, 12th-14th May, Bahrain, Ritz-Carlton

Over 20 speakers from across The Middle East, Europe, U.S & Asia will gather together for the MIS training.s CISO Executive Summit Middle East, Sheraton Bahrain Hotel, Kingdom of Bahrain 12-14 May 2008. This dynamic international speaker line up will provide a broad perspective on the security threats faced today and in the future. Take away actionable strategies that will enable you to limit the risk within your organisation. International case studies from the industries leading associations and organisations will provide you with the knowledge to identify the warning signs of key threats to your company.
Register now at www.mistieruope.com/CISOME