WINDOWS CENTER: SecurityFocus Newsletter #443

SecurityFocus Newsletter #443
----------------------------------------

This issue is Sponsored by: Black Hat Europe

Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with 400+ delegates from 30 nations and review products by leading vendors in a relaxed setting. Black Hat Europe is supported by most leading European infosec associations.

www.blackhat.com

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.A Guide to Different Kinds of Honeypots
2.The Laws of Full Disclosure
II. BUGTRAQ SUMMARY
1. OpenLDAP Multiple Remote Denial of Service Vulnerabilities
2. OpenLDAP MODRDN Remote Denial of Service Vulnerability
3. Bluemoon Inc. PopnupBlog XOOPS Module Index.PHP SQL Injection Vulnerability
4. pfSense Unspecified Cross-Site Scripting Vulnerabilities
5. MediaWiki JSON Callback Information Disclosure Vulnerability
6. PacketTrap pt360 Tool Suite TFTP Server Directory Traversal Vulnerability
7. Sun Solaris 8 Directory Functions Local Denial of Service Vulnerability
8. Crafty Syntax Live Help Multiple Cross-Site Scripting Vulnerabilities
9. Crafty Syntax Live Help 'lostsheep.php' Cross-Site Scripting Vulnerability
10. Mozilla Thunderbird External-Body MIME Remote Heap Buffer Overflow Vulnerability
11. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.11 Multiple Remote Vulnerabilities
12. Mozilla Firefox chrome:// URI JavaScript File Request Information Disclosure Vulnerability
13. ViewVC Multiple Remote Information Disclosure Vulnerabilities
14. Adobe Acrobat and Reader Multiple Arbitrary Code Execution and Security Vulnerabilities
15. Adobe Acrobat/Adobe Reader Information Disclosure Vulnerability
16. D-Bus 'send_interface' Attribute Security Policy Bypass Vulnerability
17. Firebird Username Remote Buffer Overflow Vulnerability
18. Firebird Relational Database 'protocol.cpp' XDR Protocol Remote Memory Corruption Vulnerability
19. Audacity Insecure Temporary File Creation Vulnerability
20. ADI Convergence Galaxy FTP Server Password Remote Denial of Service Vulnerability
21. phpComasy 'index.php' SQL Injection Vulnerability
22. PHP-Nuke Johannes Hass 'gaestebuch' Module 'id' Parameter SQL Injection Vulnerability
23. Heathco Software h2desk Multiple Information Disclosure Vulnerabilities
24. phpArcadeScript 'userid' Parameter SQL Injection Vulnerability
25. Joomla! and Mambo 'com_musica' Component 'id' Parameter SQL Injection Vulnerability
26. Koobi 'categ' Parameter SQL Injection Vulnerability
27. Podcast Generator 'set_permissions.php' Cross-Site Scripting Vulnerability
28. Smarty Template Engine 'regex_replace' Template Security Bypass Vulnerability
29. Smart Publisher '/admin/op/disp.php' Remote Code Execution Vulnerability
30. Xen mov_to_rr RID Local Security Bypass Vulnerability
31. Intel Wireless WiFi Link iwlwifi NULL Pointer Dereference Vulnerability
32. Joomla! and Mambo SOBI2 Component SQL Injection Vulnerability
33. Linux Kernel PowerPC 'chrp/setup.c' NULL Pointer Dereference Denial of Serviced Vulnerability
34. Linux Kernel ISDN_Net.C Local Buffer Overflow Vulnerability
35. Numara FootPrints HTML Injection and Remote Command Execution Vulnerabilities
36. SILC Toolkit 'silcutil.c' Function Buffer Overflow Vulnerability
37. Gnome Evolution Encrypted Message Format String Vulnerability
38. Lighttpd 'mod_cgi' Information Disclosure Vulnerability
39. Sun Java SE Multiple Unspecified Vulnerabilities
40. Sun Java RunTime Environment Read and Write Permission Multiple Privilege Escalation Vulnerabilities
41. Sun Java Runtime Environment Multiple Weaknesses
42. Linux Kiss Server Multiple Format String Vulnerabilities
43. WebCT Email and Discussion Board Messages HTML Injection Vulnerability
44. Apple QuickTime Movie Atom Remote Stack Buffer Overflow Vulnerability
45. Apple QuickTime Multiple Overflow and Exception Vulnerabilities
46. Apple QuickTime RTSP Response Header Content-Type Remote Stack Based Buffer Overflow Vulnerability
47. Opera Web Browser 9.25 Multiple Security Vulnerabilities
48. MG2 'list' Parameter Cross-Site Scripting Vulnerability
49. Mitra Informatika Solusindo Cart 'p' Parameter SQL Injection Vulnerability
50. Versant Object Database 'VERSANT_ROOT' Remote Arbitrary Command Execution Vulnerability
51. Libpng Library Multiple Remote Denial of Service Vulnerabilities
52. The 'libpng' Graphics Library PNG_SET_SPLT Remote Denial of Service Vulnerability
53. Libpng Library ICC Profile Chunk Off-By-One Denial of Service Vulnerability
54. Libpng Library Remote Denial of Service Vulnerability
55. Ariadne CMS Remote Arbitrary Shell Command Injection Vulnerability
56. Android Web Browser BMP File Integer Overflow Vulnerability
57. Android Web Browser GIF File Heap-Based Buffer Overflow Vulnerability
58. Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
59. Rising Web Scan Object 'OL2005.dll' ActiveX Control Remote Code Execution Vulnerability
60. Adobe Acrobat Reader 'acroread' Insecure Temporary File Creation Vulnerability
61. BSD PPP 'pppx.conf' Local Denial of Service Vulnerability
62. PHP-Nuke 'Seminars' Module 'fileName' Parameter Local File Include Vulnerability
63. PHP-Nuke eGallery Module 'pid' Parameter SQL Injection Vulnerability
64. EDraw Office Viewer Component FtpDownloadFile ActiveX Buffer Overflow Vulnerability
65. XWine Printing Insecure Temporary File Creation Vulnerability
66. Ghostscript zseticcspace() Function Buffer Overflow Vulnerability
67. XRMS CRM 'msg' Parameter Cross Site Scripting Vulnerability
68. ICQ Toolbar 'toolbaru.dll' ActiveX Control Remote Denial of Service Vulnerability
69. Crysis Username Format String Vulnerability
70. Barryvan Compo Manager 'main.php' Remote File Include Vulnerability
71. IBM WebSphere MQ Security Bypass Vulnerability
72. phpMyTourney 'tourney/index.php' Remote File Include Vulnerability
73. Podcast Generator Multiple Remote And Local File Include Vulnerabilities
74. SiteBuilder Elite 'CarpPath' Parameter Multiple Remote File Include Vulnerabilities
75. Centreon 'get_image.php' Local File Include Vulnerability
76. eazyPortal 'upwd' and 'uname' Multiple SQL Injection Vulnerabilities
77. Koobi Pro 'categ' Parameter SQL Injection Vulnerability
78. Drupal Multiple HTML Injection Vulnerabilities
79. Microsoft Jet Database Engine MDB File Parsing Unspecified Remote Vulnerability
80. phpMyAdmin '$_REQUEST' SQL Injection Vulnerability
81. ICQ Message Processing Remote Format String Vulnerability
82. Miniwebsvr Server Directory Traversal Vulnerability
83. Eye-Fi Multiple Security Vulnerabilities
84. Edimax 7205APL 802.11b Wireless Access Point Default Backdoor Account Vulnerability
85. Mantis 'view.php' HTML Injection Vulnerability
86. Wireshark 0.99.7 Multiple Denial of Service Vulnerabilities
87. paramiko Random Number Generator Weakness
88. Borland VisiBroker Smart Agent Multiple Remote Vulnerabilities
89. International Components for Unicode Library (libicu) Multiple Memory Corruption Vulnerabilities
90. Mambo/Joomla! RSGallery CATID Parameter SQL Injection Vulnerability
91. The SWORD Project Diatheke Unspecified Remote Command Execution Vulnerability
92. SplitVT 'xprop' Local Privilege Escalation Vulnerability
93. TorrentTrader 'msg' Parameter Cross Site Scripting Vulnerability
94. Borland StarTeam Multiple Remote Vulnerabilities
95. PacketTrap pt360 Tool Suite TFTP Server Remote Denial of Service Vulnerability
96. SARG User-Agent Processing HTML Injection and Stack Buffer Overflow Vulnerabilities
97. Flyspray Multiple Information Disclosure, HTML Injection, and Cross-Site Scripting Vulnerabilities
98. XP Book 'entry.php' Multiple Cross-Site Scripting Vulnerabilities
99. KC Wiki 'wiki.php' Multiple Remote File Include Vulnerabilities
100. PHP WEB SCRIPT Dynamic Photo Gallery 'album.php' SQL Injection Vulnerability
III. SECURITYFOCUS NEWS
1. Law makers voice concerns over cybersecurity plan
2. Worries over "good worms" rise again
3. Federal agencies miss deadline on secure configs
4. Universities fend off phishing attacks
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Auditor, Jersey City
2. [SJ-JOB] Software Engineer, St. Paul
3. [SJ-JOB] Security Architect, New York
4. [SJ-JOB] Security Architect, San Francisco
5. [SJ-JOB] Application Security Engineer, Pasadena
6. [SJ-JOB] Security Architect, Los Angeles
7. [SJ-JOB] Technical Support Engineer, Stoneham
8. [SJ-JOB] Compliance Officer, Home based
9. [SJ-JOB] Security Architect, Seattle
10. [SJ-JOB] Manager, Information Security, London
11. [SJ-JOB] Software Engineer, Alpharetta
12. [SJ-JOB] Security Architect, Boston
13. [SJ-JOB] Compliance Officer, Home based
14. [SJ-JOB] Senior Software Engineer, Deerfield Beach
15. [SJ-JOB] Security Architect, Chicago
16. [SJ-JOB] Security Architect, Rockville
17. [SJ-JOB] Penetration Engineer, Washington
18. [SJ-JOB] Security Architect, Washington D.C.
19. [SJ-JOB] Software Engineer, Rockville
20. [SJ-JOB] Security Architect, Atlanta
21. [SJ-JOB] VP / Dir / Mgr engineering, Alexandria
22. [SJ-JOB] Sales Engineer, Reston
23. [SJ-JOB] Security Architect, Philadelphia
24. [SJ-JOB] Security Architect, Dallas
25. [SJ-JOB] Penetration Engineer, NCR area
26. [SJ-JOB] Security Engineer, Boca Raton
27. [SJ-JOB] Software Engineer, St. Paul
28. [SJ-JOB] Technical Writer, NCR
29. [SJ-JOB] Developer, Moncton
30. [SJ-JOB] Sales Engineer, Bloomington
31. [SJ-JOB] Principal Software Engineer, Foxborough
32. [SJ-JOB] Application Security Engineer, Chennai
33. [SJ-JOB] Security System Administrator, Urbana
34. [SJ-JOB] Security System Administrator, Foxborough
35. [SJ-JOB] Incident Handler, New York
36. [SJ-JOB] Information Assurance Engineer, Arlington
37. [SJ-JOB] Quality Assurance, Foxborough
38. [SJ-JOB] Security Engineer, San Antonio
39. [SJ-JOB] Sr. Security Analyst, Stamford
40. [SJ-JOB] Security Auditor, New York
41. [SJ-JOB] Manager, Information Security, Foster City
42. [SJ-JOB] Application Security Engineer, Washington
43. [SJ-JOB] Application Security Architect, Baltimore
44. [SJ-JOB] VP, Information Security, Morris Plains
45. [SJ-JOB] Certification & Accreditation Engineer, NCR area
46. [SJ-JOB] Sr. Security Engineer, Boston
47. [SJ-JOB] Sr. Security Engineer, Ithaca
48. [SJ-JOB] Sales Representative, Atlanta
49. [SJ-JOB] Software Engineer, Washington
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Recon 2008 - Call For Paper
2. *BSD user-ppp local root (when conditions permit)
3. OpenSSH 4.X DoS (maybe...)
VII. MICROSOFT FOCUS LIST SUMMARY
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.A Guide to Different Kinds of Honeypots
Honeypots come in many shapes and sizes and are available to mimic lots of different kinds of applications and protocols. We shall take the definition of a honeypot as "a security resource whose value lies in being probed, attacked, or compromised"[Spitzner02]. That is, a honeypot is a system we can monitor to observe how attackers behave, a system which is designed to lure attackers away from more valuable systems and/or a system which is designed to provide early warning of an intrusion to the target network. A honeypot may be used for all three applications at the same time.
http://www.securityfocus.com/infocus/1897

2.The Laws of Full Disclosure
By Federico Biancuzzi
Full disclosure has a long tradition in the security community worldwide, yet different European countries have different views on the legality of vulnerability research. SecurityFocus contributor Federico Biancuzzi investigates the subject of full disclosure and the law by interviewing lawyers from twelve EU countries: Belgium, Denmark, Finland, France, Germany,Greece, Hungary, Ireland, Italy, Poland, Romania, and the UK.
http://www.securityfocus.com/columnists/466

II. BUGTRAQ SUMMARY
--------------------
1. OpenLDAP Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 26245
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26245
Summary:
OpenLDAP is prone to multiple remote denial-of-service vulnerabilities because of an incorrect NULL-termination issue and a double-free issue.

Attackers can exploit these issues to deny service to legitimate users.

Versions prior to OpenLDAP 2.3.39 are vulnerable.

2. OpenLDAP MODRDN Remote Denial of Service Vulnerability
BugTraq ID: 27778
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27778
Summary:
OpenLDAP is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to deny service to legitimate users.

OpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be affected.

This issue is related to one described in BID 26245 (OpenLDAP Multiple Remote Denial of Service Vulnerabilities), identified by CVE-2007-6698.

3. Bluemoon Inc. PopnupBlog XOOPS Module Index.PHP SQL Injection Vulnerability
BugTraq ID: 23286
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/23286
Summary:
Bluemoon Inc. PopnupBlog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects PopnupBlog 2.52; other versions may also be affected.

4. pfSense Unspecified Cross-Site Scripting Vulnerabilities
BugTraq ID: 28072
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28072
Summary:
pfSense is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

The vulnerabilities affect versions prior to pfSense 1.2.

5. MediaWiki JSON Callback Information Disclosure Vulnerability
BugTraq ID: 28070
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28070
Summary:
MediaWiki is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain potentially sensitive information that may lead to further attacks.

This issue affects MediaWiki 1.11 to 1.11.2.

6. PacketTrap pt360 Tool Suite TFTP Server Directory Traversal Vulnerability
BugTraq ID: 28078
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28078
Summary:
PacketTrap pt360 Tool Suite TFTP server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows attackers to access arbitrary files outside of the TFTP server root directory. This can expose sensitive information that could help the attacker launch further attacks, including overwriting system files, which could lead to a complete compromise of the computer.

PacketTrap pt360 Tool Suite TFTP server 1.1.33.1 is vulnerable; other versions may also be affected.

7. Sun Solaris 8 Directory Functions Local Denial of Service Vulnerability
BugTraq ID: 28069
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28069
Summary:
Sun Solaris is prone to a denial-of-service vulnerability.

A local unprivileged attacker can exploit this issue to cause a system crash on an affected computer, resulting in denial-of-service conditions.

This issue affects Solaris 8 for SPARC and x86 architectures.

8. Crafty Syntax Live Help Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 28071
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28071
Summary:
Crafty Syntax Live Help is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

These issues affect versions prior to Crafty Syntax Live Help 2.14.6.

9. Crafty Syntax Live Help 'lostsheep.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27859
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27859
Summary:
Crafty Syntax Live Help is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

10. Mozilla Thunderbird External-Body MIME Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 28012
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28012
Summary:
Mozilla Thunderbird is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data.

Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the vulnerable application; failed exploit attempts will likely crash the application. This may facilitate the remote compromise of affected computers.

The issue affects versions prior to Mozilla Thunderbird 2.0.0.12.

11. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.11 Multiple Remote Vulnerabilities
BugTraq ID: 27683
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27683
Summary:
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.11 and prior versions.

Exploiting these issues can allow attackers to:

- remotely execute arbitrary code
- cause denial-of-service conditions
- hide contents of security warnings
- access sensitive information
- escape sandbox and execute scripts with chrome privileges
- inject script code into other sites and violate the same-origin policy

Other attacks are possible.

These issues are present in Firefox 2.0.0.11 and prior versions. Mozilla Thunderbird 2.0.0.9 and prior versions as well as SeaMonkey 1.1.7 and prior versions are also affected by many of these vulnerabilities.

12. Mozilla Firefox chrome:// URI JavaScript File Request Information Disclosure Vulnerability
BugTraq ID: 27406
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27406
Summary:
Mozilla Firefox is prone to an information-disclosure vulnerability because it fails to restrict access to local JavaScript, images and stylesheets files.

Attackers can exploit this issue to gain access to potentially sensitive information that could aid in further attacks.

Firefox 2.0.0.11 is vulnerable; other versions may also be affected.

NOTE: For an exploit to succeed, a user must have an addon installed that does not store its contents in a '.jar' file. The attacker would have to target a specific addon that uses "flat" packaging.

13. ViewVC Multiple Remote Information Disclosure Vulnerabilities
BugTraq ID: 28055
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28055
Summary:
ViewVC is prone to multiple information-disclosure vulnerabilities because the application fails to properly validate user privileges.

An unprivileged attacker may exploit these issues to bypass certain security restrictions and gain access to perform certain actions that will disclose sensitive information.

These issues affect versions prior to ViewVC 1.0.5.

14. Adobe Acrobat and Reader Multiple Arbitrary Code Execution and Security Vulnerabilities
BugTraq ID: 27641
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27641
Summary:
Adobe Acrobat and Reader are prone to multiple arbitrary remote code-execution and security vulnerabilities.

Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Other attacks are also possible.

Versions prior to Adobe Acrobat and Adobe Reader 8.1.2 are vulnerable to these issues.

15. Adobe Acrobat/Adobe Reader Information Disclosure Vulnerability
BugTraq ID: 22753
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/22753
Summary:
Adobe Acrobat and Adobe Reader may allow remote attackers to retrieve the contents of files on a vulnerable computer.

Information gathered through a successful exploit of this vulnerability may aid in other attacks.

16. D-Bus 'send_interface' Attribute Security Policy Bypass Vulnerability
BugTraq ID: 28023
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28023
Summary:
D-Bus is prone to a vulnerability that can allow attackers to bypass its security policy.

Attackers can leverage this issue to access certain 'dbus-daemon' method calls without proper permission.

This issue affects versions prior to D-Bus 1.0.3 and 1.2.20.

17. Firebird Username Remote Buffer Overflow Vulnerability
BugTraq ID: 27467
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27467
Summary:
Firebird is prone to a remote stack-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary machine code in the context of the affected database server. Failed exploit attempts will likely cause denial-of-service conditions.

The issue affects the following versions:

Firebird 1.5.4
Firebird 2.0
Firebird 2.0.1
Firebird 2.0.2
Firebird 2.0.3
Firebird 2.1 Alpha 1
Firebird 2.1 Beta 1
Firebird 2.1 Beta 2

18. Firebird Relational Database 'protocol.cpp' XDR Protocol Remote Memory Corruption Vulnerability
BugTraq ID: 27403
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27403
Summary:
Firebird is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to overflow a buffer and to corrupt process memory.

Attackers may be able to execute arbitrary machine code in the context of an affected application. Failed exploit attempts will likely result in a denial-of-service condition.

19. Audacity Insecure Temporary File Creation Vulnerability
BugTraq ID: 26608
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/26608
Summary:
Audacity is prone to a security vulnerability because it creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

This issue affects Audacity 1.3.2; other versions may also be vulnerable.

20. ADI Convergence Galaxy FTP Server Password Remote Denial of Service Vulnerability
BugTraq ID: 28066
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28066
Summary:
ADI Convergence Galaxy FTP Server is prone to a denial-of-service vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, remote code execution may also be possible, but this has not been confirmed.

ADI Convergence Galaxy FTP Server 0.1 is vulnerable; other versions may also be affected.

21. phpComasy 'index.php' SQL Injection Vulnerability
BugTraq ID: 28064
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28064
Summary:
phpComasy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

phpComasy 0.8 is vulnerable; other versions may also be affected.

22. PHP-Nuke Johannes Hass 'gaestebuch' Module 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 28063
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28063
Summary:
The 'gaestebuch' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects gaestebuch 2.2; other versions may also be affected.

23. Heathco Software h2desk Multiple Information Disclosure Vulnerabilities
BugTraq ID: 28062
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28062
Summary:
Heathco Software h2desk is prone to multiple information-disclosure vulnerabilities.

Attackers can leverage these issues to obtain potentially sensitive information that can aid in further attacks.

24. phpArcadeScript 'userid' Parameter SQL Injection Vulnerability
BugTraq ID: 28065
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28065
Summary:
phpArcadeScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

phpArcadeScript 1.0, 2.0, 3.0 RC1, and 3.0 RC2 are vulnerable; other versions may also be affected.

25. Joomla! and Mambo 'com_musica' Component 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 28061
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28061
Summary:
The 'com_musica' component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

26. Koobi 'categ' Parameter SQL Injection Vulnerability
BugTraq ID: 28059
Remote: Yes
Last Updated: 2008-03-01
Relevant URL: http://www.securityfocus.com/bid/28059
Summary:
Koobi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects Koobi 4.2.3 to 4.3.0; other versions may also be vulnerable.

27. Podcast Generator 'set_permissions.php' Cross-Site Scripting Vulnerability
BugTraq ID: 28106
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28106
Summary:
Podcast Generator is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input.

Podcast Generator 0.96.2 is vulnerable; other versions may also be affected.

28. Smarty Template Engine 'regex_replace' Template Security Bypass Vulnerability
BugTraq ID: 28105
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28105
Summary:
Smarty Template Engine is prone to a security-bypass vulnerability because it fails to adequately sanitize user-supplied input. This issue occurs because of a modifier error in the template security.

Attackers can exploit this issue to execute arbitrary script code in the context of the application.

Versions prior to Smarty Template Engine 2.6.19 are vulnerable.

29. Smart Publisher '/admin/op/disp.php' Remote Code Execution Vulnerability
BugTraq ID: 27488
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27488
Summary:
Smart Publisher is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input.

An attacker can leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

This issue affects Smart Publisher 1.0.1; prior versions may also be affected.

30. Xen mov_to_rr RID Local Security Bypass Vulnerability
BugTraq ID: 26716
Remote: No
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26716
Summary:
Xen is prone to a local security-bypass vulnerability because it fails to validate user-supplied input.

Local attackers can leverage this issue to read memory from VT-i domains other than the one they have access to. This could allow attackers to obtain potentially sensitive information that could aid in further attacks.

Versions prior to Xen 3.1.2 on IA64 platforms are vulnerable.

31. Intel Wireless WiFi Link iwlwifi NULL Pointer Dereference Vulnerability
BugTraq ID: 26842
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26842
Summary:
The 'iwlwifi' drive is prone to a NULL-pointer dereference vulnerability because of a flaw in the 'compatible/iwl3945-base.c' file.

Attackers can exploit this issue to trigger a kernel panic and cause denial-of-service conditions.

Versions prior to iwlwifi 1.1.22 are vulnerable.

32. Joomla! and Mambo SOBI2 Component SQL Injection Vulnerability
BugTraq ID: 27617
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27617
Summary:
SOBI2 component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects SOBI2 RC 2.5.3; other versions may also be vulnerable.

UPDATE (March 5, 2008): Reports indicate that this issue may not be exploitable as described, because of the following line of code in the component:

$catid = intval(mosGetParam($_REQUEST, 'catid', 0));

33. Linux Kernel PowerPC 'chrp/setup.c' NULL Pointer Dereference Denial of Serviced Vulnerability
BugTraq ID: 27555
Remote: No
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27555
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users.

This issue affects Linux kernel 2.4.21 through 2.6.18-53 running on the PowerPC architecture.

34. Linux Kernel ISDN_Net.C Local Buffer Overflow Vulnerability
BugTraq ID: 26605
Remote: No
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/26605
Summary:
The Linux kernel is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed.

This issue affects the Linux kernel versions prior to 2.6.23.10.

35. Numara FootPrints HTML Injection and Remote Command Execution Vulnerabilities
BugTraq ID: 28103
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28103
Summary:
Numara FootPrints is prone to an HTML-injection vulnerability and a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input.

Attackers can exploit these issues to execute arbitrary commands within the context of the webserver, execute arbitrary HTML or JavaScript code within the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. Other attacks are also possible.

Numara FootPrints 8.1 for Linux is vulnerable; other versions running on different platforms may also be affected.

36. SILC Toolkit 'silcutil.c' Function Buffer Overflow Vulnerability
BugTraq ID: 28101
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28101
Summary:
SILC Toolkit is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.

This issue affects versions prior to SILC Toolkit 1.1.6.

37. Gnome Evolution Encrypted Message Format String Vulnerability
BugTraq ID: 28102
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28102
Summary:
Gnome Evolution is prone to a format-string vulnerability.

This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format-specifier argument of a formatted-printing function when processing encrypted email massages.

Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the application. Failed exploit attempts will likely result in a denial of service.

Gnome Evolution 2.12.3 is vulnerable to this issue; other versions may also be affected.

38. Lighttpd 'mod_cgi' Information Disclosure Vulnerability
BugTraq ID: 28100
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28100
Summary:
Lighttpd is prone to a vulnerability that in certain circumstances may allow attackers to access source code because the application fails to properly handle exceptional conditions.

Attackers can exploit this vulnerability to obtain potentially sensitive information that may aid in further attacks.

This issue affects lighttpd 1.4.18; other versions may also be vulnerable.

39. Sun Java SE Multiple Unspecified Vulnerabilities
BugTraq ID: 28083
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28083
Summary:
Sun has released an advance notification for security updates for Java SE. The notification indicates that seven advisories addressing multiple vulnerabilities will be released on March 4, 2008. The issues affect the following:

JDK and JRE 6 Update 5
JDK and JRE 5.0 Update 15
SDK and JRE 1.4.2_17
SDK and JRE 1.3.1_22
The following Sun Alerts corresponding to these updates will be released after the updates are available:

233321
233322
233323
233324
233325
233326
233327

The impact and severity of these issues are currently unknown. We will update this BID as more information is disclosed. To better document the issues, each issue may be assigned its own BID.

UPDATE: Sun has released the updates. Please see the references for more information.

40. Sun Java RunTime Environment Read and Write Permission Multiple Privilege Escalation Vulnerabilities
BugTraq ID: 27650
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/27650
Summary:
Sun Java Runtime Environment is prone to multiple privilege-escalation vulnerabilities when running untrusted applications or applets.

Successful exploits will compromise arbitrary data and possibly the underlying computer.

These issues affect the following versions:

JDK and JRE 6 Update 1 and earlier
JDK and JRE 5.0 Update 13 and earlier.

41. Sun Java Runtime Environment Multiple Weaknesses
BugTraq ID: 25918
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/25918
Summary:
Sun Java Runtime Environment is prone to multiple weaknesses that may allow JavaScript code or applets to connect to resources other than the one the scripts or applets were downloaded from. One of the weaknesses may allow an attacker to obscure a Java warning about an untrusted applet from the user.

These issues affect the following packages for Windows, Solaris, and Linux:

JDK and JRE 6 Update 2 and earlier
JDK and JRE 5.0 Update 12 and earlier
SDK and JRE 1.4.2_15 and earlier
SDK and JRE 1.3.1_20 and earlier

42. Linux Kiss Server Multiple Format String Vulnerabilities
BugTraq ID: 28099
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28099
Summary:
Linux Kiss Server is prone to multiple format-string vulnerabilities because the application fails to adequately sanitize user-supplied input before passing it as the format-specifier to a formatted-printing function.

A remote attacker may execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in a denial of service.

These issues affect Linux Kiss Server 1.2; other versions may also be vulnerable.

43. WebCT Email and Discussion Board Messages HTML Injection Vulnerability
BugTraq ID: 28107
Remote: Yes
Last Updated: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28107
Summary:
WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.

This issue affects WebCT version 4.1.5.8; other versions may also be vulnerable.

44. Apple QuickTime Movie Atom Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 26443
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/26443
Summary:
Apple QuickTime is prone to a stack-based buffer-overflow issue because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted movie file.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Microsoft Windows XP SP2, and Mac OS X.

45. Apple QuickTime Multiple Overflow and Exception Vulnerabilities
BugTraq ID: 19976
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/19976
Summary:
Apple QuickTime is prone to multiple vulnerabilities because it fails to properly bounds-check and sanitize user-supplied data.

An attacker can exploit these issues to execute arbitrary code in the context of the victim user running the vulnerable application. Successful exploits may facilitate a remote compromise of affected computers.

46. Apple QuickTime RTSP Response Header Content-Type Remote Stack Based Buffer Overflow Vulnerability
BugTraq ID: 26549
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/26549
Summary:
Apple QuickTime is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized stack-based memory buffer.

This issue occurs when handling specially crafted RTSP Response headers.

Attackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions.

QuickTime 7.3 is vulnerable to this issue; other versions may also be affected.

UPDATE (December 4, 2007): Attackers are exploiting this issue through the Second Life Viewer to steal Linden dollars from unsuspecting victims.

47. Opera Web Browser 9.25 Multiple Security Vulnerabilities
BugTraq ID: 27901
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/27901
Summary:
Opera Web Browser is prone to multiple security vulnerabilities, including code-execution issues and a file-upload issue.

Attackers can exploit these issues to execute remote script code and obtain sensitive data.

These issues affect versions prior to Opera 9.26.

48. MG2 'list' Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 28098
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28098
Summary:
MG2 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input.

49. Mitra Informatika Solusindo Cart 'p' Parameter SQL Injection Vulnerability
BugTraq ID: 28096
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28096
Summary:
Mitra Informatika Solusindo Cart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

50. Versant Object Database 'VERSANT_ROOT' Remote Arbitrary Command Execution Vulnerability
BugTraq ID: 28097
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28097
Summary:
Versant Object Database is prone to a vulnerability that can be leveraged to execute arbitrary commands. This issue occurs because the application fails to adequately sanitize user-supplied input during the client-to-server connection process.

Successful exploits will compromise the affected server and possibly the underlying computer.

Versant Object Database 7.0.1.3 is vulnerable; other versions may also be affected.

51. Libpng Library Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 25956
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/25956
Summary:
The 'libpng' library is prone to multiple remote denial-of-service vulnerabilities because the library fails to handle malicious PNG files.

Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.

These issues affect 'libpng' 1.2.20 and prior versions.

52. The 'libpng' Graphics Library PNG_SET_SPLT Remote Denial of Service Vulnerability
BugTraq ID: 21078
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/21078
Summary:
The 'libpng' graphics library is reported prone to a denial-of-service vulnerability. The library fails to perform proper bounds-checking of user-supplied input, which leads to an out-of-bounds read error.

Attackers may exploit this vulnerability to crash an application that relies on the affected library.

53. Libpng Library ICC Profile Chunk Off-By-One Denial of Service Vulnerability
BugTraq ID: 25957
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/25957
Summary:
The 'libpng' library is prone to a remote denial-of-service vulnerability because the library fails to handle malicious PNG files.

Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.

This issue affects 'libpng' 1.2.21 and prior versions.

54. Libpng Library Remote Denial of Service Vulnerability
BugTraq ID: 24000
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/24000
Summary:
The 'libpng' library is prone to a remote denial-of-service vulnerability because the library fails to handle malicious PNG files.

Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.

This issue affects 'libpng' 1.2.16 and prior versions.

55. Ariadne CMS Remote Arbitrary Shell Command Injection Vulnerability
BugTraq ID: 28093
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28093
Summary:
Ariadne CMS is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.

Attackers can exploit this issue to execute arbitrary shell commands in the context of the webserver hosting the vulnerable application. This may facilitate the remote compromise of affected computers.

This issue affects versions prior to Ariadne 2.6.

56. Android Web Browser BMP File Integer Overflow Vulnerability
BugTraq ID: 28006
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28006
Summary:
Android Web Browser is prone to an integer-overflow vulnerability because it fails to adequately handle user-supplied data.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause denial-of-service conditions.

This issue affects Android SDK m5-rc14 and earlier.

57. Android Web Browser GIF File Heap-Based Buffer Overflow Vulnerability
BugTraq ID: 28005
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28005
Summary:
Android Web Browser is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

Successfully exploiting this vulnerability can allow remote attackers to execute arbitrary machine code in the context of the application. Failed attempts will likely result in denial-of-service conditions.

This issue affects Android SDK m3-rc37a and earlier.

58. Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
BugTraq ID: 28092
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28092
Summary:
Dovecot is prone to a vulnerability that can result in unauthorized access to arbitrary data.

This occurs when the 'mail_extra_groups' setting is enabled.

Attackers can leverage this issue to write or delete certain files or to harvest data that may aid in further attacks.

Dovecot 0.99.10.6 through 1.0.10 are vulnerable.

59. Rising Web Scan Object 'OL2005.dll' ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 27997
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/27997
Summary:
Rising Web Scan Object 'OL2005.dll' ActiveX control is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).

This issue affects Rising Web Scan Object 'OL2005.dll' 18.0.0.7; other versions may also be affected.

60. Adobe Acrobat Reader 'acroread' Insecure Temporary File Creation Vulnerability
BugTraq ID: 28091
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28091
Summary:
The 'acroread' script of the Adobe Acrobat Reader package creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

This issue affects SUSE Linux Enterprise Desktop 10. It is currently unknown if this issue is present in the upstream Adobe Acrobat Reader package or if it is SUSE-specific. We will update this BID as more information emerges.

61. BSD PPP 'pppx.conf' Local Denial of Service Vulnerability
BugTraq ID: 28090
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28090
Summary:
BSD PPP is prone to a local denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers can leverage this issue to crash the application and deny service to legitimate users. Given the nature of the issue, arbitrary code execution may also be possible, but this has not been confirmed.

This issue affects FreeBSD 6.3 and unspecified versions of NetBSD and OpenBSD; other versions may also be affected.

62. PHP-Nuke 'Seminars' Module 'fileName' Parameter Local File Include Vulnerability
BugTraq ID: 28089
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28089
Summary:
The PHP-Nuke 'Seminars' module is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an unauthorized remote user to view files and execute local scripts in the context of the webserver process.

63. PHP-Nuke eGallery Module 'pid' Parameter SQL Injection Vulnerability
BugTraq ID: 28088
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28088
Summary:
The eGallery module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

64. EDraw Office Viewer Component FtpDownloadFile ActiveX Buffer Overflow Vulnerability
BugTraq ID: 25892
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/25892
Summary:
EDraw Office Viewer Component ActiveX control is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to cause a denial-of-service condition and possibly to execute arbitrary code, but has not been confirmed.

This issue affects EDraw Office Viewer Component 5.3; other versions may also be affected.

65. XWine Printing Insecure Temporary File Creation Vulnerability
BugTraq ID: 28049
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28049
Summary:
XWine is prone to a security vulnerability because it creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

This issue affects XWine 1.0.1; other versions may also be vulnerable.

66. Ghostscript zseticcspace() Function Buffer Overflow Vulnerability
BugTraq ID: 28017
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28017
Summary:
Ghostscript is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.

67. XRMS CRM 'msg' Parameter Cross Site Scripting Vulnerability
BugTraq ID: 28041
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28041
Summary:
XRMS CRM is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input.

XRMS CRM 1.99.2 is affected; other versions may also be vulnerable.

68. ICQ Toolbar 'toolbaru.dll' ActiveX Control Remote Denial of Service Vulnerability
BugTraq ID: 28086
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28086
Summary:
ICQ Toolbar 'toolbaru.dll' ActiveX control is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to trigger denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control.

This issue affects ICQ Toolbar 2.3 Beta; other versions may also be affected.

69. Crysis Username Format String Vulnerability
BugTraq ID: 28039
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28039
Summary:
Crysis is prone to a format-string vulnerability.

Exploiting this issue will allow attackers to execute arbitrary code with the permissions of a user running the application. Failed attacks will likely cause denial-of-service conditions.

Crysis 1.1.1.5879 is vulnerable to this issue; other versions may also be affected.

70. Barryvan Compo Manager 'main.php' Remote File Include Vulnerability
BugTraq ID: 28035
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28035
Summary:
Barryvan Compo Manager is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

This issue affects Barryvan Compo Manager 0.3; other versions may also be vulnerable.

71. IBM WebSphere MQ Security Bypass Vulnerability
BugTraq ID: 28046
Remote: No
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28046
Summary:
IBM WebSphere MQ is prone to a security-bypass vulnerability because the application fails to properly restrict access to certain functionality.

Attackers can exploit this issue to bypass certain security restrictions, connect to a queue manager in an unauthorized manner, and obtain potentially sensitive information; other attacks are also possible.

This issue affects versions prior to:

5.3 Fix Pack 14
6.0 Fix Pack 6.0.2.2

72. phpMyTourney 'tourney/index.php' Remote File Include Vulnerability
BugTraq ID: 28057
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28057
Summary:
phpMyTourney is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

This issue affects phpMyTourney 2; other versions may also be vulnerable.

73. Podcast Generator Multiple Remote And Local File Include Vulnerabilities
BugTraq ID: 28038
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28038
Summary:
Podcast Generator is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to execute arbitrary local and remote scripts in the context of the webserver process or access potentially sensitive information. This may result in a compromise of the application and the underlying system; other attacks are also possible.

Podcast Generator 1.0 BETA 2 is vulnerable; other versions may also be affected.

74. SiteBuilder Elite 'CarpPath' Parameter Multiple Remote File Include Vulnerabilities
BugTraq ID: 28036
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28036
Summary:
SiteBuilder Elite is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

These issues affect SiteBuilder Elite 1.2; other versions may also be affected.

75. Centreon 'get_image.php' Local File Include Vulnerability
BugTraq ID: 28022
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28022
Summary:
Centreon is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an attacker to obtain potentially sensitive information that may lead to further attacks.

This issue affects Centreon 1.4.2.2 and 1.4.2.3; other versions may also be vulnerable.

76. eazyPortal 'upwd' and 'uname' Multiple SQL Injection Vulnerabilities
BugTraq ID: 28019
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28019
Summary:
eazyPortal is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

eazyPortal1.0 is vulnerable; other versions may also be affected.

77. Koobi Pro 'categ' Parameter SQL Injection Vulnerability
BugTraq ID: 28031
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28031
Summary:
Koobi Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects Koobi Pro 5.7; other versions may also be vulnerable.

78. Drupal Multiple HTML Injection Vulnerabilities
BugTraq ID: 28026
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28026
Summary:
Drupal is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data.

Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

These issues affect Drupal 6.0; other versions may also be vulnerable.

79. Microsoft Jet Database Engine MDB File Parsing Unspecified Remote Vulnerability
BugTraq ID: 28087
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28087
Summary:
Microsoft Jet Database Engine is prone to an unspecifed security vulnerability.

Remote attackers can exploit this issue to execute arbitrary machine code in the context of a user running the application. Successful exploits will compromise the affected application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions.

80. phpMyAdmin '$_REQUEST' SQL Injection Vulnerability
BugTraq ID: 28068
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28068
Summary:
phpMyAdmin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects versions prior to phpMyAdmin 2.11.5.

81. ICQ Message Processing Remote Format String Vulnerability
BugTraq ID: 28027
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28027
Summary:
ICQ is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

A remote attacker may execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service.

This issue affects ICQ 6 build 6043; other versions may also be vulnerable.

82. Miniwebsvr Server Directory Traversal Vulnerability
BugTraq ID: 23413
Remote: Yes
Last Updated: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/23413
Summary:
Miniwebsvr is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.

Note that the attacker can traverse to only one directory above the current working directory of the webserver application.

Miniwebsvr 0.0.7 is vulnerable to this issue; other versions may also be affected.

UPDATE (March 4, 2008): Miniwebsvr 0.0.9a is also reported vulnerable.

83. Eye-Fi Multiple Security Vulnerabilities
BugTraq ID: 28085
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28085
Summary:
The Eye-Fi Manager and Card are prone to multiple security vulnerabilities, including unauthorized image uploads to computers, remotely altering the destination folder, cross-site request-forgery vulnerabilities, and a denial-of-service vulnerability.

These issues affect Eye-Fi 1.1.2; other versions may also be affected.

84. Edimax 7205APL 802.11b Wireless Access Point Default Backdoor Account Vulnerability
BugTraq ID: 10512
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/10512
Summary:
The Edimax 7205APL is reported to contain a default backdoor account.

This account is hard-coded and cannot be removed. This account can be used to log in to the device and to create a backup of the configuration.

This configuration contains all users and their corresponding passwords, allowing an attacker to then log in to the device as administrator.

The reported vulnerable device had firmware revision 2.40a-00. Other revisions may also contain similar backdoor accounts.

85. Mantis 'view.php' HTML Injection Vulnerability
BugTraq ID: 27045
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27045
Summary:
Mantis is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.

This issue affects versions prior to Mantis 1.1.0.

86. Wireshark 0.99.7 Multiple Denial of Service Vulnerabilities
BugTraq ID: 28025
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28025
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issues may allow attackers to cause crashes and deny service to legitimate users of the application. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

Wireshark 0.6.0 to 0.99.7 are affected.

87. paramiko Random Number Generator Weakness
BugTraq ID: 27307
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27307
Summary:
The 'paramiko' module is prone to a random-number-generator weakness; fixes are available.

Remote attackers can exploit this issue to predict random data generated by certain applications that use paramiko for encryption purposes.

Attackers may gain access to sensitive information that may aid in further attacks.

88. Borland VisiBroker Smart Agent Multiple Remote Vulnerabilities
BugTraq ID: 28084
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28084
Summary:
Borland VisiBroker Smart Agent is prone to multiple remote vulnerabilities, including a heap-based buffer-overflow issue and a denial-of-service issue.

A successful exploit will allow remote attackers to execute arbitrary code in the context of the affected software or to crash the affected application, denying service to legitimate users.

These issues affect Borland VisiBroker Smart Agent 08.00.00.C1.03; other versions may also be affected.

89. International Components for Unicode Library (libicu) Multiple Memory Corruption Vulnerabilities
BugTraq ID: 27455
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27455
Summary:
The International Components for Unicode library (libicu) is prone to multiple memory-corruption vulnerabilities.

Successfully exploiting these issues allows remote attackers to corrupt and overflow memory and possibly execute remote code. Failed exploit attempts will likely crash applications.

These issues affect libicu 3.8.1 and prior versions.

90. Mambo/Joomla! RSGallery CATID Parameter SQL Injection Vulnerability
BugTraq ID: 26704
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/26704
Summary:
Mambo/Joomla! RSGallery is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

RSGallery 2.0 beta 5 is vulnerable; other versions may also be affected.

91. The SWORD Project Diatheke Unspecified Remote Command Execution Vulnerability
BugTraq ID: 27987
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27987
Summary:
The SWORD Project's Diatheke front-end is prone to a vulnerability that can allow arbitrary shell commands to run.

Successful exploits will compromise the application and possibly the underlying webserver.

SWORD 1.5.9 is vulnerable; other versions may also be affected.

92. SplitVT 'xprop' Local Privilege Escalation Vulnerability
BugTraq ID: 27936
Remote: No
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/27936
Summary:
SplitVT is prone to a local privilege-escalation vulnerability.

Attackers can exploit this issue to gain group 'utmp' privileges on affected computers.

93. TorrentTrader 'msg' Parameter Cross Site Scripting Vulnerability
BugTraq ID: 28082
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28082
Summary:
TorrentTrader is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input.

TorrentTrader Classic 1.08 is affected; other versions may also be vulnerable.

94. Borland StarTeam Multiple Remote Vulnerabilities
BugTraq ID: 28080
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28080
Summary:
Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability.

Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of vulnerable server processes. These issues may facilitate the remote compromise of affected computers. Attackers may also trigger denial-of-service conditions.

NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO SmartSocket DLL, but this has not been confirmed. We may update this BID as more information emerges.

Borland StarTeam Server 2008 and MPX products are vulnerable to these issues; other versions may also be affected.

95. PacketTrap pt360 Tool Suite TFTP Server Remote Denial of Service Vulnerability
BugTraq ID: 28079
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28079
Summary:
PacketTrap pt360 Tool Suite TFTP server is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input.

Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users.

PacketTrap pt360 Tool Suite TFTP server 1.1.33.1 is affected; other versions may also be vulnerable.

96. SARG User-Agent Processing HTML Injection and Stack Buffer Overflow Vulnerabilities
BugTraq ID: 28077
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28077
Summary:
SARG is prone to an HTML-injection vulnerability and a stack-based buffer-overflow vulnerability.

An attacker can exploit these issues to execute arbitrary HTML and attacker-supplied code in the context of the affected webserver, steal cookie-based authentication credentials, and cause a denial-of-service condition.

This issue affects SARG 2.2.3.1; prior versions may also be affected.

97. Flyspray Multiple Information Disclosure, HTML Injection, and Cross-Site Scripting Vulnerabilities
BugTraq ID: 28076
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28076
Summary:
Flyspray is prone to an information-disclosure issue, an HTML-injection issue, and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues determine valid usernames and passwords via brute-force attacks or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, and launch other attacks.

These issues affect Flyspray 0.9.9 to 0.9.9.4.

98. XP Book 'entry.php' Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 28075
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28075
Summary:
XP Book is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

XP Book 3.0 is vulnerable; other versions may also be affected.

99. KC Wiki 'wiki.php' Multiple Remote File Include Vulnerabilities
BugTraq ID: 28074
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28074
Summary:
KC Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.

KC Wiki 1.0 is vulnerable; other versions may also be affected.

100. PHP WEB SCRIPT Dynamic Photo Gallery 'album.php' SQL Injection Vulnerability
BugTraq ID: 28067
Remote: Yes
Last Updated: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28067
Summary:
Dynamic Photo Gallery is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects Dynamic Photo Gallery 1.02; other versions may also be vulnerable.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Law makers voice concerns over cybersecurity plan
By: Robert Lemos
Members of Congress seek more details of cyber attacks targeting the federal government and worry that the recently announced Cyber Initiative will undermine privacy.
http://www.securityfocus.com/news/11507

2. Worries over "good worms" rise again
By: Robert Lemos
A Microsoft researcher studies the use of self-propagation for patching, but for most of the security industry, any worm is a bad worm.
http://www.securityfocus.com/news/11506

3. Federal agencies miss deadline on secure configs
By: Robert Lemos
The U.S. government has made progress on moving to a standard configuration for Windows XP and Windows Vista systems, but work remains.
http://www.securityfocus.com/news/11505

4. Universities fend off phishing attacks
By: Robert Lemos
Online fraudsters send e-mail messages that masquerade as help-desk requests for usernames and passwords.
http://www.securityfocus.com/news/11504

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Auditor, Jersey City
http://www.securityfocus.com/archive/77/489141

2. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/489142

3. [SJ-JOB] Security Architect, New York
http://www.securityfocus.com/archive/77/489144

4. [SJ-JOB] Security Architect, San Francisco
http://www.securityfocus.com/archive/77/489120

5. [SJ-JOB] Application Security Engineer, Pasadena
http://www.securityfocus.com/archive/77/489122

6. [SJ-JOB] Security Architect, Los Angeles
http://www.securityfocus.com/archive/77/489123

7. [SJ-JOB] Technical Support Engineer, Stoneham
http://www.securityfocus.com/archive/77/489140

8. [SJ-JOB] Compliance Officer, Home based
http://www.securityfocus.com/archive/77/489111

9. [SJ-JOB] Security Architect, Seattle
http://www.securityfocus.com/archive/77/489112

10. [SJ-JOB] Manager, Information Security, London
http://www.securityfocus.com/archive/77/489113

11. [SJ-JOB] Software Engineer, Alpharetta
http://www.securityfocus.com/archive/77/489121

12. [SJ-JOB] Security Architect, Boston
http://www.securityfocus.com/archive/77/489106

13. [SJ-JOB] Compliance Officer, Home based
http://www.securityfocus.com/archive/77/489108

14. [SJ-JOB] Senior Software Engineer, Deerfield Beach
http://www.securityfocus.com/archive/77/489110

15. [SJ-JOB] Security Architect, Chicago
http://www.securityfocus.com/archive/77/489114

16. [SJ-JOB] Security Architect, Rockville
http://www.securityfocus.com/archive/77/489097

17. [SJ-JOB] Penetration Engineer, Washington
http://www.securityfocus.com/archive/77/489104

18. [SJ-JOB] Security Architect, Washington D.C.
http://www.securityfocus.com/archive/77/489105

19. [SJ-JOB] Software Engineer, Rockville
http://www.securityfocus.com/archive/77/489107

20. [SJ-JOB] Security Architect, Atlanta
http://www.securityfocus.com/archive/77/489143

21. [SJ-JOB] VP / Dir / Mgr engineering, Alexandria
http://www.securityfocus.com/archive/77/489094

22. [SJ-JOB] Sales Engineer, Reston
http://www.securityfocus.com/archive/77/489095

23. [SJ-JOB] Security Architect, Philadelphia
http://www.securityfocus.com/archive/77/489096

24. [SJ-JOB] Security Architect, Dallas
http://www.securityfocus.com/archive/77/489100

25. [SJ-JOB] Penetration Engineer, NCR area
http://www.securityfocus.com/archive/77/488876

26. [SJ-JOB] Security Engineer, Boca Raton
http://www.securityfocus.com/archive/77/488878

27. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/488881

28. [SJ-JOB] Technical Writer, NCR
http://www.securityfocus.com/archive/77/488882

29. [SJ-JOB] Developer, Moncton
http://www.securityfocus.com/archive/77/488883

30. [SJ-JOB] Sales Engineer, Bloomington
http://www.securityfocus.com/archive/77/488875

31. [SJ-JOB] Principal Software Engineer, Foxborough
http://www.securityfocus.com/archive/77/488879

32. [SJ-JOB] Application Security Engineer, Chennai
http://www.securityfocus.com/archive/77/488880

33. [SJ-JOB] Security System Administrator, Urbana
http://www.securityfocus.com/archive/77/488884

34. [SJ-JOB] Security System Administrator, Foxborough
http://www.securityfocus.com/archive/77/488869

35. [SJ-JOB] Incident Handler, New York
http://www.securityfocus.com/archive/77/488873

36. [SJ-JOB] Information Assurance Engineer, Arlington
http://www.securityfocus.com/archive/77/488877

37. [SJ-JOB] Quality Assurance, Foxborough
http://www.securityfocus.com/archive/77/488868

38. [SJ-JOB] Security Engineer, San Antonio
http://www.securityfocus.com/archive/77/488870

39. [SJ-JOB] Sr. Security Analyst, Stamford
http://www.securityfocus.com/archive/77/488871

40. [SJ-JOB] Security Auditor, New York
http://www.securityfocus.com/archive/77/488872

41. [SJ-JOB] Manager, Information Security, Foster City
http://www.securityfocus.com/archive/77/488863

42. [SJ-JOB] Application Security Engineer, Washington
http://www.securityfocus.com/archive/77/488864

43. [SJ-JOB] Application Security Architect, Baltimore
http://www.securityfocus.com/archive/77/488865

44. [SJ-JOB] VP, Information Security, Morris Plains
http://www.securityfocus.com/archive/77/488866

45. [SJ-JOB] Certification & Accreditation Engineer, NCR area
http://www.securityfocus.com/archive/77/488874

46. [SJ-JOB] Sr. Security Engineer, Boston
http://www.securityfocus.com/archive/77/488861

47. [SJ-JOB] Sr. Security Engineer, Ithaca
http://www.securityfocus.com/archive/77/488862

48. [SJ-JOB] Sales Representative, Atlanta
http://www.securityfocus.com/archive/77/488867

49. [SJ-JOB] Software Engineer, Washington
http://www.securityfocus.com/archive/77/488860

V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Recon 2008 - Call For Paper
http://www.securityfocus.com/archive/82/489030

2. *BSD user-ppp local root (when conditions permit)
http://www.securityfocus.com/archive/82/488980

3. OpenSSH 4.X DoS (maybe...)
http://www.securityfocus.com/archive/82/488955

VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: Black Hat Europe

News

Wednesday, March 05, 2008

SecurityFocus Newsletter #443

No comments:

WINDOWS CENTER

Blog Archive