SecurityFocus Newsletter #471

SecurityFocus Newsletter #471
----------------------------------------

This issue is sponsored by Sponsored by Ironkey: The World's Most Secure Flash Drive

IronKey flash dives lock down your most sensitive data using today's most advanced security technology.
IronKey uses military-grade AES CBC-mode hardware encryption that cannot be disabled by malware or an intruder and provides rugged and waterproof protection to safeguard your data.
https://www.ironkey.com/forenterprise2

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.SATAN'S Helper
2.Get Off My Cloud
II. BUGTRAQ SUMMARY
1. Acoustica Mixcraft '.mx4' Image File Name Buffer Overflow Vulnerability
2. ClamAV 'chmunpack.c' Invalid Memory Access Denial Of Service Vulnerability
3. Accellion File Transfer Appliance Error Report Message Open Email Relay Vulnerability
4. Free PHP VX Guestbook Cookie Authentication Bypass And Information Disclosure Vulnerabilities
5. phsdev phsBlog 'sid' Parameter SQL Injection Vulnerability
6. Ruby on Rails ':offset' And ':limit' Parameters SQL Injection Vulnerabilities
7. Personal FTP Server 'RETR' Command Remote Denial of Service Vulnerability
8. Kasseler CMS 'index.php' Multiple SQL Injection Vulnerabilities
9. DownlineGoldmine Multiple Products 'tr.php' SQL Injection Vulnerability
10. Linux Kernel s390 ptrace Denial Of Service Vulnerability
11. Horde Turba Contact Manager '/imp/test.php' Cross Site Scripting Vulnerability
12. WordNet Multiple Buffer Overflow Vulnerabilities
13. MPlayer 'sdpplin_parse()' RTSP Integer Overflow Vulnerability
14. Graffiti Forums Topics.PHP SQL Injection Vulnerability
15. Libpng Library Unknown Chunk Handler Vulnerability
16. WordNet Multiple Buffer Overflow Vulnerabilities
17. Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
18. Opera Web Browser 9.51 Multiple Security Vulnerabilities
19. Microsoft Windows Media Player SSPL File Sample Rate Remote Code-Execution Vulnerability
20. Matterdaddy Market Multiple SQL Injection Vulnerabilities
21. Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
22. IPsec-Tools Multiple Remote Denial Of Service Vulnerabilities
23. LibTIFF 'tif_lzw.c' Remote Buffer Underflow Vulnerability
24. Blue Coat K9 Web Protection 'Referer' Header Stack Based Buffer Overflow Vulnerability
25. ClamAV 'petite.c' Invalid Memory Access Denial Of Service Vulnerability
26. ClamAV 0.92.1 Multiple Vulnerabilities
27. ClamAV Multiple Unspecified Memory Corruption Vulnerabilities
28. Mercurial 'patch.py' Directory Traversal Vulnerability
29. Technote 'twindow_notice.php' Remote File Include Vulnerability
30. Symantec Altiris Deployment Solution Tooltip Local Privilege Escalation Vulnerability
31. Symantec Altiris Deployment Solution Domain Credential Unauthorized Access Vulnerability
32. Symantec Altiris Deployment Solution Agent User Interface Local Privilege Escalation Vulnerability
33. Symantec Altiris Deployment Solution 'axengine.exe' SQL Injection Vulnerability
34. Symantec Altiris Deployment Solution Install Directory Local Privilege Escalation Vulnerability
35. Symantec Altiris Deployment Solution Registry Keys Local Unauthorized Access Vulnerability
36. FAAD2 Frontend 'decodeMP4file()' Heap Based Buffer Overflow Vulnerability
37. Cisco 871 Integrated Services Router Cross-Site Request Forgery Vulnerability
38. PHP Crawler 'footer.php' Remote File Include Vulnerability
39. Quick.Cart 'admin.php' Cross Site Scripting Vulnerability
40. Opera Web Browser Unicode Whitespace Cross-Site Scripting Weakness
41. Ultra Office Control 'HttpUpload()' Method Buffer Overflow Vulnerability
42. Aurigma Image Uploader ActiveX Controls 'ExtractIptc/ExtractExif' Buffer Overflow Vulnerabilities
43. Wonderware SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability
44. Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
45. BlazeVideo BlazeDVD Playlist Files Remote Memory Corruption Vulnerability
46. Wireshark 1.0.2 Multiple Vulnerabilities
47. SurgeMail IMAP Service 'APPEND' Command Remote Buffer Overflow Vulnerability
48. GnuTLS Prior to 2.2.5 Multiple Remote Vulnerabilities
49. RealNetworks RealPlayer SWF File Heap Based Buffer Overflow Vulnerability
50. LANDesk Intel QIP Service 'qipsrvr.exe' Buffer Overflow Vulnerability
51. Microsoft Internet Explorer Malfromed PNG File Remote Denial of Service Vulnerability
52. Apache Tomcat WebDav Remote Information Disclosure Vulnerability
53. Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
54. Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
55. Apache Tomcat Host Manager Cross Site Scripting Vulnerability
56. Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
57. Apache Tomcat UTF-8 Directory Traversal Vulnerability
58. Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
59. Cars & Vehicle 'page.php' SQL Injection Vulnerability
60. phpRealty 'view.php' Remote File Include Vulnerability
61. Poppler and Xpdf PDF Rendering Library Embedded Font Remote Code Execution Vulnerability
62. SoftAcid Hotel Reservation System 'city.asp' SQL Injection Vulnerability
63. Sun Java Runtime Environment Multiple Unspecified Same Origin Policy Violation Vulnerabilities
64. Sun Java Runtime Environment XML Data Processing Multiple Vulnerabilities
65. Sun Java Web Start Multiple Vulnerabilities
66. Sun Java Runtime Environment Font Processing Buffer Overflow Vulnerability
67. Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
68. Drupal Link to Us 'Link page header' Field HTML Injection Vulnerability
69. Apple QuickTime/iTunes QuickTime Type Remote Buffer Overflow Vulnerability
70. Quick.Cms.Lite 'admin.php' Cross Site Scripting Vulnerability
71. osCommerce 'create_account.php' Information Disclosure Vulnerability
72. Adobe Illustrator Malformed AI File Remote Code Execution Vulnerability
73. Attachmax Multiple Security Vulnerabilities
74. Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
75. Postfix 'epoll' Linux Event Handler Local Denial of Service Vulnerability
76. R 'javareconf' Insecure Temporary File Creation Vulnerability
77. Apple Mac OS X AppleScript ARDAgent Shell Local Privilege Escalation Vulnerability
78. ComponentOne VSFlexGrid ActiveX Control 'Archive()' Buffer Overflow Vulnerability
79. IBM DB2 Universal Database Prior to 9.1 Fixpak 5 Multiple Vulnerabilities
80. Acresso FLEXnet Connect 'GetRules.asp' Remote Code Execution Vulnerability
81. Beetel 220BX Series DSL Modem Provided by Airtel Multiple Security Vulnerabilities
82. Unreal Engine 'UnChan.cpp' Failed Assertion Remote Denial of Service Vulnerability
83. Microsoft Windows Media Encoder 9 'wmex.dll' ActiveX Control Remote Buffer Overflow Vulnerability
84. iScripts EasyIndex 'detaillist.php' SQL Injection Vulnerability
85. Linux Kernel 'add_to_page_cache_lru()' Local Denial of Service Vulnerability
86. bzip2 Unspecified File Handling Vulnerability
87. Nokia E90 Communicator Remote Denial of Service Vulnerability
88. OSADS Alliance Database 'includes/functions.php' Unspecified Vulnerability
89. Fantastico De Luxe 'fantasticopath' Parameter Local File Include Vulnerability
90. pdnsd 'src/dns_query.c' Remote Denial of Service Vulnerability
91. Sun Management Center Remote Denial of Service Vulnerability
92. Link Bid Script 'upgrade.php' SQL Injection Vulnerability
93. PreProjects Real Estate Website 'search.php' SQL Injection Vulnerability
94. CzarNews 'recook' Cookie SQL Injection Vulnerability
95. LinksCaffePRO 'index.php' SQL Injection Vulnerability
96. phpMyAdmin 'server_databases.php' Remote Command Execution Vulnerability
97. SPAW Editor 'theme.class.php' Unspecified Input Validation Vulnerability
98. Python 'move-faqwiz.sh' Insecure Temporary File Creation Vulnerability
99. IBM WebSphere Application Server 'FileServing' Feature Unspecified Vulnerability
100. Apple Mac OS X 2008-006 Multiple Security Vulnerabilities
III. SECURITYFOCUS NEWS
1. Security of Google's browser gets mixed marks
2. Online intruders hit Red Hat, Fedora Project
3. Researchers race to zero in record time
4. Gov't charges alleged TJX credit-card thieves
IV. SECURITY JOBS LIST SUMMARY
1. [SJ-JOB] Sales Representative, Dallas
2. [SJ-JOB] Channel / Business Development, San Jose
3. [SJ-JOB] Security Consultant, Bracknell
4. [SJ-JOB] Sales Engineer, Phoenix
5. [SJ-JOB] Account Manager, San Jose or San Francisco
6. [SJ-JOB] Compliance Officer, D.C. Metro Area
7. [SJ-JOB] Sales Engineer, Reston
8. [SJ-JOB] Security Auditor, Arlington
9. [SJ-JOB] Application Security Engineer, Arlington
10. [SJ-JOB] Certification & Accreditation Engineer, Rockville
11. [SJ-JOB] Sr. Product Manager, Alpharetta
12. [SJ-JOB] Sales Representative, New York City
13. [SJ-JOB] Management, San Jose
14. [SJ-JOB] Security Consultant, Ottawa
15. [SJ-JOB] Information Assurance Engineer, Herndon
16. [SJ-JOB] Information Assurance Analyst, Calgary
17. [SJ-JOB] Security Engineer, Pompano Beach
18. [SJ-JOB] Security Auditor, Deerfield
19. [SJ-JOB] Account Manager, State of Florida
20. [SJ-JOB] Account Manager, Altlanta Area
21. [SJ-JOB] Sr. Security Engineer, Deerfield
22. [SJ-JOB] Security Consultant, London
23. [SJ-JOB] Security Consultant, Austin
24. [SJ-JOB] Security Consultant, Kansas City
25. [SJ-JOB] Principal Software Engineer, DC
26. [SJ-JOB] Application Security Engineer, Washington
27. [SJ-JOB] Principal Software Engineer, Culver City
28. [SJ-JOB] Security Consultant, Albuquerque
29. [SJ-JOB] Security Consultant, Houston
30. [SJ-JOB] Senior Software Engineer, Culver City
31. [SJ-JOB] Security Consultant, Phoenix
32. [SJ-JOB] Sr. Security Analyst, Franklin
33. [SJ-JOB] Application Security Engineer, Santa Clara
34. [SJ-JOB] Security Consultant, Salt Lake City
35. [SJ-JOB] Security Engineer, Columbia
36. [SJ-JOB] Security Engineer, Ft. Lauderdale
37. [SJ-JOB] Security Engineer, Mountain View
38. [SJ-JOB] Security Consultant, Los Angeles
39. [SJ-JOB] Security Researcher, Dulles
40. [SJ-JOB] Technical Support Engineer, Alexandria
41. [SJ-JOB] Security Architect, Springfield
42. [SJ-JOB] Security Architect, Mountain View
43. [SJ-JOB] Jr. Security Analyst, Mountain View
44. [SJ-JOB] Sales Engineer, Washington
45. [SJ-JOB] Sr. Security Engineer, New York
46. [SJ-JOB] Security Architect, Salisbury
47. [SJ-JOB] Manager, Information Security, Seattle
48. [SJ-JOB] Security Researcher, Atlanta
49. [SJ-JOB] CSO, Whitewater
50. [SJ-JOB] Software Engineer, Myrtle Beach
51. [SJ-JOB] Penetration Engineer, Any City
52. [SJ-JOB] Manager, Information Security, London
53. [SJ-JOB] Forensics Engineer, Any City
54. [SJ-JOB] Forensics Engineer, Any City
55. [SJ-JOB] Manager, Information Security, New York
56. [SJ-JOB] Sr. Security Analyst, Stamford
57. [SJ-JOB] Developer, Calgary
58. [SJ-JOB] Forensics Engineer, Any City
59. [SJ-JOB] Sr. Security Analyst, Washington
60. [SJ-JOB] Security System Administrator, Calgary
61. [SJ-JOB] Manager, Information Security, New York
62. [SJ-JOB] Security Architect, Dallas
63. [SJ-JOB] Security Consultant, Somerville
64. [SJ-JOB] Security Architect, Midlands
V. INCIDENTS LIST SUMMARY
VI. VULN-DEV RESEARCH LIST SUMMARY
VII. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #411
VIII. SUN FOCUS LIST SUMMARY
IX. LINUX FOCUS LIST SUMMARY
X. UNSUBSCRIBE INSTRUCTIONS
XI. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.SATAN's Helper
By Federico Biancuzzi
SecurityFocus contributor Federico Biancuzzi chatted up Venema to talk about software security, how to improve the code quality, what solutions we might have to fight spam successfully, the principle of least privilege, and the philosophy behind the design of Postfix.
Venema is currently a researcher at IBM's T.J. Watson Research Center
http://www.securityfocus.com/columnists/479

2.Get Off My Cloud
By Mark Rasch
One of the features of Apple's device that appeals to me is the new MobileMe service, where you can "access and manage your email, contacts, calendar, photos, and files at me.com," according to Apple.
More companies, among them Microsoft and Google, already allow people to store information and use common services online -- or "in the cloud" -- leading analysts to refer to the entire trend as "cloud computing."
http://www.securityfocus.com/columnists/478

II. BUGTRAQ SUMMARY
--------------------
1. Acoustica Mixcraft '.mx4' Image File Name Buffer Overflow Vulnerability
BugTraq ID: 30879
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30879
Summary:
Acoustica Mixcraft is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue by enticing a victim to load a malicious '.mx4' file. If successful, the attacker can execute arbitrary code in the context of the affected application.

Acoustica Mixcraft 4.2 is vulnerable; other versions may also be affected.

2. ClamAV 'chmunpack.c' Invalid Memory Access Denial Of Service Vulnerability
BugTraq ID: 30994
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30994
Summary:
ClamAV is prone to a denial-of-service vulnerability because of invalid memory access errors when processing malformed CHM files.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

Versions prior to ClamAV 0.94 are vulnerable.

3. Accellion File Transfer Appliance Error Report Message Open Email Relay Vulnerability
BugTraq ID: 31178
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31178
Summary:
Accellion File Transfer Appliance is prone to an open-email-relay vulnerability.

An attacker could exploit this issue by constructing a script that would send unsolicited spam to an unrestricted amount of email addresses from a forged email address.

This issue affects Accellion File Transfer Appliance prior to FTA_7_0_189.

4. Free PHP VX Guestbook Cookie Authentication Bypass And Information Disclosure Vulnerabilities
BugTraq ID: 31174
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31174
Summary:
Free PHP VX Guestbook is prone to an authentication-bypass vulnerability and an information-disclosure vulnerability.

An attacker can exploit the authentication-bypass vulnerability to gain administrative access to the affected application. The attacker can exploit the information-disclosure issue to download the application's database.

Free PHP VX Guestbook 1.6 is vulnerable; other versions may also be affected.

5. phsdev phsBlog 'sid' Parameter SQL Injection Vulnerability
BugTraq ID: 31172
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31172
Summary:
phsBlog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

phsBlog 0.2 is vulnerable; other versions may also be affected.

6. Ruby on Rails ':offset' And ':limit' Parameters SQL Injection Vulnerabilities
BugTraq ID: 31176
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31176
Summary:
Ruby on Rails is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Versions prior to Ruby on Rails 2.1.1 are affected.

7. Personal FTP Server 'RETR' Command Remote Denial of Service Vulnerability
BugTraq ID: 31173
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31173
Summary:
Personal FTP Server is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.

Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users.

Personal FTP Server 6.0f is vulnerable; other versions may also be affected.

8. Kasseler CMS 'index.php' Multiple SQL Injection Vulnerabilities
BugTraq ID: 31170
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31170
Summary:
Kasseler CMS is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Kasseler CMS 1.1.0 and 1.2.0 Lite are affected; other versions may also be vulnerable.

9. DownlineGoldmine Multiple Products 'tr.php' SQL Injection Vulnerability
BugTraq ID: 31169
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31169
Summary:
Multiple DownlineGoldmine products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise an application, access or modify data, or exploit latent vulnerabilities in the underlying database.

The following are vulnerable:

Downline Goldmine Builder
New Addon
New Addon - Downline Builder Pro
Special Category Addon

10. Linux Kernel s390 ptrace Denial Of Service Vulnerability
BugTraq ID: 31177
Remote: No
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31177
Summary:
The Linux kernel is prone to a denial-of-service vulnerability when process traces are performed on 32-bit computers.

Local attackers can leverage the issue to crash the kernel and deny service to legitimate users.

The vulnerability affects versions prior to 2.6.27-rc6 for the s390 architecture.

11. Horde Turba Contact Manager '/imp/test.php' Cross Site Scripting Vulnerability
BugTraq ID: 31168
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31168
Summary:
Turba Contact Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Note that this issue also affects Turba on Horde IMP.

Turba Contact Manager H3 2.2.1 is vulnerable; other versions may also be affected.

12. WordNet Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 29208
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/29208
Summary:
WordNet is prone to multiple buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input.

Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service.

Note that these vulnerabilities occur when WordNet is used as a backend in web applications. The issues can be exploited through a web application that supplies input to WordNet.

The issues affect WordNet 2.0, 2.1, and 3.0; other versions may also be vulnerable.

13. MPlayer 'sdpplin_parse()' RTSP Integer Overflow Vulnerability
BugTraq ID: 28851
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/28851
Summary:
MPlayer is prone to an interger-overflow vulnerability because it fails to perform adequate checks on externally supplied input.

Attackers can leverage this vulnerability to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

14. Graffiti Forums Topics.PHP SQL Injection Vulnerability
BugTraq ID: 18928
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/18928
Summary:
Graffiti Forums is prone to an SQL-injection vulnerability.

This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.

Successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

15. Libpng Library Unknown Chunk Handler Vulnerability
BugTraq ID: 28770
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/28770
Summary:
The 'libpng' library is prone to a vulnerability that causes denial-of-service conditions or may allow code to run. The issue occurs because the software fails to properly handle unexpected chunk data in PNG files.

Successfully exploiting this issue allows remote attackers to trigger denial-of-service conditions or to possibly execute arbitrary machine code in the context of applications that use the library.

The following versions are affected:

libpng 1.0.6 through 1.0.32
libpng 1.2.0 through 1.2.26
libpng 1.4.0beta01 through 1.4.0beta19

16. WordNet Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 30958
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30958
Summary:
WordNet is prone to multiple buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input. Specifically, the issues arise from handling command-line arguments, environment variables, and data read from user-supplied dictionaries.

Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service.

The issues affect WordNet 3.0; other versions may also be vulnerable.

17. Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
BugTraq ID: 30036
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30036
Summary:
Ruby is prone to a remote denial-of-service vulnerability.

Successful exploits may allow remote attackers to cause denial-of-service conditions.

18. Opera Web Browser 9.51 Multiple Security Vulnerabilities
BugTraq ID: 30768
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30768
Summary:
Opera Web Browser is prone to multiple security vulnerabilities.

Successful exploits may allow attackers to:
- cause denial-of-service conditions
- violate the same-origin policy
- carry out phishing and cross-domain attacks
- steal cookie-based authentication credentials
- present insecure websites as secure
- obtain sensitive information
- mislead a user
- carry out other attacks

Versions prior to Opera 9.52 are vulnerable.

NOTE: The cross-site scripting issue originally included in this BID has been moved to BID 31183 (Opera Web Browser Unicode Whitespace Cross-Site Scripting Weakness).

19. Microsoft Windows Media Player SSPL File Sample Rate Remote Code-Execution Vulnerability
BugTraq ID: 30550
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30550
Summary:
Microsoft Windows Media Player is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

NOTE: Supported editions of Windows Server 2008 are not affected if installed using the Server Core installation option.

20. Matterdaddy Market Multiple SQL Injection Vulnerabilities
BugTraq ID: 30809
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30809
Summary:
Matterdaddy Market is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Matterdaddy Market 1.1 is vulnerable; other versions may also be affected.

21. Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
BugTraq ID: 30131
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30131
Summary:
Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries.

Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.

This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable.

22. IPsec-Tools Multiple Remote Denial Of Service Vulnerabilities
BugTraq ID: 30657
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30657
Summary:
IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets.

A successful attack allows a remote attacker to crash the software, denying further service to legitimate users.

Versions prior to IPsec-Tools 0.7.1 are vulnerable.

23. LibTIFF 'tif_lzw.c' Remote Buffer Underflow Vulnerability
BugTraq ID: 30832
Remote: Yes
Last Updated: 2008-09-15
Relevant URL: http://www.securityfocus.com/bid/30832
Summary:
LibTIFF is prone to a remote buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary malicious code in the context of the user running an application that uses the affected library. Failed exploit attempts will likely crash applications using the affected library.

LibTIFF 3.7.2 and 3.8.2 are vulnerable.

24. Blue Coat K9 Web Protection 'Referer' Header Stack Based Buffer Overflow Vulnerability
BugTraq ID: 30463
Remote: Yes
Last Updated: 2008-09-15
Relevant URL: http://www.securityfocus.com/bid/30463
Summary:
Blue Coat K9 Web Protection is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker may exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.3 is affected; other versions may also be affected.

25. ClamAV 'petite.c' Invalid Memory Access Denial Of Service Vulnerability
BugTraq ID: 29750
Remote: Yes
Last Updated: 2008-09-15
Relevant URL: http://www.securityfocus.com/bid/29750
Summary:
ClamAV is prone to a denial-of-service vulnerability caused by an invalid memory access during a 'memcpy()' call.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, remote code execution may also be possible, but this has not been confirmed.

Versions prior to ClamAV 0.93.1 are vulnerable.

26. ClamAV 0.92.1 Multiple Vulnerabilities
BugTraq ID: 28784
Remote: Yes
Last Updated: 2008-09-15
Relevant URL: http://www.securityfocus.com/bid/28784
Summary:
ClamAV is prone to multiple vulnerabilities, including buffer-overflow and denial-of-service issues.

Successful exploits allow remote attackers to cause denial-of-service conditions or potentially to execute arbitrary machine code in the context of applications that use the vulnerable library.

Versions prior to ClamAV 0.93 are vulnerable.

27. ClamAV Multiple Unspecified Memory Corruption Vulnerabilities
BugTraq ID: 31051
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31051
Summary:
ClamAV is prone to multiple unspecified memory-corruption vulnerabilities.

Attackers may be able to exploit these issues to exhaust resources or possibly crash the affected application, denying service to legitimate users. Attackers may also be able to obtain sensitive information and run arbitrary code.

Versions prior to ClamAV 0.94 are vulnerable.

28. Mercurial 'patch.py' Directory Traversal Vulnerability
BugTraq ID: 30072
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30072
Summary:
Mercurial is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied input.

Attackers can exploit this issue to create or overwrite arbitrary files on a computer hosting the affected application.

Mercurial 1.0.1 is vulnerable; other versions may also be affected.

29. Technote 'twindow_notice.php' Remote File Include Vulnerability
BugTraq ID: 31222
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31222
Summary:
Technote is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue can allow an attacker to compromise the application and the underlying computer; other attacks are also possible.

Technote 7 is vulnerable; other versions may also be affected.

30. Symantec Altiris Deployment Solution Tooltip Local Privilege Escalation Vulnerability
BugTraq ID: 29218
Remote: No
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29218
Summary:
Symantec Altiris Deployment Solution is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to gain access to a privileged command prompt. Successfully exploiting this issue will result in the complete compromise of affected computers.

31. Symantec Altiris Deployment Solution Domain Credential Unauthorized Access Vulnerability
BugTraq ID: 29199
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29199
Summary:
Symantec Altiris Deployment Solution is prone to a vulnerability that allows an attacker to gain unauthorized access to the affected application.

The attacker can exploit this issue to gain administrative access to the application. Successfully exploiting this issue will compromise the affected application.

32. Symantec Altiris Deployment Solution Agent User Interface Local Privilege Escalation Vulnerability
BugTraq ID: 29194
Remote: No
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29194
Summary:
Symantec Altiris Deployment Solution is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to gain access to a privileged command prompt. Successfully exploiting this issue will result in the complete compromise of affected computers.

33. Symantec Altiris Deployment Solution 'axengine.exe' SQL Injection Vulnerability
BugTraq ID: 29198
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29198
Summary:
Symantec Altiris Deployment Solution is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will facilitate in the complete compromise of affected computers.

Versions prior to Symantec Altiris Deployment Solution 6.9.176 are vulnerable.

34. Symantec Altiris Deployment Solution Install Directory Local Privilege Escalation Vulnerability
BugTraq ID: 29197
Remote: No
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29197
Summary:
Symantec Altiris Deployment Solution is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to execute arbitrary commands with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.

35. Symantec Altiris Deployment Solution Registry Keys Local Unauthorized Access Vulnerability
BugTraq ID: 29196
Remote: No
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29196
Summary:
Symantec Altiris Deployment Solution is prone to a local unauthorized-access vulnerability.

An attacker with local access to the computer may be able to access certain registry keys. A successful attack may allow the attacker to obtain information or to disrupt service.

36. FAAD2 Frontend 'decodeMP4file()' Heap Based Buffer Overflow Vulnerability
BugTraq ID: 31219
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31219
Summary:
FAAD2 (Freeware Advanced Audio Decoder) is prone to a remote heap-based buffer-overflow vulnerability because the command-line frontend fails to adequately validate input from a buffer returned by the decoder library.

Remote attackers can exploit this issue by enticing victims into opening maliciously crafted files with the application's command-line frontend.

Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service.

FAAD2 2.6 is vulnerable; other versions may also be affected.

37. Cisco 871 Integrated Services Router Cross-Site Request Forgery Vulnerability
BugTraq ID: 31218
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31218
Summary:
The Cisco 871 Integrated Services Router is prone to a cross-site request-forgery vulnerability.

Successful exploits can run arbitrary commands on affected devices. This may lead to further network-based attacks.

The 871 Integrated Services Router under IOS 12.4 is vulnerable; other products and versions may also be affected.

38. PHP Crawler 'footer.php' Remote File Include Vulnerability
BugTraq ID: 31217
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31217
Summary:
PHP Crawler is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue can allow an attacker to compromise the application and the underlying computer; other attacks are also possible.

PHP Crawler 0.8 is vulnerable; other versions may also be affected.

39. Quick.Cart 'admin.php' Cross Site Scripting Vulnerability
BugTraq ID: 31216
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31216
Summary:
Quick.Cart is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Quick.Cart 3.1 is vulnerable; other versions may also be affected.

40. Opera Web Browser Unicode Whitespace Cross-Site Scripting Weakness
BugTraq ID: 31183
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31183
Summary:
Opera Web Browser is prone to a weakness that can facilitate cross-site scripting attacks. The issue occurs as a result of specific Unicode characters being interpreted as white space.

This issue occurs in versions prior to Opera 9.52.

NOTE: This issue was previously discussed in BID 30768 (Opera Web Browser 9.51 Multiple Security Vulnerabilities).

41. Ultra Office Control 'HttpUpload()' Method Buffer Overflow Vulnerability
BugTraq ID: 30861
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30861
Summary:
Ultra Office Control is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

Ultra Office Control 2.0.2008.501 is vulnerable; other versions may also be affected.

42. Aurigma Image Uploader ActiveX Controls 'ExtractIptc/ExtractExif' Buffer Overflow Vulnerabilities
BugTraq ID: 27577
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/27577
Summary:
Aurigma Image Uploader ActiveX controls are prone to multiple buffer-overflow vulnerabilities because they fail to perform adequate boundary checks on user-supplied data.

Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX controls (typically Internet Explorer). Failed exploit attempts will result in denial-of-service conditions.

The issues affect the following versions:

ImageUploader4 4.5.70.0, 4.5.126.0, and 4.6.17.0
ImageUploader5 5.0.10.0

Other versions may also be vulnerable.

43. Wonderware SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability
BugTraq ID: 28974
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/28974
Summary:
Wonderware SuiteLink is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed.

Versions prior to Wonderware SuiteLink 2.0 Patch 01 are vulnerable.

UPDATE: References to Wonderware InTouch 8.0 have been removed; that software is not affected by this vulnerability.

44. Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
BugTraq ID: 26236
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/26236
Summary:
GOM Player is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.

This issue affects GOM Player 2.1.6.3499; other versions may also be vulnerable.

45. BlazeVideo BlazeDVD Playlist Files Remote Memory Corruption Vulnerability
BugTraq ID: 21337
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/21337
Summary:
BlazeDVD is prone to a remote memory-corruption vulnerability because the application fails to handle malformed playlist files.

An attacker can exploit this issue to execute arbitrary code within the context of the application or trigger a denial-of-service condition.

BlazeDVD 5.0 Professional and Standard versions are vulnerable to this issue.

46. Wireshark 1.0.2 Multiple Vulnerabilities
BugTraq ID: 31009
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31009
Summary:
Wireshark is prone to multiple vulnerabilities, including buffer-overflow and denial-of-service issues.

Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

These issues affect Wireshark 0.9.7 up to and including 1.0.2.

47. SurgeMail IMAP Service 'APPEND' Command Remote Buffer Overflow Vulnerability
BugTraq ID: 30000
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30000
Summary:
SurgeMail IMAP Service is affected by a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data before copying it into an insufficiently sized buffer.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attempts will result in a denial-of-service condition.

SurgeMail IMAP Service 3.9e is vulnerable; other versions may also be affected.

48. GnuTLS Prior to 2.2.5 Multiple Remote Vulnerabilities
BugTraq ID: 29292
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29292
Summary:
GnuTLS is prone to multiple remote vulnerabilities, including:

- A buffer-overflow vulnerability
- Multiple denial-of-service vulnerabilities

An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users.

Versions prior to GnuTLS 2.2.5 are vulnerable.

49. RealNetworks RealPlayer SWF File Heap Based Buffer Overflow Vulnerability
BugTraq ID: 30370
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30370
Summary:
RealNetworks RealPlayer is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.

RealPlayer 10.5 Build 6.0.12.1483 is vulnerable; other versions may also be affected.

50. LANDesk Intel QIP Service 'qipsrvr.exe' Buffer Overflow Vulnerability
BugTraq ID: 31193
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31193
Summary:
LANDesk Intel QIP Service is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Successful exploits may allow an attacker to execute arbitrary code with SYSTEM-level privileges. This will result in a complete compromise of vulnerable computers. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects the following:

LANDesk Management Suite 8.8 and earlier
LANDesk Security Suite 8.8 and earlier
LANDesk Server Manager 8.8 and earlier

51. Microsoft Internet Explorer Malfromed PNG File Remote Denial of Service Vulnerability
BugTraq ID: 31215
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31215
Summary:
Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue by enticing an unsuspecting victim to view a web page embedded with a malicious PNG file.

Successfully exploiting this issue will cause the application to stop responding, denying service to legitimate users.

Microsoft Internet Explorer 7 and 8 Beta 1 are vulnerable; other versions may also be affected.

52. Apache Tomcat WebDav Remote Information Disclosure Vulnerability
BugTraq ID: 26070
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/26070
Summary:
Apache Tomcat is prone to a remote information-disclosure vulnerability

Remote attackers can exploit this issue to obtain the contents of sensitive files stored on the server.

53. Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
BugTraq ID: 27706
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/27706
Summary:
Apache Tomcat is prone to an information-disclosure vulnerability because it fails to adequately sanitize user-supplied data.

Attackers can exploit this issue to access potentially sensitive data that may aid in further attacks.

Versions prior to Apache Tomcat 6.0.16 and 5.5.26 are vulnerable.

NOTE: This vulnerability is caused by an incomplete fix for BID 25316 - Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities (CVE-2007-3385).

54. Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
BugTraq ID: 27006
Remote: No
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/27006
Summary:
Apache Tomcat is prone to a vulnerability that can allow third-party web applications to write files to arbitrary locations with the privileges of Tomcat.

This issue stems from an inadequate default security policy.

Attackers can leverage this issue to write or overwrite arbitrary log file data in unauthorized locations.

Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 are vulnerable.

55. Apache Tomcat Host Manager Cross Site Scripting Vulnerability
BugTraq ID: 29502
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29502
Summary:
Apache Tomcat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. The issue affects the Host Manager web application.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

The issue affects the following versions:

Tomcat 5.5.9 to 5.5.26
Tomcat 6.0.0 to 6.0.16

56. Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
BugTraq ID: 30496
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30496
Summary:
Apache Tomcat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

The issue affects the following versions:

Tomcat 4.1.0 to 4.1.37
Tomcat 5.5.0 to 5.5.26
Tomcat 6.0.0 to 6.0.16

57. Apache Tomcat UTF-8 Directory Traversal Vulnerability
BugTraq ID: 30633
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30633
Summary:
Apache Tomcat is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.

Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks.

The following versions are affected:

Apache Tomcat 4.1.0 to 4.1.37
Apache Tomcat 5.5.0 to 5.5.26
Apache Tomcat 6.0.0 to 6.0.17

58. Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
BugTraq ID: 30494
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30494
Summary:
Apache Tomcat is prone to a remote information-disclosure vulnerability.

Remote attackers can exploit this issue to obtain the contents of sensitive files stored on the server. Information obtained may lead to further attacks.

The following versions are affected:

Apache Tomcat 4.1.0 to 4.1.37
Apache Tomcat 5.5.0 to 5.5.26
Apache Tomcat 6.0.0 to 6.0.16

Apache Tomcat 3.x, 4.0.x, and 5.0.x may also be affected.

59. Cars & Vehicle 'page.php' SQL Injection Vulnerability
BugTraq ID: 31214
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31214
Summary:
The Cars & Vehicle script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

60. phpRealty 'view.php' Remote File Include Vulnerability
BugTraq ID: 31213
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31213
Summary:
phpRealty is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue can allow an attacker to compromise the application and the underlying system; other attacks are also possible.

phpRealty 0.3 and prior versions are vulnerable.

61. Poppler and Xpdf PDF Rendering Library Embedded Font Remote Code Execution Vulnerability
BugTraq ID: 28830
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/28830
Summary:
The Poppler and Xpdf PDF rendering library is prone to a remote code-execution vulnerability because the software fails to properly validate user-supplied data.

Successfully exploiting this issue allows attackers to execute arbitrary machine code in the context of applications that use the library. Failed exploit attempts likely result in denial-of-service conditions.

62. SoftAcid Hotel Reservation System 'city.asp' SQL Injection Vulnerability
BugTraq ID: 31211
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31211
Summary:
SoftAcid Hotel Reservation System (HRS) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

63. Sun Java Runtime Environment Multiple Unspecified Same Origin Policy Violation Vulnerabilities
BugTraq ID: 30140
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30140
Summary:
Sun Java Runtime Environment is prone to multiple unspecified vulnerabilities that allow attackers to bypass the same-origin policy. This issue occurs because the application fails to properly enforce the same-origin policy for Java applets.

An attacker may create a malicious applet that is loaded from a remote system to circumvent network access restrictions.

The following are affected:

JDK and JRE 6 Update 6 and earlier
JDK and JRE 5.0 Update 15 and earlier
SDK and JRE 1.4.2_17 and earlier
SDK and JRE 1.3.x_22 and earlier

64. Sun Java Runtime Environment XML Data Processing Multiple Vulnerabilities
BugTraq ID: 30143
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30143
Summary:
Sun Java Runtime Environment is prone to multiple remote vulnerabilities.

An attacker can exploit these issues to obtain sensitive information or crash the affected application, denying service to legitimate users.

These issues affect the following versions on Solaris, Linux, and Windows platforms:

JDK and JRE 6 Update 6 and earlier
JDK and JRE 5.0 Update 15 and earlier

65. Sun Java Web Start Multiple Vulnerabilities
BugTraq ID: 30148
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30148
Summary:
Sun Java Web Start is prone to multiple vulnerabilities, including buffer-overflow, privilege-escalation, and information-disclosure issues.

Successful exploits may allow attackers to execute arbitrary code, obtain information, or read, write, and execute arbitrary local files in the context of the user running a malicious Web Start application. This may result in a compromise of the underlying system.

This issue affects the following versions:

JDK and JRE 6 Update 6 and earlier
JDK and JRE 5.0 Update 15 and earlier
SDK and JRE 1.4.2_17 and earlier

66. Sun Java Runtime Environment Font Processing Buffer Overflow Vulnerability
BugTraq ID: 30147
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/30147
Summary:
Sun Java Runtime Environment is prone to a buffer-overflow vulnerability when running untrusted applications or applets.

Successful exploits may allow attackers to read, write, or execute arbitrary local files in the context of the user running an untrusted application. This may result in a compromise of the underlying system.

This issue affects the following versions on Solaris, Windows, and Linux:

JDK and JRE 5.0 Update 9 and earlier
SDK and JRE 1.4.2_17 and earlier
SDK and JRE 1.3.1_22 and earlier

67. Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
BugTraq ID: 29653
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/29653
Summary:
The Apache 'mod_proxy_http' module is prone to a denial-of-service vulnerability that affects the processing of interim responses.

Attackers may exploit this issue to cause denial-of-service conditions.

Reportedly, the issue affects Apache 2.2.8 and 2.0.63; other versions may also be affected.

68. Drupal Link to Us 'Link page header' Field HTML Injection Vulnerability
BugTraq ID: 31224
Remote: Yes
Last Updated: 2008-09-17
Relevant URL: http://www.securityfocus.com/bid/31224
Summary:
The Link to Us module for Drupal is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

This issue affects versions prior to Link to Us 5.x-1.1.
http://drupal.org/node/207891

69. Apple QuickTime/iTunes QuickTime Type Remote Buffer Overflow Vulnerability
BugTraq ID: 31212
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31212
Summary:
Apple QuickTime is prone to a buffer-overflow vulnerability.

An attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file.

Successfully exploiting this issue allows remote attackers to cause the affected application to crash. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

This issue affects QuickTime 7.5.5 and iTunes 8.0; other versions may also be vulnerable.

70. Quick.Cms.Lite 'admin.php' Cross Site Scripting Vulnerability
BugTraq ID: 31210
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31210
Summary:
Quick.Cms.Lite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Quick.Cms.Lite 2.1 is vulnerable; other versions may also be affected.

71. osCommerce 'create_account.php' Information Disclosure Vulnerability
BugTraq ID: 31209
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31209
Summary:
osCommerce is prone to an information-disclosure vulnerability because it fails to sanitize user-supplied input.

Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

osCommerce 2.2RC 2a is vulnerable; other versions may also be affected.

72. Adobe Illustrator Malformed AI File Remote Code Execution Vulnerability
BugTraq ID: 31208
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31208
Summary:
Adobe Illustrator is prone to a remote code-execution vulnerability.

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious AI file.

Successfully exploiting this issue will allow attackers to execute arbitrary code with the privileges of the user running the affected application.

This issue affects only Adobe Illustrator CS2 for Macintosh.

73. Attachmax Multiple Security Vulnerabilities
BugTraq ID: 31207
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31207
Summary:
Attachmax is prone to multiple security vulnerabilities, including an information-disclosure issue, a remote file-include issue, and an SQL-injection issue.

An attacker may exploit these issues to obtain sensitive information that will aid in further attacks, to include arbitrary remote files containing malicious PHP code, or to manipulate the SQL query logic to carry out unauthorized actions on the underlying database.

These issues affect Attachmax 2.1 (Dolphin); other versions may also be affected.

74. Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
BugTraq ID: 20241
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/20241
Summary:
Portable OpenSSH is prone to a remote code-execution vulnerability. The issue derives from a race condition in a vulnerable signal handler.

Reportedly, under specific conditions, it is theoretically possible to execute code remotely prior to authentication when GSSAPI authentication is enabled. This has not been confirmed; the chance of a successful exploit of this nature is considered minimal.

On non-Portable OpenSSH implementations, this same race condition can be exploited to cause a pre-authentication denial of service.

This issue occurs when OpenSSH and Portable OpenSSH are configured to accept GSSAPI authentication.

75. Postfix 'epoll' Linux Event Handler Local Denial of Service Vulnerability
BugTraq ID: 30977
Remote: No
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30977
Summary:
Postfix is prone to a local denial-of-service vulnerability because of a file-descriptor leak that occurs when it executes non-Postfix commands.

Local attackers can exploit this issue to trigger automatic Postfix shutdowns, denying service to legitimate users.

This issue affects Postfix 2.4 and later for Linux kernel 2.6 platforms.

76. R 'javareconf' Insecure Temporary File Creation Vulnerability
BugTraq ID: 30878
Remote: No
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/30878
Summary:
R creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

R 2.7.2 is vulnerable; other versions may also be affected.

77. Apple Mac OS X AppleScript ARDAgent Shell Local Privilege Escalation Vulnerability
BugTraq ID: 29831
Remote: No
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/29831
Summary:
Mac OS X is prone to a local privilege-escalation vulnerability affecting ARDAgent (Apple Remote Desktop).

Successful exploits allow local attackers to execute arbitrary code with superuser privileges, completely compromising the affected computer.

This issue is confirmed to affect Mac OS X 10.5 versions; earlier versions may also be vulnerable.

78. ComponentOne VSFlexGrid ActiveX Control 'Archive()' Buffer Overflow Vulnerability
BugTraq ID: 31200
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31200
Summary:
ComponentOne VSFlexGrid ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input.

An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

The following components of the control are affected:

vsflex7L.ocx 7.0.1.151
vsflex8.ocx 8.0.20072.239
vsflex8d.ocx 8.0.20072.239
vsflex8l.ocx 8.0.20072.239
vsflex8n.ocx 8.0.20072.239

79. IBM DB2 Universal Database Prior to 9.1 Fixpak 5 Multiple Vulnerabilities
BugTraq ID: 29601
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/29601
Summary:
IBM DB2 Universal Database is prone to multiple vulnerabilities, including buffer-overflow issues, local privilege-escalation issues, and an unspecified issue.

An attacker may exploit these issues to execute arbitrary code, gain elevated privileges, or crash the affected application, denying service to legitimate users.

These vulnerabilities affect versions prior to DB2 9.1 Fixpak 5.

80. Acresso FLEXnet Connect 'GetRules.asp' Remote Code Execution Vulnerability
BugTraq ID: 31204
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31204
Summary:
Acresso FLEXnet Connect is prone to a remote code-execution vulnerability because it fails to adequately verify the authenticity of files obtained from update servers. The product has been formerly available as Macrovision FLEXnet Connect and as InstallShield Update Service.

Attackers can exploit this issue by performing man-in-the-middle attacks to have the client download and execute a malicious file hosted on an attacker-controlled computer. Other attacks may also be possible.

Acresso FLEXnet Connect is vulnerable. Additional products that use the FLEXnet functionality may also be vulnerable.

81. Beetel 220BX Series DSL Modem Provided by Airtel Multiple Security Vulnerabilities
BugTraq ID: 31203
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31203
Summary:
Beetel 220BX series DSL modems are prone to multiple security vulnerabilities, including a security-bypass issue, an information-disclosure issue, and an input-validation issue.

Successful exploits of many of these issues will allow an attacker to completely compromise the affected device.

82. Unreal Engine 'UnChan.cpp' Failed Assertion Remote Denial of Service Vulnerability
BugTraq ID: 31205
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31205
Summary:
Unreal Engine is prone to a remote denial-of-service vulnerability because of an error in memory allocation.

An attacker could exploit this issue to crash applications that use the vulnerable engine and deny service to legitimate users.

The following applications using the engine are vulnerable:

Unreal Tournament 3.1.3
Unreal Tournament 2003
Unreal Tournament 2004
Dead Man's Hand
Pariah
WarPath
Postal 2
Shadow Ops

83. Microsoft Windows Media Encoder 9 'wmex.dll' ActiveX Control Remote Buffer Overflow Vulnerability
BugTraq ID: 31065
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31065
Summary:
The Microsoft Windows Media Encoder 9 ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

84. iScripts EasyIndex 'detaillist.php' SQL Injection Vulnerability
BugTraq ID: 31202
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31202
Summary:
iScripts EasyIndex is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

85. Linux Kernel 'add_to_page_cache_lru()' Local Denial of Service Vulnerability
BugTraq ID: 31201
Remote: No
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31201
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users.

This issue affects versions prior to Linux kernel 2.6.22.2.

86. bzip2 Unspecified File Handling Vulnerability
BugTraq ID: 28286
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/28286
Summary:
The 'bzip2' application is prone to a remote file-handling vulnerability because the application fails to properly handle malformed files.

Successful exploits may allow remote code to run, but this has not been confirmed. Exploit attempts will likely crash the application.

This issue affects bzip2 1.0.4; prior versions may also be affected.

87. Nokia E90 Communicator Remote Denial of Service Vulnerability
BugTraq ID: 31175
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31175
Summary:
Nokia E90 Communicator is prone to a denial-of-service vulnerability because the device fails to handle specially crafted data.

Exploiting this issue allows remote attackers to cause the device to crash, denying service to legitimate users.

This issue affects Nokia E90 Communicator devices running Symbian OS S60 3rd Edition; other versions may also be affected.

88. OSADS Alliance Database 'includes/functions.php' Unspecified Vulnerability
BugTraq ID: 31198
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31198
Summary:
OSADS Alliance Database is prone to an unspecified vulnerability.

Very few details are available regarding this issue. We will update this BID as more information emerges.

This issue affects versions prior to OSADS Alliance Database 2.1.

89. Fantastico De Luxe 'fantasticopath' Parameter Local File Include Vulnerability
BugTraq ID: 31196
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31196
Summary:
Fantastico De Luxe is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.

Versions prior to Fantastico De Luxe 2.10.4 r19 are affected.

90. pdnsd 'src/dns_query.c' Remote Denial of Service Vulnerability
BugTraq ID: 31195
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31195
Summary:
The 'pdnsd' program is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the application, denying service to legitimate users.

This issue affects versions prior to pdnsd 1.2.7-par.

91. Sun Management Center Remote Denial of Service Vulnerability
BugTraq ID: 31194
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31194
Summary:
Sun Management Center is prone to a denial-of-service vulnerability caused by an unspecified error.

An attacker can exploit this issue to cause the affected application to deny service to legitimate users.

This issue affects:

Sun Management Center 3.6.1
Sun Management Center 4.0

92. Link Bid Script 'upgrade.php' SQL Injection Vulnerability
BugTraq ID: 31191
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31191
Summary:
Link Bid Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Link Bid Script 1.5 is vulnerable; other versions may also be affected.

93. PreProjects Real Estate Website 'search.php' SQL Injection Vulnerability
BugTraq ID: 31192
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31192
Summary:
PreProjects Real Estate Website is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

94. CzarNews 'recook' Cookie SQL Injection Vulnerability
BugTraq ID: 31182
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31182
Summary:
CzarNews is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.

CzarNews 1.20 is vulnerable; other versions may also be affected.

95. LinksCaffePRO 'index.php' SQL Injection Vulnerability
BugTraq ID: 31187
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31187
Summary:
LinksCaffePRO is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

LinksCaffePRO 4.5 is vulnerable; other versions may also be affected.

96. phpMyAdmin 'server_databases.php' Remote Command Execution Vulnerability
BugTraq ID: 31188
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31188
Summary:
phpMyAdmin is prone to a vulnerability that attackers can leverage to execute arbitrary commands. This issue occurs because the application fails to adequately sanitize user-supplied input.

Successful attacks can compromise the affected application and possibly the underlying computer.

This issue affects versions prior to phpMyAdmin 2.11.9.1.

97. SPAW Editor 'theme.class.php' Unspecified Input Validation Vulnerability
BugTraq ID: 31185
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31185
Summary:
SPAW Editor is prone to an unspecified input-validation vulnerability.

Very few details are available regarding this issue. We will update this BID as more information emerges.

This issue affects versions prior to SPAW Editor 2.0.8.1.

98. Python 'move-faqwiz.sh' Insecure Temporary File Creation Vulnerability
BugTraq ID: 31184
Remote: No
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31184
Summary:
Python creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Python 2.3.4 is vulnerable; other versions may also be affected.

99. IBM WebSphere Application Server 'FileServing' Feature Unspecified Vulnerability
BugTraq ID: 31186
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31186
Summary:
IBM WebSphere Application Server is prone to an unspecified vulnerability that affects the 'FileServing' feature.

Very little is known about this issue at this time. We will update this BID as more information emerges.

Versions prior to WebSphere Application Server 6.1.0.19 are vulnerable.

100. Apple Mac OS X 2008-006 Multiple Security Vulnerabilities
BugTraq ID: 31189
Remote: Yes
Last Updated: 2008-09-16
Relevant URL: http://www.securityfocus.com/bid/31189
Summary:
Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-006.

The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues.

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Security of Google's browser gets mixed marks
By: Robert Lemos
The search giant uses process isolation, least privilege rules, and sandboxing as the security foundation for its Chrome browser, but security experts say more is needed.
http://www.securityfocus.com/news/11533

2. Online intruders hit Red Hat, Fedora Project
By: Robert Lemos
A leading Linux company and its open-source distribution acknowledge that attackers breached several systems, including one that manages the Fedora signing process.
http://www.securityfocus.com/news/11532

3. Researchers race to zero in record time
By: Robert Lemos
On the first day, three teams of security professional finished the Race to Zero contest, successfully modifying nine well-known viruses and exploits to escape detection by major antivirus engines.
http://www.securityfocus.com/news/11531

4. Gov't charges alleged TJX credit-card thieves
By: Robert Lemos
U.S. prosecutors charge eleven people with taking part in an identity-theft ring that stole millions of credit-card accounts from major retailers, among them TJX Companies.
http://www.securityfocus.com/news/11530

IV. SECURITY JOBS LIST SUMMARY
-------------------------------
1. [SJ-JOB] Sales Representative, Dallas
http://www.securityfocus.com/archive/77/496464

2. [SJ-JOB] Channel / Business Development, San Jose
http://www.securityfocus.com/archive/77/496465

3. [SJ-JOB] Security Consultant, Bracknell
http://www.securityfocus.com/archive/77/496469

4. [SJ-JOB] Sales Engineer, Phoenix
http://www.securityfocus.com/archive/77/496463

5. [SJ-JOB] Account Manager, San Jose or San Francisco
http://www.securityfocus.com/archive/77/496466

6. [SJ-JOB] Compliance Officer, D.C. Metro Area
http://www.securityfocus.com/archive/77/496468

7. [SJ-JOB] Sales Engineer, Reston
http://www.securityfocus.com/archive/77/496451

8. [SJ-JOB] Security Auditor, Arlington
http://www.securityfocus.com/archive/77/496454

9. [SJ-JOB] Application Security Engineer, Arlington
http://www.securityfocus.com/archive/77/496456

10. [SJ-JOB] Certification & Accreditation Engineer, Rockville
http://www.securityfocus.com/archive/77/496458

11. [SJ-JOB] Sr. Product Manager, Alpharetta
http://www.securityfocus.com/archive/77/496459

12. [SJ-JOB] Sales Representative, New York City
http://www.securityfocus.com/archive/77/496467

13. [SJ-JOB] Management, San Jose
http://www.securityfocus.com/archive/77/496439

14. [SJ-JOB] Security Consultant, Ottawa
http://www.securityfocus.com/archive/77/496442

15. [SJ-JOB] Information Assurance Engineer, Herndon
http://www.securityfocus.com/archive/77/496452

16. [SJ-JOB] Information Assurance Analyst, Calgary
http://www.securityfocus.com/archive/77/496461

17. [SJ-JOB] Security Engineer, Pompano Beach
http://www.securityfocus.com/archive/77/496462

18. [SJ-JOB] Security Auditor, Deerfield
http://www.securityfocus.com/archive/77/496449

19. [SJ-JOB] Account Manager, State of Florida
http://www.securityfocus.com/archive/77/496450

20. [SJ-JOB] Account Manager, Altlanta Area
http://www.securityfocus.com/archive/77/496457

21. [SJ-JOB] Sr. Security Engineer, Deerfield
http://www.securityfocus.com/archive/77/496460

22. [SJ-JOB] Security Consultant, London
http://www.securityfocus.com/archive/77/496438

23. [SJ-JOB] Security Consultant, Austin
http://www.securityfocus.com/archive/77/496443

24. [SJ-JOB] Security Consultant, Kansas City
http://www.securityfocus.com/archive/77/496445

25. [SJ-JOB] Principal Software Engineer, DC
http://www.securityfocus.com/archive/77/496453

26. [SJ-JOB] Application Security Engineer, Washington
http://www.securityfocus.com/archive/77/496455

27. [SJ-JOB] Principal Software Engineer, Culver City
http://www.securityfocus.com/archive/77/496433

28. [SJ-JOB] Security Consultant, Albuquerque
http://www.securityfocus.com/archive/77/496437

29. [SJ-JOB] Security Consultant, Houston
http://www.securityfocus.com/archive/77/496444

30. [SJ-JOB] Senior Software Engineer, Culver City
http://www.securityfocus.com/archive/77/496446

31. [SJ-JOB] Security Consultant, Phoenix
http://www.securityfocus.com/archive/77/496424

32. [SJ-JOB] Sr. Security Analyst, Franklin
http://www.securityfocus.com/archive/77/496428

33. [SJ-JOB] Application Security Engineer, Santa Clara
http://www.securityfocus.com/archive/77/496431

34. [SJ-JOB] Security Consultant, Salt Lake City
http://www.securityfocus.com/archive/77/496440

35. [SJ-JOB] Security Engineer, Columbia
http://www.securityfocus.com/archive/77/496441

36. [SJ-JOB] Security Engineer, Ft. Lauderdale
http://www.securityfocus.com/archive/77/496415

37. [SJ-JOB] Security Engineer, Mountain View
http://www.securityfocus.com/archive/77/496423

38. [SJ-JOB] Security Consultant, Los Angeles
http://www.securityfocus.com/archive/77/496425

39. [SJ-JOB] Security Researcher, Dulles
http://www.securityfocus.com/archive/77/496429

40. [SJ-JOB] Technical Support Engineer, Alexandria
http://www.securityfocus.com/archive/77/496430

41. [SJ-JOB] Security Architect, Springfield
http://www.securityfocus.com/archive/77/496407

42. [SJ-JOB] Security Architect, Mountain View
http://www.securityfocus.com/archive/77/496408

43. [SJ-JOB] Jr. Security Analyst, Mountain View
http://www.securityfocus.com/archive/77/496410

44. [SJ-JOB] Sales Engineer, Washington
http://www.securityfocus.com/archive/77/496421

45. [SJ-JOB] Sr. Security Engineer, New York
http://www.securityfocus.com/archive/77/496422

46. [SJ-JOB] Security Architect, Salisbury
http://www.securityfocus.com/archive/77/496409

47. [SJ-JOB] Manager, Information Security, Seattle
http://www.securityfocus.com/archive/77/496252

48. [SJ-JOB] Security Researcher, Atlanta
http://www.securityfocus.com/archive/77/496253

49. [SJ-JOB] CSO, Whitewater
http://www.securityfocus.com/archive/77/496254

50. [SJ-JOB] Software Engineer, Myrtle Beach
http://www.securityfocus.com/archive/77/496255

51. [SJ-JOB] Penetration Engineer, Any City
http://www.securityfocus.com/archive/77/496245

52. [SJ-JOB] Manager, Information Security, London
http://www.securityfocus.com/archive/77/496251

53. [SJ-JOB] Forensics Engineer, Any City
http://www.securityfocus.com/archive/77/496246

54. [SJ-JOB] Forensics Engineer, Any City
http://www.securityfocus.com/archive/77/496247

55. [SJ-JOB] Manager, Information Security, New York
http://www.securityfocus.com/archive/77/496248

56. [SJ-JOB] Sr. Security Analyst, Stamford
http://www.securityfocus.com/archive/77/496250

57. [SJ-JOB] Developer, Calgary
http://www.securityfocus.com/archive/77/496242

58. [SJ-JOB] Forensics Engineer, Any City
http://www.securityfocus.com/archive/77/496244

59. [SJ-JOB] Sr. Security Analyst, Washington
http://www.securityfocus.com/archive/77/496229

60. [SJ-JOB] Security System Administrator, Calgary
http://www.securityfocus.com/archive/77/496230

61. [SJ-JOB] Manager, Information Security, New York
http://www.securityfocus.com/archive/77/496239

62. [SJ-JOB] Security Architect, Dallas
http://www.securityfocus.com/archive/77/496240

63. [SJ-JOB] Security Consultant, Somerville
http://www.securityfocus.com/archive/77/496241

64. [SJ-JOB] Security Architect, Midlands
http://www.securityfocus.com/archive/77/496243

V. INCIDENTS LIST SUMMARY
---------------------------
VI. VULN-DEV RESEARCH LIST SUMMARY
-----------------------------------
VII. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #411
http://www.securityfocus.com/archive/88/496270

VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

XI. SPONSOR INFORMATION
------------------------
This issue is sponsored by Sponsored by Ironkey: The World's Most Secure Flash Drive

IronKey flash dives lock down your most sensitive data using today's most advanced security technology.
IronKey uses military-grade AES CBC-mode hardware encryption that cannot be disabled by malware or an intruder and provides rugged and waterproof protection to safeguard your data.
https://www.ironkey.com/forenterprise2