News

Wednesday, May 07, 2008

SecurityFocus Newsletter #452

SecurityFocus Newsletter #452
----------------------------------------

This issue is sponsored by Verisign

Give your site visitors the reassurance that your site is safe to transact on with VeriSign Extended Validation (EV) SSL Certificates. The new certificates turn the address bar green in high security browsers letting customers know that they are on the site they intended to be on. Learn how to provide the latest advancement in SSL, EV SSL, and give your customers the
confidence to transact on your site with the free white paper.
http://clk.atdmt.com/SFI/go/scrtysrv1170000032sfi/direct/01/


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Just Who's Being Exploited?
2.On the Border
II. BUGTRAQ SUMMARY
1. TCL/TK Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability
2. GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
3. SiteXS CMS 'upload.php' Arbitrary File Upload Vulnerability
4. Maian Script World Multiple Scripts SQL Injection and Cross-Site Scripting Vulnerabilities
5. BlogMe PHP 'comments.php' SQL Injection Vulnerability
6. Call of Duty Malformed 'stats' command Denial of Service Vulnerability
7. Sun Solaris SCTP Network Flooding Remote Denial of Service Vulnerability
8. Sun Solaris 10 Unspecified SCTP Protocol Processing Remote Denial of Service Vulnerability
9. OpenAutoClassifieds Multiple SQL Injection Vulnerabilities
10. ChiCoMaS 'index.php' Cross Site Scripting Vulnerability
11. TLM CMS 'index.php' Multiple SQL Injection Vulnerabilities
12. Animal Shelter Manager Improper Access Restriction Security Bypass Vulnerability
13. Zomplog 'category.php' Cross Site Scripting Vulnerability
14. Zen Cart 'keyword' parameter SQL Injection and Cross-Site Scripting Vulnerabilities
15. Project Alumni SQL Injection and Cross-Site Scripting Vulnerabilities
16. Computer Associates ARCserve Backup Multiple Remote Buffer Overflow Vulnerabilities
17. SIPp 'call.cpp' Remote Buffer Overflow Vulnerability
18. Todd Miller Sudo Local Race Condition Vulnerability
19. Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
20. Apache HTTP Request Smuggling Vulnerability
21. Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities
22. Apple Safari Remote Directory Traversal Vulnerability
23. Apple Mac OS X Passwordserver Local Privilege Escalation Vulnerability
24. Apple Mac OS X Iodbcadmintool Local Privilege Escalation Vulnerability
25. Apple Mac OS X CoreFoundation Remote Buffer Overflow Vulnerability
26. mvnForum Quick Reply Feature HTML Injection Vulnerability
27. TCL/TK Tk Toolkit TKIMGGIF.C Buffer Overflow Vulnerability
28. phpDirectorySource Multiple SQL Injection Vulnerabilities
29. CDF (Common Data Format) Library 'src/lib/cdfread64.c' Stack Based Buffer Overflow Vulnerability
30. IBM WebSphere MQ Security Bypass Vulnerability
31. OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
32. Linux Kernel Multiple Local MOXA Serial Driver Buffer Overflow Vulnerabilities
33. Linux Kernel Driver Fault Handler 'mmap.c' Local Denial of Service Vulnerability
34. Linux Kernel MinCore User Space Access Locking Local Denial of Service Vulnerability
35. libexif Image Tag Remote Integer Overflow Vulnerability
36. International Components for Unicode Library (libicu) Multiple Memory Corruption Vulnerabilities
37. TellTargetCMS Multiple Remote File Include Vulnerabilities
38. PHPKB 'comment.php' SQL Injection Vulnerability
39. Linux Kernel 'fcntl_setlk()' SMP Ordering Local Denial of Service Vulnerability
40. Linux Kernel 'isdn_common.c' Local Buffer Overflow Vulnerability
41. Linux Kernel DO_COREDUMP Local Information Disclosure Vulnerability
42. Linux Kernel 'dnotify.c' Local Race Condition Vulnerability
43. ScorpNews 'example.php' Remote File Include Vulnerability
44. Kmita Mail 'htmlcode.php' Remote File Include Vulnerability
45. Linux Terminal Server Project 'ldm' Information Disclosure Vulnerability
46. PCRE Regular Expression Library Multiple Security Vulnerabilities
47. OpenOffice HSQLDB Database Engine Unspecified Java Code Execution Vulnerability
48. OpenSSH ForceCommand Command Execution Weakness
49. KDE 'start_kdeinit' Multiple Local Privilege Escalation Vulnerabilities
50. Adobe Acrobat and Reader Multiple Arbitrary Code Execution and Security Vulnerabilities
51. Adobe Flash FLA File Processing Remote Code Execution Vulnerabilities
52. Yahoo! Assistant 'yNotifier.dll' ActiveX Control Memory Corruption Vulnerability
53. Bugzilla Security Bypass and Cross Site Scripting Vulnerabilities
54. Scout Portal Toolkit 'ParentId' Parameter SQL Injection Vulnerability
55. WebMod Multiple Remote Security Vulnerabilities
56. PCRE Regular Expression Library UTF-8 Options Multiple Remote Denial of Service Vulnerabilities
57. Linux Kernel x86_64 ptrace Denial Of Service Vulnerability
58. Linux Kernel 'ssm_i' Emulation Hypervisor Panic Denial of Service Vulnerability
59. Linux Kernel Direction Flag Local Memory Corruption Vulnerability
60. Linux Kernel Asynchronous FIFO IO Local Denial of Service Vulnerability
61. Linux Kernel '/include/xen/blkif.h' 32-on-64 Support Denial Of Service Vulnerability
62. Linux Kernel IPSec Fragmented ESP Packet Remote Denial of Service Vulnerability
63. Nuke ET Journal Module Security Bypass and HTML Injection Vulnerabilities
64. HP-UX LDAP-UX Unspecified Local Unauthorized Access Vulnerability
65. Forum Rank System 'settings['locale']' Parameter Multiple Local File Include Vulnerabilities
66. GNU Emacs Insecure Temporary File Creation Vulnerability
67. Red Hat 'redhat-ds-admin' Shell Command Injection and Security Bypass Vulnerabilities
68. WonderWare SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability
69. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
70. OpenPegasus Management Server PAM Authentication 'cimservera.cpp' Buffer Overflow Vulnerability
71. Roundup Unspecified Security Vulnerabilities
72. Cacti Multiple Input Validation Vulnerabilities
73. PHP 5.2.4 and Prior Versions Multiple Vulnerabilities
74. PHP .Htaccess Safe_Mode and Open_Basedir Restriction-Bypass Vulnerability
75. Intel Network Drivers Local Privilege Escalation Vulnerability
76. Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
77. PHP 5.2.3 and Prior Versions Multiple Vulnerabilities
78. Python zlib Module Remote Buffer Overflow Vulnerability
79. PCRE Regular Expression Library Multiple Integer and Buffer Overflow Vulnerabilities
80. OpenSSH X Connections Session Hijacking Vulnerability
81. OpenPegasus WBEM CIM Management Server 'PAMBasicAuthenticatorUnix.cpp' Buffer Overflow Vulnerability
82. Microsoft Works 7 'WkImgSrv.dll' ActiveX Control Remote Code Execution Vulnerability
83. PHP Chunk_Split() Function Integer Overflow Vulnerability
84. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.12 Multiple Remote Vulnerabilities
85. PHP 5.2.5 and Prior Versions Multiple Vulnerabilities
86. osCommerce Multiple Cross-Site Scripting Vulnerabilities
87. AnServ Auction XL 'viewfaqs.php' SQL Injection Vulnerability
88. LifeType 1.2.8 'admin.php' Cross Site Scripting Vulnerability
89. Kmita Tellfriend 'htmlcode.php' Remote File Include Vulnerability
90. TYPO3 Powermail Extension Unspecified Cross Site Scripting Vulnerability
91. Ilient SysAid 'searchField' Parameter Cross Site Scripting Vulnerability
92. Online-rent.com Property Rental Script 'pid' Parameter SQL Injection Vulnerability
93. Maian Uploader Multiple Cross Site Scripting Vulnerabilities
94. pnEncyclopedia PostNuke module 'id' Parameter SQL Injection Vulnerability
95. LifeType 'admin.php' Cross Site Scripting Vulnerability
96. IBM Rational Build Forge Remote Denial of Service Vulnerability
97. SmartBlog Multiple Input Validation Vulnerabilities
98. cpLinks Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
99. iTCms 'boxpop.php' Remote File Include Vulnerability
100. SmartBlog 'index.php' SQL Injection Vulnerability
III. SECURITYFOCUS NEWS
1. Groups warn travelers to limit laptop data
2. Patches pose significant risk, researchers say
3. U.S. gov't pushes cybersecurity at con
4. Web developers, fix thy Flash
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Application Security Architect, Porto Alegre
2. [SJ-JOB] Forensics Engineer, Santa Clara
3. [SJ-JOB] Software Engineer, Atlanta
4. [SJ-JOB] Security Auditor, Ottawa
5. [SJ-JOB] Software Engineer, Bethesda
6. [SJ-JOB] Security Engineer, El Segundo
7. [SJ-JOB] Management, Hollywood
8. [SJ-JOB] Incident Handler, Santa Clara
9. [SJ-JOB] Sr. Security Engineer, El Segundo
10. [SJ-JOB] Security Engineer, El Segundo
11. [SJ-JOB] Security Engineer, Toronto
12. [SJ-JOB] Sr. Security Engineer, Chantilly
13. [SJ-JOB] Software Engineer, Chantilly
14. [SJ-JOB] Senior Software Engineer, Mountain View
15. [SJ-JOB] Security Engineer, El Segundo
16. [SJ-JOB] Application Security Engineer, Chantilly
17. [SJ-JOB] Sr. Security Engineer, New York
18. [SJ-JOB] Manager, Information Security, London
19. [SJ-JOB] Training / Awareness Specialist, Ottawa
20. [SJ-JOB] Security Engineer, Annapolis Junction
21. [SJ-JOB] Security Engineer, Roseland
22. [SJ-JOB] Sr. Security Engineer, Tampa
23. [SJ-JOB] Sr. Security Analyst, Kohler
24. [SJ-JOB] Sales Engineer, San Jose
25. [SJ-JOB] Application Security Engineer, Saint Louis
26. [SJ-JOB] Security Engineer, Kohler
27. [SJ-JOB] Security Engineer, Network Security Engineer (NAC)
28. [SJ-JOB] Director, Information Security, Dubai or Abu Dhabi
V. INCIDENTS LIST SUMMARY
1. Weird SSH attack last night and this morning (still ongoing)
VI. VULN-DEV RESEARCH LIST SUMMARY
VII. MICROSOFT FOCUS LIST SUMMARY
1. Binding Windows Services to Specific Addresses Only
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Just Who's Being Exploited?
By Jamie Reid
Last month's revelation that Tipping Point paid out a prize of $10,000 and a new laptop (MSRP: about $2000) at the CanSecWest conference, for the privilege of being the exclusive licensor of a heretofore unpublished vulnerability in Apple's Safari web browser to researcher, Charles Miller of Independent Security Evaluators, may lend some credence to this adage.
http://www.securityfocus.com/columnists/470

2.On the Border
By Mark Rasch
Recently, I was going through an airport with my shoes, coat, jacket, and belt off as well as with my carry-on bag, briefcase, and laptop all separated for easy inspection. I was heading through security at the Washington D.C., Ronald Reagan National Airport in Arlington, Virginia, or "National" as we locals call it. As I passed through the new magnetometer which gently puffed air all over my body -- which to me seems to be a cross between a glaucoma test and Marilyn Monroe in Gentlemen Prefer Blondes -- a TSA employee absent-mindedly asked if he could "inspect" my laptop computer. While the inspection was cursory, the situation immediately gave me pause: What was in my laptop anyway?
http://www.securityfocus.com/columnists/469


II. BUGTRAQ SUMMARY
--------------------
1. TCL/TK Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability
BugTraq ID: 27655
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/27655
Summary:
TCL/TK Tk Toolkit is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied GIF image data before copying it to an insufficiently sized buffer.

Successful exploits may allow attackers to execute arbitrary code in the context of applications that use the affected toolkit. Failed exploit attempts likely result in denial-of-service conditions.

Versions prior to TCL/TK 8.5.1 are vulnerable to this issue.

2. GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 29048
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29048
Summary:
GEDCOM_to_MySQL2 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

3. SiteXS CMS 'upload.php' Arbitrary File Upload Vulnerability
BugTraq ID: 29029
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29029
Summary:
SiteXS is prone to a vulnerability that lets remote attackers upload and execute arbitrary script code because the application fails to sanitize user-supplied input.

An attacker can leverage this issue to execute arbitrary code on an affected computer with the privileges of the webserver process.

4. Maian Script World Multiple Scripts SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 29032
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29032
Summary:
Multiple Maian Script World products are prone to cross-site scripting vulnerabilities and SQL-injection vulnerabilities because the applications fail to sufficiently sanitize user-supplied input.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues affect the following Maian Script World products:

Maian Cart 1.1
Maian Gallery 2.0
Maian Greeting 2.1
Maian Guestbook 3.2
Maian Links 3.1
Maian Music 1.1
Maian Recipe 1.2
Maian Search 1.1
Maian Support 1.3
Maian Weblog 4.0

5. BlogMe PHP 'comments.php' SQL Injection Vulnerability
BugTraq ID: 29030
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29030
Summary:
BlogMe PHP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

BlogMe PHP 1.1 is vulnerable; other versions may also be affected.

6. Call of Duty Malformed 'stats' command Denial of Service Vulnerability
BugTraq ID: 29026
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29026
Summary:
Call of Duty is prone to a denial-of-service vulnerability because the application fails to handle specially crafted commands.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

Call of Duty 4 1.5 is vulnerable; other versions may also be affected.

7. Sun Solaris SCTP Network Flooding Remote Denial of Service Vulnerability
BugTraq ID: 29024
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29024
Summary:
Sun Solaris is prone to a denial-of-service vulnerability that occurs in processing the SCTP Protocol.

A local or remote attacker can exploit this issue to cause the system to hang or to degrade its performance, denying service to legitimate users.

This issue affects the Solaris 10 operating system.

8. Sun Solaris 10 Unspecified SCTP Protocol Processing Remote Denial of Service Vulnerability
BugTraq ID: 29023
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29023
Summary:
Sun Solaris is prone to an unspecified denial-of-service vulnerability because of SCTP (Stream Control Transmission Protocol) protocol processing.

An attacker can exploit this issue to cause the affected kernel to panic, resulting in a denial-of-service condition.

This issue affects the Solaris 10 operating system.

9. OpenAutoClassifieds Multiple SQL Injection Vulnerabilities
BugTraq ID: 29027
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29027
Summary:
OpenAutoClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

OpenAutoClassifieds 1.4.3b is vulnerable; other versions may also be affected.

10. ChiCoMaS 'index.php' Cross Site Scripting Vulnerability
BugTraq ID: 29025
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29025
Summary:
ChiCoMaS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

ChiCoMaS 2.0.4 is vulnerable; other versions may also be affected.

11. TLM CMS 'index.php' Multiple SQL Injection Vulnerabilities
BugTraq ID: 29049
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29049
Summary:
TLM CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

TLM CMS 1.1 is vulnerable; other versions may also be affected.

12. Animal Shelter Manager Improper Access Restriction Security Bypass Vulnerability
BugTraq ID: 29022
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29022
Summary:
Animal Shelter Manager is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and potentially gain elevated privileges on the affected application.

Animal Shelter Manager 2.2.1 is vulnerable; prior versions may also be affected.

13. Zomplog 'category.php' Cross Site Scripting Vulnerability
BugTraq ID: 29021
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29021
Summary:
Zomplog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Zomplog 3.8.2 is vulnerable; other versions may also be affected.

14. Zen Cart 'keyword' parameter SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 29020
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29020
Summary:
Zen Cart is prone to a cross-site scripting vulnerability and an SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Zen Cart 2008 is vulnerable; other versions may also be affected.

15. Project Alumni SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 29019
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29019
Summary:
Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues affect Project Alumni 1.0.9; other versions may also be vulnerable.

16. Computer Associates ARCserve Backup Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 24348
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/24348
Summary:
Computer Associates ARCserve Backup for Laptops & Desktops is prone to multiple remote buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.

Successfully exploiting these issues allows remote attackers to execute arbitrary machine code with SYSTEM-Level privileges. This will result in a complete compromise of affected computers.

ARCserve Backup for Laptops & Desktops r11.1 is reported vulnerable.

17. SIPp 'call.cpp' Remote Buffer Overflow Vulnerability
BugTraq ID: 28884
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28884
Summary:
SIPp is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

The issue affects SIPp 3.0; other versions may also be affected.

18. Todd Miller Sudo Local Race Condition Vulnerability
BugTraq ID: 13993
Remote: No
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/13993
Summary:
Sudo is prone to a local race-condition vulnerability. The issue manifests itself only under certain conditions, specifically, when the 'sudoers' configuration file contains a pseudo-command 'ALL' that directly follows a user's 'sudoers' entry.

When such a configuration exists, local attackers may leverage this issue to execute arbitrary executables with escalated privileges. Attackers may achieve this by creating symbolic links to target files.

19. Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
BugTraq ID: 14721
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/14721
Summary:
Apache 2.x mod_ssl is prone to a restriction-bypass vulnerability that presents itself when mod_ssl is configured to be used with the 'SSLVerifyClient' directive.

This issue allows attackers to bypass security policies to gain access to locations that are configured to be forbidden for clients without a valid client certificate.

20. Apache HTTP Request Smuggling Vulnerability
BugTraq ID: 14106
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/14106
Summary:
Apache is prone to an HTTP-request-smuggling attack.

A specially crafted request with a 'Transfer-Encoding: chunked' header and a 'Content-Length' header can cause the server to forward a reassembled request with the original 'Content-Length' header. As a result, the malicious request may piggyback on the valid HTTP request.

This attack may result in cache poisoning, cross-site scripting, session hijacking, and other attacks.

NOTE: This issue was originally described in BID 13873 (Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities). Since vendor confirmation and more details are available, the issue has now been assigned a new BID.

21. Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities
BugTraq ID: 15647
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/15647
Summary:
Apple has released Security Update 2005-008 to address multiple Mac OS X local and remote vulnerabilities.

NOTE: This BID is being retired because the issues are now documented in the following individual records:

16882 Apple Mac OS X CoreFoundation Remote Buffer Overflow Vulnerability
16903 Apple Mac OS X Iodbcadmintool Local Privilege Escalation Vulnerability
16904 Apple Mac OS X Passwordserver Local Privilege Escalation Vulnerability
16926 Apple Safari Remote Directory Traversal Vulnerability
29011 Apple Safari WebKit Unspecified Heap Overflow Vulnerability
14106 Apache HTTP Request Smuggling Vulnerability
14721 Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
15102 Multiple Vendor WGet/Curl NTLM Username Buffer Overflow Vulnerability
15071 OpenSSL Insecure Protocol Negotiation Weakness
14620 PCRE Regular Expression Heap Overflow Vulnerability
14011 Apple Safari Dialog Box Origin Spoofing Vulnerability
13993 Todd Miller Sudo Local Race Condition Vulnerability

22. Apple Safari Remote Directory Traversal Vulnerability
BugTraq ID: 16926
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/16926
Summary:
Safari is prone to a remote directory-traversal vulnerability.

The vulnerability presents itself when a user tries to download a file from a remote location and the file name is excessively long.

NOTE: This issue was previously discussed in BID 15647 (Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities), but has been assigned its own record to better document the vulnerability.

23. Apple Mac OS X Passwordserver Local Privilege Escalation Vulnerability
BugTraq ID: 16904
Remote: No
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/16904
Summary:
The 'passwordserver' tool is prone to a local privilege-escalation vulnerability.

This issue can allow local attackers on Open Directory master servers to gain elevated privileges.

NOTE: This issue was previously discussed in BID 15647 (Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities), but has been assigned its own record to better document the vulnerability.

24. Apple Mac OS X Iodbcadmintool Local Privilege Escalation Vulnerability
BugTraq ID: 16903
Remote: No
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/16903
Summary:
The 'iodbcadmintool' utility is prone to a local privilege-escalation vulnerability.

This issue can allow local attackers to gain elevated privileges on an affected computer.

NOTE: This issue was previously discussed in BID 15647 (Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities), but has been assigned its own record to better document the vulnerability.

25. Apple Mac OS X CoreFoundation Remote Buffer Overflow Vulnerability
BugTraq ID: 16882
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/16882
Summary:
CoreFoundation is prone to a buffer-overflow vulnerability.

The issue presents itself when specially crafted URIs are handled.

A successful attack may result in a denial-of-service condition or remote unauthorized access because of arbitrary code execution in the context of the affected application.

NOTE: This issue was previously discussed in BID 15647 (Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities), but has been assigned its own record to better document the vulnerability.

26. mvnForum Quick Reply Feature HTML Injection Vulnerability
BugTraq ID: 29075
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29075
Summary:
mvnForum is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.

Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

mvnForum 1.1 is vulnerable; other versions may also be affected.

27. TCL/TK Tk Toolkit TKIMGGIF.C Buffer Overflow Vulnerability
BugTraq ID: 26056
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/26056
Summary:
TCL/TK Tk Toolkit is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data before copying it to an insufficiently sized buffer.

An attacker can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, remote code execution may also be possible but has not been confirmed.

Versions prior to TCL/TK 8.4.13 are vulnerable to this issue.

28. phpDirectorySource Multiple SQL Injection Vulnerabilities
BugTraq ID: 29039
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29039
Summary:
phpDirectorySource is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

phpDirectorySource 1.1.06 is vulnerable; other versions may also be affected.

29. CDF (Common Data Format) Library 'src/lib/cdfread64.c' Stack Based Buffer Overflow Vulnerability
BugTraq ID: 29045
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29045
Summary:
The CDF (Common Data Format) library is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data when processing CDF files.

Attackers can exploit this issue by enticing unsuspecting users to open malicious files. Successful exploits will allow code to run with the privileges of the user. Failed attacks will cause denial-of-service conditions.

CDF 3.2 and prior versions are vulnerable.

30. IBM WebSphere MQ Security Bypass Vulnerability
BugTraq ID: 28046
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/28046
Summary:
IBM WebSphere MQ is prone to a security-bypass vulnerability because the application fails to properly restrict access to certain functionality.

Attackers can exploit this issue to bypass certain security restrictions, connect to a queue manager in an unauthorized manner, and obtain potentially sensitive information; other attacks are also possible.

This issue affects versions prior to:

5.3 Fix Pack 14
6.0 Fix Pack 6.0.2.2

31. OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
BugTraq ID: 28819
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/28819
Summary:
OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files.

Remote attackers can exploit these issues by enticing victims into opening maliciously crafted ODF, Quattro Pro, EMF, or OLE files.

Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service.

The issues affect OpenOffice 2 prior to 2.4. The OLE and EMF file issues also affect OpenOffice 1.1.

32. Linux Kernel Multiple Local MOXA Serial Driver Buffer Overflow Vulnerabilities
BugTraq ID: 12195
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/12195
Summary:
The MOXA serial driver in the Linux kernel is reported prone to multiple buffer-overflow vulnerabilities. The driver fails to perform proper bounds checks before copying user-supplied data to fixed-size memory buffers.

These vulnerabilities reside in the 'drivers/char/moxa.c' file.

The vulnerable functions perform a 'copy_from_user()' call to copy user-supplied, user-space data to a fixed-size, static kernel memory buffer (moxaBuff) of 10240 bytes in length while using the user-supplied length argument as passed from 'MoxaDriverIoctl()'. This reportedly results in improperly bounded operations, potentially causing locally exploitable buffer overflows.

Linux kernels from 2.2 through 2.4 and 2.6 are all reported prone to these vulnerabilities.

33. Linux Kernel Driver Fault Handler 'mmap.c' Local Denial of Service Vulnerability
BugTraq ID: 27705
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/27705
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability because it fails to properly bounds-check certain fault handlers for device drivers.

Attackers can exploit this issue to trigger kernel crashes, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

Versions prior to Linux kernel 2.6.24.1 are vulnerable.

34. Linux Kernel MinCore User Space Access Locking Local Denial of Service Vulnerability
BugTraq ID: 21663
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/21663
Summary:
The Linux Kernel is prone to a denial-of-service vulnerability due to a design error.

A local attacker can exploit this issue to cause the kernel to become unresponsive, denying further service to legitimate users.

Linux Kernel versions prior to 2.4.33.6 are vulnerable.

35. libexif Image Tag Remote Integer Overflow Vulnerability
BugTraq ID: 26942
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/26942
Summary:
The libexif library is prone to an integer-overflow vulnerability because the software fails to ensure that integer values are not overrun.

Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of an application using the vulnerable library. Failed attempts will likely result in denial-of-service conditions.

36. International Components for Unicode Library (libicu) Multiple Memory Corruption Vulnerabilities
BugTraq ID: 27455
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/27455
Summary:
The International Components for Unicode library (libicu) is prone to multiple memory-corruption vulnerabilities.

Successfully exploiting these issues allows remote attackers to corrupt and overflow memory and possibly execute remote code. Failed exploit attempts will likely crash applications.

These issues affect libicu 3.8.1 and prior versions.

37. TellTargetCMS Multiple Remote File Include Vulnerabilities
BugTraq ID: 23903
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/23903
Summary:
telltargetCMS is prone to multiple remote file-includes vulnerabilities because the application fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process.

These issues affect telltargetCMS 1.3.3 and prior versions.

38. PHPKB 'comment.php' SQL Injection Vulnerability
BugTraq ID: 28739
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/28739
Summary:
PHPKB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects PHPKB 1.5 and 2.0; other versions may also be affected.

39. Linux Kernel 'fcntl_setlk()' SMP Ordering Local Denial of Service Vulnerability
BugTraq ID: 29076
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29076
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to trigger kernel crashes, denying service to legitimate users.

Versions prior to Linux kernel 2.6.25.2 and 2.4.36.4 are vulnerable.

40. Linux Kernel 'isdn_common.c' Local Buffer Overflow Vulnerability
BugTraq ID: 27497
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/27497
Summary:
The Linux kernel is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed.

This issue affects versions prior to Linux kernel 2.6.25.

41. Linux Kernel DO_COREDUMP Local Information Disclosure Vulnerability
BugTraq ID: 26701
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/26701
Summary:
The Linux kernel is prone to an information-disclosure vulnerability.

Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.

Versions of the Linux kernel prior to 2.6.24-rc4 are vulnerable.

42. Linux Kernel 'dnotify.c' Local Race Condition Vulnerability
BugTraq ID: 29003
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29003
Summary:
The Linux kernel is prone to a local race-condition vulnerability.

A local attacker may exploit this issue to crash the computer or to gain elevated privileges on the affected computer.

43. ScorpNews 'example.php' Remote File Include Vulnerability
BugTraq ID: 29041
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29041
Summary:
ScorpNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying computer; other attacks are also possible.

ScorpNews 2.0 is vulnerable; other versions may also be affected.

44. Kmita Mail 'htmlcode.php' Remote File Include Vulnerability
BugTraq ID: 29044
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29044
Summary:
Kmita Mail is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying computer; other attacks are also possible.

Kmita Mail 3.0 is vulnerable; other versions may also be affected.

45. Linux Terminal Server Project 'ldm' Information Disclosure Vulnerability
BugTraq ID: 28960
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/28960
Summary:
Linux Terminal Server Project is prone to an information-disclosure vulnerability.

An attacker can exploit this issue from the local network to obtain potentially sensitive information that may aid in further attacks.

46. PCRE Regular Expression Library Multiple Security Vulnerabilities
BugTraq ID: 26346
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/26346
Summary:
PCRE regular-expression library is prone to multiple security vulnerabilities.

Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library.

47. OpenOffice HSQLDB Database Engine Unspecified Java Code Execution Vulnerability
BugTraq ID: 26703
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/26703
Summary:
OpenOffice is prone to a code-execution vulnerability.

Successful exploits allow remote attackers to execute arbitrary Java code in the context of the vulnerable application.

Versions prior to OpenOffice 2.3.1 are vulnerable.

48. OpenSSH ForceCommand Command Execution Weakness
BugTraq ID: 28531
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/28531
Summary:
OpenSSH is prone to a weakness that may allow attackers to execute arbitrary commands.

Successful exploits may allow attackers to execute arbitrary commands, contrary to the wishes of administrators and bypassing the intent of the 'ForceCommand' option.

Versions prior to OpenSSH 4.9 are vulnerable.

49. KDE 'start_kdeinit' Multiple Local Privilege Escalation Vulnerabilities
BugTraq ID: 28938
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/28938
Summary:
The 'start_kdeinit' utility in KDE is prone to multiple local privilege-escalation vulnerabilities because it fails to properly sanitize input.

Successful attacks allow local users to send signals to arbitrary processes, triggering denial-of-service conditions. Attackers may also be able to execute arbitrary code with elevated privileges, facilitating the complete compromise of affected computers.

50. Adobe Acrobat and Reader Multiple Arbitrary Code Execution and Security Vulnerabilities
BugTraq ID: 27641
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/27641
Summary:
Adobe Acrobat and Reader are prone to multiple arbitrary remote code-execution and security vulnerabilities.

Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Other attacks are also possible.

Versions prior to Adobe Acrobat and Adobe Reader 8.1.2 are vulnerable to these issues.

51. Adobe Flash FLA File Processing Remote Code Execution Vulnerabilities
BugTraq ID: 28349
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/28349
Summary:
Adobe Flash is prone to multiple remote code-execution vulnerabilities.

An attacker may exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

These issues affect Flash CS3 Professional, Flash Professional 8, and Flash Basic 8.

52. Yahoo! Assistant 'yNotifier.dll' ActiveX Control Memory Corruption Vulnerability
BugTraq ID: 29065
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29065
Summary:
Yahoo! Assistant 'yNotifier.dll' ActiveX control is prone to a memory-corruption vulnerability.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely crash the application.

The issue affects Yahoo! Assistant 3.6 and prior versions.

53. Bugzilla Security Bypass and Cross Site Scripting Vulnerabilities
BugTraq ID: 29038
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29038
Summary:
Bugzilla is prone to a security-bypass and a cross-site scripting vulnerability because it fails to properly validate user credentials and sanitize user-supplied input.

An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

The attacker may leverage the security-bypass issue to modify the status of bugs, despite the attacker's insufficient privileges.

Bugzilla 2.17.2 and 3.1.3 are vulnerable; other versions may also be affected.

54. Scout Portal Toolkit 'ParentId' Parameter SQL Injection Vulnerability
BugTraq ID: 29034
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29034
Summary:
Scout Portal Toolkit is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects Scout Portal Toolkit 1.4.0; other versions may also be vulnerable.

55. WebMod Multiple Remote Security Vulnerabilities
BugTraq ID: 29031
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29031
Summary:
WebMod is prone to multiple remote security vulnerabilities, including a directory-traversal issue, a stack-based buffer-overflow issue, multiple memory-corruption issues, and an information-disclosure issue.

Attackers can exploit these issues to execute arbitrary code with the privileges of the user running the affected application, obtain sensitive information to aid in further attacks, or cause denial-of-service conditions.

WebMod 0.48 is vulnerable; other versions may also be affected.

56. PCRE Regular Expression Library UTF-8 Options Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 26550
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/26550
Summary:
PCRE regular-expression library is prone to multiple remote denial-of-service vulnerabilities because a memory-calculation error occurs for certain regular expressions.

Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.

These issues affect versions prior to PCRE 7.0.

57. Linux Kernel x86_64 ptrace Denial Of Service Vulnerability
BugTraq ID: 29086
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29086
Summary:
The Linux kernel is prone to a denial-of-service vulnerability when process traces are performed on 64-bit computers.

Local attackers can leverage the issue to crash the kernel and deny service to legitimate users.

58. Linux Kernel 'ssm_i' Emulation Hypervisor Panic Denial of Service Vulnerability
BugTraq ID: 29085
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29085
Summary:
The Linux Kernel is prone to a denial-of-service vulnerability in certain virtualized environments.

An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.

This issue may only affect the IA-64 architecture.

59. Linux Kernel Direction Flag Local Memory Corruption Vulnerability
BugTraq ID: 29084
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29084
Summary:
The Linux kernel is prone to a vulnerability that causes kernel memory corruption.

A local attacker can exploit this issue to crash the affected computer, denying service to legitimate users. Due to the nature of this issue arbitrary code-execution may be possible, however this has not been confirmed.

60. Linux Kernel Asynchronous FIFO IO Local Denial of Service Vulnerability
BugTraq ID: 29083
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29083
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to trigger kernel panics, denying service to legitimate users.

Versions prior to Linux kernel 2.4.21 are vulnerable.

61. Linux Kernel '/include/xen/blkif.h' 32-on-64 Support Denial Of Service Vulnerability
BugTraq ID: 29082
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29082
Summary:
The Linux kernel is prone to a denial-of-service vulnerability due to a a lack of sanity checks when handling values when running 32-bit paravirtualized guests on a 64-bit host.

Local, privileged attackers can leverage the issue to crash the kernel and deny service to legitimate users.

62. Linux Kernel IPSec Fragmented ESP Packet Remote Denial of Service Vulnerability
BugTraq ID: 29081
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29081
Summary:
The Linux Kernel is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.

Note: this issue occurs on computers that have netscreen firewalls or Cisco PIX installed.

63. Nuke ET Journal Module Security Bypass and HTML Injection Vulnerabilities
BugTraq ID: 29080
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29080
Summary:
Nuke ET is prone to a security-bypass vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, control how the site is rendered to the user, or perform unauthorized actions as another user; other attacks may also be possible.

Nuke ET prior to version 3.10 is vulnerable.

64. HP-UX LDAP-UX Unspecified Local Unauthorized Access Vulnerability
BugTraq ID: 29078
Remote: No
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29078
Summary:
HP-UX running LDAP-UX is prone to a local unauthorized-access vulnerability.

Successfully exploiting this issue may allow an attacker to gain elevated privileges on the affected computer.

65. Forum Rank System 'settings['locale']' Parameter Multiple Local File Include Vulnerabilities
BugTraq ID: 29077
Remote: Yes
Last Updated: 2008-05-07
Relevant URL: http://www.securityfocus.com/bid/29077
Summary:
Forum Rank System is prone to local file-include vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit these vulnerabilities using directory-traversal strings to view files local scripts in the context of the webserver process. This may aid in further attacks.

Forum Rank System 6 is vulnerable; other versions may also be affected.

66. GNU Emacs Insecure Temporary File Creation Vulnerability
BugTraq ID: 28857
Remote: No
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28857
Summary:
Emacs creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

This issue affects Emacs 21.4a and 22.2; other versions may also be affected.

67. Red Hat 'redhat-ds-admin' Shell Command Injection and Security Bypass Vulnerabilities
BugTraq ID: 28802
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28802
Summary:
The 'redhat-ds-admin' application is prone to a command-injection issue and security-bypass issues that affect the Administration Server.

Attackers with access to the replication monitor web page can exploit the command-injection issue to execute arbitrary shell commands with the privileges of the Administration Server. Remote unauthenticated attackers can use the security-bypass vulnerabilities to access potentially sensitive information or perform certain unauthorized actions.

Note that combining the vulnerabilities would allow remote unauthorized attackers to execute arbitrary code with the privileges of the Administration Server.

NOTE: In default configurations, the Administration Server runs as unprivileged user 'nobody'.

These issues affect 'redhat-ds-admin' used with Red Hat Directory Server 8.

68. WonderWare SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability
BugTraq ID: 28974
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28974
Summary:
WonderWare SuiteLink is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed.

Versions prior to Wonderware SuiteLink 2.0 Patch 01 are vulnerable.

NOTE: WonderWare SuiteLink is included in WonderWare InTouch 8.0 by default. Other WonderWare applications may also be affected.

69. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
BugTraq ID: 26838
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/26838
Summary:
Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

This issue affects the following:

- The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0

- The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0.

70. OpenPegasus Management Server PAM Authentication 'cimservera.cpp' Buffer Overflow Vulnerability
BugTraq ID: 27188
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/27188
Summary:
OpenPegasus is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

This issue occurs in the PAM (Pluggable Authentication Module) authentication code.

Attackers can leverage this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

Versions in the OpenPegasus 2.6 series are vulnerable.

71. Roundup Unspecified Security Vulnerabilities
BugTraq ID: 28239
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28239
Summary:
Roundup is prone to multiple unspecified vulnerabilities.

Very few details are available regarding these issues. We will update this BID as more information emerges.

UPDATE: At least one of the addressed issues is due to a failure to properly escape HTML input. Specific parameters and scripts related to this HTML-injection issue are currently not known.

These issues affect versions prior to Roundup 1.4.4.

72. Cacti Multiple Input Validation Vulnerabilities
BugTraq ID: 27749
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/27749
Summary:
Cacti is prone to multiple unspecified input-validation vulnerabilities, including:

- Multiple cross-site scripting vulnerabilities
- Multiple SQL-injection vulnerabilities
- An HTTP response-splitting vulnerability.

Attackers may exploit these vulnerabilities to influence or misrepresent how web content is served, cached, or interpreted, to compromise the application, to access or modify data, to exploit vulnerabilities in the underlying database, or to execute arbitrary script code in the browser of an unsuspecting user.

These issues affect Cacti 0.8.7a and prior versions.

73. PHP 5.2.4 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 26403
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/26403
Summary:
PHP 5.2.4 and prior versions are prone to multiple security vulnerabilities. Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.

74. PHP .Htaccess Safe_Mode and Open_Basedir Restriction-Bypass Vulnerability
BugTraq ID: 24661
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/24661
Summary:
PHP is prone to a 'safe_mode' and 'open_basedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations.

These vulnerabilities would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code, with the 'safe_mode' and 'open_basedir' restrictions assumed to isolate the users from each other.

This issue is reported to affect PHP 5.2.3 and 4.4.7; previous versions may also be vulnerable.

75. Intel Network Drivers Local Privilege Escalation Vulnerability
BugTraq ID: 21456
Remote: No
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/21456
Summary:
Intel LAN drivers are prone to a local privilege-escalation vulnerability because they fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can trigger this issue to corrupt memory and to execute code with kernel-level privileges.

A successful attack can result in a complete compromise of the affected computer due to privilege escalation.

All PCI, PCI-X, and PCIe Intel network adapter drivers are vulnerable.

76. Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
BugTraq ID: 27237
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/27237
Summary:
The Apache HTTP Server 'mod_status' module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users' browsers to arbitrary locations, which may aid in phishing attacks.

The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev.

77. PHP 5.2.3 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 25498
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/25498
Summary:
PHP 5.2.3 and prior versions are prone to multiple security vulnerabilities. Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.

78. Python zlib Module Remote Buffer Overflow Vulnerability
BugTraq ID: 28715
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28715
Summary:
Python zlib module is prone to a remote buffer-overflow vulnerability because the library fails to properly sanitize user-supplied data.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will result in a denial-of-service condition.

This issue affects Python 2.5.2; other versions may also be vulnerable.

79. PCRE Regular Expression Library Multiple Integer and Buffer Overflow Vulnerabilities
BugTraq ID: 26462
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/26462
Summary:
PCRE regular-expression library is prone to multiple integer- and buffer-overflow vulnerabilities.

Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library.

80. OpenSSH X Connections Session Hijacking Vulnerability
BugTraq ID: 28444
Remote: No
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28444
Summary:
OpenSSH is prone to a vulnerability that allows attackers to hijack forwarded X connections.

Successfully exploiting this issue may allow an attacker run arbitrary shell commands with the privileges of the user running the affected application.

This issue affects OpenSSH 4.3p2; other versions may also be affected.

NOTE: This issue affects the portable version of OpenSSH and may not affect OpenSSH running on OpenBSD.

81. OpenPegasus WBEM CIM Management Server 'PAMBasicAuthenticatorUnix.cpp' Buffer Overflow Vulnerability
BugTraq ID: 27172
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/27172
Summary:
OpenPegasus is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

This issue occurs in the PAM (Pluggable Authentication Module) authentication code.

Attackers can leverage this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

Versions in the OpenPegasus 2.6 series are vulnerable.

82. Microsoft Works 7 'WkImgSrv.dll' ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 28820
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28820
Summary:
Microsoft Works 7 'WkImgSrv.dll' ActiveX control is prone to a remote code-execution vulnerability because it fails to sufficiently verify user-supplied input.

An attacker can exploit this issue to run arbitrary attacker-supplied code in the context of the currently logged-in user. Failed exploits attempts will trigger denial-of-service conditions.

This issue affects Microsoft Works 7 'WkImgSrv.dll' ActiveX control 7.03.0616; other versions may also be vulnerable.

83. PHP Chunk_Split() Function Integer Overflow Vulnerability
BugTraq ID: 24261
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/24261
Summary:
PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory.

Attackers may be able to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects versions prior to PHP 5.2.3.

84. Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.12 Multiple Remote Vulnerabilities
BugTraq ID: 28448
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/28448
Summary:
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.12 and prior versions.

Exploiting these issues can allow attackers to:

- steal authentication credentials
- obtain potentially sensitive information
- violate the same-origin policy
- execute scripts with elevated privileges
- cause denial-of-service conditions
- potentially execute arbitrary code
- perform cross-site request-forgery attacks

Other attacks are possible.

These issues are present in Firefox 2.0.0.12 and prior versions. Many of these issues are present in Mozilla Thunderbird 2.0.0.12 and prior versions as well as SeaMonkey 1.1.8 and prior versions.

85. PHP 5.2.5 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 29009
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29009
Summary:
PHP 5.2.5 and prior versions are prone to multiple security vulnerabilities.

Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.

These issues are reported to affect PHP 5.2.5 and prior versions.

86. osCommerce Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 29055
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29055
Summary:
osCommerce is prone to multiple cross-site scripting vulnerabilities.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

osCommerce 2.2 RC1 and 2.2 RC2a are vulnerable; other versions may also be affected.

87. AnServ Auction XL 'viewfaqs.php' SQL Injection Vulnerability
BugTraq ID: 29053
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29053
Summary:
AnServ Auction XL is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

88. LifeType 1.2.8 'admin.php' Cross Site Scripting Vulnerability
BugTraq ID: 29050
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29050
Summary:
LifeType is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

LifeType 1.2.8 is vulnerable; other versions may also be affected.

89. Kmita Tellfriend 'htmlcode.php' Remote File Include Vulnerability
BugTraq ID: 29042
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29042
Summary:
Kmita Tellfriend is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying computer; other attacks are also possible.

Kmita Tellfriend 2.0 is vulnerable; other versions may also be affected.

90. TYPO3 Powermail Extension Unspecified Cross Site Scripting Vulnerability
BugTraq ID: 29040
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29040
Summary:
Powermail for TYPO3 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Powermail 1.1.9 is vulnerable; other versions may also be affected.

91. Ilient SysAid 'searchField' Parameter Cross Site Scripting Vulnerability
BugTraq ID: 29037
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29037
Summary:
SysAid is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

SysAid 5.1.08 is vulnerable; other versions may also be affected.

92. Online-rent.com Property Rental Script 'pid' Parameter SQL Injection Vulnerability
BugTraq ID: 29052
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29052
Summary:
Online-rent.com Property Rental Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Property Rental Script 4.5 is vulnerable; other versions may also be affected.

93. Maian Uploader Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 29051
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29051
Summary:
Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Maian Uploader 4.0 is vulnerable; other versions may also be affected.

94. pnEncyclopedia PostNuke module 'id' Parameter SQL Injection Vulnerability
BugTraq ID: 29046
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29046
Summary:
The pnEncyclopedia module for PostNuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects pnEncyclopedia 0.2.0; other versions may also be affected.

95. LifeType 'admin.php' Cross Site Scripting Vulnerability
BugTraq ID: 29017
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29017
Summary:
LifeType is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

LifeType 1.2.7 is vulnerable; other versions may also be affected.

96. IBM Rational Build Forge Remote Denial of Service Vulnerability
BugTraq ID: 29036
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29036
Summary:
IBM Rational Build Forge is prone to a denial-of-service vulnerability.

An attacker on the local network can exploit this issue to consume CPU resources of the host, resulting in a denial-of-service condition.

This issue affects IBM Rational Build Forge 7.0.2.

97. SmartBlog Multiple Input Validation Vulnerabilities
BugTraq ID: 29043
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29043
Summary:
SmartBlog is prone to multiple vulnerabilities, including SQL-injection issues and a local file-include issue, because it fails to sufficiently sanitize user-supplied data.

Successful exploits of these vulnerabilities may allow attackers to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or view files and execute local scripts in the context of the webserver process.

SmartBlog 1.3 is vulnerable; other versions may also be affected.

98. cpLinks Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 29035
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29035
Summary:
cpLinks is prone to multiple SQL-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Attackers may also exploit these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues affect cpLinks 1.03; other versions may also be affected.

99. iTCms 'boxpop.php' Remote File Include Vulnerability
BugTraq ID: 29028
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29028
Summary:
iTCms is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying computer; other attacks are also possible.

iTCms 1.9 is vulnerable; other versions may also be affected.

100. SmartBlog 'index.php' SQL Injection Vulnerability
BugTraq ID: 29033
Remote: Yes
Last Updated: 2008-05-06
Relevant URL: http://www.securityfocus.com/bid/29033
Summary:
SmartBlog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Groups warn travelers to limit laptop data
By: Robert Lemos
In a letter to Congress, nearly three dozen organizations protest the seizures of electronic devices by U.S. customs officials, an act upheld by a federal appeals court in a recent ruling.
http://www.securityfocus.com/news/11516

2. Patches pose significant risk, researchers say
By: Robert Lemos
A group of four computer scientists say Windows Update -- and other patch services -- should be redesigned, after they create a technique to quickly produce attack code from a distributed patch.
http://www.securityfocus.com/news/11514

3. U.S. gov't pushes cybersecurity at con
By: Robert Lemos
Top Bush Administration officials descend on the RSA Security Conference laying out their plans for protecting critical networks and giving a small taste of the latest national cyber exercise, Cyber Storm II.
http://www.securityfocus.com/news/11513

4. Web developers, fix thy Flash
By: Robert Lemos
Flaws that allow cross-site scripting attacks through Adobe Flash files could let attackers compromise online accounts and local networks. Yet, Web publishers have been slow to fix their sites, a security researcher says.
http://www.securityfocus.com/news/11511

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Application Security Architect, Porto Alegre
http://www.securityfocus.com/archive/77/491656

2. [SJ-JOB] Forensics Engineer, Santa Clara
http://www.securityfocus.com/archive/77/491645

3. [SJ-JOB] Software Engineer, Atlanta
http://www.securityfocus.com/archive/77/491657

4. [SJ-JOB] Security Auditor, Ottawa
http://www.securityfocus.com/archive/77/491658

5. [SJ-JOB] Software Engineer, Bethesda
http://www.securityfocus.com/archive/77/491659

6. [SJ-JOB] Security Engineer, El Segundo
http://www.securityfocus.com/archive/77/491663

7. [SJ-JOB] Management, Hollywood
http://www.securityfocus.com/archive/77/491641

8. [SJ-JOB] Incident Handler, Santa Clara
http://www.securityfocus.com/archive/77/491642

9. [SJ-JOB] Sr. Security Engineer, El Segundo
http://www.securityfocus.com/archive/77/491643

10. [SJ-JOB] Security Engineer, El Segundo
http://www.securityfocus.com/archive/77/491660

11. [SJ-JOB] Security Engineer, Toronto
http://www.securityfocus.com/archive/77/491625

12. [SJ-JOB] Sr. Security Engineer, Chantilly
http://www.securityfocus.com/archive/77/491626

13. [SJ-JOB] Software Engineer, Chantilly
http://www.securityfocus.com/archive/77/491627

14. [SJ-JOB] Senior Software Engineer, Mountain View
http://www.securityfocus.com/archive/77/491628

15. [SJ-JOB] Security Engineer, El Segundo
http://www.securityfocus.com/archive/77/491644

16. [SJ-JOB] Application Security Engineer, Chantilly
http://www.securityfocus.com/archive/77/491624

17. [SJ-JOB] Sr. Security Engineer, New York
http://www.securityfocus.com/archive/77/491489

18. [SJ-JOB] Manager, Information Security, London
http://www.securityfocus.com/archive/77/491490

19. [SJ-JOB] Training / Awareness Specialist, Ottawa
http://www.securityfocus.com/archive/77/491495

20. [SJ-JOB] Security Engineer, Annapolis Junction
http://www.securityfocus.com/archive/77/491492

21. [SJ-JOB] Security Engineer, Roseland
http://www.securityfocus.com/archive/77/491493

22. [SJ-JOB] Sr. Security Engineer, Tampa
http://www.securityfocus.com/archive/77/491494

23. [SJ-JOB] Sr. Security Analyst, Kohler
http://www.securityfocus.com/archive/77/491476

24. [SJ-JOB] Sales Engineer, San Jose
http://www.securityfocus.com/archive/77/491477

25. [SJ-JOB] Application Security Engineer, Saint Louis
http://www.securityfocus.com/archive/77/491478

26. [SJ-JOB] Security Engineer, Kohler
http://www.securityfocus.com/archive/77/491491

27. [SJ-JOB] Security Engineer, Network Security Engineer (NAC)
http://www.securityfocus.com/archive/77/491475

28. [SJ-JOB] Director, Information Security, Dubai or Abu Dhabi
http://www.securityfocus.com/archive/77/491479

V. INCIDENTS LIST SUMMARY
---------------------------
1. Weird SSH attack last night and this morning (still ongoing)
http://www.securityfocus.com/archive/75/491739

VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Binding Windows Services to Specific Addresses Only
http://www.securityfocus.com/archive/88/491595

VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This issue is sponsored by Verisign

Give your site visitors the reassurance that your site is safe to transact on with VeriSign Extended Validation (EV) SSL Certificates. The new certificates turn the address bar green in high security browsers letting customers know that they are on the site they intended to be on. Learn how to provide the latest advancement in SSL, EV SSL, and give your customers the
confidence to transact on your site with the free white paper.
http://clk.atdmt.com/SFI/go/scrtysrv1170000032sfi/direct/01/

No comments:

Blog Archive