SecurityFocus Newsletter #464
----------------------------------------
This issue is sponsored by Black Hat USA:
Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting.
www.blackhat.com
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.An Astonishing Collaboration
2.Bad-Code Blues
II. BUGTRAQ SUMMARY
1. PozScripts Classified Ads 'browsecats.php' SQL Injection Vulnerability
2. Article Friendly Pro 'authordetail.php' SQL Injection Vulnerability
3. Microsoft DirectX SAMI File Parsing Stack Based Buffer Overflow Vulnerability
4. Pligg Multiple Remote Vulnerabilities
5. eNdonesia Calendar Module SQL Injection Vulnerability
6. PozScripts TubeGuru Video Sharing Script 'ugroups.php' SQL Injection Vulnerability
7. FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow Vulnerability
8. Gregarius 'ajax.php' SQL Injection Vulnerability
9. Links 'only proxies' Unspecified Security Vulnerability
10. miniBB RSS Plugin Multiple Remote File Include Vulnerabilities
11. CoolPlayer M3U File Buffer Overflow Vulnerability
12. Oracle mod_wl HTTP POST Request Remote Buffer Overflow Vulnerability
13. PHP 5.2.5 and Prior Versions Multiple Vulnerabilities
14. PCRE Regular Expression Heap Based Buffer Overflow Vulnerability
15. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
16. mtr 'split.c' Remote Stack Buffer Overflow Vulnerability
17. e107 BLOG Engine 'macgurublog.php' SQL Injection Vulnerability
18. Linux Kernel 'pppol2tp_recvmsg()' Remote Denial of Service Vulnerability
19. PHP 5.2.4 and Prior Versions Multiple Vulnerabilities
20. Multiple XnView Products TAAC File Buffer Overflow Vulnerability
21. Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
22. IDevSpot BizDirectory Multiple SQL Injection and Cross Site Scripting Vulnerabilities
23. Cerberus Content Management System 'cerberus_user' Cookie Parameter HTML Injection Vulnerability
24. OpenSSL Multiple Denial of Service Vulnerabilities
25. Libpng Library Unknown Chunk Handler Vulnerability
26. Wireshark 1.0.1 Denial of Service Vulnerability
27. Sun Java Web Start Multiple Vulnerabilities
28. Sun Java Runtime Environment XML Data Processing Multiple Vulnerabilities
29. NCTsoft NCTAudioFile2 ActiveX Control Remote Buffer Overflow Vulnerability
30. Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
31. Sun Java Runtime Environment Font Processing Buffer Overflow Vulnerability
32. Sun Java Runtime Environment Multiple Unspecified Same Origin Policy Violation Vulnerabilities
33. Net-SNMP Remote Authentication Bypass Vulnerability
34. Net-SNMP Perl Module Buffer Overflow Vulnerability
35. OpenSSH Remote Root Authentication Timing Side-Channel Weakness
36. Acronis True Image Echo Server Information Disclosure Weakness
37. Computer Associates eTrust Secure Content Manager Multiple Buffer Overflow Vulnerabilities
38. Sun Java System Web Server 7.0 Plugin for Sun N1SPS Remote Authentication Bypass Vulnerability
39. Article Friendly Standard 'categorydetail.php' SQL Injection Vulnerability
40. phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
41. Trac Quickjump Function URI Redirection Vulnerability
42. Sun Solaris Platform Information and Control Library picld(1M) Local Denial of Service Vulnerability
43. HP-UX System Administration Manager NFS Configuration Security Bypass Vulnerability
44. OpenSSL SSL_Get_Shared_Ciphers Off-by-One Buffer Overflow Vulnerability
45. Trac Unspecified Wiki Engine Cross-Site Scripting Vulnerability
46. Newsx 'read_article()' Buffer Overflow Vulnerability
47. Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
48. SAP MaxDB 'dbmsrv' Process 'PATH' Environment Variable Local Privilege Escalation Vulnerability
49. OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
50. Mono Multiple Cross-Site Scripting Vulnerabilities
51. concrete5 Contact Form Cross-Site Scripting Vulnerability
52. H0tturk Panel 'gizli.php' Remote File Include Vulnerability
53. libxslt RC4 Encryption and Decryption Functions Buffer Overflow Vulnerability
54. 'nfs-utils' Package for Red Hat Enterprise Linux 5 TCP Wrappers Security Bypass Vulnerability
55. Blue Coat K9 Web Protection Centralized Server HTTP Responses Buffer Overflow Vulnerability
56. Blue Coat K9 Web Protection 'Referer' Header Stack Based Buffer Overflow Vulnerability
57. phpFreeChat 'nickid' Parameter Session Hijacking Vulnerability
58. F-PROT Antivirus Archive Parsing Denial of Service Vulnerability
59. Panasonic Network Cameras Error Page Multiple Cross Site Scripting Vulnerabilities
60. Xerox DocuShare Multiple Cross-Site Scripting Vulnerabilities
61. TCL/TK Tk Toolkit TKIMGGIF.C Buffer Overflow Vulnerability
62. Info-ZIP UnZip 'inflate_dynamic()' Remote Code Execution Vulnerability
63. AVG Anti-Virus UPX File Parsing Denial of Service Vulnerability
64. Trend Micro OfficeScan 'OfficeScanRemoveCtrl.dll' ActiveX Multiple Buffer Overflow Vulnerabilities
65. MIT Kerberos 5 KDC Multiple Memory Corruption Based Information Disclosure Vulnerabilities
66. MIT Kerberos5 kadmind Excessive File Descriptors Multiple Remote Code Execution Vulnerabilities
67. Akamai Download Manager ActiveX Control Remote Code Execution Vulnerability
68. QuickerSite Multiple Vulnerabilities
69. European Performance Systems Probe Builder Denial of Service Vulnerability
70. Apache Tomcat Host Manager Cross Site Scripting Vulnerability
71. TCL/TK Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability
72. PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
73. LICQ File Descriptor Remote Denial of Service Vulnerability
74. DEV Web Management System Multiple Input Validation Vulnerabilities
75. Now SMS/MMS Gateway Multiple Buffer Overflow Vulnerabilities
76. Citrix Presentation Server 'icabar.exe' Local Privilege Escalation Vulnerability
77. Zee Reviews Opinions Rating Posting Engine PHP Script 'comments.php' SQL Injection Vulnerability
78. PHP Hosting Directory Cookie Authentication Bypass Vulnerability
79. BlazeVideo HDTV Player PLF File Stack Buffer Overflow Vulnerability
80. IBM AIX 'scsidiskdd' Uninitialized 'DRVR_PVT' Structure Local Denial Of Service Vulnerability
81. Condor Wild Card Authorization Policy Security Bypass Vulnerability
82. nzFotolog 'action_file' Parameter Local File Include Vulnerability
83. MJGUEST 'guestbook.js.php' Cross Site Scripting Vulnerability
84. Cisco IOS FTP Server Multiple Vulnerabilities
85. SILC Toolkit 'silcutil.c' Function Buffer Overflow Vulnerability
86. SILC Client and Server Key Negotiation Protocol Remote Buffer Overflow Vulnerability
87. HIOX Star Rating System Addcode.PHP Remote File Include Vulnerability
88. Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability
89. HIOX Browser Statistics 'hm' Parameter Multiple Remote File Include Vulnerabilities
90. HIOX Random Ad 'hioxRandomAd.php ' Remote File Include Vulnerability
91. Unreal Tournament 3 Denial Of Service And Memory Corruption Vulnerabilities
92. Unica Affinium Campaign Multiple Remote Vulnerabilities
93. @Mail Multiple Local Information Disclosure Vulnerabilities
94. InfoMining BookMine SQL Injection and Cross Site Scripting Vulnerabilities
95. PhpWebGallery Information Disclosure Vulnerability
96. ScrewTurn Software ScrewTurn Wiki 'System Log' Page HTML Injection Vulnerability
97. JnSHosts PHP Hosting Directory 'admin.php' Remote File Include Vulnerability
98. HTTrack URI Parsing Remote Buffer Overflow Vulnerability
99. Eyeball MessengerSDK 'CoVideoWindow.ocx' ActiveX Control Remote Buffer Overflow Vulnerability
100. RealPlayer Unspecified Local Resource Reference Vulnerability
III. SECURITYFOCUS NEWS
1. Poisoned DNS servers pop up as ISPs patch
2. E-Gold pleads guilty to money laundering
3. Senate amends FISA, allows immunity
4. Alliance forms to fix DNS poisoning flaw
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Software Engineer, St. Paul
2. [SJ-JOB] Senior Software Engineer, St. Paul
3. [SJ-JOB] Software Engineer, St. Paul
4. [SJ-JOB] Security Researcher, Waterloo
5. [SJ-JOB] Account Manager, Los Angeles
6. [SJ-JOB] Management, St. Paul
7. [SJ-JOB] Software Engineer, Alpharetta
8. [SJ-JOB] Sales Engineer, Alpharetta
9. [SJ-JOB] Principal Software Engineer, St. Paul
10. [SJ-JOB] Software Engineer, St. Paul
11. [SJ-JOB] Account Manager, Atlanta
12. [SJ-JOB] Software Engineer, Concord
13. [SJ-JOB] Information Assurance Analyst, Palm Bay
14. [SJ-JOB] Sales Representative, St. Paul
15. [SJ-JOB] Senior Software Engineer, Alpharetta
16. [SJ-JOB] Technical Writer, Riyadh
17. [SJ-JOB] Sales Engineer, Newark
18. [SJ-JOB] Senior Software Engineer, St. Paul
19. [SJ-JOB] Software Engineer, Alpharetta
20. [SJ-JOB] Information Assurance Analyst, Annapolis Junction
21. [SJ-JOB] Information Assurance Engineer, Schaumburg
22. [SJ-JOB] Security Engineer, Fremont
23. [SJ-JOB] Information Assurance Engineer, Schaumburg
24. [SJ-JOB] Manager, Information Security, Abu Dhabi
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
1. Atmail Remote Authentication Bypass, Full DB Compromise
VII. MICROSOFT FOCUS LIST SUMMARY
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
1. root shell auditing
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.An Astonishing Collaboration
By Dan Kaminsky
Wow. It's out. It's finally, finally out. Sweet!
http://www.securityfocus.com/columnists/477
2.Bad-Code Blues
By Don Parker
The current state of secure software development by corporations both large and small is a mess. We are still cursed with half-baked software, and as a result, a never ending stream of vulnerabilities. Secure coding practices and active quality assurance (QA) efforts are now more mainstream, but that still hasn.t made much of a dent.
http://www.securityfocus.com/columnists/476
II. BUGTRAQ SUMMARY
--------------------
1. PozScripts Classified Ads 'browsecats.php' SQL Injection Vulnerability
BugTraq ID: 30454
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30454
Summary:
PozScripts Classified Ads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
2. Article Friendly Pro 'authordetail.php' SQL Injection Vulnerability
BugTraq ID: 30452
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30452
Summary:
Article Friendly is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects Article Friendly Pro.
3. Microsoft DirectX SAMI File Parsing Stack Based Buffer Overflow Vulnerability
BugTraq ID: 29578
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/29578
Summary:
Microsoft DirectX is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The vulnerability occurs when handling malformed SAMI files.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result in a denial-of-service condition.
NOTE: Supported editions of Windows Server 2008 are not affected if installed using the Server Core installation option.
4. Pligg Multiple Remote Vulnerabilities
BugTraq ID: 30458
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30458
Summary:
Pligg is prone to multiple vulnerabilities, including multiple cross-site scripting issues, multiple information-disclosure issues, multiple local file-include issues and multiple SQL-injection issues.
Attackers can exploit these issues to:
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site
- steal cookie-based authentication credentials
- view local files within the context of the webserver process
- enumerate local files on the underlying system
- carry out unauthorized actions on the underlying database
- compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
These issues affect Pligg 9.9.0 and prior versions.
5. eNdonesia Calendar Module SQL Injection Vulnerability
BugTraq ID: 30457
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30457
Summary:
The Calendar module for eNdonesia is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Please note that currently we are not aware of what versions of the module are affected by this issue. The Calendar module is not shipped with eNdonesia by default.
6. PozScripts TubeGuru Video Sharing Script 'ugroups.php' SQL Injection Vulnerability
BugTraq ID: 30455
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30455
Summary:
TubeGuru Video Sharing Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
7. FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow Vulnerability
BugTraq ID: 30154
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30154
Summary:
The 'libavformat' library from FFmpeg is prone to a remote heap-based buffer-overflow vulnerability because of insufficient boundary checks when parsing STR data.
Remote attackers can exploit this issue by enticing victims into opening maliciously crafted STR files with an application that uses the affected library.
Successful exploits may allow attackers to execute arbitrary code within the context of an affected application. Failed exploit attempts will likely result in a denial of service.
8. Gregarius 'ajax.php' SQL Injection Vulnerability
BugTraq ID: 30423
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30423
Summary:
Gregarius is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Gregarius 0.5.4 is vulnerable; other versions may also be affected.
9. Links 'only proxies' Unspecified Security Vulnerability
BugTraq ID: 30422
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30422
Summary:
Links is prone to an unspecified security vulnerability related to providing URIs to external programs.
Very few details are available regarding this issue. We will update this BID as more information emerges.
10. miniBB RSS Plugin Multiple Remote File Include Vulnerabilities
BugTraq ID: 30421
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30421
Summary:
The RSS plugin for miniBB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues can allow an attacker to compromise the application and the underlying computer; other attacks are also possible.
11. CoolPlayer M3U File Buffer Overflow Vulnerability
BugTraq ID: 30418
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30418
Summary:
CoolPlayer is prone a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
The issue occurs when handling specially crafted M3U files.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions.
This issue affects unspecified versions of CoolPlayer. We will update this BID as more information emerges.
12. Oracle mod_wl HTTP POST Request Remote Buffer Overflow Vulnerability
BugTraq ID: 30273
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30273
Summary:
Oracle mod_wl (formerly BEA mod_wl) is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
13. PHP 5.2.5 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 29009
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/29009
Summary:
PHP 5.2.5 and prior versions are prone to multiple security vulnerabilities.
Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.
These issues are reported to affect PHP 5.2.5 and prior versions.
14. PCRE Regular Expression Heap Based Buffer Overflow Vulnerability
BugTraq ID: 30087
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30087
Summary:
PCRE is prone to a heap-based buffer-overflow vulnerability because the library fails to properly handle user-supplied input before copying data to an internal memory buffer.
The impact of successful exploits of this vulnerability depends on the application and the privileges of the user running the vulnerable library. A successful attack may ultimately permit an attacker to control the contents of critical memory control structures and write arbitrary data to arbitrary memory locations. This may allow the attacker to execute arbitrary code in the context of the application using the vulnerable library.
Versions up to and including PCRE 7.7 are vulnerable.
15. Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
BugTraq ID: 26838
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/26838
Summary:
Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects the following:
- The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0
- The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0.
16. mtr 'split.c' Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 29290
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/29290
Summary:
The 'mtr' utility is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.
17. e107 BLOG Engine 'macgurublog.php' SQL Injection Vulnerability
BugTraq ID: 29344
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/29344
Summary:
e107 BLOG Engine is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
e107 BLOG Engine 2.2 is vulnerable; other versions may also be affected.
18. Linux Kernel 'pppol2tp_recvmsg()' Remote Denial of Service Vulnerability
BugTraq ID: 29747
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/29747
Summary:
The Linux Kernel is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to crash the affected computer on the local network, denying service to legitimate users. Given the nature of this issue, code execution may be possible, but this has not been confirmed.
Versions prior to Linux Kernel 2.6.26-rc6 are vulnerable.
19. PHP 5.2.4 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 26403
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/26403
Summary:
PHP 5.2.4 and prior versions are prone to multiple security vulnerabilities. Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.
20. Multiple XnView Products TAAC File Buffer Overflow Vulnerability
BugTraq ID: 29851
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/29851
Summary:
The XnView, NConvert, and GFL SDK products are all vulnerable to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input in malicious image files.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected applications, facilitating the remote compromise of affected computers. Failed exploit attempts likely result in crashes.
The following packages are affected by this issue:
- XnView 1.70 for Linux and FreeBSD
- XnView 1.93.6 for Windows
- GFL SDK 2.82
- NConvert 4.92
Other versions may also be affected.
21. Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
BugTraq ID: 27237
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/27237
Summary:
The Apache HTTP Server 'mod_status' module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users' browsers to arbitrary locations, which may aid in phishing attacks.
The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev.
22. IDevSpot BizDirectory Multiple SQL Injection and Cross Site Scripting Vulnerabilities
BugTraq ID: 30414
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30414
Summary:
IDevSpot BizDirectory is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site scripting vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Versions prior to IDevSpot BizDirectory 2.07 are vulnerable.
23. Cerberus Content Management System 'cerberus_user' Cookie Parameter HTML Injection Vulnerability
BugTraq ID: 30416
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30416
Summary:
Cerberus Content Management System is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
The issue affects Cerberus Content Management System 3_1.3_0.9; prior versions may also be vulnerable.
24. OpenSSL Multiple Denial of Service Vulnerabilities
BugTraq ID: 29405
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/29405
Summary:
OpenSSL is prone to multiple denial-of-service vulnerabilities.
Attackers can leverage these issues to cause a client or server application to crash. Successful exploits will deny service to legitimate users.
OpenSSL 0.9.8f and 0.9.8g are reported vulnerable. Other versions may be affected as well.
25. Libpng Library Unknown Chunk Handler Vulnerability
BugTraq ID: 28770
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/28770
Summary:
The 'libpng' library is prone to a vulnerability that causes denial-of-service conditions or may allow code to run. The issue occurs because the software fails to properly handle unexpected chunk data in PNG files.
Successfully exploiting this issue allows remote attackers to trigger denial-of-service conditions or to possibly execute arbitrary machine code in the context of applications that use the library.
The following versions are affected:
libpng 1.0.6 through 1.0.32
libpng 1.2.0 through 1.2.26
libpng 1.4.0beta01 through 1.4.0beta19
26. Wireshark 1.0.1 Denial of Service Vulnerability
BugTraq ID: 30181
Remote: Yes
Last Updated: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30181
Summary:
Wireshark is prone to a denial-of-service vulnerability.
Exploiting this issue may allow attackers to cause crashes and deny service to legitimate users of the application.
This issue affects Wireshark 0.8.19 to 1.0.1.
27. Sun Java Web Start Multiple Vulnerabilities
BugTraq ID: 30148
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30148
Summary:
Sun Java Web Start is prone to multiple vulnerabilities, including buffer-overflow, privilege-escalation, and information-disclosure issues.
Successful exploits may allow attackers to execute arbitrary code, obtain information, or read, write, and execute arbitrary local files in the context of the user running a malicious Web Start application. This may result in a compromise of the underlying system.
This issue affects the following versions:
JDK and JRE 6 Update 6 and earlier
JDK and JRE 5.0 Update 15 and earlier
SDK and JRE 1.4.2_17 and earlier
28. Sun Java Runtime Environment XML Data Processing Multiple Vulnerabilities
BugTraq ID: 30143
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30143
Summary:
Sun Java Runtime Environment is prone to multiple remote vulnerabilities.
An attacker can exploit these issues to obtain sensitive information or crash the affected application, denying service to legitimate users.
These issues affect the following versions on Solaris, Linux, and Windows platforms:
JDK and JRE 6 Update 6 and earlier
JDK and JRE 5.0 Update 15 and earlier
29. NCTsoft NCTAudioFile2 ActiveX Control Remote Buffer Overflow Vulnerability
BugTraq ID: 22196
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/22196
Summary:
NCTsoft NCTAudioFile2 ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.
NCTAudioEditor is a collection of ActiveX controls for manipulating audio data. Numerous audio software products use the vulnerable 'NCTAudioFile2.AudioFile' ActiveX component.
NCTAudioStudio 2.7.1, NCTAudioEditor 2.7.1, and NCTDialogicVoice 2.7.1 are affected by this vulnerability; other versions may be affected as well.
NOTE: Please see the vulnerable systems section for third-party products that are affected because they depend on this ActiveX control.
30. Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
BugTraq ID: 30131
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30131
Summary:
Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries.
Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.
This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable.
31. Sun Java Runtime Environment Font Processing Buffer Overflow Vulnerability
BugTraq ID: 30147
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30147
Summary:
Sun Java Runtime Environment is prone to a buffer-overflow vulnerability when running untrusted applications or applets.
Successful exploits may allow attackers to read, write, or execute arbitrary local files in the context of the user running an untrusted application. This may result in a compromise of the underlying system.
This issue affects the following versions on Solaris, Windows, and Linux:
JDK and JRE 5.0 Update 9 and earlier
SDK and JRE 1.4.2_17 and earlier
SDK and JRE 1.3.1_22 and earlier
32. Sun Java Runtime Environment Multiple Unspecified Same Origin Policy Violation Vulnerabilities
BugTraq ID: 30140
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30140
Summary:
Sun Java Runtime Environment is prone to multiple unspecified vulnerabilities that allow attackers to bypass the same-origin policy. This issue occurs because the application fails to properly enforce the same-origin policy for Java applets.
An attacker may create a malicious applet that is loaded from a remote system to circumvent network access restrictions.
The following are affected:
JDK and JRE 6 Update 6 and earlier
JDK and JRE 5.0 Update 15 and earlier
SDK and JRE 1.4.2_17 and earlier
SDK and JRE 1.3.x_22 and earlier
33. Net-SNMP Remote Authentication Bypass Vulnerability
BugTraq ID: 29623
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/29623
Summary:
Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error.
Successfully exploiting this issue will allow attackers to gain unauthorized access to the affected application.
Net-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable.
34. Net-SNMP Perl Module Buffer Overflow Vulnerability
BugTraq ID: 29212
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/29212
Summary:
Net-SNMP is prone a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer.
Exploiting this issue may allow attackers to execute arbitrary machine code in the context of applications using the affected Net-SNMP Perl module. Failed exploit attempts will likely cause denial-of-service conditions.
This issue affects Net-SNMP 5.4.1, 5.2.4, and 5.1.4; other versions may also be vulnerable.
35. OpenSSH Remote Root Authentication Timing Side-Channel Weakness
BugTraq ID: 7482
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/7482
Summary:
A timing attack has been described in OpenSSH-portable that could assist a remote user in guessing the administrative password. This issue has been reported to exist in OpenSSH-portable on Linux systems, though it may affect other platforms and version.
36. Acronis True Image Echo Server Information Disclosure Weakness
BugTraq ID: 30456
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30456
Summary:
Acronis True Image Echo Server is prone to an information-disclosure weakness.
An attacker can exploit this issue to access sensitive information that may help in further attacks.
True Image Echo Server 9.5 build 8072 is affected; other versions may also be affected.
37. Computer Associates eTrust Secure Content Manager Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 29528
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/29528
Summary:
Computer Associates eTrust Secure Content Manages is prone to multiple buffer-overflow vulnerabilities.
Successfully exploiting these issues will allow an attacker to execute arbitrary code in the context of the application or cause denial-of-service conditions.
These issues affect Computer Associates eTrust Secure Content Manager 8.0.
38. Sun Java System Web Server 7.0 Plugin for Sun N1SPS Remote Authentication Bypass Vulnerability
BugTraq ID: 30451
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30451
Summary:
Sun Java System Web Server 7.0 plugin for Sun N1 Service Provisioning System (N1SPS) is prone to a remote authentication-bypass vulnerability.
Successfully exploiting this issue will allow attackers to gain unauthorized administrative access to the Sun Java System Web Server.
Sun N1 Service Provisioning System 5.2 and 6.0 with the Java System Web Server 7.0 plugin installed are vulnerable.
39. Article Friendly Standard 'categorydetail.php' SQL Injection Vulnerability
BugTraq ID: 30453
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30453
Summary:
Article Friendly is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects Article Friendly Standard.
40. phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 30420
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30420
Summary:
phpMyAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to phpMyAdmin 2.11.8 are vulnerable.
41. Trac Quickjump Function URI Redirection Vulnerability
BugTraq ID: 30402
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30402
Summary:
Trac is prone to a remote URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.
A successful exploit may aid in phishing-style attacks.
Versions prior to Trac 0.10.5 are vulnerable.
42. Sun Solaris Platform Information and Control Library picld(1M) Local Denial of Service Vulnerability
BugTraq ID: 30450
Remote: No
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30450
Summary:
The Sun Solaris Platform Information and Control Library daemon 'picld(1M)' is prone to a local denial-of-service vulnerability.
A local unprivileged attacker can exploit this issue to disable system monitoring and prevent proper operations of certain system utilities, resulting in a denial-of-service condition.
This issue affects Solaris 8, 9, 10 and OpenSolaris for SPARC and x86 platforms.
43. HP-UX System Administration Manager NFS Configuration Security Bypass Vulnerability
BugTraq ID: 30449
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30449
Summary:
HP-UX is prone to a security-bypass vulnerability because the System Administration Manager (SAM) application can provide an unintended configuration for NFS.
Remote attackers can exploit this issue to bypass certain security restrictions and gain access to vulnerable computers.
This issue affects the following versions of HP-UX running SAM:
HP-UX B.11.11
HP-UX B.11.23
44. OpenSSL SSL_Get_Shared_Ciphers Off-by-One Buffer Overflow Vulnerability
BugTraq ID: 25831
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/25831
Summary:
OpenSSL is prone to an off-by-one buffer-overflow vulnerability because the library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of applications that use the affected library, but this has not been confirmed. Failed exploit attempts may crash applications, denying service to legitimate users.
NOTE: This issue was introduced in the fix for the vulnerability described in BID 20249 (OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability).
45. Trac Unspecified Wiki Engine Cross-Site Scripting Vulnerability
BugTraq ID: 30400
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30400
Summary:
Trac is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to Trac 0.10.5 are vulnerable.
46. Newsx 'read_article()' Buffer Overflow Vulnerability
BugTraq ID: 30231
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30231
Summary:
The 'newsx' program is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
This issue affects newsx 1.6; other versions may also be affected.
47. Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
BugTraq ID: 30448
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30448
Summary:
Multiple HIOX Products are prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized administrative access to the applications. Successfully exploiting this issue will compromise the affected applications.
The following applications are vulnerable:
HIOX Browser Statistics 2.0
HIOX Random Ad 1.3
48. SAP MaxDB 'dbmsrv' Process 'PATH' Environment Variable Local Privilege Escalation Vulnerability
BugTraq ID: 30474
Remote: No
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30474
Summary:
SAP MaxDB is prone to a local privilege-escalation vulnerability that occurs in the 'dbmsrv' process because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to execute arbitrary code with 'sdb:sdba' privileges. Successfully exploiting this issue will compromise the affected application and possibly the underlying computer.
SAP MaxDB version 7.6.03.15 on Linux is vulnerable; other versions running on different platforms may also be affected.
49. OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
BugTraq ID: 30473
Remote: No
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30473
Summary:
OpenSC insecurely initializes Seimens CardOS M4 based smart cards and USB crypto tokens.
Attackers can leverage this issue to change the PIN number on a card without having knowledge of the existing PIN or PUK number. Successfully exploiting this issue allows attackers to use the card in further attacks.
NOTE: This issue can not be leveraged to access an existing PIN number.
This issue occurs in versions prior to OpenSC 0.11.5.
50. Mono Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 30471
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30471
Summary:
Mono is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
51. concrete5 Contact Form Cross-Site Scripting Vulnerability
BugTraq ID: 30470
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30470
Summary:
concrete5 is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
concrete5 5.0.0b2 is vulnerable; other versions may also be affected.
52. H0tturk Panel 'gizli.php' Remote File Include Vulnerability
BugTraq ID: 30468
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30468
Summary:
H0tturk Panel is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
53. libxslt RC4 Encryption and Decryption Functions Buffer Overflow Vulnerability
BugTraq ID: 30467
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30467
Summary:
The 'libxslt' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects libxslt versions 1.1.8 to 1.1.24.
54. 'nfs-utils' Package for Red Hat Enterprise Linux 5 TCP Wrappers Security Bypass Vulnerability
BugTraq ID: 30466
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30466
Summary:
The 'nfs-utils' package is prone to a security-bypass vulnerability because it was not properly built with TCP wrappers support.
Remote attackers can exploit this issue to bypass certain security restrictions and gain access to NFS services on vulnerable computers.
This issue occurs in the 'nfs-utils' package built with Red Hat Enterprise Linux 5.
55. Blue Coat K9 Web Protection Centralized Server HTTP Responses Buffer Overflow Vulnerability
BugTraq ID: 30464
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30464
Summary:
Blue Coat K9 Web Protection is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks when receiving HTTP responses from the centralized server 'sp.cwfservice.net'.
This issue can be exploited via man-in-the-middle attacks to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.
Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.3 is affected; other versions may also be affected.
56. Blue Coat K9 Web Protection 'Referer' Header Stack Based Buffer Overflow Vulnerability
BugTraq ID: 30463
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30463
Summary:
Blue Coat K9 Web Protection is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
An attacker may exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.
Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.3 is affected; other versions may also be affected.
57. phpFreeChat 'nickid' Parameter Session Hijacking Vulnerability
BugTraq ID: 30462
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30462
Summary:
phpFreeChat is prone to a session-hijacking vulnerability.
An attacker can exploit this issue to gain access to the affected application with the privileges of the hijacked user.
phpFreeChat versions prior to 1.2 are vulnerable.
58. F-PROT Antivirus Archive Parsing Denial of Service Vulnerability
BugTraq ID: 30461
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30461
Summary:
F-PROT Antivirus is prone to a denial-of-service vulnerability.
Exploiting this issue may allow attackers to deny service to legitimate users of the application.
F-PROT Antivirus 6.2.1.4252 is vulnerable; other versions may also be affected.
59. Panasonic Network Cameras Error Page Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 30460
Remote: Yes
Last Updated: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30460
Summary:
Panasonic Network Cameras are prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The following versions of Panasonic Network Cameras are vulnerable:
BL-C111 Ver.3.14R02 and prior
BL-C131 Ver.3.14R03 and prior
BB-HCM511 Ver.3.20R01 and prior
BB-HCM531 Ver.3.20R01 and prior
BB-HCM580 Ver.3.21R00 and prior
BB-HCM581 Ver.3.21R00 and prior
BB-HCM527 Ver.3.30R00 and prior
BB-HCM515 Ver.3.20R01 and prior
60. Xerox DocuShare Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 29430
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/29430
Summary:
Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Xerox DocuShare 6 and prior versions are vulnerable.
61. TCL/TK Tk Toolkit TKIMGGIF.C Buffer Overflow Vulnerability
BugTraq ID: 26056
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/26056
Summary:
TCL/TK Tk Toolkit is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data before copying it to an insufficiently sized buffer.
An attacker can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, remote code execution may also be possible but has not been confirmed.
Versions prior to TCL/TK 8.4.13 are vulnerable to this issue.
62. Info-ZIP UnZip 'inflate_dynamic()' Remote Code Execution Vulnerability
BugTraq ID: 28288
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/28288
Summary:
UnZip is prone to a remote code-execution vulnerability.
Attackers may exploit this issue by enticing victims into opening a maliciously crafted ZIP file ('.zip').
Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application. This may facilitate a compromise of vulnerable computers.
UnZip 5.52 is vulnerable; other versions may be affected as well.
63. AVG Anti-Virus UPX File Parsing Denial of Service Vulnerability
BugTraq ID: 30417
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30417
Summary:
AVG Anti-Virus is prone to a denial-of-service vulnerability.
Exploiting this issue may allow attackers to crash AVG Anti-Virus and deny service to legitimate users of the application.
Versions prior to AVG Anti-Virus 8.0.156 are vulnerable.
64. Trend Micro OfficeScan 'OfficeScanRemoveCtrl.dll' ActiveX Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 30407
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30407
Summary:
A Trend Micro OfficeScan ActiveX control is prone to multiple stack-based buffer-overflow vulnerabilities.
An attacker can exploit these issues by enticing a victim into viewing a malicious web page. A successful exploit will allow attacker-supplied code to run in the context of the currently logged-in user.
OfficeScan 7.3 build 1343 is vulnerable; other versions may also be affected.
65. MIT Kerberos 5 KDC Multiple Memory Corruption Based Information Disclosure Vulnerabilities
BugTraq ID: 28303
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/28303
Summary:
MIT Kerberos 5 KDC is prone to multiple information-disclosure vulnerabilities resulting from memory corruption.
These issues occur when KDC is configured to support Kerberos 4 and processes malformed krb4 messages.
An attacker can exploit these issues to obtain potentially sensitive information that will aid in further attacks. Failed exploit attempts will likely result in denial-of-service conditions. Given the nature of these vulnerabilities, the attacker could leverage these issues to execute arbitrary code, but this has not been confirmed.
MIT Kerberos 5 version 1.6.3 KDC is vulnerable; other versions may also be affected.
66. MIT Kerberos5 kadmind Excessive File Descriptors Multiple Remote Code Execution Vulnerabilities
BugTraq ID: 28302
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/28302
Summary:
The 'kadmind' server is prone to multiple vulnerabilities that can allow attackers to execute remote code because of array overruns in the RPC library code.
Exploiting these issues may allow attackers to execute arbitrary code with superuser privileges, facilitating in the complete compromise of affected computers. Failed attempts will cause crashes and deny service to legitimate users of the application.
Note that a compromise of a Master KDC (Key Distribution Center) principal and policy server will affect multiple hosts that use the server for authentication, potentially contributing to their compromise as well.
These issues affect:
- krb5-1.4 through krb5-1.63, where configurations allow large numbers of open file descriptors.
- krb5-1.2.2 through krb5-1.3, where '<unistd.h>' does not define FD_SETSIZE. Note that this is likely the case in many GNU/Linux distributions; Solaris 10 and Mac OS X 10.4 may be unaffected.
67. Akamai Download Manager ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 28993
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/28993
Summary:
Akamai Download Manager is prone to a remote code-execution vulnerability.
Exploiting this issue allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers.
This issue affects versions prior to Download Manager 2.2.3.7.
68. QuickerSite Multiple Vulnerabilities
BugTraq ID: 29524
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/29524
Summary:
QuickerSite is prone to multiple vulnerabilities, including an SQL-injection issue, an authentication-bypass issue, multiple cross-site scripting issues, and a file-upload issue.
Successful exploits may allow attackers to:
- access or modify data
- exploit latent vulnerabilities in the underlying database
- obtain sensitive information
- gain unauthorized access to the affected application
- upload arbitrary files and execute arbitrary server-side script code
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site
A successful attack will compromise the application and may help in further attacks.
The issues affect QuickerSite 1.8.5; other versions may also be vulnerable.
69. European Performance Systems Probe Builder Denial of Service Vulnerability
BugTraq ID: 30403
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30403
Summary:
European Performance Systems (EPS) Probe Builder is prone to a denial-of-service vulnerability.
An attacker may leverage this issue to crash the affected computer, denying service to affected users.
Versions prior to Probe Builder A.02.20.901 on Windows are vulnerable.
70. Apache Tomcat Host Manager Cross Site Scripting Vulnerability
BugTraq ID: 29502
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/29502
Summary:
Apache Tomcat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. The issue affects the Host Manager web application.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The issue affects the following versions:
Tomcat 5.5.9 to 5.5.26
Tomcat 6.0.0 to 6.0.16
71. TCL/TK Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability
BugTraq ID: 27655
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/27655
Summary:
TCL/TK Tk Toolkit is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied GIF image data before copying it to an insufficiently sized buffer.
Successful exploits may allow attackers to execute arbitrary code in the context of applications that use the affected toolkit. Failed exploit attempts likely result in denial-of-service conditions.
Versions prior to TCL/TK 8.5.1 are vulnerable to this issue.
72. PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
BugTraq ID: 27163
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/27163
Summary:
PostgreSQL is prone to multiple remote vulnerabilities, including:
- Three privilege-escalation vulnerabilities
- Three denial-of-service vulnerabilities
An attacker can exploit these issues to gain complete control of the affected application or to cause a denial-of-service condition.
These issues affect PostgreSQL 8.2, 8.1, 8.0, 7.4, and 7.3; other versions may also be affected.
73. LICQ File Descriptor Remote Denial of Service Vulnerability
BugTraq ID: 28679
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/28679
Summary:
LICQ is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.
A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. The attacker may also be able to execute code, but this has not been confirmed.
74. DEV Web Management System Multiple Input Validation Vulnerabilities
BugTraq ID: 30447
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30447
Summary:
DEV Web Management System is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include local file-include, SQL-injection, and cross-site scripting vulnerabilities.
Exploiting these issues could allow an attacker to view sensitive information, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
DEV Web Management System 1.5 is vulnerable; other versions may also be affected.
75. Now SMS/MMS Gateway Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 27896
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/27896
Summary:
Now SMS/MMS Gateway is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers.
Successfully exploiting these issues will allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.
These issues affect Now SMS/MMS Gateway 2007.06.27 and prior versions.
76. Citrix Presentation Server 'icabar.exe' Local Privilege Escalation Vulnerability
BugTraq ID: 30446
Remote: No
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30446
Summary:
Citrix Presentation Server (formerly Citrix MetaFrame Server) is prone to a privilege-escalation vulnerability caused by a flaw in how 'icabar.exe' is invoked via a 'Run' registry key.
Attackers can leverage this issue to execute arbitrary code with administrator privileges. Successful exploits will completely compromise affected computers.
The following products are vulnerable when running on Windows NT, Windows 2000, and Windows 2003:
Citrix MetaFrame Presentation Server 3.0 and prior
Citrix MetaFrame XP 1.0 and prior
77. Zee Reviews Opinions Rating Posting Engine PHP Script 'comments.php' SQL Injection Vulnerability
BugTraq ID: 30445
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30445
Summary:
Zee Reviews Opinions Rating Posting Engine Web-Site PHP Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Unknown versions of Zee Reviews Opinions Rating Posting Engine Web-Site PHP Script are affected. We will update this BID as more information emerges.
78. PHP Hosting Directory Cookie Authentication Bypass Vulnerability
BugTraq ID: 30444
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30444
Summary:
PHP Hosting Directory is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.
An attacker can exploit this vulnerability to gain administrative access to the affected application; other attacks are also possible.
PHP Hosting Directory 2.0 is vulnerable; other versions may also be affected.
79. BlazeVideo HDTV Player PLF File Stack Buffer Overflow Vulnerability
BugTraq ID: 30442
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30442
Summary:
BlazeVideo HDTV Player is prone to a stack-based buffer-overflow vulnerability because the application fails to handle malformed playlist files.
An attacker can exploit this issue to execute arbitrary code within the context of the application or to trigger a denial-of-service condition.
BlazeVideo HDTV Player 3.5 is vulnerable; other versions may also be affected.
80. IBM AIX 'scsidiskdd' Uninitialized 'DRVR_PVT' Structure Local Denial Of Service Vulnerability
BugTraq ID: 30441
Remote: No
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30441
Summary:
IBM AIX is prone to a denial-of-service vulnerability that occurs in the SCSI disk device driver ('scsidiskdd').
Successfully exploiting this issue will allow attackers to crash the affected computer, denying service to legitimate users.
AIX 5.2 and 5.3 are vulnerable.
81. Condor Wild Card Authorization Policy Security Bypass Vulnerability
BugTraq ID: 30440
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30440
Summary:
Condor is prone to a security-bypass vulnerability because if fails to properly process wildcard characters specified in authorization policies.
Attackers can exploit this issue to bypass the intended policy restrictions.
Versions prior to Condor 7.0.4 are vulnerable.
82. nzFotolog 'action_file' Parameter Local File Include Vulnerability
BugTraq ID: 30439
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30439
Summary:
nzFotolog is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks.
nzFotolog 0.4.1 is vulnerable; other versions may also be affected.
83. MJGUEST 'guestbook.js.php' Cross Site Scripting Vulnerability
BugTraq ID: 30438
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30438
Summary:
MJGUEST is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
MJGUEST 6.8 GT is vulnerable; other versions may also be affected.
84. Cisco IOS FTP Server Multiple Vulnerabilities
BugTraq ID: 23885
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/23885
Summary:
Cisco IOS FTP Server is prone to multiple vulnerabilities including a denial-of-service issue and an authentication-bypass issue.
Attackers can exploit these issues to deny service to legitimate users, gain unauthorized access to an affected device, or execute arbitrary code.
Only IOS devices that have the FTP Server feature enabled are vulnerable; this feature is disabled by default.
85. SILC Toolkit 'silcutil.c' Function Buffer Overflow Vulnerability
BugTraq ID: 28101
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/28101
Summary:
SILC Toolkit is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.
This issue affects versions prior to SILC Toolkit 1.1.6.
86. SILC Client and Server Key Negotiation Protocol Remote Buffer Overflow Vulnerability
BugTraq ID: 28373
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/28373
Summary:
SILC Client and Server are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied input.
Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.
This issue affects versions prior to SILC Client 1.1.4 and SILC Server 1.1.2.
87. HIOX Star Rating System Addcode.PHP Remote File Include Vulnerability
BugTraq ID: 21280
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/21280
Summary:
HIOX Star Rating System (HSRS) is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
HSRS 1.0 is vulnerable; other versions may also be affected.
88. Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability
BugTraq ID: 30427
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30427
Summary:
Unreal Tournament 2004 is prone to a remote denial-of-service vulnerability because the application fails to handle NULL-pointer exceptions.
An attacker could exploit this issue to crash the affected application, denying service to legitimate users.
This issue affects Unreal Tournament 2004 v3369 and prior versions.
89. HIOX Browser Statistics 'hm' Parameter Multiple Remote File Include Vulnerabilities
BugTraq ID: 30436
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30436
Summary:
HIOX Browser Statistics is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues can allow an attacker to compromise the application and the underlying computer; other attacks are also possible.
HIOX Browser Statistics 2.0 is vulnerable; other versions may also be affected.
90. HIOX Random Ad 'hioxRandomAd.php ' Remote File Include Vulnerability
BugTraq ID: 30435
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30435
Summary:
HIOX Random Ad is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
HIOX Random Ad 1.3 is vulnerable; other versions may also be affected.
91. Unreal Tournament 3 Denial Of Service And Memory Corruption Vulnerabilities
BugTraq ID: 30430
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30430
Summary:
Unreal Tournament 3 is prone to multiple remote vulnerabilities, including a denial-of-service issue and a memory-corruption issue.
An attacker can exploit these issues to execute arbitrary code within the context of the affected application or cause the application to crash.
These issues affect the following versions:
Unreal Tournament 3 1.3beta4
Unreal Tournament 3 1.2 and prior
92. Unica Affinium Campaign Multiple Remote Vulnerabilities
BugTraq ID: 30433
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30433
Summary:
Affinium Campaign is prone to multiple vulnerabilities, including HTML-injection, denial-of-service, and directory-traversal issues.
Attackers can exploit these issues to:
- control how the site is rendered to users
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site
- steal cookie-based authentication credentials
- deny service to legitimate users
- view local files within the context of the webserver process
- overwrite arbitrary files in the context of the affected application
These issues affect Affinium Campaign 7.2.1.0.55; other versions may also be affected.
93. @Mail Multiple Local Information Disclosure Vulnerabilities
BugTraq ID: 30434
Remote: No
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30434
Summary:
@Mail is prone to multiple information-disclosure vulnerabilities because the application fails to properly restrict access to sensitive files.
An unprivileged attacker may exploit these issues to obtain sensitive information.
@Mail 5.41 is vulnerable; other versions may also be affected.
94. InfoMining BookMine SQL Injection and Cross Site Scripting Vulnerabilities
BugTraq ID: 30432
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30432
Summary:
BookMine is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
95. PhpWebGallery Information Disclosure Vulnerability
BugTraq ID: 30431
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30431
Summary:
PhpWebGallery is prone to a remote information-disclosure vulnerability because it fails to properly secure sensitive content.
Exploiting this issue can allow attackers to obtain sensitive data that may aid in further attacks.
Versions prior to PhpWebGallery 1.7.2 are affected.
96. ScrewTurn Software ScrewTurn Wiki 'System Log' Page HTML Injection Vulnerability
BugTraq ID: 30429
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30429
Summary:
ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
The issue affects ScrewTurn Wiki 2.0.29 and 2.0.30; other versions may also be affected.
97. JnSHosts PHP Hosting Directory 'admin.php' Remote File Include Vulnerability
BugTraq ID: 30428
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30428
Summary:
PHP Hosting Directory is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
PHP Hosting Directory 2.0 is vulnerable; other versions may also be affected.
98. HTTrack URI Parsing Remote Buffer Overflow Vulnerability
BugTraq ID: 30425
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30425
Summary:
HTTrack is prone to a remote buffer-overflow vulnerability because it fails to perform sufficient boundary checks when parsing long URIs.
Remote attackers can exploit this issue by enticing victims into crawling a malicious URI designed to exploit this issue.
Successful exploits may allow attackers to execute arbitrary code within the context of an affected application. Failed exploit attempts will likely result in a denial of service.
Versions prior to HTTrack 3.42-3 are vulnerable.
99. Eyeball MessengerSDK 'CoVideoWindow.ocx' ActiveX Control Remote Buffer Overflow Vulnerability
BugTraq ID: 30424
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30424
Summary:
The 'CoVideoWindow.ocx' ActiveX control of Eyeball MessengerSDK is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
This issue affects 'CoVideoWindow.ocx' 5.0.907.1; other versions may also be affected.
100. RealPlayer Unspecified Local Resource Reference Vulnerability
BugTraq ID: 30378
Remote: Yes
Last Updated: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30378
Summary:
RealPlayer is prone to an unspecified vulnerability.
Very little information is available for this vulnerability. The vendor is classifying the issue as a 'local resource reference vulnerability'.
We will update this BID as more information arises.
III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Poisoned DNS servers pop up as ISPs patch
By: Robert Lemos
An online attacker poisons at least one domain-name server at a major Internet service provider to send Google lookups to a pay-per-click ad network.
http://www.securityfocus.com/news/11529
2. E-Gold pleads guilty to money laundering
By: Robert Lemos
In a plea agreement with the U.S. government, the company's founders agree to charges of operating an unlicensed money transfer business, but the business aims to continue.
http://www.securityfocus.com/news/11528
3. Senate amends FISA, allows immunity
By: Robert Lemos
Questions about the Bush Administration's use of wiretapping for much of the past decade will likely remain unanswered, as legislators grant greater international spying powers to U.S. intelligence agencies.
http://www.securityfocus.com/news/11527
4. Alliance forms to fix DNS poisoning flaw
By: Robert Lemos
A group of software and network-hardware makers announce they have banded together to fix a fundamental flaw in the design of the Internet's address system.
http://www.securityfocus.com/news/11526
IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/494900
2. [SJ-JOB] Senior Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/494907
3. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/494908
4. [SJ-JOB] Security Researcher, Waterloo
http://www.securityfocus.com/archive/77/494909
5. [SJ-JOB] Account Manager, Los Angeles
http://www.securityfocus.com/archive/77/494899
6. [SJ-JOB] Management, St. Paul
http://www.securityfocus.com/archive/77/494902
7. [SJ-JOB] Software Engineer, Alpharetta
http://www.securityfocus.com/archive/77/494903
8. [SJ-JOB] Sales Engineer, Alpharetta
http://www.securityfocus.com/archive/77/494904
9. [SJ-JOB] Principal Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/494895
10. [SJ-JOB] Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/494897
11. [SJ-JOB] Account Manager, Atlanta
http://www.securityfocus.com/archive/77/494898
12. [SJ-JOB] Software Engineer, Concord
http://www.securityfocus.com/archive/77/494910
13. [SJ-JOB] Information Assurance Analyst, Palm Bay
http://www.securityfocus.com/archive/77/494892
14. [SJ-JOB] Sales Representative, St. Paul
http://www.securityfocus.com/archive/77/494893
15. [SJ-JOB] Senior Software Engineer, Alpharetta
http://www.securityfocus.com/archive/77/494894
16. [SJ-JOB] Technical Writer, Riyadh
http://www.securityfocus.com/archive/77/494896
17. [SJ-JOB] Sales Engineer, Newark
http://www.securityfocus.com/archive/77/494901
18. [SJ-JOB] Senior Software Engineer, St. Paul
http://www.securityfocus.com/archive/77/494889
19. [SJ-JOB] Software Engineer, Alpharetta
http://www.securityfocus.com/archive/77/494890
20. [SJ-JOB] Information Assurance Analyst, Annapolis Junction
http://www.securityfocus.com/archive/77/494891
21. [SJ-JOB] Information Assurance Engineer, Schaumburg
http://www.securityfocus.com/archive/77/494886
22. [SJ-JOB] Security Engineer, Fremont
http://www.securityfocus.com/archive/77/494887
23. [SJ-JOB] Information Assurance Engineer, Schaumburg
http://www.securityfocus.com/archive/77/494888
24. [SJ-JOB] Manager, Information Security, Abu Dhabi
http://www.securityfocus.com/archive/77/494885
V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
1. Atmail Remote Authentication Bypass, Full DB Compromise
http://www.securityfocus.com/archive/82/494977
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
1. root shell auditing
http://www.securityfocus.com/archive/91/494849
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
XI. SPONSOR INFORMATION
------------------------
This issue is sponsored by Black Hat USA:
Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting.
www.blackhat.com
