Home    News Archive    Translate Traducen
News January 20004
29 february 2004

New in Archive
AntiLamer Backdoor 1.4 (b)

Basic DT client

Process Ressurection 1.0

AimRat 1.0 (d) server

Jodeitor 1.1 (e) server

Vulnerabilities & Exploits
www.idefense.com:
WinZip MIME Parsing Buffer Overflow Vulnerability. Read more

sh0dan.org:
Dell OpenManage Web Server 3.4.0 and others assumed vulnerable. Read more

www.securitytracker.com:
Oracle Application Server Lets Remote Users Request Alternate DADs to Bypass Authentication. Read more

www.securitytracker.com:
Linux Kernel strncpy() May Leak Kernel Memory to Local Processes. Read more

www.securitytracker.com:
Oracle Application Server OWA_UTIL Stored Procedures May Disclose Sensitive Information to Remote Users. Read more

www.securitytracker.com:
Oracle Application Server Discloses XML Configuration Files to Remote Users. Read more

www.securitytracker.com:
WFTPD LIST, NLST, and STAT Command Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
WFTPD Memory Allocation Flaw Lets Remote Authenticated Users Deny Service. Read more

www.securitytracker.com:
Invision Power Board Input Validation Flaw in 'search.php' Permits SQL Injection. Read more

www.securitytracker.com:
phpBB Input Validation Flaw in 'viewtopic.php' 'postorder' Variable Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
602Pro LAN SUITE Discloses Directory Listings and Installation Path to Remote Users. Read more

www.securitytracker.com:
Xsok Buffer Overflow in '-xsokdir' Parameter Lets Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Mac OS X Safari Has an Unspecified Security Flaw. Read more

www.securitytracker.com:
Mac OS X TruBlueEnvironment Buffer Overflow Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Mac OS X SystemConfiguration Flaws Let Remote Authenticated Users Change Configuration Settings. Read more

www.securitytracker.com:
Apple Mail Client Has Unspecified Vulnerabilities. Read more

www.securitytracker.com:
iG Shop Input Validation Flaw in 'type_id' Permits SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Sun Solaris '/usr/lib/print/conv_fix' Unsafe fopen() Call May Let Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Sun Solaris passwd(1) May Let Local Users Obtain Root Privileges. Read more

www.securitytracker.com:
Symantec Gateway Security Input Validation Flaw Permits Remote Cross-Site Scripting and Administrative Session Hijacking. Read more

www.securitytracker.com:
Serv-U FTP Server Buffer Overflow in MDTM Command Yields SYSTEM Privileges to Remote Authenticated Users. Read more

News:
msnbc.msn.com:
CIA slipped bugs to Soviets. Read more

www.oreillynet.com:
Words "Hack" and "Hacking" are Blacklisted from Yahoo Group Descriptions. Read more

story.news.yahoo.com:
On guard against hackers. Read more

28 february 2004

New in Archive
ProRat 1.4

Cab of Filth 1.2b

Drater 1.0

Dingdang

Backdoor.Winker.h

Guides, Papers, etc.
developers.of.pl:
Man-In-The-Middle Attack Using Bluetooth In A WLAN Interworking Environnment. (zip) Download

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft Internet Explorer (IE) May Leak Keystrokes Across Frames. Read more

www.securitytracker.com:
Jabber Gadu-Gadu Transport May Let Remote Users Deny Service. Read more

www.securitytracker.com:
XBoing Environment Variable Buffer Overflows Let Local Users Obtain 'games' Group Privileges. Read more

www.securitytracker.com:
Calife Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
FreeBSD jail_attach(2) Error Lets Jailed Processes Change to a Different Jail. Read more

News:
www.internetnews.com:
IE Frame Exploit Grabs Keystrokes. Read more

www.sundaytimes.co.za:
The war of the worms and managed hosting services. Read more

www.sundaytimes.co.za:
Sophos joins Microsoft Virus Information Alliance. Read more

www.crime-research.org:
Cyber terrorism - terrorism of future. Read more

www.theregister.co.uk:
Softbank rocked by giant data leak. Read more

27 february 2004

New in Archive
Nuclear RAT 1.0 Beta 5.0

Herman Agent 1.0

Nethief 5.4

Elfnet client

HTTP RAT 0.1 (b) server

Vulnerabilities & Exploits
www.cnhonker.com:
Serv-U MDTM Command Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
Libxml2 URL Parsing Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Trillian Integer Overflow and Stack Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Bochs Buffer Overflow in HOME Environment Variable May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
PerfectNav Malformed URL Bug Lets Remote Users Crash the Browser. Read more

www.securitytracker.com:
Mtools 'mformat' Utility Lets Local Users Create Arbitrary Root-Owned Files. Read more

www.securitytracker.com:
Alcatel OmniSwitch 7000 Can Be Crashed By Remote Users Conducting Nessus Scans. Read more

www.securitytracker.com:
Mozilla Event Handler Document Transition Flaw Permits Cross-Site Scripting Attacks. Rread more

www.securiteam.com:
Ipswitch IMail LDAP Remote Exploit (Improved). Read more

www.securiteam.com:
PSOProxy Remote Buffer Overflow Exploit. Read more

www.debian.org:
DSA-450-1 linux-kernel-2.4.19-mips -- several vulnerabilities. Read more

News:
www.vnunet.com:
Security vendor mass-mails worm to clients. Read more

www.detnews.com:
In naming computer viruses, speed and confusion rule. Read more

www.publictechnology.net:
Netsky.b virus attack causes havoc for the Housing Corporation. Read more

www.lacrossetribune.com:
Experts Warn of New Ferocious Mydoom Worm. Read more

www.theregister.co.uk:
International Net paedos busted. Read more

zdnet.com.com:
Hole opens way to free MSN Premium. Read more

news.bbc.co.uk:
Hackers exploit Windows patches. Read more

infoworld.com:
Businesses are under attack, says MS security head. Read more

26 february 2004

New in Archive
Flux (j)

System33r Tiny Webdownloader 0.1 (DLL Injection Edition)

Mini-web 2.0

MServ (a)

Backdoor.Delf.dm

Vulnerabilities & Exploits
www.securitytracker.com:
@Mail Input Validation Holes Permit Cross-Site Scripting Attacks and POP3 Service Can Be Denied. Read more

www.securitytracker.com:
Haegemonia Game Packet Length Index Overflow Lets Remote Users Deny Service. Read more

www.securitytracker.com:
TYPSoft FTP Server Lets Remote Authenticated Users Deny Service With Malformed Parameters. Read more

www.securitytracker.com:
Apple Safari Browser Has an Unspecified Flaw in URL Status Bar Display. Read more

www.securiteam.com:
LBreakout2 (Long HOME Environment Variable). Read more

www.securiteam.com:
3Com DSL Router Administrative Interface Long Request DoS. Read more

News:
infoworld.com:
Bizex worm attacks ICQ. Read more

www.arnnet.com.au:
"Bizex" Worm Attacks ICQ Users. Read more

25 february 2004

New in Archive
Clandestine RAT

Mist Trojan 1.0

Hook downloader 2.0

Rewind 1.4

Slandor

Vulnerabilities & Exploits
www.securitytracker.com:
FlexWATCH Video Server Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Giga-Byte Technology Router Authentication Flaw Lets Remote Users Access the Device. Read more

www.securitytracker.com:
Opt-X Include File Hole Lets Remote Users Execute Arbitrary Code on the Target System. Read more

www.securitytracker.com:
Apple Darwin Streaming Server DESCRIBE Buffer Overflow Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Avirt Voice Has a Remote Buffer Overflow. Read more

www.securitytracker.com:
Avirt SOHO Contains Remote Buffer Overflow Vulnerabilities. Read more

www.securitytracker.com:
Mac OS X DiskArbitration Has Unspecified Removable Media Initialization Flaw. Read more

www.securitytracker.com:
Mac OS X CoreFoundation Has Unspecified Notification Logging Flaw. Read more

www.securitytracker.com:
Mac OS X pppd Format String Error Discloses Memory to Local Users. Read more

www.securitytracker.com:
Apache for Cygwin '..%5C' Input Validation Flaw Discloses Files to Remote Users. Read more

www.securitytracker.com:
Microsoft Windows Explorer Heap Overflow in Processing '.emf' Files Permits Code Execution. Read more

www.securitytracker.com:
Confirm Input Validation Bug Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Platform LSF 'eauth' Undocumented Variable Lets Users Execute Commands With Arbitrary Privileges. Read more

www.securitytracker.com:
Platform LSF 'eauth' Buffer Overflow Lets Local and Remote Cluster Users Gain Root Privileges. Read more

www.debian.org:
DSA-449-1 metamail -- buffer overflow, format string bugs. Read more

www.debian.org:
DSA-448-1 pwlib -- several vulnerabilities. Read more

www.debian.org:
DSA-447-1 hsftp -- format string. Read more

News:
www.chron.com:
Worm steals passwords, banking data. Read more

slashdot.org:
Microsoft Beta Includes Built-in Virus Scanner. Read more

www.securityfocus.com:
Gates 'optimistic' on security. Read more

star-techcentral.com:
A harder, more secure Windows? Read more

star-techcentral.com:
Microsoft confident bounties will nab virus writers. Read more

news.com.com:
Much ado about patching. Read more

24 february 2004

New in Archive
LANfiltrator 1.5

DTr 1.7

Zer0 Tolerance 1.4

Feri (c)

Pointex (a)

Vulnerabilities & Exploits
www.securitytracker.com:
phpNewsManager Directory Traversal Hole Discloses Files to Remote Users. Read more

www.securitytracker.com:
nCipher Hardware Security Module (HSM) Firmware May Disclose Keys to Users. Read more

www.securitytracker.com:
Proofpoint Protection Server Grants Remote Users Access to the Underlying Database. Read more

www.securitytracker.com:
Dell TrueMobile Help Application Yields SYSTEM Privileges to Local Users. Read more

www.securitytracker.com:
GateKeeper Proxy Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
hsftp Format String Bug Lets Remote Servers Execute Arbitrary Code on a Connected Client. Read more

www.securitytracker.com:
Jigsaw Input Validation Flaw in Parsing URLs May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
SCO UnixWare Merge Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Oracle Application Server Default Configuration Lets Remote Users Access Sensitive Services. Read more

www.securitytracker.com:
Linuxconf USER_AGENT Potential Buffer Overflow May Permit Remote Code Execution. Read more

www.securitytracker.com:
Zope Contains Multiple Security Assertion and Input Validation Flaws. Read more

www.securiteam.com:
GateKeeper Pro Buffer Overflow (Long URL). Read more

www.securiteam.com:
AOL Instant Messenger/Microsoft Internet Explorer Remote Code Execution. Read more

News:
www.theregister.co.uk:
Click on this, you muthas. Read more

www.computerworld.com:
Browser Hole Discovered After Code Leak. Read more

www.stuff.co.nz:
Company gets $400,000 to develop trap for computer worms. Read more

www.pcworld.com:
Security Experts Gather. Read more

sport.guardian.co.uk:
Web bookies held to ransom. Read more

news.com.com:
Microsoft teams with RSA on password protection. Read more

23 february 2004

New in Archive
U-Boot 2a Beta 0.8

Hue

Surdux

Iroffer 1.2b28

Iroffer 1.2b24

Vulnerabilities & Exploits
www.securitytracker.com:
Synaesthesia Creates a Root Owned But Writable Configuration File That Lets Local Users Obtain Root Access. Read more

www.securitytracker.com:
LBreakout2 Buffer Overflow in HOME Environment May Let Local Users Obtain 'Games' Group Privileges. Read more

www.securiteam.com:
Ipswitch IMail LDAP Remote Exploit. Read more

www.securiteam.com:
ZoneLabs SMTP Processing Buffer Overflow (RCPT TO). Read more

www.debian.org:
DSA-446-1 synaesthesia -- insecure file creation. Read more

www.debian.org:
DSA-445-1 lbreakout2 -- buffer overflow. Read more

www.thc.org:
Practical SEH exploitation. (pdf) Read more

www.xfocus.org:
The Analysis of RPC Long Filename Heap Overflow AND a Way to Write Universal Heap Overflow of Windows. Read more

News:
www.theregister.co.uk:
Trojans as spam robots: the evidence. Read more

www.theregister.co.uk:
Q: What's the AV industry's definition of happy? Read more

22 february 2004

New in Archive
ControlTotal 0.13.0

Helios 3.1

RDR

Backdoor.VB.ef

ShutAll

Vulnerabilities & Exploits
Warning! Fake PayPal site

www.debian.org:
DSA-444-1 linux-kernel-2.4.17-ia64 -- missing function return value check. Read more

www.debian.org:
DSA-443-1 xfree86 -- several vulnerabilities. Read more

www.debian.org:
DSA-442-1 linux-kernel-2.4.17-s390 -- several vulnerabilities. Read more

dragos.com:
Pepsi Bottlecap Liner Labeling Information Leak Vulnerability. Read more

News:
www.heise.de:
Uncovered: Trojans as Spam Robots. Read more

www.guardian.co.uk:
The enemy within. Read more

www.guardian.co.uk:
The enemy within (part 2). Read more

www.gnutellanews.com:
RIAA becomes target of new virus...Read more

21 february 2004

New in Archive
Beast 2.06

Delerium Of Disorder

NeoControlRed 1.0.0

Raw 1.0 client

Backdoor.VB.dz

Vulnerabilities & Exploits
www.securitytracker.com:
PSOProxy Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
7FX Team Factor Integer Overflow Lets Remote Users Crash the Game Server. Read more

www.securitytracker.com:
XFree86 GLX and DRI Screen Number Overflows Let Remote Users Crash the X Server. Read more

www.securitytracker.com:
PunkBuster Input Validation Flaw Lets Remote Users Inject SQL Commands. Read more

www.securiteam.com:
APC 9606 SmartSlot Web/SNMP Management Card Backdoor. Read more

News:
www.pcworld.com:
MyDoom: The Trend of Worms to Come? Read more

www.techweb.com:
ZoneAlarm Flaw Opens Firewalls To E-mail Attack. Read more

story.news.yahoo.com:
Hackers Could Access Nokia Phones. Read more

20 february 2004

New in Archive
RAIM 1.0

Cab of Filth 1.2a

DataRape 1.3 (a) server

Schedan

Backdoor.VB.d

Vulnerabilities & Exploits
www.securityfocus.com:
Microsoft Outlook Express Arbitrary Program Execution Vulnerability. Read more

www.securitytracker.com:
ZoneAlarm SMTP Buffer Overflow Lets Local and Remote Users Execute Arbitrary Code With SYSTEM Privileges. Read more

www.securitytracker.com:
Oracle9i Application Server XML SOAP Processing Flaw Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Oracle9i Database Server XML SOAP Processing Flaw Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Oracle Database Server Lets Remote Authenticated Users Hijack User Sessions. Read more

www.securitytracker.com:
Oracle Lite Mobile Server Lets Remote Authenticated Users Access the Oracle Database Server. Read more

www.securitytracker.com:
LiveJournal Input Validation Hole in Background Image URL Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Cisco ONS Devices Grant Remote Users Access Via TFTP and Can Also Be Reset. Read more

www.securitytracker.com:
CesarFTP Long RETR Parameter Lets Remote Authenticated Users Deny Service. Read more

www.securitytracker.com:
KAME Racoon Hash Validation Flaw Lets Remote Users Delete Security Associations. Read more

www.securitytracker.com:
Orville Write Buffer Overflows May Let Local Users Gain Elevated Privileges. Read more

www.securiteam.com:
Format String Vulnerability in DreamFTP (Exploit). Read more

www.securiteam.com:
Linux Kernel do_mremap VMA Limit Local Privilege Escalation PoC. Read more News:
www.theregister.co.uk:
Netsky B is very pesky. Read more

www.theregister.co.uk:
Sex, drugs and cans of spam. Read more

www.winnetmag.com:
Windows Security Update CD Now Available. Read more

19 february 2004

New in Archive
A-311 1.20

Remote Computer Control Center 1.45 (c)

SpySender server (unknown version)

Winker (k)

Backdoor.Delf.gd

Vulnerabilities & Exploits
www.michaelevanchik.com:
Aol Instant Messenger/Microsoft Internet Explorer remote code execution. Read more

www.securitytracker.com:
Windows XP Kernel NtSystemDebugControl() Flaws Let Local Users With SeDebugPrivilege Execute Arbitrary Code in Kernel Mode. Read more

www.securitytracker.com:
Smallftpd Can Be Crashed By Remote Authenticated Users. Read more

www.securitytracker.com:
Webstores 2000 Has More Input Validation Flaws in 'browser_item_details.asp' That Let Remote Users Inject SQL Commands and Execute OS Commands. Read more

www.securitytracker.com:
SandSurfer Authentication Flaw Lets Remote Users Hijack User Sessions. Read more

www.securitytracker.com:
Metamail Format String Flaws and Buffer Overflows Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
slocate '-r' Buffer Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Linux Kernel Vicam USB Driver May Cross Security Boundaries and Access Userspace Data. Read more

www.securitytracker.com:
Linux Kernel do_mremap() Fails to Check do_munmap() Return Values, Allowing a Local User to Gain Root Privileges. Read more

www.securitytracker.com:
Linux Kernel ncpfs Stack Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Owl's Workshop for Language Study (OWLS) Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
Online Store Kit Input Validation Flaws in Several Scripts Permits SQL Injection. Read more

www.securitytracker.com:
Ipswitch IMail LDAP Daemon Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
APC SmartSlot Card Backdoor Password Lets Remote Users Obtain Usernames and Passwords. Read more

www.securitytracker.com:
Vizer Web Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Sami HTTP Server Buffer Overflow Lets Remote Users Crash the Web Server. Read more

www.debian.org:
DSA-441-1 linux-kernel-2.4.17-mips+mipsel -- missing function return value check. Read more

www.debian.org:
DSA-440-1 linux-kernel-2.4.17-powerpc-apus -- several vulnerabilities. Read more

www.debian.org:
DSA-439-1 linux-kernel-2.4.16-arm -- several vulnerabilities. Read more

www.debian.org:
DSA-438-1 linux-kernel-2.4.18-alpha+i386+powerpc -- missing function return value check. Read more

News
www.theregister.co.uk:
Microsoft's Shared-Source defeats Trustworthy Computing. Read more

www.usatoday.com:
New Netsky.B worm spreading on Internet. Read more

www.internetweek.com:
New Worm Spreads Via E-mail, Shared Folders. Read more

www.channelnewsasia.com:
Bagle.B Internet worm third most virulent in history: experts. Read more

www.pcpro.co.uk:
Windows source leak leads to bitmap danger. Read more

www.math.org.il:
Alleged Trojan horse in Israeli Anti-Ballistic Missile System. Read more

18 february 2004

New in Archive
Initiation FWB/LAN 1.0 beta3

ControlTotal 0.12.0 server 2

NeoNet

Backdoor.Delf.gf

Backdoor.VB.il

Vulnerabilities & Exploits
www.securitytracker.com:
ShopCartCGI Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
Serv-U FTP Server Can Be Crashed By Remote Authenticated Users With a Malformed SITE CHMOD Command. Read more

www.securitytracker.com:
ProductCart 'advSearch_h.asp' Input Validation Flaw Lets Remote Users Inject SQL to Execute Arbitrary Commands on the System. Read more

www.securitytracker.com:
Online Store Kit 'more.php' Input Validation Flaw Permits SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
YaBB SE 'post.php' Input Validation Flaw Permits SQL Injection. Read more

www.securitytracker.com:
RobotFTP Server 'user' Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Symantec AntiVirus Scan Engine for Red Hat Linux Has Temporary File Flaws That May Yield Root Privileges to Local Users. Read more

www.securitytracker.com:
Xlight FTP Server RETR Command Flaw Lets Remote Authenticated Users Crash the FTP Service. Read more

www.securitytracker.com:
eTrust Antivirus Can By Bypassed By Remote Users Sending Password-Protected Zip File Contents. Read more

www.securitytracker.com:
Purge Jihad Broadcast Response Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

News
www.winnetmag.com:
Leaked Code Leads to Vulnerability Discovery in IE 5.x. Read more

www.eweek.com:
Microsoft to Hackers: Drop That Code! Read more

news.com.com:
Source code opens window to old IE flaw. Read more

www.esj.com:
Top Three Security Problems Remain Despite Increased Spending. Read more

17 february 2004

New in Archive
Caznova 1.0 beta

Cab of Filth 1.2

Backdoor.VB.nb

PiaoYes 7.0

Backdoor.Delf.hk

Vulnerabilities & Exploits
www.securitytracker.com:
Symantec Firewall/VPN Appliance Displays Password When Edited. Read more

www.securitytracker.com:
mnoGoSearch Buffer Overflow in Processing Large Documents Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Internet Explorer Integer Overflow in Processing Bitmap Files Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
XFree86 Font File Information Buffer Overflow Exploit. Read more

www.securiteam.com:
Microsoft ASN.1 Library Buffer Overflow Exploit. Read more

www.securiteam.com:
Rsync Buffer Overflow (RSYNC_PROXY Environment Variable) Exploit. Read more

News
www.securityfocus.com:
Exploit based on leaked Windows code released. Read more

www.overclockersclub.com:
"News: First exploit based around Windows code leak". Read more

www.theregister.co.uk:
Flaw on Tuesday, exploit by Monday. Read more

www.thewbalchannel.com:
Investigators Look For Computer Virus Writers. Read more

www.sundaytimes.co.za:
Good' worm Nachi variant warning issued by CA. Read more

www.ctv.ca:
Hackers targeted ahead of Athens Olympics. Read more

www.channelnewsasia.com:
Hackers get hold of Microsoft's crown jewels. Read more

16 february 2004

New in Archive
Kamel Control 1.5

Hawk 1.2

Cab of Filth 1.1

Trojan Maniac 1.4

GirlFriend 1.1 beta

System33r Downloader 0.7.2

Backdoor.VB.bx

News
www.securityfocus.com:
Rebooting on Mars. Read more

www.smh.com.au:
Scam uses fear of cops to plant trojan on users' PCs. Read more

news.netcraft.com:
Windows Leak: Security Problems of Open Source, Without the Benefits. Read more

www.newsfactor.com:
The Big Leak: Windows Source Code on Net. Read more

www.internetweek.com:
Windows Source Code Security Breach Troubles Experts. Read more

www.adn.com:
Microsoft 'monoculture' threatens computer security, expert says. Read more

15 february 2004

New in Archive
Snow 3.5

Baron Night 1.0 server added to client

HostControl 3.0 server

Veritas 1.0 v2

Dumador (q)

Vulnerabilities & Exploits
www.securitytracker.com:
ASP Portal Has Multiple Flaws That Let Remote Users Hijack Accounts, Inject SQL Commands, and Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
XFree86 Additional Font Information File Buffer Overflows Let Local Users Gain Root Privileges. Read more

www.securitytracker.com:
phpWebSite 'ANN_id' Variable Input Validation Hole Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Sami FTP Server Can Be Crashed By Remote Authenticated Users With Various FTP Commands. Read more

www.securitytracker.com:
Sophos Anti-Virus Can Be Hung With Specially Crafted MIME Headers. Read more

www.securityfocus.com:
Microsoft Internet Explorer Unauthorized Clipboard Contents Disclosure Vulnerability. Read more

News
Belgium police arrest female virus-writer. Read more

14 february 2004

New in Archive
.97mm 3.22

Backdoor.VB.kd

Tonerok

CmjSpy (q)

Backdoor.VB.bh

Guides, Papers, etc.
www.securityfocus.com:
Wireless Honeypot Trickery. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
OpenH323 PWLib Contains H.323/H.225 Processing Errors. Read more

www.securitytracker.com:
Broker FTP Server Can Be Crashed By Remote Users Connecting/Disconnecting. Read more

www.securitytracker.com:
Crob FTP Server Can Be Crashed By Remote Users Connecting/Disconnecting. Read more

www.securitytracker.com:
vBulletin 'search.php' Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Mailmgr Unsafe Temporary Files Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
XFree86 Font Information File CopyISOLatin1Lowered() Buffer Overflow Lets Local Users Gain Root Privileges. Read more

News
www.neowin.net:
Exclusive: Windows 2000 & Windows NT 4 Source Code Leaks. Read more

www.theregister.co.uk:
MS partner fingered in Windows code leak, Linux box implicated. Read more

www.securityfocus.com:
Leaked Windows source code points to Silicon Valley firm. Read more

www.cnn.com:
Microsoft grapples with leak of source code online. Read more

www.dailycamera.com:
Stutzman: Spreading V-viruses? Read more

www.usatoday.com:
California server hacked; employment data at risk. Read more

www.startribune.com:
Access issues arise in Internet virus case. Read more

13 february 2004

New in Archive
Kamel Control 1.0 beta

Trojan Maniac 1.2

Nightmare

Backdoor.VB.f

Backdoor.VB.kk

Backdoor.VB.c

Vulnerabilities & Exploits
www.securitytracker.com:
Macallan Mail Solution Authentication Flaw Lets Remote Users View the Administration Page. Read more

www.securitytracker.com:
Ratbag Games Packet Length State Error Lets Remote Users Crash the Game. Read more

www.securitytracker.com:
Monkey Web Server Can Be Crashed By HTTP GET Requests With No Host Value. Read more

www.securitytracker.com:
Mutt Index Menu Code Lets Remote Users Crash the Client. Read more

www.securiteam.com:
The Palace Stack Overflow Proof Of Concept. Read more

News
www.komotv.com:
Windows Source Code Leaked Over Internet. Read more

www.theregister.co.uk:
Nachi variant wipes MyDoom from PCs. Read more

story.news.yahoo.com:
Next-Generation Nachi Worm Offers Political Message. Read more

www.theregister.co.uk:
DDoS attacks go through the roof. Read more

www.chinadaily.com.cn:
Virus attack renews security awareness. Read more

www.theregister.co.uk:
BT Yahoo! ate my email. Read more

12 february 2004

New in Archive
Red ZONE 7.1.1.1

CAB OF FILTH 1.0

Backdoor.Delf.hf

Vulnerabilities & Exploits
xforce.iss.net:
Microsoft ASN.1 Integer Manipulation Vulnerabilities. Read more

www.securitytracker.com:
BosDates 'calendar_download.php' Input Validation Flaw Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
MaxWebPortal Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
phpCodeCabinet Input Validation Bugs Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
ezContents Include File Holes in 'db', 'archivednews', and Other Scripts Let Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Microsoft Virtual PC for Mac Temporary File Flaw Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Vim Folding Expression Modeline Lets Remote Users Execute Arbitrary Shell Commands on the Target User's System. Read more

www.securitytracker.com:
Microsoft Windows Internet Naming Service (WINS) Length Validation Flaw Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Microsoft ASN.1 Library Heap Overflows Let Remote Users Execute Arbitrary Code With SYSTEM Privileges. Read more

www.securitytracker.com:
PHP-Nuke Search and Web_links Modules Permit Remote SQL Injection. Read more

www.securiteam.com:
Internet Explorer/Outlook double null character DoS. Read more

News
www.securityfocus.com:
Automating Windows Patch Management: Part I. Read more

www.theregister.co.uk:
Doomjuice variant ups the ante in MS attack. Read more

www.winnetmag.com:
More Security Patches On The Way for Microsoft Platforms. Read more

www.smh.com.au:
Microsoft overlooked obvious problems in security push, says researcher. Read more

www.washtimes.com:
Viruses usually can be avoided. Read more

Windows 98 Hidden Pics.(pdf) Read more

11 february 2004

New in Archive
Nuclear Uploader 1.2

Backdoor.VB.w

Puddy (b)

UPIN 2.5

Backdoor.VB.gy

Vulnerabilities & Exploits
www.securitytracker.com:
Clam AntiVirus UUDecode Flaw Lets Remote Users Crash 'clamd'. Read more

www.securitytracker.com:
Resin Web Server Discloses JSP Source Code to Remote Users. Read more

www.securitytracker.com:
PHP-Nuke Public Message Input Validation Flaw Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Red-M Red-Alert Can Be Rebooted By Remote Users. Read more

www.securitytracker.com:
Samba 'smbmnt' Permissions May Let Local Users Gain Root Privileges. Read more

www.securitytracker.com:
ZyXEL Prestige Router Discloses Portions of Memory Contents to Remote Users. Read more

www.securitytracker.com:
httpdpalm Lets Remote Users Crash the System. Read more

www.securitytracker.com:
Jim Rees PalmOS httpd Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Holes in 'News/friend' and 'Reviews' Modules Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
CA eTrust InoculateIT Default Linux Permissions May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Eggdrop Logic Flaw Grants Sharebot Status to Remote Bots. Read more

www.securitytracker.com:
XFree86 Has Unspecified File Buffer Overflow. Read more

www.securitytracker.com:
Samba May Let Remote Users Access SMB Accounts That Have Invalid Passwords. Read more

www.securitytracker.com:
Nokia 6310i Phones Can Be Reset By Remote Users Sending Malformed OBEX Packets Via Bluetooth. Read more

www.securitytracker.com:
JShop Input Validation Hole in 'search.php' Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
SGI IRIX gr_osview Command Line Buffer Overflow Yields Root Privileges to Local Users. Read more

News
Microsoft Security Bulletin MS04-004
Cumulative Security Update for Internet Explorer (832894). Read more

Microsoft Security Bulletin MS04-005
Vulnerability in Virtual PC for Mac could lead to privilege elevation (835150). Read more

Microsoft Security Bulletin MS04-006
Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352). Read more

Microsoft Security Bulletin MS04-007
ASN.1 Vulnerability Could Allow Code Execution (828028). Read more

news.zdnet.co.uk:
Microsoft lauds IE as 'the most secure browser'. [:)]Read more

www.theregister.co.uk:
Worms pour through MyDoom back door. Read more

news.independent.co.uk:
Microsoft warns of 'critical' Windows security flaws. Read more

www.microsoft.com:
MS Posters: "Hackers Ahead", "Internet Worm Crossing", "Do Not Pick Up Viruses". Read more

10 february 2004

New in Archive
Ra1d 0.0.1 (b)

Backdoor.Delf.eb

Winker (f)

Backdoor.VB.kv

Backdoor.Winbach

Vulnerabilities & Exploits
www.securitytracker.com:
TrackMania Game Demo Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Mailman E-Mail Command Processing Flaw Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
Sambar Server 'results.stm' POST Request Buffer Overflow May Permit Remote Code Execution. Read more

News
www.nytimes.com:
The Virus Underground. Read more

www.securitynewsportal.com:
Mydoom variants discovered in the wild - Doom.C, SyncZ , DoomJuice, Vesser or DeadHat ? Read more

www.chron.com:
Doomjuice worm targets MyDoom-infected PCs. Read more

zdnet.com.com:
New viruses feed on MyDoom infections. Read more

www.securitynewsportal.com:
RealOne Player vulnerable to critical vulnerabilities. Read more

timesofindia.indiatimes.com:
Consumer watchdog cracks down on Net scams. Read more

abc.net.au:
WA joins Internet scammer hunt. Read more

www.computerweekly.com:
Sentencing policies for hackers too lenient. Read more

www.boston.com:
Network security specialists seek seamless defense. Read more

09 february 2004

New in Archive
ProRat 1.3

OneKo Downloader 1.0

Backdoor.VB.kn

Backdoor.VB.q

Vulnerabilities & Exploits
www.securitytracker.com:
The Palace Client URL Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Dream FTP Server Format String Flaw Lets Remote Users Crash the FTP Service. Read more

www.securitytracker.com:
Jack's FormMail.php Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PHP May Apply Incorrect php_admin_* Settings To Requests for Apache Virtual Hosts. Read more

www.securitytracker.com:
Linux-VServer Lets Local Users Break Out of Virtual Server chroot(). Read more

www.debian.org:
DSA-435-1 mpg123 -- heap overflow. Read more

News
reviews-zdnet.com.com:
How Microsoft botched another security patch. Read more

www.dfw.com:
Con artists go 'phishing' for personal information. Read more

08 february 2004

New in Archive
elfRAT 1.2

C0rruption beta 1

Backdoor.VB.mb

Pointex (k)

Trojan Maniac 1.3

Vulnerabilities & Exploits
www.securitytracker.com:
Matrix FTP Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
OpenJournal 'uid' Authentication Flaw Grants Remote Users Access to the Control Panel. Read more

News
www.theregister.co.uk:
Extortionists attack Paddypower.com. Read more

news.independent.co.uk:
Focus: Invasion of the cyber-gangsters. Read more

www.jacksonvilledailynews.com:
New Web scam targets consumers' information. Read more

07 february 2004

New in Archive
X RAT 1.0

GS-Retrieve 1.0

Gray Pigeon 2004

CCDClean 1.7

Tendoolf (b)

Vulnerabilities & Exploits
www.debian.org:
DSA-434-1 gaim -- several vulnerabilities. Read more

www.securitytracker.com:
CactuShop Lite Backdoor Lets Remote Users Delete Arbitrary Files. Read more

www.securitytracker.com:
Apache-SSL 'SSLFakeBasicAuth' Lets Remote Users Forge Client Certificates to Be Authenticated. Read more

www.securitytracker.com:
Discuz! Input Validation Flaw May Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Xlight FTP Server Can Be Crashed When the Admin Views the Log. Read more

www.securitytracker.com:
Novell iChain May Grant Remote Users Access Via Mandatory Telnet Service if No Password is Set. Read more

www.securitytracker.com:
Mailman Input Validation Flaw in Admin Pages Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Mailman Input Validation Flaw in 'create' Script Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Mambo Open Source Input Validation Hole in 'Itemid' Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
IBM Cloudscape Default Configuration Lets Remote Users Inject SQL Commands to Execute Arbitrary Binaries. Read more

www.securitytracker.com:
BSD shmat() Integer Overflow Lets Local Users Gain Elevated Privileges. Read more

News
www.computerworld.com:
.zip files putting the zap on antivirus products. Read more

www.technewsworld.com:
RealNetworks Warns of Media Player Security Holes. Read more

www.vnunet.com:
Phishers to target ISP customers next. Read more

06 february 2004

New in Archive
Loony

Backdoor.VB.a

Backdoor.Delf.ac

Apdoor (e)

Ronater (a)

Vulnerabilities & Exploits
www.securitytracker.com:
RxGoogle Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

www.guninski.com:
Remote openbsd crash with ip6, yet still openbsd much better than windows. Read more

www.securitytracker.com:
Check Point VPN-1 and SecuRemote/Secure Client ISAKMP Certificate Request Buffer Overflow Lets Remote Users Execute Arbitrary Code With SYSTEM/Root Privileges. Read more

www.securitytracker.com:
Check Point FireWall-1 Format String Flaw in HTTP Component Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
RealPlayer/RealOne Player Media File Buffer Overflows Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
GNU Radius Can Be Crashed By Remote Users With 'Acct-Status-Type' Attribute. Read more

News
www.smh.com.au:
Nature of the internet makes cybercriminals hard to catch. Read more

www.techworld.com:
Zip files hide viruses. Read more

www.pittsburghlive.com:
Latest virus paints picture of doom on the Internet. Read more

zdnet.com.com:
RealPlayer flaws open PCs up to hijackers. Read more

www.securityfocus.com:
Cable modem hackers conquer the co-ax. Read more

www.computerworld.com:
Dual Curses: Viruses and Spam. Read more

www.eweek.com:
Reflections on Thompson's 'Reflections'. Read more

www.theregister.co.uk:
PayPal virus writing scammer scumbag pleads guilty. Read more

05 february 2004

New in Archive
ProRat 1.2

AntiLamer Backdoor 2.0 (r) server

NetSnake (i)

NeWorld 1.0 (b)

Backdoor.Delf.af

Alex

Vulnerabilities & Exploits
xforce.iss.net:
Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow. Read more

www.securitytracker.com:
OpenBSD IPv6 MTU Processing Flaw Lets Remote Users Crash the Kernel. Read more

www.securitytracker.com:
TYPSoft FTP Server Can Be Crashed During Login With Empty USER Value. Read more

www.securitytracker.com:
Sun Solaris 'auditd' May Fail to Deliver Error Messages on Hardened Systems. Read more

www.securitytracker.com:
ReviewPost PHP Pro Input Validation Flaw Lets Remote Users Execute SQL Commands. Read more

www.securitytracker.com:
Crawl Environment Variable Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Linux Kernel Buffer Overflow in IXJ Telephony Card Driver May Yield Root Privileges to Local Users. Read more

www.securitytracker.com:
Linux Kernel C-Media PCI Audio Driver May Cross Security Boundaries and Access Userspace Data. Read more

www.securitytracker.com:
Tunez Multiple Input Validation Flaws Permit Remote SQL Injection. Read more

www.debian.org:
DSA-433-1 kernel-patch-2.4.17-mips -- integer overflow. Read more

www.debian.org:
DSA-432-1 crawl -- buffer overflow. Read more

www.debian.org:
DSA-431-1 perl -- information leak. Read more

News
www.guardian.co.uk:
Anatomy of a virus. Read more

www.chron.com:
Virus victims draw scorn of tech-savvy. Read more

www.vnunet.com:
Web applications wide open to hackers. Read more

www.thewbalchannel.com:
Computer Virus Attacks eBay Customers. Read more

04 february 2004

New in Archive
Petala

Anal FTP 0.1 (b)

Mini-Glitch 1.0

Windows Total Controller 1.0

Vulnerabilities & Exploits
www.securitytracker.com:
GBook Input Validation Flaws Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Les Commentaires Include File Flaws Permit Remote Command Execution. Read more

www.securitytracker.com:
Chaser Game Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Web Crossing Can Be Crashed By Remote Users Sending Malformed Content-Length Values. Read more

www.securitytracker.com:
phpMyAdmin 'export.php' Input Validation Hole Discloses Files to Remote Users. Read more

www.securitytracker.com:
X-Cart Input Validation Flaws Let Remote Users Execute Arbitrary Commands and View Files. Read more

www.securitytracker.com:
BugPort Discloses Configuration Settings to Remote Users. Read more

www.securitytracker.com:
Cisco IOS on 6000/6500/7600 Series Routers Lets Remote Users Deny Service. Read more

www.securitytracker.com:
FreeBSD netinet TCP Maximum Segment Size May Let Remote Users Deny Service. Read more

www.securitytracker.com:
Linux 2.4 Kernel R128 DRI Driver May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Apache mod_digest May Validate Replayed Client Responses. Read more

www.securitytracker.com:
util-linux Login Program May Leak Authentication Data to Local Users. Read more

www.securitytracker.com:
Aprox PHP Portal Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
A-A-S Application Server Can Be Crashed By Remote Authenticated Users. Read more

www.securitytracker.com:
Caravan Business Server 'showcode.asp' Lets Remote Users Read and Write Arbitrary Files. Read more

www.securitytracker.com:
BaSoMail Mail Service Can Be Denied By Remote Users Opening Many Connections. Read more

www.securitytracker.com:
ChatterBox Server Can Be Crashed By Remote Users. Read more

News
www.theregister.co.uk:
SCO sidesteps MyDoom attacks. Read more

www.theregister.co.uk:
MS plugs IE phishing bug. Read more

www.gnutellanews.com:
Teen hacker triggered nuclear terrorism alert. Read more

www.esj.com:
Companies Defect as Anti-virus Software Struggles with Worms. Read more

msnbc.msn.com:
More Doom? Read more

www.smh.com.au:
Hackers hit website as virus continues to spread. Read more

www.cmpnetasia.com:
Mydoom Author: 'Sorry'. Read more

03 february 2004

New in Archive
Gold server

eDonkey Crack

Blaxill Downloader 1.0

Recon 1.0

Backdoor.VB.kq

frmServer

Vulnerabilities & Exploits
www.securitytracker.com:
SurgeFTP Server 'surgeftpmgr.cgi' Bug Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Flaws in 'Downloads' and 'Sections' Permits SQL Injection. Read more

www.securitytracker.com:
Forum Web Server 'Subject' and 'Field Description' Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

News
Microsoft Security Bulletin MS04-002
Vulnerability in Exchange Server 2003 Could Lead to Privilege Escalation (832759). Read more

Microsoft Security Bulletin MS04-003
Buffer Overrun in MDAC Function Could Allow Code Execution (832483). Read more

Microsoft Security Bulletin MS04-004
Cumulative Security Update for Internet Explorer (832894). Read more

story.news.yahoo.com:
Microsoft Issues Browser Security Fix. Read more

www.chron.com:
Worm's potency elevates worries. Read more

www.palmbeachpost.com:
Green light for hackers. Read more

www.securityfocus.com:
Heckenkamp Pleads Guilty. Read more

www.newscientist.com:
Microsoft should weather zombie PC attack. Read more

news.xinhuanet.com:
"MyDoom" worm clogs Internet. Read more

www.theregister.co.uk:
UK teen escapes jail in nuclear lab hack case. Read more

www.theregister.co.uk:
Is this the worst scam email of all time? Read more

02 february 2004

New in Archive
The Hackers Office 0.89

Hackers World 1.0

Snow 3.4b

Transistor 1.1

Backdoor.VB.bk

Antilamer 2.0 (f) Server

Helios Bot 1.1

News
www.overclockersclub.com:
"News: 'Mydoom' Virus Brings Down SCO Web Site". Read more

www.hindustantimes.com:
Mydoom virus infected more than 1 mn computers: Finnish firm. Read more

www.washingtonpost.com:
Tracking Down a Worm's Source. Read more

reviews-zdnet.com.com:
MyDoom: How it became the fastest worm ever. Read more

www.usatoday.com:
UGA students notified of personal info compromise. Read more

www.smh.com.au:
Ant-virus researcher warns against overstating threat. Read more

www.eweek.com:
IT Losing Ground in Virus Battle. Read more

afr.com:
Mydoom virus weaves web of destruction. Read more

01 february 2004

New in Archive
Blastit (b)

CyberJack 1.00 client

Backdoor.Delf.di

Kalash

InterNA-Trepid 1.5x client

Vulnerabilities & Exploits
www.securitytracker.com
FreeBSD mksnap_ffs Command May Reset Security Flags on a Filesystem. Read more

www.securitytracker.com
Sun Solaris pfexec May Execute Profile Commands With Elevated Privileges. Read more

News
story.news.yahoo.com:
Mydoom target SCO website slowed, but not by worm. Read more

www.hindustantimes.com:
Mydoom Internet worm likely to be from Russia. Read more


Copyright MegaSecurity.org