----------------------------------------
This issue is sponsored by HP
PCI Compliance - Are you ready for June 2008?
After June 2008, the PCI DSS will begin enforcing requirement 6, "Ensure that all web facing applications are protected against known attacks. This free white paper, from HP Software, 'Web application security and PCI DSS compliance: is your data secure?' provides a comprehensive overview of PCI DSS as it relates to web application security and gives you the information you need to avoid fines loss of credit card privileges.
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.Just Who's Being Exploited?
2.On the Border
II. BUGTRAQ SUMMARY
1. Sophos Anti-Virus SSDT Hooks Local Denial of Service Vulnerability
2. Autonomy KeyView Module Multiple Buffer Overflow Vulnerabilities
3. International Components for Unicode Library (libicu) Multiple Memory Corruption Vulnerabilities
4. Comix 'filename' Remote Command Execution Vulnerability
5. Linux Audit Daemon 'audit_log_user_command()' Local Buffer Overflow Vulnerability
6. Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
7. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
8. Python zlib Module Remote Buffer Overflow Vulnerability
9. OpenLDAP MODRDN Remote Denial of Service Vulnerability
10. Asterisk Call Authentication Security Bypass Vulnerability
11. OpenLDAP Multiple Remote Denial of Service Vulnerabilities
12. PostNuke PostSchedule Component 'eid' Parameter SQL Injection Vulnerability
13. miniBB Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
14. IBM Lotus Expeditor URI Handler Command Execution Vulnerability
15. Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability
16. HP HPeDiag ActiveX Control Multiple Information Disclosure and Remote Code Execution Vulnerabilities
17. HP eSupportDiagnostics 'hpediag.dll' ActiveX Control Multiple Information Disclosure Vulnerabilities
18. CUPS PNG Filter Multiple Integer Overflow Vulnerabilities
19. @lex Guestbook Multiple Cross-Site Scripting Vulnerabilities
20. Wireshark 0.99.8 Multiple Denial of Service Vulnerabilities
21. Drupal Multiple Cross Site Scripting and Request Forgery Vulnerabilities
22. Trillian Overly Long Nickname Remote Denial Of Service Vulnerability
23. Computer Associates ARCserve Backup Discovery Service Remote Denial Of Service Vulnerability
24. PHCDownload Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
25. Web Calendar Pro 'one_day.php' SQL Injection Vulnerability
26. Joomla! and Mambo Jpad Component 'cid' Parameter SQL Injection Vulnerability
27. YourFreeWorld Stylish Text Ads Script Multiple HTML Injection Vulnerabilities
28. util-linux-ng 'login' Remote Log Injection Weakness
29. Libpng Library Unknown Chunk Handler Vulnerability
30. e107 CMS 'submitnews.php' Multiple HTML Injection Vulnerabilities
31. SugarCRM Community Edition RSS Module Information Disclosure Vulnerability
32. KDE 'start_kdeinit' Multiple Local Privilege Escalation Vulnerabilities
33. Imager Image-based Fill Heap Buffer Overflow Vulnerability
34. Joovili 'category' Parameter SQL Injection Vulnerability
35. PhpGedView Unspecified Remote Vulnerability
36. Acritum Femitter Server 'RETR' Command Remote Denial of Service Vulnerability
37. Heathco Software h2desk Multiple Information Disclosure Vulnerabilities
38. RETIRED: Joomla! and Mambo 'com_alphacontent' Component 'id' Parameter SQL Injection Vulnerability
39. Softbiz Web Host Directory Script 'search_result.php' SQL Injection Vulnerability
40. Prozilla Hosting Index 'directory.php' SQL Injection Vulnerability
41. VicFTPS 'LIST' Command Remote Denial of Service Vulnerability
42. Novell GroupWise 'mailto' URI Handler Buffer Overflow Vulnerability
43. Multiple Bluemoon inc. Modules for XOOPS Unspecified Cross Site Scripting Vulnerabilities
44. ZoneMinder Multiple Unspecified Remote Code Execution Vulnerabilities
45. WordPress Download Monitor Plugin 'id' Parameter SQL Injection Vulnerability
46. FluentCMS 'view.php' SQL Injection Vulnerability
47. Jokes Site Script 'categorie' Parameter SQL Injection Vulnerability
48. ODFaq 'index.php' SQL Injection Vulnerability
49. MegaBBS Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
50. Linux Terminal Server Project 'ldm' Information Disclosure Vulnerability
51. Lhaplus ZOO Archive Processing Remote Buffer Overflow Vulnerability
52. Microsoft Windows Kernel Usermode Callback Local Privilege Escalation Vulnerability
53. VideoLAN VLC Multiple Remote Code Execution Vulnerabilities
54. Content Management System for Phprojekt 'graphie.php' Local File Include Vulnerability
55. miniBB 'bb_admin.php' Cross-Site Scripting Vulnerability
56. PHPG Upload 'form_upload.php' Arbitrary File Upload Vulnerability
57. PHP Forge 'id' Parameter SQL Injection Vulnerability
58. RunCMS MyArticles module 'topic_id' Parameter SQL Injection Vulnerability
59. E-Post MailServer Remote Information Disclosure Vulnerability
60. Comodo Firewall Pro SSDT Hooks Multiple Local Vulnerabilities
61. SiteXS CMS 'adm/index.php' Cross Site Scripting Vulnerability
62. BitDefender Antivirus 2008 Hooked SSDT Denial of Service Vulnerability
63. Rising Antivirus SSDT 'NtOpenProcess()' Hook Local Denial of Service Vulnerability
64. PHPizabi 'template.class.php' Remote Information Disclosure Vulnerability
65. Angelo-Emlak Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
66. Apple QuickTime Unspecified Remote Code Execution Vulnerability
67. Mozilla Firefox/SeaMonkey JavaScript Garbage Collector Memory Corruption Vulnerability
68. netOffice Dwins Authentication Bypass Vulnerability and Arbitrary File Upload Vulnerability
69. Batchelor Media BM Classifieds Multiple SQL Injection Vulnerabilities
70. Horde Webmail 'addevent.php' Cross-Site Scripting Vulnerability
71. Microsoft Windows DNS Client Service Response Spoofing Vulnerability
72. F5 Networks FirePass 4100 SSL VPN 'installControl.php3' Cross-Site Scripting Vulnerability
73. Apache Tomcat WebDav Remote Information Disclosure Vulnerability
74. Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
75. Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
76. Sun Java WebStart Multiple File Access And Information Disclosure Vulnerabilities
77. Sun Java RunTime Environment Read and Write Permission Multiple Privilege Escalation Vulnerabilities
78. Sun Java Runtime Environment Font Parsing Remote Privilege Escalation Vulnerability
79. Sun Java Runtime Environment Multiple Weaknesses
80. Sun Java Runtime Environment Image Parsing Heap Buffer Overflow Vulnerability
81. Sun Java SE Multiple Security Vulnerabilities
82. Sun JSSE SSL/TLS Handshake Processing Denial Of Service Vulnerability
83. pnFlashGames PostNuke module 'id' Parameter SQL Injection Vulnerability
84. HP Software Update 'Hpufunction.dll' ActiveX Control Insecure Method Vulnerabilities
85. Novell GroupWise HTML Injection and Denial of Service Vulnerabilities
86. Microsoft Excel JavaScript Code Remote Denial Of Service Vulnerability
87. Joomla Visites Component mosConfig_absolute_path Remote File Include Vulnerability
88. Sun Java System Directory Proxy Server Remote Unauthorized Access Vulnerability
89. Siteman 'module' Parameter Cross-Site Scripting and Local File Include Vulnerability
90. KDE KHTML PNGLoader Heap Buffer Overflow Vulnerability
91. Watchfire AppScan ActiveX Control Multiple Arbitrary File Overwrite Vulnerabilities
92. WordPress Cookie Integrity Protection Unauthorized Access Vulnerability
93. Kantaris SSA Subtitle File Remote Buffer Overflow Vulnerability
94. National Rail Enquiries Live Departure Boards Gadget Remote Script Code Execution Vulnerability
95. Blender Unspecified Insecure Temporary File Creation Vulnerability
96. Perl Unicode '\Q...\E' Quoting Construct Regular Expression Buffer Overflow Vulnerability
97. PhpGedView Multiple Cross-Site Scripting Vulnerabilities
98. Website Meta Language Multiple Local Insecure Temporary File Creation Vulnerabilities
99. OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
100. Python ImageOP Module Multiple Integer Overflow Vulnerabilities
III. SECURITYFOCUS NEWS
1. Patches pose significant risk, researchers say
2. U.S. gov't pushes cybersecurity at con
3. Web developers, fix thy Flash
4. Hacking contest highlights value of vulnerabilities
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Security Architect, Washington
2. [SJ-JOB] Security Architect, Parsippany
3. [SJ-JOB] Security Architect, Wilmington
4. [SJ-JOB] Database Security Architect, Calgary
5. [SJ-JOB] Security Architect, Boston
6. [SJ-JOB] Security Architect, Philadelphia
7. [SJ-JOB] Account Manager, Atlanta
8. [SJ-JOB] Sr. Security Analyst, Atlanta
9. [SJ-JOB] Jr. Security Analyst, Atlanta
10. [SJ-JOB] Auditor, United Kingdom
11. [SJ-JOB] Security Consultant, Reston
12. [SJ-JOB] Jr. Security Analyst, Washington, DC
13. [SJ-JOB] Security Architect, San Francisco
14. [SJ-JOB] Sr. Security Analyst, Portsmouth
15. [SJ-JOB] Certification & Accreditation Engineer, Washington, DC
16. [SJ-JOB] Manager, Information Security, Princeton
17. [SJ-JOB] Director, Information Security, Jersey City
18. [SJ-JOB] Sr. Security Analyst, San Diego
19. [SJ-JOB] Penetration Engineer, Washington, DC Metro Area
20. [SJ-JOB] Information Assurance Engineer, Schaumburg
21. [SJ-JOB] Sr. Security Analyst, Nashville
22. [SJ-JOB] Software Engineer, Cupertino
23. [SJ-JOB] Director, Information Security, Redwood City
24. [SJ-JOB] Sr. Security Engineer, Greenbelt
25. [SJ-JOB] Security Consultant, Bayern
26. [SJ-JOB] Information Assurance Engineer, Washington DC Metro Area
27. [SJ-JOB] Senior Software Engineer, Cupertino
28. [SJ-JOB] Quality Assurance, Cupertino
29. [SJ-JOB] Senior Software Engineer, San Diego
30. [SJ-JOB] Jr. Security Analyst, Chantilly, VA
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. [TOOL] SSL Capable NetCat (and more)
2. 5 char XSS?
VII. MICROSOFT FOCUS LIST SUMMARY
1. Cross-Site scripting
2. SecurityFocus Microsoft Newsletter #391
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Just Who's Being Exploited?
By Jamie Reid
Last month's revelation that Tipping Point paid out a prize of $10,000 and a new laptop (MSRP: about $2000) at the CanSecWest conference, for the privilege of being the exclusive licensor of a heretofore unpublished vulnerability in Apple's Safari web browser to researcher, Charles Miller of Independent Security Evaluators, may lend some credence to this adage.
http://www.securityfocus.com/columnists/470
2.On the Border
By Mark Rasch
Recently, I was going through an airport with my shoes, coat, jacket, and belt off as well as with my carry-on bag, briefcase, and laptop all separated for easy inspection. I was heading through security at the Washington D.C., Ronald Reagan National Airport in Arlington, Virginia, or "National" as we locals call it. As I passed through the new magnetometer which gently puffed air all over my body -- which to me seems to be a cross between a glaucoma test and Marilyn Monroe in Gentlemen Prefer Blondes -- a TSA employee absent-mindedly asked if he could "inspect" my laptop computer. While the inspection was cursory, the situation immediately gave me pause: What was in my laptop anyway?
http://www.securityfocus.com/columnists/469
II. BUGTRAQ SUMMARY
--------------------
1. Sophos Anti-Virus SSDT Hooks Local Denial of Service Vulnerability
BugTraq ID: 28743
Remote: No
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28743
Summary:
Sophos Anti-Virus is prone to a local denial-of-service vulnerability because it fails to adequately bounds-check user-supplied data.
Exploiting this vulnerability allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
Sophos Anti-Virus 7.0.5 is vulnerable; other versions may also be affected.
2. Autonomy KeyView Module Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 28454
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28454
Summary:
Autonomy KeyView module is prone to multiple stack- and heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Exploiting these issues will allow an attacker to corrupt memory and to cause denial-of-service conditions or potentially to execute arbitrary code in the context of the application using the module.
Multiple products using the KeyView module are affected.
3. International Components for Unicode Library (libicu) Multiple Memory Corruption Vulnerabilities
BugTraq ID: 27455
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/27455
Summary:
The International Components for Unicode library (libicu) is prone to multiple memory-corruption vulnerabilities.
Successfully exploiting these issues allows remote attackers to corrupt and overflow memory and possibly execute remote code. Failed exploit attempts will likely crash applications.
These issues affect libicu 3.8.1 and prior versions.
4. Comix 'filename' Remote Command Execution Vulnerability
BugTraq ID: 28547
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28547
Summary:
Comix is prone to a remote shell command-execution vulnerability because the application fails to sufficiently sanitize user-supplied data.
Successfully exploiting this issue will allow an attacker to execute arbitrary commands with the privileges of the user running the affected application.
Comix 3.6.4 is vulnerable; other versions may also be affected.
5. Linux Audit Daemon 'audit_log_user_command()' Local Buffer Overflow Vulnerability
BugTraq ID: 28524
Remote: No
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28524
Summary:
The Linux Audit daemon is prone to a local buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input.
Successfully exploiting this issue allows local attackers to execute arbitrary machine code with elevated privileges. This may facilitate the compromise of affected computers.
Versions prior to Linux Audit 1.7 are vulnerable.
6. Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
BugTraq ID: 27237
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/27237
Summary:
The Apache HTTP Server 'mod_status' module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users' browsers to arbitrary locations, which may aid in phishing attacks.
The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev.
7. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
BugTraq ID: 26838
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/26838
Summary:
Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects the following:
- The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0
- The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0.
8. Python zlib Module Remote Buffer Overflow Vulnerability
BugTraq ID: 28715
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28715
Summary:
Python zlib module is prone to a remote buffer-overflow vulnerability because the library fails to properly sanitize user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will result in a denial-of-service condition.
This issue affects Python 2.5.2; other versions may also be vulnerable.
9. OpenLDAP MODRDN Remote Denial of Service Vulnerability
BugTraq ID: 27778
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/27778
Summary:
OpenLDAP is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to deny service to legitimate users.
OpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be affected.
This issue is related to one described in BID 26245 (OpenLDAP Multiple Remote Denial of Service Vulnerabilities), identified by CVE-2007-6698.
10. Asterisk Call Authentication Security Bypass Vulnerability
BugTraq ID: 28310
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28310
Summary:
Asterisk is prone to a security-bypass vulnerability that allows attackers to make unauthenticated calls through the SIP channel driver.
Exploiting this issue may also aid in other attacks.
This issue affects the following versions:
Asterisk Open Source prior to 1.2.27
Asterisk Open Source prior to 1.4.18.1 and 1.4.19-rc3.
Asterisk Open Source prior to 1.6.0-beta6
Asterisk Business Edition all A versions
Asterisk Business Edition prior to B.2.5.1
Asterisk Business Edition prior to C.1.6.2
AsteriskNOW prior to 1.0.2
Asterisk Appliance Developer Kit prior to Asterisk 1.4 revision 109393
s800i (Asterisk Appliance) prior to 1.1.0.2
11. OpenLDAP Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 26245
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/26245
Summary:
OpenLDAP is prone to multiple remote denial-of-service vulnerabilities because of an incorrect NULL-termination issue and a double-free issue.
Attackers can exploit these issues to deny service to legitimate users.
Versions prior to OpenLDAP 2.3.39 are vulnerable.
12. PostNuke PostSchedule Component 'eid' Parameter SQL Injection Vulnerability
BugTraq ID: 28931
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28931
Summary:
The PostSchedule component for PostNuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
13. miniBB Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 28930
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28930
Summary:
miniBB is prone to an SQL-injection and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Attackers may also exploit these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Versions prior to miniBB 2.2a are vulnerable.
14. IBM Lotus Expeditor URI Handler Command Execution Vulnerability
BugTraq ID: 28926
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28926
Summary:
IBM Lotus Expeditor is prone to a command-execution vulnerability because it fails to properly sanitize input.
Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of users that follow malicious URIs.
We don't know which specific versions of IBM Lotus Expeditor are affected. We will update this BID as more information emerges.
15. Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability
BugTraq ID: 28695
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28695
Summary:
Adobe Flash Player is prone to a remote buffer-overflow vulnerability when handling multimedia files with certain tags.
An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player 9.0.115.0 and earlier versions are affected.
16. HP HPeDiag ActiveX Control Multiple Information Disclosure and Remote Code Execution Vulnerabilities
BugTraq ID: 28929
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28929
Summary:
HPeDiag ActiveX control is prone to multiple information-disclosure and remote code-execution vulnerabilities.
An attacker can exploit these issues by enticing an unsuspecting victim to visit a malicious HTML page.
Successfully exploiting these issues would allow an attacker to execute arbitrary code within the context of the application that invokes the ActiveX control (typically Internet Explorer) and to obtain sensitive information.
17. HP eSupportDiagnostics 'hpediag.dll' ActiveX Control Multiple Information Disclosure Vulnerabilities
BugTraq ID: 26967
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/26967
Summary:
The HP eSupportDiagnostics ActiveX control is prone to multiple information-disclosure vulnerabilities.
An attacker can exploit these issues by enticing an unsuspecting victim to visit a malicious HTML page.
Successfully exploiting these issues allows remote attackers to obtain the contents of arbitrary files and registry values. Information harvested may aid in further attacks.
These issues affect 'hpediag.dll' 1.0.11.0; other versions may also be affected.
18. CUPS PNG Filter Multiple Integer Overflow Vulnerabilities
BugTraq ID: 28781
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28781
Summary:
CUPS is prone to multiple integer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied PNG image sizes before using them to allocate memory buffers.
Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the utilities. Failed exploit attempts likely cause denial-of-service conditions.
CUPS 1.3.7 is vulnerable; other versions may also be affected.
19. @lex Guestbook Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 28519
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28519
Summary:
@lex Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
@lex Guestbook 4.0.5 is vulnerable; other versions may also be affected.
UPDATE (April 25, 2008): The vendor indicates that the 'test' parameter is a user-defined parameter and is not vulnerable.
20. Wireshark 0.99.8 Multiple Denial of Service Vulnerabilities
BugTraq ID: 28485
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28485
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.
Exploiting these issues may allow attackers to cause crashes and deny service to legitimate users of the application. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.
These issues affect Wireshark 0.99.2 up to and including 0.99.8.
21. Drupal Multiple Cross Site Scripting and Request Forgery Vulnerabilities
BugTraq ID: 28916
Remote: Yes
Last Updated: 2008-04-25
Relevant URL: http://www.securityfocus.com/bid/28916
Summary:
The applications are prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input. The Internationalization module is also prone to cross-site request forgery attacks while performing node translations.
An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The attacker can exploit the cross-site request-forgery issue by tricking a victim into following a specially crafted HTTP request designed to perform some action on the attacker's behalf using a victim's currently active session.
The following versions are affected:
Internationalization (i18n) for Drupal 5.x before Internationalization 5.x-2.3 and 5.x-1.1
Internationalization (i18n) for Drupal 6.x before Internationalization 6.x-1.0-beta1
Localizer for Drupal 5.x before Localizer 5.x-3.4, 5.x-2.1 and 5.x-1.11
22. Trillian Overly Long Nickname Remote Denial Of Service Vulnerability
BugTraq ID: 28925
Remote: Yes
Last Updated: 2008-04-24
Relevant URL: http://www.securityfocus.com/bid/28925
Summary:
Trillian is prone to a remote denial-of-service vulnerability because it fails to sufficiently bounds-check user-supplied data.
Few details regarding this vulnerability are available; we will update this BID when more information emerges.
Exploiting this issue allows remote attackers to trigger denial-of-service conditions, denying further service to legitimate users.
Trillian 3.1 is vulnerable; other versions may also be affected.
23. Computer Associates ARCserve Backup Discovery Service Remote Denial Of Service Vulnerability
BugTraq ID: 28927
Remote: Yes
Last Updated: 2008-04-24
Relevant URL: http://www.securityfocus.com/bid/28927
Summary:
Computer Associates ARCserve Backup is affected by a denial-of-service vulnerability because the application mishandles malformed user-supplied input.
A remote attacker may exploit this issue to cause denial-of-service conditions.
CA ARCserve Backup 12.0.5454.0 is affected by this issue; other versions may also be vulnerable.
24. PHCDownload Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 28922
Remote: Yes
Last Updated: 2008-04-24
Relevant URL: http://www.securityfocus.com/bid/28922
Summary:
PHCDownload is prone to an SQL-injection and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Attackers may also exploit these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
PHCDownload 1.1.0 is vulnerable to these issues; other versions may also be affected.
25. Web Calendar Pro 'one_day.php' SQL Injection Vulnerability
BugTraq ID: 28921
Remote: Yes
Last Updated: 2008-04-24
Relevant URL: http://www.securityfocus.com/bid/28921
Summary:
Web Calendar Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Web Calendar Pro 4.1 is vulnerable; other versions may also be affected.
26. Joomla! and Mambo Jpad Component 'cid' Parameter SQL Injection Vulnerability
BugTraq ID: 28923
Remote: Yes
Last Updated: 2008-04-24
Relevant URL: http://www.securityfocus.com/bid/28923
Summary:
The Jpad component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
27. YourFreeWorld Stylish Text Ads Script Multiple HTML Injection Vulnerabilities
BugTraq ID: 18044
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/18044
Summary:
Stylish Text Ads Script is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected website, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
28. util-linux-ng 'login' Remote Log Injection Weakness
BugTraq ID: 28983
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28983
Summary:
The 'login' utility from 'util-linux-ng' is prone to a weakness that allows remote attackers to inject false information into log files. This issue occurs because the utility fails to properly sanitize user-supplied input.
Successful exploits allow malicious users to inject false information into log files. The injected information may aid in indirect attacks against log-monitoring systems or may allow attackers to obfuscate malicious activity.
Versions prior to util-linux-ng 2.13.1.1 are prone to this issue.
29. Libpng Library Unknown Chunk Handler Vulnerability
BugTraq ID: 28770
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28770
Summary:
The 'libpng' library is prone to a vulnerability that causes denial-of-service conditions or may allow code to run. The issue occurs because the software fails to properly handle unexpected chunk data in PNG files.
Successfully exploiting this issue allows remote attackers to trigger denial-of-service conditions or to possibly execute arbitrary machine code in the context of applications that use the library.
The following versions are affected:
libpng 1.0.6 through 1.0.32
libpng 1.2.0 through 1.2.26
libpng 1.4.0beta01 through 1.4.0beta19
30. e107 CMS 'submitnews.php' Multiple HTML Injection Vulnerabilities
BugTraq ID: 28982
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28982
Summary:
e107 CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Attacker-supplied HTML and script code could execute in the context of the affected website, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
These issues affect e107 CMS 0.7.11; other versions may also be vulnerable.
31. SugarCRM Community Edition RSS Module Information Disclosure Vulnerability
BugTraq ID: 28981
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28981
Summary:
SugarCRM Community Edition is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. The vulnerability affects the RSS module.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process. Information obtained may aid in further attacks.
SugarCRM Community Edition 4.5.1 and 5.0.0 are vulnerable; other versions may also be affected.
32. KDE 'start_kdeinit' Multiple Local Privilege Escalation Vulnerabilities
BugTraq ID: 28938
Remote: No
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28938
Summary:
The 'start_kdeinit' utility in KDE is prone to multiple local privilege-escalation vulnerabilities because it fails to properly sanitize input.
Successful attacks allow local users to send signals to arbitrary processes, triggering denial-of-service conditions. Attackers may also be able to execute arbitrary code with elevated privileges, facilitating the complete compromise of affected computers.
33. Imager Image-based Fill Heap Buffer Overflow Vulnerability
BugTraq ID: 28980
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28980
Summary:
Imager is prone to a remote buffer-overflow vulnerability because it fails to perform adequate bounds checking on user-supplied input while processing malicious image files.
Successful exploits may allow remote attackers to execute arbitrary machine code in the context of applications that use the Imager library. Failed exploit attempts will likely crash applications.
Versions prior to Imager 0.64 are vulnerable.
34. Joovili 'category' Parameter SQL Injection Vulnerability
BugTraq ID: 28979
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28979
Summary:
Joovili is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects Joovili 3.1.0; other versions may also be vulnerable.
35. PhpGedView Unspecified Remote Vulnerability
BugTraq ID: 28978
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28978
Summary:
PhpGedView is prone to an unspecified vulnerability.
Successful exploits allow remote attackers to execute arbitrary script code with the privileges of the webserver user. This may facilitate the remote compromise of the underlying operating system.
Versions prior to PhpGedView 4.1.5 are vulnerable to this issue.
36. Acritum Femitter Server 'RETR' Command Remote Denial of Service Vulnerability
BugTraq ID: 28973
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28973
Summary:
Acritum Femitter Server is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.
Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users.
Femitter Server 1.03 is vulnerable; other versions may also be affected.
37. Heathco Software h2desk Multiple Information Disclosure Vulnerabilities
BugTraq ID: 28062
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28062
Summary:
Heathco Software h2desk is prone to multiple information-disclosure vulnerabilities.
Attackers can leverage these issues to obtain potentially sensitive information that can aid in further attacks.
38. RETIRED: Joomla! and Mambo 'com_alphacontent' Component 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 28964
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28964
Summary:
The 'com_alphacontent' component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
NOTE: This BID is being retired because it is a duplicate of BID 28443 ('Joomla! and Mambo Alphacontent Component 'id' Parameter SQL Injection Vulnerability').
39. Softbiz Web Host Directory Script 'search_result.php' SQL Injection Vulnerability
BugTraq ID: 28971
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28971
Summary:
The Web Host Directory script from Softbiz is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
40. Prozilla Hosting Index 'directory.php' SQL Injection Vulnerability
BugTraq ID: 28970
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28970
Summary:
Prozilla Hosting Index is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
41. VicFTPS 'LIST' Command Remote Denial of Service Vulnerability
BugTraq ID: 28967
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28967
Summary:
VicFTPS is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.
Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users.
42. Novell GroupWise 'mailto' URI Handler Buffer Overflow Vulnerability
BugTraq ID: 28969
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28969
Summary:
Novell GroupWise is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects GroupWise 7.0; other versions may also be affected.
43. Multiple Bluemoon inc. Modules for XOOPS Unspecified Cross Site Scripting Vulnerabilities
BugTraq ID: 28966
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28966
Summary:
Multiple Bluemoon inc. modules for XOOPS are prone to unspecified cross-site scripting vulnerabilities because the applications fail to sufficiently sanitize user-supplied data.
An attacker can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
These issues affect the following Bluemoon inc. modules for XOOPS:
BackPack 0.91 and earlier
BmSurvey 0.84 and earlier
newbb_fileup 1.83 and earlier
News_embed (news_fileup) 1.44 and earlier
PopnupBlog 3.19 and earlier
44. ZoneMinder Multiple Unspecified Remote Code Execution Vulnerabilities
BugTraq ID: 28968
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28968
Summary:
ZoneMinder is prone to multiple unspecified remote code-execution vulnerabilities.
Successful exploits allow remote, authenticated attackers to execute arbitrary script code with the privileges of the webserver user. This may facilitate the remote compromise of the underlying operating system.
Versions prior to ZoneMinder 1.23.3 are vulnerable.
45. WordPress Download Monitor Plugin 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 28975
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28975
Summary:
WordPress Download Monitor plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects Download Monitor 2.0.6; other versions may also be vulnerable.
46. FluentCMS 'view.php' SQL Injection Vulnerability
BugTraq ID: 28965
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28965
Summary:
FluentCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects unknown versions of FluentCMS. We will update this BID as more information emerges.
47. Jokes Site Script 'categorie' Parameter SQL Injection Vulnerability
BugTraq ID: 28963
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28963
Summary:
Jokes Site Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
48. ODFaq 'index.php' SQL Injection Vulnerability
BugTraq ID: 28962
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28962
Summary:
ODFaq is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
ODFaq 2.1.0 is vulnerable; other versions may also be affected.
49. MegaBBS Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 28961
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28961
Summary:
MegaBBS is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Attackers may also exploit these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MegaBBS 2.2 is vulnerable; other versions may also be affected.
50. Linux Terminal Server Project 'ldm' Information Disclosure Vulnerability
BugTraq ID: 28960
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28960
Summary:
Linux Terminal Server Project is prone to an information-disclosure vulnerability.
An attacker can exploit this issue from the local network to obtain potentially sensitive information that may aid in further attacks.
51. Lhaplus ZOO Archive Processing Remote Buffer Overflow Vulnerability
BugTraq ID: 28953
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28953
Summary:
Lhaplus is prone to a remote buffer-overflow vulnerability when handling ZOO archives.
Exploiting this issue may allow attackers to corrupt memory and execute arbitrary machine code in the context of users running the affected application. Failed exploit will likely cause denial-of-service conditions.
This issue affects Lhaplus 1.56; prior versions may also be affected.
52. Microsoft Windows Kernel Usermode Callback Local Privilege Escalation Vulnerability
BugTraq ID: 28554
Remote: No
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28554
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability.
The vulnerability resides in the Windows kernel. A locally logged-in user can exploit this issue to gain kernel-level access to the operating system.
53. VideoLAN VLC Multiple Remote Code Execution Vulnerabilities
BugTraq ID: 27015
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/27015
Summary:
VideoLAN VLC media player is prone to multiple remote code-execution vulnerabilities, including multiple buffer-overflow issues and a format-string issue.
Exploiting these issues allows remote attackers to execute arbitrary machine code in the context of the affected application.
VLC 0.8.6d is vulnerable to these issues; other versions may also be affected.
54. Content Management System for Phprojekt 'graphie.php' Local File Include Vulnerability
BugTraq ID: 28958
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28958
Summary:
Content Management System for Phprojekt is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to view local files in the context of the webserver process. This may aid in further attacks.
Content Management System for Phprojekt 0.6.1 is vulnerable; other versions may also be affected.
55. miniBB 'bb_admin.php' Cross-Site Scripting Vulnerability
BugTraq ID: 28957
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28957
Summary:
miniBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
miniBB 2.2a is vulnerable; other versions may also be affected.
56. PHPG Upload 'form_upload.php' Arbitrary File Upload Vulnerability
BugTraq ID: 28955
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28955
Summary:
PHPG Upload is prone to a vulnerability that lets remote attackers upload and execute arbitrary script code because the application fails to sanitize user-supplied input.
An attacker can leverage this issue to execute arbitrary code on an affected computer with the privileges of the webserver process.
57. PHP Forge 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 28950
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28950
Summary:
PHP Forge is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects PHP Forge 3 beta 2 and prior versions.
58. RunCMS MyArticles module 'topic_id' Parameter SQL Injection Vulnerability
BugTraq ID: 28952
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28952
Summary:
The MyArticles module for RunCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects MyArticles 0.6 Beta-1; other versions may also be affected.
59. E-Post MailServer Remote Information Disclosure Vulnerability
BugTraq ID: 28951
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28951
Summary:
E-Post MailServer is prone to a remote information-disclosure vulnerability.
Exploiting this issue can allow remote attackers to obtain the POP3 password of any known user from the POP3 service without having to log on. For an exploit to succeed, the attacker must know the POP3 account name (email address) of the victim.
The issue affects E-Post Mail Server 4.10 with EPSTPOP3S.EXE 4.22; other versions may also be affected.
60. Comodo Firewall Pro SSDT Hooks Multiple Local Vulnerabilities
BugTraq ID: 28742
Remote: No
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28742
Summary:
Comodo Firewall Pro is prone to multiple local vulnerabilities.
Exploiting these vulnerabilities allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
Comodo Firewall Pro 2.4.18.184 is vulnerable; other versions may also be affected.
61. SiteXS CMS 'adm/index.php' Cross Site Scripting Vulnerability
BugTraq ID: 28984
Remote: Yes
Last Updated: 2008-04-29
Relevant URL: http://www.securityfocus.com/bid/28984
Summary:
SiteXS CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
62. BitDefender Antivirus 2008 Hooked SSDT Denial of Service Vulnerability
BugTraq ID: 28741
Remote: No
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28741
Summary:
BitDefender Antivirus 2008 is prone to a local denial-of-service vulnerability because they fail to adequately bounds-check user-supplied data.
Exploiting this vulnerability allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
BitDefender Antivirus 2008 Build 11.0.11 is vulnerable; other versions may also be affected.
63. Rising Antivirus SSDT 'NtOpenProcess()' Hook Local Denial of Service Vulnerability
BugTraq ID: 28744
Remote: No
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28744
Summary:
Rising Antivirus is prone to a local denial-of-service vulnerability.
Exploiting this vulnerability allows local attackers to crash affected computers, denying service to legitimate users.
Rising Antivirus 19.60.0.0 and 19.66.0.0 are vulnerable; other versions may also be affected.
64. PHPizabi 'template.class.php' Remote Information Disclosure Vulnerability
BugTraq ID: 28954
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28954
Summary:
PHPizabi is prone to a remote information-disclosure vulnerability because it fails to properly sanitize user-supplied input.
Exploiting this issue will allow attackers to view the md5 hashed passwords of users registered in the vulnerable application.
The issue affects PHPizabi 0.848b C1 HFP3; other versions may also be affected.
65. Angelo-Emlak Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 28949
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28949
Summary:
Angelo-Emlak is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Attackers may also exploit these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
These issues affect Angelo-Emlak 1.0; other versions may also be vulnerable.
66. Apple QuickTime Unspecified Remote Code Execution Vulnerability
BugTraq ID: 28959
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28959
Summary:
Apple QuickTime is prone to an unspecified remote code-execution vulnerability.
Very few technical details are currently available. We will update this BID as more information emerges.
Successful exploits can allow remote attackers to execute arbitrary code in the context of the user running the application. This may facilitate a compromise of affected computers.
This issue affects QuickTime 7.4 for Microsoft Windows XP and Vista; other versions may also be affected.
67. Mozilla Firefox/SeaMonkey JavaScript Garbage Collector Memory Corruption Vulnerability
BugTraq ID: 28818
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28818
Summary:
The Mozilla Foundation has released a security advisory disclosing a memory-corruption vulnerability that affects Mozilla Firefox, SeaMonkey, and potentially Thunderbird.
The vulnerability stems from an unspecified error in the JavaScript garbage collector.
Attackers may exploit this issue to crash a vulnerable application or potentially execute arbitrary code in the context of the application.
The issue affects Mozilla Firefox 2.0.0.13 and Mozilla SeaMonkey 1.1.9. Note that Mozilla Thunderbird shares the browser engine with Firefox and may also be vulnerable when JavaScript is enabled in emails.
68. netOffice Dwins Authentication Bypass Vulnerability and Arbitrary File Upload Vulnerability
BugTraq ID: 28051
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28051
Summary:
netOffice Dwins is prone to a vulnerability that allows attackers to bypass authentication as well as a vulnerability that allows attackers to upload arbitrary files. These issues occur because the application fails to adequately sanitize user-supplied input.
Attackers can leverage these issues to gain unauthorized access to the application and to execute arbitrary code in the context of the application.
These issues affect Dwins 1.3 p2; other versions may also be affected.
69. Batchelor Media BM Classifieds Multiple SQL Injection Vulnerabilities
BugTraq ID: 28159
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28159
Summary:
BM Classifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
70. Horde Webmail 'addevent.php' Cross-Site Scripting Vulnerability
BugTraq ID: 28898
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28898
Summary:
Horde Webmail is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials.
This issue affects Kronolith 2.1.7. The vulnerable Kronolith versions are included in Horde Groupware 1.0.5 and Horde Groupware Webmail Edition 1.0.6.
71. Microsoft Windows DNS Client Service Response Spoofing Vulnerability
BugTraq ID: 28553
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28553
Summary:
Microsoft Windows operating systems are prone to a vulnerability that lets attackers spoof DNS clients. This issue occurs because the software fails to employ properly secure random numbers when creating DNS transaction IDs.
Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.
72. F5 Networks FirePass 4100 SSL VPN 'installControl.php3' Cross-Site Scripting Vulnerability
BugTraq ID: 28902
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28902
Summary:
F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker to steal cookie-based authentication credentials and to launch other attacks.
FirePass 4100 SSL VPN Firmware 5.4.2-5.5.2 and 6.0-6.2 are vulnerable.
73. Apache Tomcat WebDav Remote Information Disclosure Vulnerability
BugTraq ID: 26070
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/26070
Summary:
Apache Tomcat is prone to a remote information-disclosure vulnerability
Remote attackers can exploit this issue to obtain the contents of sensitive files stored on the server.
74. Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
BugTraq ID: 27006
Remote: No
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/27006
Summary:
Apache Tomcat is prone to a vulnerability that can allow third-party web applications to write files to arbitrary locations with the privileges of Tomcat.
This issue stems from an inadequate default security policy.
Attackers can leverage this issue to write or overwrite arbitrary log file data in unauthorized locations.
Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 are vulnerable.
75. Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
BugTraq ID: 25316
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/25316
Summary:
Apache Tomcat is prone to multiple information-disclosure vulnerabilities because it fails to adequately sanitize user-supplied data.
Attackers can exploit these issues to access potentially sensitive data that may aid in further attacks.
Versions prior to Apache Tomcat 6.0.14 are vulnerable.
76. Sun Java WebStart Multiple File Access And Information Disclosure Vulnerabilities
BugTraq ID: 25920
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/25920
Summary:
Sun Java Web Start is prone to multiple local file-access vulnerabilities and an information-disclosure vulnerability.
An attacker could exploit these issues to obtain sensitive information and to read and write arbitrary files on the affected computer with the privileges of the user running the untrusted Java application.
77. Sun Java RunTime Environment Read and Write Permission Multiple Privilege Escalation Vulnerabilities
BugTraq ID: 27650
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/27650
Summary:
Sun Java Runtime Environment is prone to multiple privilege-escalation vulnerabilities when running untrusted applications or applets.
Successful exploits will compromise arbitrary data and possibly the underlying computer.
These issues affect the following versions:
JDK and JRE 6 Update 1 and earlier
JDK and JRE 5.0 Update 13 and earlier.
78. Sun Java Runtime Environment Font Parsing Remote Privilege Escalation Vulnerability
BugTraq ID: 25340
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/25340
Summary:
The Sun Java Runtime Environment is prone to a remote privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet. Successfully exploiting this issue may result in the remote compromise of affected computers.
79. Sun Java Runtime Environment Multiple Weaknesses
BugTraq ID: 25918
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/25918
Summary:
Sun Java Runtime Environment is prone to multiple weaknesses that may allow JavaScript code or applets to connect to resources other than the one the scripts or applets were downloaded from. One of the weaknesses may allow an attacker to obscure a Java warning about an untrusted applet from the user.
These issues affect the following packages for Windows, Solaris, and Linux:
JDK and JRE 6 Update 2 and earlier
JDK and JRE 5.0 Update 12 and earlier
SDK and JRE 1.4.2_15 and earlier
SDK and JRE 1.3.1_20 and earlier
80. Sun Java Runtime Environment Image Parsing Heap Buffer Overflow Vulnerability
BugTraq ID: 28125
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28125
Summary:
Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.
This issue affects the following products and versions:
JDK and JRE 6 prior to Update 5
JDK and JRE 5.0 prior to Update 15
SDK and JRE prior to 1.4.2_17
SDK and JRE prior to 1.3.1_22
This vulnerability was previously covered in BID 28083 (Sun Java SE Multiple Security Vulnerabilities), but has been given its own record to better document the issue.
81. Sun Java SE Multiple Security Vulnerabilities
BugTraq ID: 28083
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28083
Summary:
Sun has released advisories addressing multiple vulnerabilities affecting the following software:
JDK and JRE 6 Update 5
JDK and JRE 5.0 Update 15
SDK and JRE 1.4.2_17
SDK and JRE 1.3.1_22
82. Sun JSSE SSL/TLS Handshake Processing Denial Of Service Vulnerability
BugTraq ID: 24846
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/24846
Summary:
The Sun JSSE (Java Secure Socket Extension) is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to crash the computer, denying access to legitimate users.
83. pnFlashGames PostNuke module 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 28948
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28948
Summary:
The pnFlashGames module for PostNuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects pnFlashGames 1.5; other versions may also be affected.
84. HP Software Update 'Hpufunction.dll' ActiveX Control Insecure Method Vulnerabilities
BugTraq ID: 28947
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28947
Summary:
HP Software Update ActiveX control is prone to multiple insecure-method vulnerabilities, allowing attackers to launch arbitrary applications from the local system.
An attacker can exploit these issues by enticing an unsuspecting victim to visit a malicious HTML page.
Successfully exploiting these issues allows remote attackers to launch arbitrary applications with the privileges of the application running the ActiveX control (typically Internet Explorer).
Hpufunction.dll 4.0.0.1 is vulnerable; other versions may also be affected.
85. Novell GroupWise HTML Injection and Denial of Service Vulnerabilities
BugTraq ID: 28944
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28944
Summary:
Novell GroupWise is prone to an HTML-injection vulnerability and a denial-of-service vulnerability.
By exploiting the HTML-injection vulnerability, attackers can execute HTML and script code in the context of the affected site, potentially allowing them to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
By exploiting the denial-of-service vulnerability, attackers can crash the application.
Novell GroupWise 7 is vulnerable to these issues; other versions may also be affected.
86. Microsoft Excel JavaScript Code Remote Denial Of Service Vulnerability
BugTraq ID: 28946
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28946
Summary:
Microsoft Excel is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to deny access to legitimate users. Given the nature of this vulnerability, attackers may also be able to execute arbitrary code, but this has not been confirmed.
Microsoft Excel 2007 is vulnerable; other versions may also be affected.
87. Joomla Visites Component mosConfig_absolute_path Remote File Include Vulnerability
BugTraq ID: 28942
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28942
Summary:
The Visites component for Joomla! is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Visites 1.1 RC2 is vulnerable; other versions may also be affected.
88. Sun Java System Directory Proxy Server Remote Unauthorized Access Vulnerability
BugTraq ID: 28941
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28941
Summary:
Sun Java System Directory Proxy Server is prone to a remote unauthorized-access vulnerability.
Attackers can exploit this issue to gain unauthorized administrative access to the affected server.
89. Siteman 'module' Parameter Cross-Site Scripting and Local File Include Vulnerability
BugTraq ID: 28943
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28943
Summary:
Siteman is prone to a local file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this as a cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Or, the attacker may exploit the issue as a local file-include vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.
Siteman 2.0.x2 is vulnerable; other versions may also be affected.
90. KDE KHTML PNGLoader Heap Buffer Overflow Vulnerability
BugTraq ID: 28937
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28937
Summary:
KDE KHTML is prone to a remote buffer-overflow vulnerability because it fails to perform adequate bounds checking for user-supplied input while processing malicious PNG files.
Successful exploits allow remote attackers to execute arbitrary machine code in the context of applications that use KHTML. Failed exploit attempts will likely crash applications.
Versions included with KDE from KHTML 4.0 to 4.0.3 are affected by this issue. Since KHTML is included in other third-party packages, they may also be affected, but this has not been confirmed.
91. Watchfire AppScan ActiveX Control Multiple Arbitrary File Overwrite Vulnerabilities
BugTraq ID: 28940
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28940
Summary:
Watchfire AppScan ActiveX Control is prone to multiple vulnerabilities that allow attackers to overwrite arbitrary files.
An attacker can exploit these issues by enticing an unsuspecting victim to view a malicious HTML page.
Successfully exploiting these issues will allow the attacker to corrupt and overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).
Watchfire AppScan 7.0 is vulnerable to this issue; other versions may also be affected.
92. WordPress Cookie Integrity Protection Unauthorized Access Vulnerability
BugTraq ID: 28935
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28935
Summary:
WordPress is prone to a vulnerability that allows an attacker to gain unauthorized access to the affected application.
An attacker can exploit this issue to gain administrative access to the application. Successfully exploiting this issue will compromise the affected application.
Versions prior to WordPress 2.5.1 are vulnerable.
93. Kantaris SSA Subtitle File Remote Buffer Overflow Vulnerability
BugTraq ID: 28939
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28939
Summary:
Kantaris is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Kantaris 0.3.4 is vulnerable; other versions may also be affected.
94. National Rail Enquiries Live Departure Boards Gadget Remote Script Code Execution Vulnerability
BugTraq ID: 28933
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28933
Summary:
National Rail Enquiries Live Departure Board Gadget is prone to a vulnerability that lets remote attackers execute arbitrary script code because the application fails to properly sanitize user-supplied input.
To exploit this issue, attackers must be able to perform a man-in-the-middle attack against the website that the gadget accesses for departure information.
An attacker may leverage this issue to execute arbitrary code on an affected computer with the privileges of the affected process. This may facilitate unauthorized access.
Versions prior to National Rail Enquiries Live Departure Board Gadget 1.1 are vulnerable.
95. Blender Unspecified Insecure Temporary File Creation Vulnerability
BugTraq ID: 28936
Remote: No
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28936
Summary:
Blender creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
96. Perl Unicode '\Q...\E' Quoting Construct Regular Expression Buffer Overflow Vulnerability
BugTraq ID: 28928
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28928
Summary:
Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of Perl applications using regular expressions in a vulnerable manner. This facilitates the remote compromise of affected computers. Failed exploits can cause denial-of-service conditions.
Perl 5.8.8 is vulnerable to this issue; other versions may also be affected.
NOTE: This issue may be related to BID 26350 ('Perl Unicode Regular Expression Buffer Overflow Vulnerability').
97. PhpGedView Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 25756
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/25756
Summary:
PhpGedView is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
PhpGedView 4.1.1 is vulnerable; other versions may also be affected.
98. Website Meta Language Multiple Local Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 27685
Remote: No
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/27685
Summary:
Website Meta Language is reportedly affected by multiple local vulnerabilities because it creates temporary files in an insecure way. These issues stem from a design error that causes the application to fail to verify the presence of a file before writing to it.
An attacker may leverage these issues to overwrite arbitrary files with the privileges of an unsuspecting user that activates a vulnerable application.
Website Meta Language 2.0.11 is affected by these vulnerabilities; other versions may also be affected.
99. OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
BugTraq ID: 28819
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28819
Summary:
OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files.
Remote attackers can exploit these issues by enticing victims into opening maliciously crafted ODF, Quattro Pro, EMF, or OLE files.
Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service.
The issues affect OpenOffice 2 prior to 2.4. The OLE and EMF file issues also affect OpenOffice 1.1.
100. Python ImageOP Module Multiple Integer Overflow Vulnerabilities
BugTraq ID: 25696
Remote: Yes
Last Updated: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/25696
Summary:
Python's imageop module is prone to multiple integer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input to ensure that integer operations do not overflow.
To successfully exploit these issues, an attacker must be able to control the arguments to imageop functions. Remote attackers may be able to do this, depending on the nature of applications that use the vulnerable functions.
Attackers would likely submit invalid or specially crafted images to applications that perform imageop operations on the data.
A successful exploit may allow attacker-supplied machine code to run in the context of affected applications, facilitating the remote compromise of computers.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Patches pose significant risk, researchers say
By: Robert Lemos
A group of four computer scientists say Windows Update -- and other patch services -- should be redesigned, after they create a technique to quickly produce attack code from a distributed patch.
http://www.securityfocus.com/news/11514
2. U.S. gov't pushes cybersecurity at con
By: Robert Lemos
Top Bush Administration officials descend on the RSA Security Conference laying out their plans for protecting critical networks and giving a small taste of the latest national cyber exercise, Cyber Storm II.
http://www.securityfocus.com/news/11513
3. Web developers, fix thy Flash
By: Robert Lemos
Flaws that allow cross-site scripting attacks through Adobe Flash files could let attackers compromise online accounts and local networks. Yet, Web publishers have been slow to fix their sites, a security researcher says.
http://www.securityfocus.com/news/11511
4. Hacking contest highlights value of vulnerabilities
By: Robert Lemos
After a handful of critics slammed the modest cash prizes, larger bounties will be offered to the security pros that successfully compromise any of three laptops at a coming conference.
http://www.securityfocus.com/news/11510
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Security Architect, Washington
http://www.securityfocus.com/archive/77/491318
2. [SJ-JOB] Security Architect, Parsippany
http://www.securityfocus.com/archive/77/491322
3. [SJ-JOB] Security Architect, Wilmington
http://www.securityfocus.com/archive/77/491324
4. [SJ-JOB] Database Security Architect, Calgary
http://www.securityfocus.com/archive/77/491325
5. [SJ-JOB] Security Architect, Boston
http://www.securityfocus.com/archive/77/491326
6. [SJ-JOB] Security Architect, Philadelphia
http://www.securityfocus.com/archive/77/491319
7. [SJ-JOB] Account Manager, Atlanta
http://www.securityfocus.com/archive/77/491320
8. [SJ-JOB] Sr. Security Analyst, Atlanta
http://www.securityfocus.com/archive/77/491321
9. [SJ-JOB] Jr. Security Analyst, Atlanta
http://www.securityfocus.com/archive/77/491323
10. [SJ-JOB] Auditor, United Kingdom
http://www.securityfocus.com/archive/77/491312
11. [SJ-JOB] Security Consultant, Reston
http://www.securityfocus.com/archive/77/491315
12. [SJ-JOB] Jr. Security Analyst, Washington, DC
http://www.securityfocus.com/archive/77/491311
13. [SJ-JOB] Security Architect, San Francisco
http://www.securityfocus.com/archive/77/491313
14. [SJ-JOB] Sr. Security Analyst, Portsmouth
http://www.securityfocus.com/archive/77/491314
15. [SJ-JOB] Certification & Accreditation Engineer, Washington, DC
http://www.securityfocus.com/archive/77/491316
16. [SJ-JOB] Manager, Information Security, Princeton
http://www.securityfocus.com/archive/77/491317
17. [SJ-JOB] Director, Information Security, Jersey City
http://www.securityfocus.com/archive/77/491308
18. [SJ-JOB] Sr. Security Analyst, San Diego
http://www.securityfocus.com/archive/77/491309
19. [SJ-JOB] Penetration Engineer, Washington, DC Metro Area
http://www.securityfocus.com/archive/77/491310
20. [SJ-JOB] Information Assurance Engineer, Schaumburg
http://www.securityfocus.com/archive/77/491307
21. [SJ-JOB] Sr. Security Analyst, Nashville
http://www.securityfocus.com/archive/77/491304
22. [SJ-JOB] Software Engineer, Cupertino
http://www.securityfocus.com/archive/77/491305
23. [SJ-JOB] Director, Information Security, Redwood City
http://www.securityfocus.com/archive/77/491300
24. [SJ-JOB] Sr. Security Engineer, Greenbelt
http://www.securityfocus.com/archive/77/491303
25. [SJ-JOB] Security Consultant, Bayern
http://www.securityfocus.com/archive/77/491306
26. [SJ-JOB] Information Assurance Engineer, Washington DC Metro Area
http://www.securityfocus.com/archive/77/491296
27. [SJ-JOB] Senior Software Engineer, Cupertino
http://www.securityfocus.com/archive/77/491297
28. [SJ-JOB] Quality Assurance, Cupertino
http://www.securityfocus.com/archive/77/491298
29. [SJ-JOB] Senior Software Engineer, San Diego
http://www.securityfocus.com/archive/77/491299
30. [SJ-JOB] Jr. Security Analyst, Chantilly, VA
http://www.securityfocus.com/archive/77/491302
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. [TOOL] SSL Capable NetCat (and more)
http://www.securityfocus.com/archive/82/491384
2. 5 char XSS?
http://www.securityfocus.com/archive/82/491275
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Cross-Site scripting
http://www.securityfocus.com/archive/88/491393
2. SecurityFocus Microsoft Newsletter #391
http://www.securityfocus.com/archive/88/491252
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This issue is sponsored by HP
PCI Compliance - Are you ready for June 2008?
After June 2008, the PCI DSS will begin enforcing requirement 6, "Ensure that all web facing applications are protected against known attacks. This free white paper, from HP Software, 'Web application security and PCI DSS compliance: is your data secure?' provides a comprehensive overview of PCI DSS as it relates to web application security and gives you the information you need to avoid fines loss of credit card privileges.
No comments:
Post a Comment