Home    News Archive    Translate Traducen
News February 2005
28 February 2005

Guides, Papers, etc
weblogs.asp.net:
More miscreant hiding techniques and some interesting observations on the Hacker Defender rootkit . . . Read more

www.eeye.com:
Remote Windows Kernel Exploitation Step into the Ring 0. Read more

seclab.cs.sunysb.edu:
An Approach for Detecting Self-Propagating Email Using Anomaly Detection. Read more

Fake FBI email Worm Exposed. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
CIS WebServer Discloses Files Outside of the Document Directory to Remote Users. Read more

www.securitytracker.com:
cmd5checkpw May Let Local Users Access Files With Elevated Privileges. Read more

www.securitytracker.com:
STSF Font Server Daemon Lets Local Users Modify Arbitrary Files. Read more

www.securitytracker.com:
BadBlue Buffer Overflow in 'mfcisapicommand' Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
KNet HTTP GET Request Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.k-otik.com:
AWStats 6.x "pluginmode" Multiple Remote Command Execution Exploit. Read more

www.k-otik.com:
Avaya IP Office Phone Manager Local Passwords Disclosure Exploit. Read more

www.k-otik.com:
WebConnect Directory Traversal and Denial of Service Exploit. Read more

www.k-otik.com:
Chat Anywhere Local Passwords Disclosure Proof of Concept Exploit. Read more

www.k-otik.com:
eXeem Local Passwords Disclosure Proof of Concept Exploit. Read more

 

News
money.cnn.com:
BofA: 1.2 million accounts jeopardized. Read more

www.informationweek.com:
Business Technology: Security, Microsoft, And High-Stakes Poker. Read more

sanjose.bizjournals.com:
Firefox browser ignites a fire under complacent Microsoft. Read more

www.informationweek.com:
What's Next For Explorer 7.0? Read more

27 February 2005

Guides, Papers, etc
www.cs.pitt.edu:
WORM vs. WORM: Preliminary Study of an Active Counter­Attack Mechanism. Read more

www.finjan.com:
Spyware and Adware – Threats and Countermeasures. Read more

www.finjan.com:
Phishing - Threats and Countermeasures. Read more

www.pcworld.com:
Caught a Virus?
If you've let your guard down--or even if you haven't--it can be hard to tell if your PC is infected. Here's what to do if you suspect the worst. Read more

www.astalavista.com:
HACKING WITH JAVASCRIPT. Read more

 

Vulnerabilities & Exploits
www.mozilla.org:
Known Vulnerabilities in Mozilla. Read more

www.mikx.de:
Firescrolling. Read more

www.securitytracker.com:
Gaim Has Another HTML Processing Error That Lets Remote Users Crash the Client. Read more

www.securitytracker.com:
WU-FTPD wu_fnmatch() Globbing Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
CubeCart Input Validation Holes Permit Cross-Site Scripting Attacks and Disclose the Installation Path to Remote Users. Read more

www.securitytracker.com:
Mozilla Firefox Predictable Plugin Temporary Directory Lets Local Users Delete Files. Read more

www.milw0rm.com:
Exeem v0.2X Local Proxy Pass Exploit. Read more

packetstormsecurity.org:
Google Search and Gmail Correlation - Full Disclosure. Read more

 

News
www.cio-today.com:
Firefox: New Target for Hackers? Read more

www.computerworld.com:
Mozilla warns of security holes, updates Firefox. Read more

www.rednova.com:
Microsoft Acquisition Adds to Anti-Virus, Anti-Spam Arsenal. Read more

www.theregister.co.uk:
McAfee looks ahead after mediocre Q4. Read more

www.itp.net:
Gates shot down over security. Read more

www.vnunet.com:
Hook, line and stinkers
ID theft, phishing scams and the public are causing big problems for firms. Read more

news.zdnet.co.uk:
ISS reveals cross-platform antivirus flaw. Read more

26 February 2005

Guides, Papers, etc
www1.cs.columbia.edu:
The 3rd Workshop on Rapid Malcode (WORM). Call for papers. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Mozilla Firefox XPCOM Access Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Gaim Can Be Crashed By Sending a Filename Containing a Parenthesis Character to a Remote User. Read more

www.securitytracker.com:
phpWebSite Announce Module Image Files Let Remote Users Execute Arbitrary PHP Code. Read more

www.securitytracker.com:
Batik Squiggle Scripting Error Lets Remote Users Access Resources. Read more

www.securitytracker.com:
PunBB Input Validation Holes Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
mkbold-mkitalic Format String Flaw May Let Remote Users Cause Arbitrary Code to be Executed. Read more

www.securiteam.com:
Multiple Vulnerabilities in WebConnect Exploit. Read more

www.debian.org:
DSA-690-1 bsmtpd -- missing input sanitising. Read more

 

News
news.com.com:
Payroll hole exposes dozens of companies. Read more

www.theregister.co.uk:
XP deloaded? MS tightens screws on loose product keys. Read more

www.wired.com:
Watchdogs Sniff Out Terror Sites. Read more

news.zdnet.co.uk:
ISS reveals cross-platform antivirus flaw. Read more

www.theregister.co.uk:
Firefox dusted down with security upgrade. Read more

news.xinhuanet.com:
Largest hacker group in China dissolves. Read more

news.com.com:
Microsoft IM release expected soon. Read more

news.zdnet.co.uk:
Microsoft patches firewall problems. Read more

news.com.com:
Cousins of pop-ups evade blockers. Read more

www.theregister.co.uk:
Small-minded Mozilla mocked by wider world. Read more

news.zdnet.com:
Payroll hole exposes dozens of companies. Read more

news.com.com:
Limp Bizkit porn leak could lead to Hilton hacker. Read more

25 February 2005

Guides, Papers, etc
www.computerworld.com:
The road to identity management: How to know who's who and what's what. Read more

www.astalavista.com:
Astalavista Group Security Newsletter Issue 13. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
Cisco ACNS Default Password and Denial of Service Vulnerabilities. read more

xforce.iss.net:
Trend Micro AntiVirus Library Heap Overflow. Read more

www.cirt.net:
AlterPath Manager (APM) reveals sensitive system information without authentication. Read more

www.securitytracker.com:
Soldier of Fortune II cl_guid Input Validation Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
TrendMicro PC-cillin Buffer Overflow in ARJ Parser Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
TrendMicro OfficeScan Buffer Overflow in ARJ Parser Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
TrendMicro ScanMail Buffer Overflow in ARJ Parser Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
TrendMicro InterScan VirusWall Buffer Overflow in ARJ Parser Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
HP-UX Unspecified ftpd Flaw Grants Unauthorized File Access to Remote Authenticated Users. Read more

www.securitytracker.com:
Microsoft Windows 2000 and XP Group Policy Can Be Bypassed By Microsoft Office Applications and By Flash Drives. Read more

www.securitytracker.com:
Information Resource Manager LDAP Error Grants Access to Remote Users. Read more

www.securitytracker.com:
AlterPath Manager Discloses System Information and Lets Remote Authenticated Users View Consoles or Gain Administrative Privileges. Read more

www.securitytracker.com:
ProZilla Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
PBLang Input Validation Holes in 'search.php', 'pmshow.php' and 'pm.php' Permit Cross-Site Scripting Attacks. Read more

 

News
www.theregister.co.uk:
Windows licensing - don't swallow it, says MS. Read more

www.theregister.co.uk:
Japan.gov weathers DDoS attack. Read more

joongangdaily.joins.com:
AhnLab president warns of big virus risk. Read more

www.wired.com:
Paris Hilton: Hacked or Not? Read more

www.theregister.co.uk:
Fighting computer crooks the Las Vegas way. Read more

www.pcworld.com:
Silence Fuels Speculation on Microsoft Security Plan. Read more

www.theinquirer.net:
Jealous lover hacked email. Read more

24 February 2005

Guides, Papers, etc
Changing the Notification Process
Developers have the opportunity to offer better vendor security procedures and notifications in an open-source world. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
IBM Hardware Management Console Guided Setup Wizard Vulnerability. Read more

www.securitytracker.com:
Linux Kernel Buffer Overflows in Moxa Char Driver Yield Root Privileges to Local Users. Read more

www.securitytracker.com:
Chat Anywhere Discloses Passwords to Local Users. Read more

www.securitytracker.com:
SendLink Discloses Passwords to Local Users. Read more

www.securitytracker.com:
iG Shop Input Validation Bugs Let Remote Users Execute SQL Commands. Read more

www.securitytracker.com:
eXeem Discloses Passwords to Local Users. Read more

www.securitytracker.com:
UnAce Buffer Overflows and Input Validation Holes May Let Remote Users Execute Arbitrary Code or Overwrite Files. Read more

www.securitytracker.com:
PeerFTP_5 Discloses FTP Passwords to Local Users. Read more

www.securitytracker.com:
phpBB Avatar Functions Let Remote Users View and Delete Files on the Target System. Read more

 

News
www.zdnet.com.au:
Viruses, Trojans and spam: the new joint venture. Read more

www.informationweek.com:
Microsoft Patches "Blue Screen Of Death" In Windows XP SP2. Read more

www.gizmodo.com:
T-Mobile Voice Mail Compromised; How to Protect Yourself. Read more

www.zdnet.com.au:
Spyware infiltrates blogs. Read more

www.securityfocus.com:
Japanese government computers hit by cyber attacks. Read more

slate.msn.com:
Can Your Phone Get a Virus? Read more

www.theregister.co.uk:
Fighting computer crooks the Las Vegas way. Read more

www.viruslist.com:
Successful social engineering helps worm spread. Read more

www.vnunet.com:
Compliance 'alphabet soup' will broaden role of security experts. Read more

www.zdnet.com.au:
Hackers on Medicare smart card waiting list. Read more

www.theinquirer.net:
Paris Hilton worm spreads fast. Read more

www.informationweek.com:
FBI: E-mails Bearing Worm Not From Us. Read more

castlecops.com:
Incorrect Classification of iDownload's Product as Spyware & Related disparagement of iDownload. Read more

www.informationweek.com:
Predicted Wave Of Worms Hits, Then Dissipates. Read more

www.theregister.co.uk:
MS and security: good effort but no cigar. Read more

www.informationweek.com:
Spam Costs Businesses Worldwide $50 Billion. Read more

23 February 2005

Guides, Papers, etc
www.benedelman.org:
How Google's Blogspot Helps Spread Unwanted Software. Read more

www.securityfocus.com
The High-Hanging Fruit.
Now that Microsoft has pruned Windows of its most serious remote-access holes, its time Redmond fixes the local vulnerabilities too. Read more

www.freep.com:
HEATHER NEWMAN: How to outwit would-be hackers. Read more

www.sans.org:
Virii Generators: Understanding the Threat. Read more

www.cs.plu.edu:
Effect of Malicious Traffic on the Network. Read more

 

Tools
RootkitRevealer is an advanced root kit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootki

 

Vulnerabilities & Exploits
www.securitytracker.com:
vBulletin 'misc.php' Lets Remote Users Injection PHP Code via the 'template' Parameter. Read more

www.securitytracker.com:
MediaWiki Input Validation Holes Permit Cross-Site Scripting Attacks and Directory Traversal Flaw Lets Remote Authenticated Administrators Delete Files. Read more

www.securitytracker.com:
fallback-reboot Lets Remote Users Deny Service. Read more

www.securitytracker.com:
GigaFast EE400-R Router Discloses Administrative Password to Remote Users and Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Arkeia Network Backup Type 77 Request Buffer Overflow Yields Root/LocalSystem Access to Remote Users. Read more

www.securiteam.com:
Knox Arkeia Server Backup Stack Overflow. Read more

www.k-otik.com:
Mac OS X "Java Plug-in" Security Update (2005-002). Read more

www.k-otik.com:
phpBB2 Arbitrary File Unlink and Disclosure Vulnerabilities. Read more

www.k-otik.com:
cURL/libcURL NTLM and Kerberos Authentication Buffer Overflows. Read more

 

News
www.theregister.co.uk:
Wormability formulae weighs malware risks. Read more

www.theregister.co.uk:
NY teen charged over IM spam attack. Read more

www.theregister.co.uk:
Microsoft compensates blocked Dutch web firm. Read more

news.zdnet.co.uk:
Virus writer says 'I love you' again. Read more

www.chron.com:
Virus uses FBI address. Read more

news.zdnet.co.uk:
Paris Hilton used as virus bait. Read more

news.zdnet.co.uk:
New worms turn up. Read more

www.theregister.co.uk:
OFT in net spam scam crackdown. Read more

22 February 2005

Guides, Papers, etc
Early Bird: Catching worms while sysadmins sleep (pdf). Read more

 

Vulnerabilities & Exploits
www.k-otik.com/:
Invision Power Board SML Codes Cross Site Scripting Vulnerability. Read more

www.securitytracker.com:
Mambo Include File Error in 'Tar.php' Lets Remote Users Execute Arbitrary Commands on the Target System. Read more

www.securitytracker.com:
Uim Environment Variables May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Xinkaa WEB Station Discloses Files Outside of the Document Directory to Remote Users. Read more

www.securitytracker.com:
Bontago Buffer Overflow in Processing Nickname May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
PuTTY SFTP/SCP Integer Overflow in Processing FXP_OPEN and FXP_READDIR Responses Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
Linux Vulnerability Allows Non-Privileged Users to Read Kernel Memory. Read more

www.securiteam.com:
3com 3CDaemon FTP Unauthorized "USER" Buffer Overflow (Windows/POSIX). Read more

 

News
habaneronetworks.com:
Windows Firewall Has A Backdoor. Read more

www.pcauthority.com.au:
Virus writers launch Paris Hilton worm. Read more

today.reuters.com:
Hacking Attacks Rarely Made Public, Experts Say. Read more

www.billingsgazette.com:
Smarter phones are susceptible to virus trouble. Read more

www.net4nowt.com:
New wave of viruses predicted. Read more

www.computerworld.com:
New Sober worm moving fast, security company warns. Read more

www.computerweekly.com:
Microsoft plans better security for Explorer. Read more

www.vnunet.com:
Online dangers increase. Read more

www.it-observer.com:
Paris Hilton's phonebook hacked, posted online. Read more

www.vnunet.com:
Cabir mobile phone virus hits the US. Read more

www.expressnewsline.com:
Cell Phone Virus Cabir Grips United States. Read more

21 February 2005

Tools
freshmeat.net:
Secure Back Door (SBD) is a tool that provides ultra-secure and minimal access to a computer, which allows you to run a single command based on a one time key. It is good if you don't want to have an SSH server running all the time, and only want to start it when needed. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
pMachine Include File Error in 'mail_autocheck.php' Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Zeroboard Input Validation Holes in 'zboard.php' and 'view_image.php' Permit Cross-Site Scripting Attacks. Read more

 

News
www.vnunet.com:
Call for unity in fight against cyber-crime. Read more

www.securityfocus.com:
Decision to sell antivirus products places Microsoft in quandary. Read more

www.insanely-great.com:
Microsoft: Ultimate Winner in the Virus Wars? Read more

www.globetechnology.com:
Microsoft's IT security plans spark controversy. Read more

nwc.securitypipeline.com:
Many Wireless Security Breaches Reported At Security Conference. Read more

www.bizjournals.com:
VoIP hackers can put spam in your ear. Read more

www.eweek.com:
Google's Tool Bar Links Stir Debate. Read more

20 February 2005

Guides, Papers, etc
searchsecurity.techtarget.com:
RSA 2005: A chat with Sybari's Joe Licari. Read more

www.computerworld.com:
Application security testing in black and white. Read more

www.cs.washington.edu:
Measurement and Analysis of Spyware in a University Environment. Read more

 

Tools
www.hat-squad.com:
Findjmp2 is a modified version of Findjmp from Eeye.com to find jmp,call,push in a loaded DLL. This version includes search for pop/pop/ret set of instructions that is usefull to bypass WinXP SP2 and Win2003 stack protection mechanism.

 

Vulnerabilities & Exploits
www.securitytracker.com:
glftpd Plugins Disclose Files to Remote Authenticated Users. Read more

www.securitytracker.com:
Tarantella Enterprise Discloses to Remote Users Whether Usernames are Valid. Read more

www.securitytracker.com:
Bidwatcher Format String Error in 'netstuff' May Let Remote Users Execute Arbitrary Code in Certain Cases. Read more

www.securitytracker.com:
TrackerCam Discloses Files to Remote Users and Can Be Crashed By Remote Users. Read more

 

News:
www.theregister.co.uk:
BT abandons scheme to block rogue diallers. Read more

www.keralanext.com:
US: Mobile phone virus found in United States. Read more

19 February 2005

Guides, Papers, etc
www.securityfocus.com:
Complexity Kills Innovation. Read more

tennis.ecs.umass.edu:
Internet Worm Propagation Simulator. Read more

www.apachesecurity.net:
Apache Security, Installation and configuration. Read more

 

Tools
www.sys-security.com:
Xprobe2 is an active operating system fingerprinting tool with a different approach to operating system fingerprinting. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Yahoo! Messenger Lets Remote Users Spoof Filenames During File Transfer. Read more

secunia.com:
Yahoo! Messenger Audio Setup Wizard Privilege Escalation. Read more

www.securitytracker.com:
Gaim HTML Processing Error Lets Remote Users Crash the Client. Read more

www.securitytracker.com:
Gaim SNAC Packet Parsing Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
paFAQ Input Validation Holes Permit SQL Injection Attacks. Read more

secunia.com:
Fedora update for kdeedu. Read more

secunia.com:
BibORB Multiple Vulnerabilities. Read more

secunia.com:
Microsoft ASP.NET Unicode Conversion Cross-Site Scripting. Read more

www.debian.org:
DSA-687-1 bidwatcher -- format string. Read more

 

News:
www.vnunet.com:
Experts beat script kiddies at their own game. Read more

www.vnunet.com:
Gartner slams Microsoft's security strategy. Read more

www.pcadvisor.co.uk: Microsoft warns of new security threat. Read more

news.zdnet.co.uk:
Microsoft's security strategy pilloried. Read more

msnbc.msn.com:
Mobile Phone Virus Found in United States. Read more

www.theregister.co.uk:
DEC 'tsunami hack' man pleads not guilty. Read more

www.vnunet.com:
Internet Explorer 7 promised for the summer. Read more

www.vnunet.com:
Patch bundles under fire. Read more

news.zdnet.co.uk:
Lexus denies in-car virus claims. Read more

18 February 2005

Guides, Papers, etc
www.microsoft.com:
A parent's primer to computer slang. Read more

www.rootkit.com:
Create New Autorun By Patching Explorer.exe. read more

 

Tools
www.informit.com:
Elcomsoft's PWSEX vs. AtStake's L0phtcrack (Revised). Read more

 

Vulnerabilities & Exploits
archives.neohapsis.com:
IE/OE Restricted Zone Status Bar Spoofing. Read more

www.securitytracker.com:
BibORB Various Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
wpa_supplicant Key Data Length Missing Validation Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
NewsBruiser Lets Remote Users Bypass Comment Feature Access Controls. Read more

www.securitytracker.com:
paNews 'comment.php' Input Validation Error Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
MercuryBoard 'forum.php' Input Validation Error in 'f' Parameter Permits Cross-Site Scripting Attacks. Read more

www.securiteam.com:
3Com FTP Server Buffer Overflow (CD). Read more

www.debian.org:
DSA-686-1 gftp -- missing input sanitising. Read more

www.debian.org:
DSA-685-1 emacs21 -- format string. Read more

 

News:
habaneronetworks.com:
Major Phishing Hole Found In IE and Outlook Express. Read more

www.cbronline.com:
Microsoft to face regulator over bundled accounting software. Read more

www.securityfocus.com:
Feds square off with organized cyber crime. Read more

www.vnunet.com:
Latest Mydoom mutant on the loose. Read more

www.theregister.co.uk:
Security experts warn of 'scary' new web scam. Read more

www.vnunet.com:
Linux fan concedes Microsoft is more secure. Read more

www.reuters.com:
Microsoft Walking Fine Line with Security Push. Read more

www.reuters.com:
Microsoft to Recall Xbox Cords Due to Electrical Issue. Read more

www.theregister.co.uk:
Apple suspends online hack subpoenas Read more

17 February 2005

Guides, Papers, etc
research.microsoft.com:
Gatekeeper: Monitoring Auto-Start Extensibility Points (ASEPs) for Spyware Management. Read more

rootkit.host.sk:
How to become unseen on Windows NT. Read more

ftp.research.microsoft.com:
AskStrider: What Has Changed on My Machine Lately? Read more

research.microsoft.com:
Strider GhostBuster: Why It’s A Bad Idea For Stealth Software To Hide Files. Read more

www.schneier.com:
Schneier on Security: GhostBuster. Read more

www.securityfocus.com:
Windows NTFS Alternate Data Streams. Read more

www1.umn.edu:
Windows Rootkits. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
Advanced Linux Sound Architecture Stack-Execution protection Bypass. Read more

www.k-otik.com:
osCommerce "Contact_us" Cross Site Scripting Vulnerability. Read more

www.securitytracker.com:
Typespeed Format String Flaw in HOME Variable Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
KDE Buffer Overflow in 'fliccd' Yields Root Privileges to Local Users and May Let Remote Users Access the System. Read more

www.securitytracker.com:
DCP-Portal Input Validation Flaws in 'index.php' and 'forums.php' Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
phpMyAdmin '\libraries\select_lang.lib.php' Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
Synaesthesia Lets Local Users View Arbitrary Files. Read more

www.debian.org:
DSA-684-1 typespeed -- format string. Read more

 

News:
www.microsoft.com:
Remarks by Bill Gates, Chairman and Chief Software Architect, Microsoft Corporation RSA Conference 2005: "Security: Raising the Bar". Read more

www.vnunet.com:
Microsoft's enterprise security under fire. Read more

www.microscope.co.uk:
Microsoft promises heavy investment to tackle security threats. Read more

www.infoworld.com:
Researchers find security flaw in SHA-1. Read more

www.vnunet.com:
Online fraud hits record levels. Read more

www.vnunet.com:
IT security industry faces a tough 2005. Read more

www.vnunet.com:
'Deadcode' virus attempts political mischief. Read more

www.webroot.com:
SYSTEM MONITOR AND TROJAN HORSE INFECTION RATES RISE IN THE ENTERPRISE. Read more

www.theregister.co.uk:
T-Mobile hacker pleads guilty. Read more

www.theregister.co.uk:
Scammers say 'No' to drugs, 'Yes' to fraud. Read more

16 February 2005

Guides, Papers, etc
www.corante.com:
Eight years of email stats, pass 1. Read more

www.javelinstrategy.com:
2005 Identity Fraud Survey Report. Read more

xss-proxy.sourceforge.net:
Advanced Cross-Site-Scripting with Real-time Remote Attacker Control. Read more

www.cs.ucsd.edu:
Internet Quarantine: Requirements for Containing Self-Propagating Code. Read more

 

Vulnerabilities & Exploits
www.guninski.com:
linux kernel 2.6 fun. windoze is a joke. Read more

www.k-otik.com:
AWStats Command Execution and Information Disclosure Vulnerabilities. Read more

www.securitytracker.com:
Sami HTTP Server Input Validation Holes Disclose Files to Remote Users and Let Remote Users Crash the Service. Read more

www.securitytracker.com:
Linux Kernel '/proc' Signed Integer Errors Let Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
ALSA 'libasound.so' Lets Local Users Disable Stack Protection. Read more

www.securitytracker.com:
HP HTTP Server Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Armagetron Game Service Can Be Crashed By Remote Users. Read more

 

News:
seattletimes.nwsource.com:
Microsoft readies its security arsenal. Read more

informationweek.securitypipeline.com:
Gates: New Internet Explorer, With Improved Security, Coming This Summer. Read more

www.theregister.co.uk:
Gates: security concerns propel IE7 launch. Read more

news.zdnet.com:
Windows anti-spyware to come free of charge. Read more

www.newsfactor.com:
Anti-Virus Firms to Microsoft: Bring It On. Read more

news.zdnet.com:
Symantec: Who's afraid of Microsoft? Read more

www.theregister.co.uk:
Passwords? We don't need no stinking passwords. Read more

www.lawfuel.com:
hacker who victimized T-Mobile pleads guilty. Read more

news.xinhuanet.com:
New technology helps curb online DVD piracy. Read more

www.earthtimes.org:
Phishing incidents growing 25% a month: Report. Read more

15 February 2005

Guides, Papers, etc
www.amazon.com:
The Art of Computer Virus Research and Defense. Read more

ghh.sourceforge.net:
Google Hack Honeypot Manual. Read more

 

Tools
ghh.sourceforge.net:
"Google Hack" honeypot project. Read more

 

Vulnerabilities & Exploits
www.gentoo.org:
Opera: Multiple vulnerabilities. Read more

www.securiteam.com:
AppleFileServer (AFS) FPLoginExt DoS. Read more

www.securiteam.com:
BrightStor ARCserve Backup Buffer Overflow. Read more

www.securiteam.com:
PHP-Nuke POST Method Admin Variable Privilege Escalation. Read more

www.securitytracker.com:
Open WebMail Input Validation Flaw in 'logindomain' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.debian.org:
DSA-682-1 awstats -- missing input sanitising. Read more

www.waraxe.us:
[waraxe-2005-SA#040] - Full path disclosure and XSS in PhpNuke 6.x-7.6. Read more

 

News:
www.securityfocus.com:
Spyware, adware threat to be hot topic at security conference. Read more

www.theregister.co.uk:
China shuts 12,500 'illegal' cybercafes. Read more

www.virusthreatcenter.com:
Microsoft gleans top 10 basic security errors from thousands of help desk calls. Read more

seattletimes.nwsource.com:
Juvenile sentenced in Microsoft attack. Read more

www.computerweekly.com:
Rising need for security patches provides Microsoft with a way to stamp out piracy. Read more

news.zdnet.co.uk:
Fur protesters launch Web attacks. Read more

www.securityfocus.com:
More Advisories, More Security. Read more

news.zdnet.co.uk:
War of the Worlds Web site hacked. Read more

www.bizjournals.com:
WebTV hacker may get 'prison channel'. Read more

14 February 2005

Guides, Papers, etc
www.cyberguard.com:
A Brief Look at the Evolution of Killer Worms. Read more

 

Vulnerabilities & Exploits
tsyklon.informatik.rwth-aachen.de:
Credit Card data disclosure in CitrusDB. Read more

www.gentoo.org:
PowerDNS: Denial of Service vulnerability. Read more

www.securiteam.com:
Exim auth_spa_server() Buffer Overflow Exploit. Read more

www.securiteam.com:
MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit. Read more

www.securiteam.com:
ELOG Remote Shell Exploit. Read more

tsyklon.informatik.rwth-aachen.de:
Authentication bypass in CitrusDB. Read more

 

News:
www.informationweek.com:
You Call This Trustworthy Computing? Read more

www.securityfocus.com:
U.S. info-sharing initiative called a flop. Read more

informationweek.com:
RSA Show Demos Tackle Wide Range of Issues. Read more

www.eweek.com:
XP SP2 Flaw Warning Sparks Debate on Disclosure. Read more

www.eweek.com:
Microsoft Plots Fixes to IE Browser. Read more

today.reuters.co.uk:
"Google hacking" digs up sensitive material. Read more

www.cooltechzone.com:
Microsoft and Pfizer team up to fight Spam. Read more

www.itp.net:
BorderWare tackles VoIP security. Read more

www.newstarget.com:
New international anti-spam council pledges to fight spam around the world. Read more

www.integratedmar.com:
HP Virus Throttle 'throttles down' detecting virus activity. Read more

13 February 2005

Guides, Papers, etc
www.computerworld.com:
The curse of the secret question. Read more

support.microsoft.com:
MSN: How to disable MSN Messenger and MSN Web Messenger in a corporate environment. Read more

weblogs.asp.net:
Why you shouldn't be using passwords of any kind on your Windows networks . . . Read more

2005.rsaconference.com:
RSA Conference 2005. Read more

www.astalavista.com:
Phishing On The Lower Level. ARP Injecting / Phishing. Read more

 

Tools
www.microsoft.com:
Microsoft Creates Free Utility for Detecting Network Sniffers. Read more

www.hashcash.org:
Hashcash is a denial-of-service counter measure tool. Its main current use is to help hashcash users avoid losing email due to content based and blacklist based anti-spam systems.

 

Vulnerabilities & Exploits
www.securitytracker.com:
OpenPGP CFB Mode Is Subject to Adaptive Chosen-Plaintext Attacks. Read more

www.securitytracker.com:
ZoneAlarm IPC Null Pointer Dereference Lets Local Users Crash the System. Read more

www.milw0rm.com:
EXIM <= 4.43 auth_spa_server() Remote PoC Exploit. Read more

www.milw0rm.com:
Mercuryboard <= 1.1.1 Working Sql Injection. Read more

www.milw0rm.com:
BrightStor ARCserve Backup buffer overflow PoC. Read more

www.milw0rm.com:
Quake 3 Engine Infostring Crash and Shutdown Exploit. Read more

 

News:
www.pcpro.co.uk:
Children recruited to commit cyber crime claims report. Read more

www.sun-sentinel.com:
Online banking victim files suit; $90,000 lifted from account traced to Latvia. Read more

www.menafn.com:
Youth who released Web worm sentenced. Read more

www.vnunet.com:
Virus warning hits Windows Media Player. Read more

www.vnunet.com:
Scammers hijack company identities. Read more

www.computerworld.com:
IT execs seek weapons to fight spyware. Read more

www.pcpro.co.uk:
Virus writers pledge a poisoned love for Valentine's day. Read more

www.theregister.co.uk:
Opera to MS: Get real about interoperability, Mr Gates. Read more

www.securitypipeline.com:
Microsoft Tries To Head Off MSN Messenger Attack. Read more

www.techweb.com:
Hackers Quickly Target Newly Disclosed Microsoft Flaw. Read more

news.com.com:
Court: Hollywood gets P2P giant's server logs. Read more

news.com.com:
Microsoft: Watch out for rogue code. Read more

www.pcpro.co.uk:
Media Player exploit found on the Internet. Read more

www.halifaxlive.com:
Heavyweights Take On Viagra Spammers. Read more

12 February 2005

Guides, Papers, etc
www.howtocreate.co.uk:
Browser speed comparisons. Read more

www.virusbtn.com:
VirusScanners compared. Read more

www.geocities.com/amz:
Return on Information Security Investment. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
OpenPGP Cipher Feedback Mode (CFB) Chosen-Ciphertext Attacks. Read more

www.idefense.com:
ZoneAlarm 5.1 Invalid Pointer Dereference Vulnerability. Read more

www.securitytracker.com:
Sympa Buffer Overflow in 'queue.c' Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
xpcd Buffer Overflow in Processing Filenames Lets Remote Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
Apache mod_python Publisher Handler Discloses Information to Remote Users. Read more

www.securitytracker.com:
hztty Lets Local Users Execute Arbitrary Commands With Elevated Privileges. Read more

www.securitytracker.com:
HP-UX BIND Has Unspecified Remote Denial of Service Flaw. Read more

www.debian.org:
DSA-678-1 netkit-rwho -- missing input validation. Read more

www.debian.org:
DSA-677-1 sympa -- buffer overflow. Read more

www.debian.org:
DSA-676-1 xpcd -- buffer overflow. Read more

 

News:
www.microsoft.com:
Proof-of-Concept Code Increases Risk to Computer Users. Read more

www.theregister.co.uk:
Browser holes, hackers and rampaging botnets. Read more

www.theregister.co.uk:
Patch now against virus-writing clowns. Read more

www.betanews.com:
Exploit Forces MSN Messenger Upgrade. Read more

www.eweek.com:
All Eyes Turn to Microsoft at RSA Security Powwow. Read more

www.infoworld.com:
Microsoft pushes into crowded security theater. Read more

www.theregister.co.uk:
Opera to MS: Get real about interoperability, Mr Gates. Read more

www.infoworld.com:
IM viruses: The next big threat? Read more

www.theregister.co.uk:
UK firms warned of corporate hijack risk. Read more

www.theregister.co.uk:
Man charged in DEC hacking case. Read more

www.theregister.co.uk:
Dating scammers fined £68k. Read more

informationweek.com:
IBM Sees Hackers Going Mobile, Targeting Phones, Handhelds And Cars. Read more

11 February 2005

Guides, Papers, etc
www-1.ibm.com:
IBM Report: Surge in Viruses and Worms Targeting Mobile Devices, Satellite Communications Anticipated in 2005. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
DelphiTurk FTP Discloses Passwords to Local Users. Read more

securitytracker.com:
BrightStor ARCserve Backup Buffer Overflow in Discovery Service Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
MercuryBoard 'func/post.php' Input Validation Error ini'qu' Parameter Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
MyPHP Forum Input Validation Holes Let Remote Users Inject SQL Commands. Read more

securitytracker.com:
ArGoSoft Mail Server Input Validation Holes Allow Remote Authenticated Users to Upload/Download Files and Create/Delete Directories. Read more

www.idefense.com:
Computer Associates BrightStor ARCserve Backup UniversalAgent Backdoor. Read more

www.k-otik.com:
Yongguang Zhang Hztty Local Privilege Escalation Vulnerability. Read more

xforce.iss.net:
F-Secure AntiVirus Library Heap Overflow. Read more

www.idefense.com:
IBM AIX lspath Local File Access Vulnerability. Read more

www.debian.org:
DSA-675-1 hztty -- privilege escalation. Read more

www.debian.org:
DSA-674-1 mailman -- cross-site scripting, directory traversal. Read more

www.debian.org:
DSA-673-1 evolution -- integer overflow. Read more

www.debian.org:
DSA-672-1 xview -- buffer overflows. Read more

 

News:
www.theregister.co.uk:
Symantec anti-virus flaw hits 30 products. Read more

www.zdnet.com.au:
Symantec flaw leaves opening for viruses. Read more

www.techweb.com:
Microsoft Acquisition Rattles Security Firms' Investors. Read more

www.securityfocus.com:
Hackers sued for tinkering with Xbox games. Read more

www.theregister.co.uk:
Pfizer and MS sue Viagra spam gangs. Read more

news.com.com:
Spyware takes aim at Mozilla browsers. Read more

news.com.com:
Microsoft probes anti-spyware Trojan. Read more

news.com.com:
Vigilantes launch attack on scam sites. Read more

www.theregister.co.uk:
Beware the unexpected attack vector. Read more

www.theregister.co.uk:
Small.biz gets the virus jitters. Read more

www.wwwcoder.com:
Avoid Internet Theft, Fraud and Phishing. Read more

news.com.com:
Movie blackout for P2P networks? Read more

www.infoworld.com:
Exploit released for MSN Messenger 'avatar' hole. Read more

news.com.com:
Tech execs ask Bush for cybersecurity commission. Read more

10 February 2005

Guides, Papers, etc
www.securityfocus.com:
Penetration Testing IPsec VPNs. Read more

www.microsoft.com:
Preventing Lockups When Upgrading to Windows XP Service Pack 2. Read more

story.news.yahoo.com:
For Spammers, Worm Turns a Profit. Read more

 

Vulnerabilities & Exploits
www.immunitysec.com:
SMB remote vulnerabilities in Windows. Read more

www.k-otik.com:
Netscape Browser Multiple Drag and Drop Vulnerabilities. Read more

www.idefense.com:
IBM AIX auditselect Local Format String Vulnerability. Read more

www.k-otik.com:
Microsoft Hyperlink Object Library Remote Code Execution / MS05-015. Read more

www.k-otik.com:
Microsoft Internet Explorer Cumulative Security Update / MS05-014. Read more

www.k-otik.com:
Microsoft DHTML Editing Component ActiveX Control Issue / MS05-013. Read more

www.k-otik.com:
Microsoft OLE and COM Structured Storage Vulnerability / MS05-012. Read more

www.k-otik.com:
Microsoft Server Message Block (SMB) Remote Code Execution / MS05-011. Read more

www.k-otik.com:
Microsoft Windows License Logging Service Vulnerability / MS05-010. Read more

www.k-otik.com:
Microsoft Products PNG Processing Remote Code Execution / MS05-009. Read more

www.k-otik.com:
Microsoft Windows Shell Drag and Drop Vulnerability / MS05-008. Read more

www.k-otik.com:
Windows Named Pipe Connection Information Disclosure / MS05-007. Read more

www.k-otik.com:
Windows SharePoint & SharePoint Team Services XSS / MS05-006. Read more

www.k-otik.com:
Microsoft Office XP Remote Code Execution Vulnerability / MS05-005. Read more

www.k-otik.com:
Microsoft ASP.NET Path Validation Vulnerability / MS05-004. Read more

www.coresecurity.com:
MSN Messenger PNG Image Parsing Vulnerability. Read more

xforce.iss.net:
Symantec AntiVirus Library Heap Overflow. Read more

securitytracker.com:
SafeNet SoftRemote VPN Client Discloses Key to Local Users. Read more

securitytracker.com:
3Com 3CServer FTP Command Buffer Overflows Let Remote Authenticated Users Execute Arbitrary Code. Read more

securitytracker.com:
PostWrap Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
RealArcade Integer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
SquirrelMail S/MIME Plugin Lets Remote Authenticated Users Execute Arbitrary Commands. Read more

securitytracker.com:
ALSA Utilities Unsafe Temporary File May Let Local Users Gain Root Privileges. Read more

securitytracker.com:
Mozilla Firefox 'run-mozilla.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
602LAN SUITE Input Validation Bug Lets Remote Authenticated Users Upload and Execute Files. Read more

securitytracker.com:
Netscape IDN Implementation Lets Remote Users Spoof URLs and SSL Certificates. Read more

securitytracker.com:
Mozilla Firefox Hybrid Image Bug Allows Batch Statements to Be Draged to the Desktop and Tabbed Javascript Bugs Let Remote Users Access Other Windows. Read more

lists.netsys.com:
[Full-Disclosure] Administrivia: List Compromised due to Mailman Vulnerability. Read more

 

News:
www.microsoft.com:
Microsoft Security Bulletin Summary for February, 2005. Read more

www.theregister.co.uk:
Banking Trojan disables MS Anti-Spyware. Read more

www.theregister.co.uk:
Microsoft posts record 13 patches. Read more

news.com.com:
Symantec flaw leaves opening for viruses. Read more

www.securityfocus.com:
Hackers sued for tinkering with Xbox games. Read more

www.securityfocus.com:
Unexpected Attack Vectors. Read more

www.securityfocus.com:
Of Dog Sniffs and Packet Sniffs. Read more

www.theregister.co.uk:
My car has a virus (and other security threats). Read more

www.theregister.co.uk:
Vendors exit anti-spyware group. Read more

www.vnunet.com:
Europeans unite to track spammers. Read more

www.vnunet.com:
IT experts join EU security agency. Read more

www.vnunet.com:
Spoofing flaw hits web browsers. Read more

www.vnunet.com:
Microsoft boosts security with Sybari buy. Read more

08 February 2005

Guides, Papers, etc
www.cs.ucsd.edu:
Internet Outbreaks: Epidemiology and Defenses. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
Multiple Browsers URL and SSL Certificates Spoofing Vulnerability. Read more

www.k-otik.com:
3CServer Multiple FTP Commands buffer overflow Vulnerability. Read more

www.idefense.com:
SquirrelMail S/MIME Plugin Command Injection Vulnerability. Read more

www.idefense.com:
IBM AIX chdev Local Format String Vulnerability. Read more

securitytracker.com:
Emacs movemail Format String Flaw May Let Remote POP Servers Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Firefox IDN Implementation Lets Remote Users Spoof URLs and SSL Certificates. Read more

securitytracker.com:
OmniWeb IDN Implementation Lets Remote Users Spoof URLs and SSL Certificates. Read more

securitytracker.com:
KDE Konqueror IDN Implementation Lets Remote Users Spoof URLs and SSL Certificates. Read more

securitytracker.com:
Opera IDN Implementation Lets Remote Users Spoof URLs and SSL Certificates. Read more

securitytracker.com:
Apple Safari IDN Implementation Lets Remote Users Spoof URLs and SSL Certificates. Read morez

securitytracker.com:
Linux Kernel NTFS File System Error Messages May Let Users Deny Service. Read more

securitytracker.com:
DelphiTurk CodeBank Discloses Passwords to Local Users. Read more

securitytracker.com:
BXCP Lets Remote Users Include and Execute Local PHP Files. Read more

securitytracker.com:
xGB Grants Administrative Access to Remote Users. Read more

securitytracker.com:
PerlDesk Input Validation Hole in 'view' Parameter Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
Frox Deny ACL Parsing Flaw in parse_match() May Let Remote Users. Read more

www.debian.org:
DSA-669-1 php3 -- several vulnerabilities. Read more

www.mikx.de:
Firetabbing - Proof-of-Concept. Read more

 

News:
www.theregister.co.uk:
Firefox spoofing flaw goes international. Read more

news.zdnet.co.uk:
Phishing flaw found - but not in IE. Read more

www.theregister.co.uk:
MCI 'makes $5m a year from spam gangs'. Read more

www.theregister.co.uk:
Key Windows man leaves Redmond. Read more

news.zdnet.co.uk:
Hacking fears hit e-voting plans. Read more

news.zdnet.co.uk:
UK man arrested in phishing probe. Read more

news.com.com:
More Microsoft phishing attacks. Read more

07 February 2005

Guides, Papers, etc
zeedo.blogspot.com:
Multiple AV vendors ignoring tar.gz. Read more

www.scs.carleton.ca:
DNS-based Detection of Scanning Worms in an Enterprise Network. Read more

 

Tools
www.flowsecurity.org:
Flaw Seeker - Buffer Overflow Tracking Tool. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
IBM AIX "auditselect" Local Format String Vulnerability. Read more

www.securitytracker.com:
RaidenHTTPD Input Validation Flaw Discloses Files to Remote Users. Read more

www.securiteam.com:
NewsPost Buffer Overflow Exploit. Read more

 

News:
www.pcworld.idg.com.au:
MSN Messenger worm raised to medium threat. Read more

www.vnunet.com:
Eudora open to multiple high risk flaws. Read more

www.sun-sentinel.com:
Online banking victim files suit; $90,000 lifted from account traced to Latvia. Read more

www.oreillynet.com:
Complaint Dropped Against DDoS Mafia. Read more

www.neowin.net:
Neowin Talks Security with Microsoft. Read more

news.zdnet.com:
Study: Few bugs in MySQL database. Read more

news.zdnet.com:
Gosling: Huge security hole in .Net. Read more

news.com.com:
Hate messages on Google site draw concern. Read more

www.yonhapnews.co.kr:
S. Korean Company Web Site Hacked by Anti-American Islamic Group. Read more

www.theinquirer.net:
Spammers play illegal XP Windows card. Read more

www.gamespot.com:
Yahoo! sues Xfire for patent infringement. Read more

www.computerworld.com:
Gates promotes government cooperation with security focus. Read more

management.silicon.com:
Spyware bill raises cookie fears. Read more

06 February 2005

Guides, Papers, etc
www.benedelman.org:
How VeriSign Could Stop Drive-By Downloads. Read more

www.eecs.umich.edu:
The Internet Motion Sensor: A distributed blackhole monitoring system. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft Outlook Web Access 'owalogon.asp' Lets Remote Users Redirect Login Request. Read more

www.securitytracker.com:
Apple Safari Incorrectly Renders Text as HTML in Certain Cases. Read more

 

News:
www.theregister.co.uk:
Reboot daily, Tablet users advised. Read more

castlecops.com:
WEBROOT Resigns From Consortium Of Anti-Spyware Technology Vendors (COAST). Read more

searchsecurity.techtarget.com:
Compressed files strike another blow to AV. Read more

www.pcworld.com:
Are You Responsible for Internet Security? Read more

www.eweek.com:
Chicken Swimsuit Model Hides Nasty Worm. Read more

www.eweek.com:
MySQL Criticized in Wake of MySpooler Worm. Read more

dsc.discovery.com:
Microbots Grow Own Muscles from Cells. Read more

05 February 2005

Guides, Papers, etc
sfgate.com:
Why Does Windows Still Suck?
Why do PC users put up with so many viruses and worms? Why isn't everyone on a Mac? Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-668-1 postgresql -- privilege escalation. Read more

www.debian.org:
DSA-667-1 squid -- several vulnerabilities. Read more

www.debian.org:
DSA-666-1 python2.2 -- design flaw. Read more

www.debian.org:
DSA-665-1 ncpfs -- missing privilege release. Read more

 

News:
www.theregister.co.uk:
MSN Messenger worm seeds zombie networks. Read more

news.zdnet.co.uk:
MSN Messenger hit by double-whammy worm. Read more

www.securityfocus.com:
FBI e-mail breach feared. Read more

www.theregister.co.uk:
Fake tsunami appeal website terminated. Read more

www.theregister.co.uk:
JK Rowling warns on Harry Potter phishing scam. Read more

www.it-observer.com:
Beware of WiPhishing: Cirond Warns of New Wireless Security Danger. Read more

www.sophos.com:
Blackpool man arrested for phishing, Sophos reports. Read more

news.zdnet.co.uk:
Pensioners pioneer Internet security. Read more

news.zdnet.co.uk:
Email meltdown claims slammed. Read more

www.chron.com:
Spam has new way to evade security. Read more

www.thewhir.com:
Microsoft Unveils Search Engine. Read more

athens-olympics-2004.newkerala.com:
New disc to store hundreds of movies. Read more

04 February 2005

Guides, Papers, etc
www.vnunet.com:
Bugwatch: The commercialisation of malware. Read more

security-papers.globint.com.a:
Advanced SQL Injection in Oracle databases. Read more

www.hackbusters.net:
Worm and Virus Defense: How We Can Protect the Nation’s Computers From These Threats Today. Read more

www.securityfocus.com:
Linux Kernel Security is Lacking. Read more

 

Tools
cse.msstate.edu:
Travesty is an interactive program for managing the hardware addresses (MAC) of ethernet devices on your computer. It supports manually changing the MAC, generating random addresses, and applying different vendor prefixes to the current address. It also allows the user to import their own lists of hardware addresses and descriptions that can be navigated from within the Travesty interface. Read more

 

Vulnerabilities & Exploits
www.clickrisk.com:
Clickrisk Advisory: Keyword Hijacking / Google Adwords Flaw. Read more

www.k-otik.com:
DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities. Read more

securitytracker.com:
Python SimpleXMLRPCServer May Let Remote Users Access Internal Data or Execute Arbitrary Code. Read more

securitytracker.com:
LANChat Pro Can Be Crashed By Remote Users. Read more

securitytracker.com:
Mambo Bugs in Processing Global Variables Let Remote Users Gain Administrative Access. Read more

securitytracker.com:
SunShop Shopping Cart Input Validation Hole in 'search' Parameter Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
ngIRCd Format String Flaw in Log_Resolver() Grants Access to Remote Users. Read more

securitytracker.com:
ht://dig Unspecified Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
D-BUS Allows Local Users to Connect to the Session Bus. Read more

securitytracker.com:
Eudora Bugs in Processing E-mail, Stationary Files, or Mailbox Files Let Remote Users Execute Arbitrary Code. Read more

 

News:
www.securityfocus.com:
Supreme Court puts hacker sentences up for grabs. Read more

www.computerworld.com:
The dollars and cents of hacking. Read more

www.theregister.co.uk:
Botnets strangle Google Adwords campaigns. Read more

www.theregister.co.uk:
Worm poses as Saddam death pics. Read more

www.ciol.com:
New worm spreads via MSN Messenger. Read more

www.vnunet.com:
Spyware plague triples in three months. Read more

www.vnunet.com:
Spammers turn to directory harvest attacks. Read more

www.eweek.com:
Microsoft Preps 13 Security Advisories. Read more

www.vnunet.com:
Microsoft tackles governmental IT security. Read more

www.theregister.co.uk:
DEC warns of fake tsunami appeal website. Read more

03 February 2005

Guides, Papers, etc
www.securityfocus.com:
Apache 2 with SSL/TLS: Step-by-Step, Part 2. Read more

www.peterszor.com:
WORM WARS. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco IP/VC Hard-Coded SNMP Community Strings Let Remote Users Access the Device. Read more

securitytracker.com:
Painkiller Buffer Overflow in Processing Gamespy cd-key Hash Value Lets Remote Users Crash the Game. Read more

securitytracker.com:
DeskNow Mail and Collaboration Server Directory Traversal Flaw Lets Remote Authenticated Users Upload and Delete Arbitrary Files. Read more

securitytracker.com:
Newspost Buffer Overflow in socket_getline() Lets Remote Users Crash the Process. Read more

securitytracker.com:
newsgrab Has Unsafe Directory Permissions and Lets Remote Users Cause Files to Be Saved to Alternate Locations. Read more

securitytracker.com:
RealPlayer Lets Remote Users Load Scripting Code from Local Files. Read more

securitytracker.com:
newsfetch sscanf Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Eurofull E-Commerce 'mensresp.asp' Permits Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Microsoft Internet Explorer .ANI Files Handling ConnectBack Exploit (MS05-002). Read more

www.debian.org:
DSA-664-1 cpio -- broken file permissions. Read more

 

News:
news.com.com:
Zombie trick expected to send spam sky-high. Read more

www.theregister.co.uk:
Heise.de under DDoS attack. Read more

news.com.com:
Clueless about cookies or spyware? Read more

www.vnunet.com:
Wireless networks still open to drive-by hacks. Read more

news.zdnet.co.uk:
Phishers go for Potter fans. Read more

news.zdnet.co.uk:
Netscape gets 'No Phishing' sign. Read more

news.zdnet.co.uk:
Spammers 'tricking ISPs' into sending junk mail. Read more

www.net4nowt.com:
Magazine warns of greater hacking risk to broadband users. Read more

news.com.com:
Is hard time for worm author too harsh? Read more

www.theregister.co.uk:
Root kit surfaces after Jabber attack. Read more

www.it-observer.com:
Beyond the Patch Rat Race: Tools and Best Practices for Bastion Hosts O'Reilly Releases "Linux Server Security". Read more

www.theregister.co.uk:
SunnComm fixes 'Shift Key' embarrassment. Read more

www.russellbeattie.com:
Hacker attack post-mortem. Read more

uk.news.yahoo.com:
Singing worm abuses victims. Read more

www.vnunet.com:
The 'hacker tool' worm that gurned. Read more

www.webuser.co.uk:
Gurning worm welcomes hackers. Read more

02 February 2005

Guides, Papers, etc
engr.smu.edu:
Intrusion Detection for Viruses and Worms. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
Squid Handling of Oversized Reply Headers Vulnerability. Read more

www.milw0rm.com:
TinyWeb Server DoS Exploit. Read more

secunia.com:
RealPlayer RealMedia ".rm" Security Bypass Vulnerability. Read more

www.debian.org:
DSA-663-1 prozilla -- buffer overflows. Read more

www.debian.org:
DSA-662-1 squirrelmail -- several vulnerabilities. Read more

www.securitytracker.com:
Eurofull E-Commerce 'mensresp.asp' Permits Cross-Site Scripting Attacks. Read more

 

News:
www.pcworld.idg.com.au:
Microsoft seen poised to push anti-virus. Read more

en.chinabroadcast.cn:
Microsoft Enters Search Engine Battle. Read more

en.chinabroadcast.cn:
Microsoft Formally Launches Search Engine. Read more

www.theregister.co.uk:
Undead worms infest Windows PCs (again). Read more

www.pcworld.idg.com.au:
The Worm That Gurned – Email Virus Pulls A Funny Face, Sophos Reports. Read more

news.zdnet.com:
Zafi virus a top holiday hangover. Read more

news.zdnet.com:
Microsoft: SP2 shimmy's not a flaw. Read more

news.zdnet.co.uk:
Worm hijacks open source database. Read more

www.theregister.co.uk:
UK targets scammers in month-long campaign. Read more

news.zdnet.com:
Microsoft kicks off search effort. Read more

01 February 2005

Guides, Papers, etc
www.theregister.co.uk:
Interview with a link spammer. Read more

www.securityfocus.com:
Microsoft's Velvet Glove. Read more

www.ngssoftware.com:
Security Best Practice: Host Naming & URL Conventions. Read more

www.astalavista.com:
Web Services – Attacks and Defense. Read more

www.pcworld.com:
Create Your Own Windows Security Analysis Tool. Read more

www.research.ibm.com:
Computers and Epidemiology. Read more

 

Tools
www.diamondcs.com.au:
Advanced Process Manipulation. DiamondCS APM is an advanced process/module viewer and manipulation utility that allows unique control over target processes by becoming a part of them. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
ngIRCd Buffer Overflow in Lists_MakeMask() Lets Remote Users Deny Service. Read more

securitytracker.com:
Eternal Lines Web Server Lets Remote Users Deny Service With Multiple Simultaneous Connections. Read more

securitytracker.com:
Squid Buffer Overflow in WCCP recvfrom() Lets Remote Users Deny Service. Read more

securitytracker.com:
Captaris Infinite Mobile Delivery Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks and Determine the Installation Path. Read more

securitytracker.com:
Xpand Rally Memory Allocation Error Lets Remote Users Deny Service. Read more

securitytracker.com:
JShop Input Validation Flaw in 'product.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
cpio -O Unsafe umask May Let Local Users Read or Overwrite Archives. Read more

securitytracker.com:
CitrusDB Discloses Credit Card Import/Export Data to Remote Users. Read more

securitytracker.com:
Juniper JUNOS Unspecified Packet Processing Error Lets Remote Users Deny Service. Read more

www.k-otik.com:
Microsoft Windows XP SP2 Heap protection and DEP bypass Issue. Read more

 

News:
www.betanews.com:
New Sober Worm Surfaces. Read more

www.scmagazine.com:
New virus tells victims they are idiots. Read more

news.zdnet.co.uk:
Microsoft's anti-piracy plan condemned. Read more

www.vnunet.com:
Linux security is a 'myth', claims Microsoft. Read more

www.gcn.com:
Is a new ID theft scam in the wings? Read more

www.antiphishing.org:
Amazon.com- 'Account Verification Notice'. Read more

news.zdnet.co.uk:
Capital One takes online banking offline. Read more

www.theregister.co.uk:
Blaster copycat author jailed for 18 months. Read more

www.theinquirer.net:
Wireless security keys can be read. Read more

www.theregister.co.uk:
Dutch turn town into supercomputer. Read more


Copyright© MegaSecurity.org