Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!
News Archive    Translate Traducen    Home
News March 20002
30 April 2002

New trojans:
Muska52 1.5

Alicia Server version i

Gaura Client. Gaura is now complete.

News:
www.esecurityonline.com:
CDE dtprintinfo Help search buffer overflow vulnerability. Read more

www.it-checkpoint.net:
Several x-dev.de Guestbook and xNewsletter Vulnerabilities. Read more

mantra.freeweb.hu:
qpopper 4.0.4 buffer overflow condition. Read more

www.securiteam.co:
IndiaTimes.com - Email - Session hijacking and Inbox Blocking. Read more

www.securiteam.co:
MP3 Files can Cause Code Execution under Winamp. Read more

www.securiteam.co:
CSS Bug in Browser Testing Script. Read more

www.securiteam.co:
PHP-Survey Global.INC Information Disclosure Vulnerability. Read more

www.salon.com:
AOL Instant Messenger is hacked. Read more

www.internetnews.com:
AIM Today Gets Hacked. Read more

www.computing.vnunet.com:
Military hackers hit US Defense office. Read more

www.computing.vnunet.com:
Vivendi strikes back at 'sabotage' hackers. Read more

www.computing.vnunet.com:
Firms complacent over antivirus. Read more

zdnet.com.com:
Worms--who's the deadliest of them all? Read more

www.cnet.com:
Survey: Klez worm tops SirCam, Nimda. Read more

www.nipc.gov:
"Propagation of the W32/Klez.h@mm Worm and Variants". Read more

news.zdnet.co.uk:
MS security cop patrols a tough beat. Read more

news.zdnet.co.uk:
'Blended' attacks pose serious security threat. Read more

29 April 2002

New trojan(s):
BioNet 4.00.03 BE

Delta Remote Access version b

Optix PRO 1.0

News:
www.guninski.com:
More Office XP problems - Version 3.0. Read more

wwwpool.quickfire.org:
directNIC CSS vulnerabilities. Read more

online.securityfocus.com:
PHP-Survey Global.INC Information Disclosure Vulnerability. Read more

www.securitytracker.com:
PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users. Read more

www.securitytracker.com:
Winamp MP3 Player Buffer Overflow in the Mini-Browser Lets Remote Users Cause Arbitrary Code Inserted into MP3 Files to Be Executed. Read more

digitalmass.boston.com:
Vivendi to lodge complaint on suspected Internet hacking at annual meeting. Read more

www.taipeitimes.com:
`Task Force Tiger' put to the test. Read more

in.tech.yahoo.com:
Internet as warfare tool comes of age in Afghan conflict. Read more

www.internetnews.com:
EU Throws The Book At Cyber Criminals. Read more

www.computeruser.com:
Klez infection spreading across the Net - anti-virus firm. Read more

www.theregister.co.uk:
Crackers favour war dialling and weak passwords. Read more

www.computeruser.com:
The war of the wares
Spyware battles defenseware for control of your PC. Read more

www.newsbytes.com:
Security Agents Head For Cybercrime School. Read more

28 April 2002

New trojan(s):
Netkey

PSYchoFiles 1.1b Client

Pasana Server

News:
online.securityfocus.com:
Nullsoft Winamp Minibrowser ID3v2 Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
PHPProjekt SQL Injection Vulnerability. Read more

www.securitytracker.com:
ZeroForum Discussion Board Vulnerable to Cross-Site Scripting Attacks Because It Allows User-Supplied Javascript in BBCode Image Tags. Read more

www.securitytracker.com:
Microsoft Outlook Weak Security Enforcement When Editing Messages with Microsoft Word Lets Remote Users Send Malicious Code to Outlook Recipients That Will Be Executed When Forwarded or Replied To. Read more

www.securitytracker.com:
Sudo Utility Has Heap Overflow That May Let Local Users Execute Arbitrary Code with Root Privileges. Read more

www.securiteam.com:
Multiple Vulnerabilities in Stack Smashing Protection Technologies. Read more

www.securiteam.com:
Writing Buffer Overflow Exploits - a Tutorial for Beginners. Read more

www.securiteam.com:
Apache Security Configuration Guide. Read more

www.securiteam.com:
Linux Security Configuration Document. Read more

www.securiteam.com:
Fingerprinting Port 80 Attacks: A Look into Web Server, and Web Application Attack Signatures: Part Two. Read more

www.securiteam.com:
Practical Exploitation of RC4 Weaknesses in WEP Environments. Read more

www.washingtonpost.com:
Worries of Cyberattacks on U.S. Are Aired. Read more

www.newsbytes.com:
Security Agents Head For Cybercrime School. Read more

www.techfocus.org:
Crackers and Feds working together? What it will take: Read more

27 April 2002

New trojan(s):
DKangel 2.41

Alicia Server (b) & (d)

KWM Server version b

Tool:
www.insecure.org:
Nmap version 2.54BETA33 is available. Read more

www.shadowpenguin.org:
GreedyDog is the ethernet packet sniffer for Linux, FreeBSD, OpenBSD, NetBSD, Solaris2, SunOS4, AIX, HP-UX, IRIX, MacOSX, and Windows2000/Xp. Read more

www.intranode.com:
New Tool And Technique For Remote Operating System Fingerprinting. Read more

reeler.org:
nstats prints statistics about ethernet network traffic. Read more

News:
Microsoft Security Bulletin MS02-006
Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run. Read more

www.cert.org:
Overview of Attack Trends (pdf). Read more

online.securityfocus.com:
Sudo Password Prompt Heap Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft Baseline Security Analyzer Plaintext Result File Vulnerability. Read more

online.securityfocus.com:
Microsoft Plugs Scripting Hole In Word/Outlook Combo. Read more

www.securitytracker.com:
PHProjekt Groupware Has Multiple Flaws That Allow Remote Users to Gain Unauthorized Access, Make Changes to the Database, and View Files Located Anywhere on the System. Read more

www.securitytracker.com:
SGI IRISconsole Management Software May Let Remote Users Login With the Wrong Password. Read more

www.securitytracker.com:
FreeBSD Kernel Memory Map Bug in 'mmap()' and 'msync()' May Let Local Users Crash the System. Read more

www.securitytracker.com:
More PHP-Nuke Input Filtering Bugs Let Remote Users Conduct Cross-Site Scripting Attacks Against Other Users. Read more

www.securitytracker.com:
Microsoft Internet Explorer Browser Can Be Crashed By Remote HTML Containing Malicious Image Tags That Cause Infinite Processing Loops. Read more

www.securitytracker.com:
Kerberos4 FTP Client Heap Overflow Lets Malicious Servers Execute Arbitrary Code on the FTP Client. Read more

www.securiteam.com:
Denial of Service in Mosix. Read more

www.iss.net:
Klez (W32.Klez.gen@mm) mass mailing worm. Read more

afr.com:
Klez virus sweeping world. Read more

www.newsbytes.com:
Chernobyl Virus Damage Expected To Be Minimal. Read more

www.theregister.co.uk:
Cisco and Sophos spoofed in virus mail-outs. Read more

www.newsbytes.com:
Microsoft Yanks Office Tools After Security Report. Read more

www.theregister.co.uk:
Crackers favour war dialling and weak passwords. Read more

www.theregister.co.uk:
MS Word runs malicious e-mail scripts. Read more

26 April 2002

New trojan(s):
Feuerleiter 2.0

Feri Server (d)

Lurker 1.1 Server. Complete now.

News:
Microsoft Security Bulletin MS02-021
E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward (Q321804). Read more

www.debian.org:
DSA-127-1 xpilot-server -- remote buffer overflow. Read more

www.debian.org:
DSA-126-1 imp -- cross-site scripting. Read more

online.securityfocus.com:
Internet Explorer Recursive JavaScript Event Denial of Service Vulnerability. Read more

online.securityfocus.com:
Microsoft Outlook Express DOS Device Denial of Service Vulnerability. Read more

www.securitytracker.com:
HP-UX passwd(1) Utility May Allow Local Users to Corrupt the Password File. Read more

www.securitytracker.com:
csMailto Perl-based Form Mail Script Input Validation Flaw Allows Remote Users to Execute Arbitrary Commands on the Server. Read more

www.securitytracker.com:
MOSIX Cluster Environment for Linux Allows Remote Users to Crash the Cluster With Arbitrary Packets. Read more

www.securitytracker.com:
WoltLab Burning Board PHP-based Forum Software Has Input Filtering Flaws That Allow Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PHP Posix_getpw* Functions Ignore Safe_mode and Open_basedir Settings Allowing Restricted Users to Retrieve Password Information. Read more

www.securitytracker.com:
LabVIEW Test and Measurement Software Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
ICQ Instant Messaging Client Can Be Crashed When Malformed '.hpf' Files are Loaded. Read more

www.securitytracker.com:
Intellisol Xpede Expense Reporting Software from WorkforceROI Has Multiple Flaws That Disclose Sensitive Information to Remote Users and Allow Remote Users to Make Administrative Changes. Read more

www.securitytracker.com:
Linux 'ld-linux.so.2' Dynamic Linker Allows Local Users to Execute Programs For Which They Do Not Have Execute Permissions. Read more

www.securiteam.com:
csMailto.cgi - Remote Command Execution. Read more

www.securiteam.com:
Intel D845HV/WN/PT Series Motherboard Vulnerability. Read more

www.securiteam.com:
De-Anonymizer (SCRIPT Bypassing). Read more

www.securiteam.com:
InterScan Reveals The List of BCC When It Strips Attachments (Via Alert). Read more

www.securiteam.com:
LabVIEW Web Server DoS Vulnerability. Read more

www.securiteam.com:
Sudo Password Prompt Vulnerability. Read more

www.securiteam.com:
Kerberos4 FTP Client Found to Contain a Heap Overflow. Read more

www.chicagotribune.com:
CIA warns of Chinese plans for cyber-attacks on U.S. Read more

www.siliconvalley.com:
China not thought capable of hacking sensitive U.S., Taiwanese documents. Read more

www.siliconvalley.com:
CIA: China planning cyber-attacks on U.S., Taiwan. Read more

news.com.com:
New "Klez" still clobbering PC users. Read more

www.koreaherald.co.kr:
Hackers exploit Korea to attack global systems. Read more

www.techtv.com:
Female Hacker Packs Punch. Read more

www.theregister.co.uk:
FAA hacked by patriots. Read more

news.com.com:
Hackers turn tables on file-swapping firms. Read more

news.zdnet.co.uk:
Lack of reporting hits cybercrime fight. Read more

www.theregister.co.uk:
Security exhibitors set up insecure WLANs. Read more

25 April 2002

New trojan(s):
Opwin 1.1

Darksky 1.0

DRA Server (a)

Tools:
www.abim.wd1.net:
AVP Clone project - Anti Virus - Version 0.1.7 by Senna Spy. Read more

www.32bits.co.uk:
DLock will watch your file system for specific files, and alert you if they appear (virus, spyware, copy, and paste, whatever). Read more

www.snort.org:
Snort 1.8.7beta1 available. Download

News:
online.securityfocus.com:
Matu FTP Client Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
BSD exec C Library Standard I/O File Descriptor Closure Vulnerability. Read more

online.securityfocus.com:
SLRNPull Spool Directory Command Line Parameter Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
PsyBNC Oversized Passwords Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Philip Chinery's Guestbook Script Injection Vulnerability. Read more

online.securityfocus.com:
vqServer CGI Demo Program Script Injection Vulnerability. Read more

www.securitytracker.com:
Microsoft MSN Messenger Instant Messaging Client Discloses Buddy List to Local Users. Read more

www.securitytracker.com:
Matu FTP Client Buffer Overflow Allows Remote Malicious FTP Servers to Execute Arbitrary Code on the Client. Read more

www.securitytracker.com:
psyBNC Internet Relay Chat (IRC) Bouncer Authentication Processing Bug Lets Remote Users Tie Up All Available Connection Slots. Read more

www.securitytracker.com:
Slrnpull News Retrieval Application Buffer Overflow in Spool Directory Option May Allow Local Users to Obtain Elevated Privileges. Read more

www.securitytracker.com:
BSD UNIX Kernel File Descriptor Processing Flaw May Let Local Users Write to Root Owned Files to Gain Root Privileges on the System. Read more

www.securitytracker.com:
Lil' HTTP Server Discloses Files Located Outside of the Web Document Directory to Remote Users and Allows Remote Users to Conduct Cross-site Scripting Attacks Against Administrators. Read more

www.securitytracker.com:
vqServer Java-based Web Server Sample CGI Script Allows Cross-Site Scripting Attacks. Read more

www.finjan.com:
Microsoft Baseline Security Analyzer exploit (Exposed vulnerabilities' list). Read more

infosec.uninet.edu:
Logs of online conference at UniNet. Read more

cyberlaw.stanford.edu:
Stanford's Center for Internet and Society Conference on Computer Security Vulnerability Disclosure. Read more

www.vnunet.com:
Interpol warns firms over security 'vacuum'. Read more

www.theregus.com:
Virus writers outpace traditional AV. Read more

www.extremetech.com:
Worm Writers Get Wormier. Read more

www.techfocus.org:
Klez worm spoofs From field, confuses lusers. Read more

www.ledger-enquirer.com:
Air Force cadets face hackers in cyberbattle. Read more

www.silicon.com:
Cisco blunders with insecure web page. Read more

www.theregus.com:
Security exhibitors set up insecure WLANs. Read more

europe.cnn.com:
Viruses with more bark than bite. Read more

timesofindia.indiatimes.com:
CBI registers first hacking case. Read more

www.computing.vnunet.com:
Third of UK businesses at DDoS risk. Read more

www.msnbc.com:
‘Brute force’ card thieves attack. Read more

24 April 2002

New trojan(s):
Net Advance 3.0.0 beta 3

FTP Trojan Generator

Delf Server (k)

News:
www.securitytracker.com:
Microsoft Internet Explorer Web Browser Can Be Crashed By Remote Users With OLE OBJECT Element Dependency Loops. Read more

www.securitytracker.com:
ICQ Chat Client Can Be Crashed By Remote Users Sending Malformed Contact Packets. Read more

www.securitytracker.com:
PostCalendar Add-on Module for PostNuke Lets Remote Users Conduct Cross-Site Scripting Attacks Against PostCalendar Users. Read more

www.securitytracker.com:
Philip Chinery's Guestbook.pl Script Fails to Filter User-Supplied Input, Allowing Cross-Site Scripting Attacks. Read more

www.securiteam.com:
AIM Remote File Transfer/Direct Connection Vulnerability. Read more

www.securiteam.com:
Suid Application Execution May Give Local Root (Testing App). Read more

www.securiteam.com:
Matu FTP Remote Buffer Overflow Vulnerability. Read more

www.securiteam.com:
psyBNC Vulnerable to a DoS Attack (Exploit). Read more

www.securiteam.com:
Suid Application Execution May Give Local Root (Exploit Code). Read more

www.securiteam.com:
Philip Chinery's Guestbook Cross Site Scripting Vulnerability. Read more

www.securiteam.com:
Posix_getpw* Ignores Safe_mode and Open_basedir Settings. Read more

www2.caller.com:
Cyber-wars between Israel and Palestinians. Read more

timesofindia.indiatimes.com:
Taiwan organising cyber war drill. Read more

www.computing.vnunet.com:
Rumbled Russian hackers banged up. Read more

www.zdnet.com:
Why the Klez worm just won't go away. Read more

zdnet.com.com:
Europe plans to jail hackers. Read more

quote.bloomberg.com:
Microsoft's Gates Says Plan Would Mean End to Windows (Update3). Read more

www.cnn.com:
Gates: Penalties would hamper Windows. Read more

www.nwfusion.com:
Honeynet looks to sting hackers. Read more

www.businessweek.com:
The Devil Is in the E-Mail. Read more

www.eveningtelegraph.co.uk:
SCOTLAND-WIDE SCHEME IN FIGHT AGAINST CRIME. Read more

www.ireland.com:
EU proposes harmonisation of rules on cyber-crime. Read more

www.cjonline.com:
Names, credit card numbers found via city's Web site. Read more

www.internetnews.com:
Airline Database Posted On Defacement. Read more

23 April 2002

New trojan(s):
BioNet 4.0.2 BE

Hydroleak beta 1

Daniel Server. Daniel is now comlete.

News:
online.securityfocus.com:
Faq-O-Matic Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
PostCalendar 3.0 Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer Self-Referential Object Denial of Service Vulnerability. Read more

online.securityfocus.com:
WorkforceROI XPede Arbitrary Time Sheet Disclosure Vulnerabiltiy. Read more

online.securityfocus.com:
PostBoard BBCode IMG Tag Script Injection Vulnerability. Read more

online.securityfocus.com:
OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
PostBoard Topic Title Script Execution Vulnerability. Read more

online.securityfocus.com:
PostBoard BBCode Denial Of Service Vulnerability. Read more

www.securiteam.com:
vqServer Demo File Cross-Site Scripting. Read more

www.securiteam.com:
Lil' HTTP Server "Referer" Cross Site Scripting Vulnerability. Read more

www.securiteam.com:
Lil' HTTP Server Directory Traversal Vulnerability. Read more

www.securiteam.com:
Slrnpull Buffer Overflow (-d Parameter). Read more

www.securiteam.com:
AFS/Kerberos Support in OpenSSH Poses a Security Threat. Read more

www.securiteam.com:
Suid Application Execution May Give Local Root. Read more

www.securitytracker.com:
GNU Screen Window Manager Lets Local Users Execute Arbitrary Code With Root Privileges to Gain Root Access on the System. Read more

www.extremetech.com:
IMHO: Dear Bill: Don't Do It! Read more

www.extremetech.com:
Hackers Skeptical Of Microsoft's "Holey War". Read more

www.newsfactor.com:
How Teens Still Hack Million-Dollar Security Systems. Read more

timesofindia.indiatimes.com:
Taiwan organising cyber war drill. Read more

www.pcmag.com:
Microsoft Security Tool Leaves Holes. Read more

www.spacer.com:
Defending The Data. Read more

www.newscientist.com:
New tool dupes computer defences. Read more

augustachronicle.com:
Hijacked Web sites can become weapon in terrorists' arsenal. Read more

www.oreillynet.com:
Wireless LAN Security: A Short History. Read more

www.cleveland.com:
Instant messagers, beware! Instant monitoring is coming. Read more

www.nandotimes.com:
ATM hackers sentenced in Russia. Read more

www.fcw.com:
Army proxy server closes Web back door. Read more

www.zdnet.com:
Keep your files safe with these encryption tools. Read more

22 April 2002

New trojan(s):
Protoss 1.6

Alicia Server (d)

Stats Server

Tool:
www.monkey.org:
Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host. Read more

News:
www.securitytracker.com:
OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions. Read more

www.securitytracker.com:
Snitz Forums Input Validation Error Lets Remote Users Insert SQL Commands and View the Database Contents. Read more

www.securitytracker.com:
Foundstone FScan Port Scanning Utility May Execute Arbitrary Code When Scanning Malicious Remote Servers. Read more

www.securitytracker.com:
Microsoft Distributed Transaction Coordinator Can Be Crashed By Remote Users Sending Malformed Packets. Read more

www.securiteam.com:
User Privileges Vulnerability in Oracle9i Database Server. Read more

www.securiteam.com:
Xpede Found to Contain Multiple Vulnerabilities. Read more

www.securiteam.com:
MHonArc Script Filtering Bypass Vulnerability. Read more

www.securiteam.com:
IcrediBB Contains a Cross Site Scripting Vulnerability. Read more

www.cisco.com:
Simplex TCC, TCC+, TCCi, XC, XCVT and XC10G Configuration are Unsupported. Read more

rtnews.globetechnology.com:
EU to clamp down on hacking, Internet attacks. Read more

news.bbc.co.uk:
Virus returns with a sting in its tail. Read more

www.msnbc.com:
A $1 billion, corporate-funded hack? Read more

www.newsbytes.com:
Plans For Secure Federal Intranet Moving Forward. Read more

www.theregister.co.uk:
NTL hacked? Read more

www.stuff.co.nz:
Don't overlook the potential security threat from within. Read more

www.usatoday.com:
Future of e-mail encryption uncertain. Read more

21 April 2002

New trojan(s):
LastDoor 1.0

SysRoot Server

Bigorna 1.0 Client. Biogorna 1.0 is now complete.

News:
spoor12.edup.tudelft.nl:
Local file detecting and installed software fingerprinting. Read more

spoor12.edup.tudelft.nl:
How to Executing scripts when reading a malicious email in Hotmail.. Read more

online.securityfocus.com:
IcrediBB Script Injection Vulnerability. Read more

online.securityfocus.com:
Foundstone FScan Banner Grabbing Format String Vulnerability. Read more

online.securityfocus.com:
Oracle E-Business Suite 11i Unauthorized PL/SQL Procedure Access Vulnerability. Read more

www.securitytracker.com:
MHonArc Mail-to-HTML Converter Input Filtering Mechanisms Can Be Bypassed, Allowing Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Caldera Open UNIX X11 Library Buffer Overflow May Allow Users to Exploit Applications That are Based on the Library to Gain Elevated Privileges. Read more

www.securitytracker.com:
Linker Search Engine Software Has Input Validation Flaw That Lets Remote Users View Files on the System and Gain Administrative Access to the Search Engine. Read more

www.securitytracker.com:
'Chanserv' Services in Many Internet Relay Chat (IRC) Servers 'De-op' Users Too Slowly, Allowing Remote Users to Potentially Cause Denial of Service Conditions. Read more

www.securitytracker.com:
PVote Online Voting System Lack of Authentication Lets Remote Users Gain Administrative Access to the Application. Read more

www.securitytracker.com:
Buffer Overflow in Solaris Event Detector Daemon (edd) for Enterprise 10000 SSP Server May Let Remote Users Gain Root Access to the System. Read more

www.securitytracker.com:
Macromedia ColdFusion Server Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
HP MPE/iX Operating System Can Be Crashed By Remote Users Sending Malformed IP Packets. Read more

www.securiteam.com:
DoS in Multiple IE Versions (Self-Referenced Directives). Read more

www.securiteam.com:
Snitz Forums 2000 Remote SQL Query Manipulation Vulnerability. Read more

www.securiteam.com:
Tomcat Real Path Disclosure Vulnerability. Read more

zdnet.com.com:
Turning red over Klez virus. Read more

www.commweb.com:
Gates: Crashes And Hacks Foil Windows. Read more

www.wired.com:
Annoying Worm Writer Wants Job. Read more

20 April 2002

New trojan(s):
Mini Evangelion

Yajing 1.0 Server

Dosh Server version d News:
www.guardent.com:
Format String Attacks (pdf). Read more

www.appsecinc.com:
Microsoft SQL Server: Buffer Overflows in numerous extended stored procedures. Read more

spoor12.edup.tudelft.nl:
SkyLined: The homepage for absolutely nothing. Read more

online.securityfocus.com:
MPE/iX Malformed IP Packet Denial of Service Vulnerability. Read more

online.securityfocus.com:
AOLServer Developer API Ns_PdLog() Format String Vulnerability. Read more

www.securitytracker.com:
Oracle E-Business Suite Input Validation Flaw May Let Remote Users Execute Arbitrary PL/SQL Procedures on the Applications Database. Read more

www.securitytracker.com:
Talentsoft Web+ Buffer Overflow in Processing Cookies Lets Remote Users Execute Arbitrary Code With SYSTEM Privileges. Read more

www.securitytracker.com:
Microsoft Back Office Web Administration Authentication Mechanism Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
WebTrends Reporting Center Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code with SYSTEM Privileges. Read more

www.securitytracker.com:
FreeBSD UNIX ICMP Implementation Lets Remote Users Cause the Kernel to Consume All Available Memory. Read more

www.securitytracker.com:
Sambar Server Discloses Script Source Code to Remote Users and Can Be Crashed By Remote Users via Malformed URLs. Read more

www.securitytracker.com:
Microsoft Windows 2000 'microsoft-ds' Service Flaw Allows Remote Users to Create Denial of Service Conditions By Sending Malformed Packets. Read more

www.securiteam.com:
Foundstone Fscan Format String Bug. Read more

www.securiteam.com:
Gawk Contains an Exploitable Buffer Overflow. Read more

www.securiteam.com:
Posadis Format String and Buffer Overflow Exploit Codes. Read more

www.securiteam.com:
An Alternative Method to Check for LKM Backdoor/Rootkit. Read more

www.securiteam.com:
Multiple Vulnerabilities Found in PVote. Read more

www.securiteam.com:
Compaq Tru64 UNIX dtprintinfo "-session" Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Compaq Tru64 UNIX libc Buffer Overflow Vulnerability. Read more

www.securiteam.com:
DDate Proof Of Concept Exploit and Bug details. Read more

www.securiteam.com:
FileSeek CGI Script Command Execution and Arbitrary File Viewing Vulnerabilities. Read more

online.securityfocus.com:
VBA Emulation – A Viable Method of Macro Virus Detection? Part One. Read more

news.com.com:
New Klez worm squirms across Internet. Read more

www.theregister.co.uk:
Klez worm infects and infuriates. Read more

www.computeruser.com:
New take on Klez worm spreading, anti-virus firms say. Read more

www.cnet.com:
Klez virus passes confidential info. Read more

www.newsbytes.com:
Palestinian Sites Knocked Offline By Mideast Conflict. Read more

news.com.com:
New tool helps hackers evade detection. Read more

news.bbc.co.uk:
Hacking 'legal' in Argentina. Read more

www.ecommercetimes.com:
Hacking Through the Wireless Jungle. Read more

www.theregister.co.uk:
My daily virus. Read more

www.govexec.com:
White House cyber czar describes next phase of Internet plan. Read more

19 April 2002

New trojan(s):
Wildek 0.3 Servers

Remote Saucer 1.1

Little Witch 5.1

News:
www.hert.org:
Format string vulnerability. Read more

www.team-teso.net:
Exploiting format string vulnerabilities. Read more

www.intranode.com:
New Tool And Technique For Remote Operating System Fingerprinting (pdf). Read more

Oracle Security Alert #33
User Privileges Vulnerability in Oracle9i Database Server (pdf). Read more

online.securityfocus.com:
Symantec Norton Personal Firewall 2002 Portscan Protection Bypass Vulnerability. Read more

www.securitytracker.com:
Pipermail Mailing List Archive Software Directory Permission Flaw May Let Local Users View Private Mailing List Archive Contents. Read more

www.securitytracker.com:
AOL Instant Messenger Temporary File Flaw May Allow Remote Users on an AIM Direct Connection to Create Files With Arbitrary File Names on the Host. Read more

www.securitytracker.com:
AOLserver Format String Flaw and Buffer Overflow in 'libnspd.a' API for External Database Driver Proxy Daemons May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Internet Explorer (IE) 'dialogArguments' Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks Against IE Users. Read more

www.securitytracker.com:
PostBoard Add-on Module for PostNuke Allows Cross-Site Scripting Attacks and Denial of Service Attacks. Read more

www.securitytracker.com:
XPilot Gaming Server Has Buffer Overflow That Lets Remote Users Execute Arbitrary Code on the Server. Read more

www.securitytracker.com:
IcrediBB Bulletin Board Allows Cross-Site Scripting Attacks to Steal User and Administrator Authentication Cookies. Read more

www.securitytracker.com:
Wiley Computer's CGI/Perl Cookbook FileSeek.cgi Script Lets Remote Users Execute Arbitrary Commands on the Server and View Files Located Anywhere on the Server. Read more

www.securitytracker.com:
Oracle Database ANSI Outer Join Syntax Lets Valid Users Obtain Unauthorized Access to Sensitive Data in the Data Dictionary. Read more

www.securitytracker.com:
Demarc PureSecure Network Monitor Allows Remote Users to Inject SQL Commands to Bypass the Authentication Process and Gain Administrator Access to the Application. Read more

www.securitytracker.com:
Norton Personal Firewall Portscan Detection Fails to Detect and Block SYN/FIN Scans. Read more

www.securitytracker.com:
HP Photosmart Printer Drivers Use Unsafe File Permissions and Let Local Users Gain Elevated Privileges on the System. Read more

www.securitytracker.com:
FreeBSD UNIX Kernel Flaw in Providing SYN Flood Protection Lets Remote Users Crash the Kernel With Valid TCP/IP Packets. Read more

www.securitytracker.com:
Symantec Enterprise Firewall (Raptor) FTP Proxy Allows Remote Users to Conduct FTP Bounce Attacks Using Protected FTP Servers. Read more

www.securitytracker.com:
Macromedia ColdFusion Web Application Server Allows Remote Users to Conduct Cross-Site Scripting Attacks to Steal Authentication Cookie. Read more

www.securitytracker.com:
IBM Lotus Domino Web Server Buffer Overflow During Authentication May Let Remote Users Crash the Web Server. Read more

www.securiteam.com:
Back Office Web Administration Authentication Bypass. Read more

www.securiteam.com:
ColdFusion Allows for Path Disclosure (DOS Devices). Read more

www.securiteam.com:
SQL Extended Procedure Functions Contain Unchecked Buffers. Read more

www.securiteam.com:
IBM Informix Web DataBlade Local Root by Design. Read more

www.securiteam.com:
Symantec Enterprise Firewall FTP Bounce Vulnerability (Patch Available). Read more

www.securiteam.com:
WebTrends Reporting Center Buffer Overflow and Path Disclosure. Read more

www.canada.com:
Bundled program threat to computer privacy. Read more

www.latimes.com:
These Nets Have Security Holes. Read more

www.wired.com:
Carnivore's New Leash on Life? Read more

www.vnunet.com:
Corporate hacks go unreported. Read more

www.vnunet.com:
DoS attack storms port 445. Read more

www.vnunet.com:
Bug Watch: All quiet on the virus front. Read more

www.theregister.co.uk:
Middle East conflict spills over into cyberspace. Read more

cansecwest.com:
The third annual CanSecWest conference. Read more

eprairie.com:
Security, Disaster Recovery Issues After Sept. 11. Read more

www.cnn.com:
Hack attack, how you might be a target. Read more

www.computerworld.com:
Q&A: Microsoft Senior VP Paul Flessner on Trustworthy Computing. Read more

www.newsbytes.com:
Florida Bank Suffers Online Security Breach. Read more

www.zdnet.com:
Uncrackable encryption: It's no longer just sci-fi. Read more

18 April 2002

New trojan(s):
Muska52 1.4

Galaxy Server

Nethero 1.0a

News:
Microsoft Security Bulletin MS02-020
SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507). Read more

DSA-127-1 xpilot-server -- remote buffer overflow. Read more

online.securityfocus.com:
Multiple Microsoft Products for MacOS File URL Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer Unicode Character Handling DoS Vulnerability. Read more

www.securitytracker.com:
Microsoft Outlook Express for Mac OS Has Buffer Overflow in Processing the 'file://' URL That Allows Remote Users to Cause Arbitrary Code to Be Executed. Read more

www.securitytracker.com:
Microsoft Office for Mac OS Has Buffer Overflow in Processing the 'file://' URL That Allows Remote Users to Cause Arbitrary Code to Be Executed. Read more

www.securitytracker.com:
Microsoft Internet Explorer for Mac OS Has Buffer Overflow in Processing the 'file://' URL That Allows Remote Users to Cause Arbitrary Code to Be Executed. Read more

www.securitytracker.com:
Microsoft Word Object Creation Flaw Lets Remote Users Create ActiveX That Will Consume Memory on the Victim's Computer. Read more

www.securitytracker.com:
SOAP::Lite for Perl Lets Remote Users Call Arbitrary Perl Functions on the System. Read more

www.securitytracker.com:
xNewsletter PHP-based News Distribution Script Discloses Subscriber Addresses to Remote Users and Lets Remote Users Create Denial of Service Conditions. Read more

www.securitytracker.com:
xGB PHP-based Guestbook Software Allows Cross-Site Scripting Attacks and Lets Remote Users Delete the Datafile and Possibly Execute Arbitrary PHP Commands on the Server. Read more

www.securitytracker.com:
Cisco CallManager Affected by Microsoft Internet Information Server (IIS) Bugs. Read more

www.securitytracker.com:
SGI IRIX Operating System XFS Filesystem Bug Lets Remote Users Cause Applications to Hang. Read more

www.securitytracker.com:
AOL Instant Messenger (AIM) Chat Software May Disclose Buddy List Information to Local Users. Read more

www.securitytracker.com:
Computer Associates CA-MLINK Buffer Overflows May Let Local Users Gain Root Privileges on the System. Read more

www.securitytracker.com:
Nortel CVX-1800 Multi-service Access Switch Discloses Administrative Account Names and Passwords to Remote Users. Read more

www.securitytracker.com:
Melange Chat Server Buffer Overflow in Processing of '/yell' Message May Let Remote Users Execute Arbitrary Code on the Chat Server. Read more

www.securitytracker.com:
SunShop Shopping Cart Lack of Input Filtering Lets Remote Users Conduct Cross-Site Scripting Attacks Against SunShop Site Administrators. Read more

www.securitytracker.com:
Webalizer Buffer Overflow Allows Remote Users to Execute Arbitrary Code on the Server via Reverse DNS Lookups. Read more

www.securiteam.com:
Using the Backbutton under IE Found to be Dangerous. Read more

www.securiteam.com:
Raptor Firewall FTP Bounce Vulnerability. Read more

www.securiteam.com:
Demarc PureSecure Allows Users to Bypass Login Restrictions. Read more

www.securiteam.com:
Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute. Read more

www.theregister.co.uk:
The IE back-button attack. Read more

www.informationweek.com:
Klez Worm Is Back April. Read more

www.infoworld.com:
Microsoft defends Baseline Security Analyzer tool. Read more

www.silicon.com:
Microsoft security hole enables Mac hacks. Read more

www.techtv.com:
Sir Dystic from the hacker group Cult of the Dead Cow hacks a home computer in a simulated attack. Read more

news.bbc.co.uk:
Indian hacker turns cyber cop. Read more

www.scientificamerican.com:
Survival in an Insecure World. Read more

www.nationalpost.com:
Networks ill-prepared for hackers, terrorists. Read more

www.miami.com:
U.S. targets cybercriminals. Read more

www.wired.com:
Perplexing Argentine Hack Law. Read more

17 April 2002

New trojan(s):
Gothic Intruder 1.1

Fenster 2.1 Server

Derek 2.0 Server verion b

Tool:
www.monkey.org:
fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host. Read more

ntsecurity.nu:
PromiscDetect checks if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer. Read more

curl.haxx.se:
LibcURL, a Multi-Protocol File Transfer Library. Read more

jquiroga.d2g.com:
SQLExecute Helper Tool. Read more

News:
Microsoft Security Bulletin MS02-019
Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute (Q321309). Read more

www.pentest-limited.com:
Exploiting And Protecting Oracle (pdf). Read more

www.debian.org:
DSA-126-1 imp -- cross-site scripting. Read more

jscript.dk:
IE allows universal Cross Site Scripting. Read more

www.digitaloffense.net:
Microsoft FTP Service STAT Globbing DoS. Read more

www.dsinet.org:
2 vulnerabilities in FileSeek. Read more

www.w00w00.org:
Vulnerability in Multiple Microsoft Products for Mac OS. Read more

online.securityfocus.com:
Using the backbutton in IE is dangerous. Read more

www.nta-monitor.com:
Raptor Firewall FTP Bounce vulnerability. Read more

online.securityfocus.com:
Bradford Barrett Webalizer Reverse DNS Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer History List Script Injection Vulnerability. Read more

online.securityfocus.com:
StepWeb Search Engine Admin Webpage Access Vulnerability. Read more

www.securitytracker.com:
StepWeb Search (SWS) Perl-based Search Engine Inadequate Access Controls Lets Remote Users Gain Administrative Access to the Search Engine. Read more

www.securiteam.com:
Remote Buffer Overflow in Webalizer (DNS Resolve). Read more

www.securiteam.com:
Microsoft IE/Office for Mac OS Buffer Overflow Vulnerability. Read more

www.meganet.com:
Crack the code and win a brand new Ferrari 360 Challenge! Read more

abcnews.go.com:
Filtering Out Terrorists? Internet Cafes Struggle With Issues of Terrorism vs. Privacy. Read more

www.computing.vnunet.com:
Apply IIS patches 'immediately'. Read more

www.bbj.hu:
New internet legislation outlaws all hacking. Read more

www.computing.vnunet.com:
Hackers target Israel. Read more

www.zdnet.com:
Warning! Why one virus alert system won't fit all. Read more

www.ecommercetimes.com:
Behind the Security Breach Hype. Read more

www.idg.net:
Q&A: Microsoft Senior VP Paul Flessner on Trustworthy Computing. Read more

www.online.ie:
Gaucho hackers escape legal lasso. Read more

www.computing.vnunet.com:
Users spill password beans. Read more

16 April 2002

New trojan(s):
Zhang Server (Backdoor.Zhang)is renamed to SweetHeart
SweetHeart 1.0 Client. SweetHeart 1.0 is now complete.

LameRemote 1.0

Sysinst Server

News:
www.it-checkpoint.net:
The Guestbook- and Newsletterscript by "x-development" are vulnerable to Cross Site Scripting Vulnerabilities. Read more

www.iss.net:
Internet Security Systems Security Alert Summary AS02-15. Read more

www.ppp-design.de:
cross-site-scripting bug in SunShop Shopping Cart. Read more

online.securityfocus.com:
IRIX XFS filesystem denial of service attack. Read more

www.securiteam.com:
Writing Buffer Overflow Exploits - a Tutorial for Beginners. Read more

www.securiteam.com:
Linux Security Configuration Document. Read more

www.securiteam.com:
Practical Exploitation of RC4 Weaknesses in WEP Environments, Read more

www.securiteam.com:
/usr/bin/mail OpenBSD Local Root Compromise (Escaping Tilde, Exploit). Read more

www.securiteam.com:
INN Security Problems Allow Gaining of news Privileges. Read more

www.securiteam.com:
Tivoli Storage Manager Web Server Found to Contain a Buffer Overflow. Read more

www.eweek.com:
Flaws in Microsoft Tool Mount. Read more

www.globeandmail.ca:
Argentine judge rules in favour of hackers. Read more

hoovnews.hoovers.com:
New internet legislation outlaws all hacking. Read more

www.theregister.co.uk:
Clinton worm variant makes fun of Sharon. Read more

www.usatoday.com:
Is your credit card account at risk online? Read more

www.iht.com:
Wireless nanny-cam may leave the home exposed. Read more

www.eweek.com:
Contracts Getting Tough on Security. Read more

portal.telegraph.co.uk:
Court to hear Canal Plus claim on pay-TV hacking. Read more

15 April 2002

New trojan(s):
Protoss 1.5

Dewin Server version b

Tini version a

News:
online.securityfocus.com:
OpenBSD Default Crontab root Compromise Vulnerability. Read more

online.securityfocus.com:
IBM Informix Web Datablade Page Request SQL Injection Vulnerability. Read more

online.securityfocus.com:
IBM Tivoli Storage Manager Long Username Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Caldera X11 Library -xrm Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
IBM Tivoli Storage Manager Client Acceptor Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
IBM Informix Web Datablade SQL Query HTML Decoding Vulnerability. Read more

online.securityfocus.com:
SGI IRIX Mail Core Dump Vulnerability. Read more

online.securityfocus.com:
InterNetNews Multiple Local Format String Vulnerabilties. Read more

www.accessatlanta.com:
Microsoft now focusing on security issues. Read more

news.independent.co.uk:
Security systems help internet paedophiles hide abuse. Read more

www.koreaherald.co.kr:
Global hacking competition kicks off tomorrow. Read more

www.startribune.com:
Study: Damage from hackers and viruses increases. Read more

www.computerworld.com:
Security experts say voice mail systems vulnerable. Read more

www.internetworld.com:
Personnel and E-mail Security. Read more

14 April 2002

New trojan(s):
NetDevil 1.3

Daodan 1.24 Server. Daodan is now complete.

Shaden Server version a

Tools:
bob.firstcodings.com:
AuthentProtect is a small ISAPI filter that denies IIS authentication based on given usernames. It is mainly intended to block brute force attack against users for which NTFS permissions cannot be revoked (mainly administrators). Read more

www.laurentconstantin.com:
Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. Read more

community.whitehatsec.com:
WHArsenal is designed to be the next generation of professional web application security audit software. Architected from the ground up to be a generic web application security productivity tool. Read more

News:
www.securitytracker.com:
Multiple Vulnerabilities in IBM Informix Web DataBlade Let Remote Users Execute SQL Commands on the Server.Read more

www.securitytracker.com:
Microsoft Internet Information Server (IIS) FTP STAT Command Bug Lets Remote Users Crash Both the FTP and the Web Services. Read more

www.securitytracker.com:
Microsoft Internet Information Server (IIS) URL Length Bug Lets Remote Users Crash the Web Service. Read more

www.securitytracker.com:
NetWare Web Search Server User Input Filtering Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
InterNetNews (INN) Format String Bugs May Let Local Users Obtain Elevated Privileges on the System. Read more

www.securitytracker.com:
OpenBSD 'rexecd' Remote Execution Daemon May Let Remote Users Execute Shell Commands As a Different User. Read more

www.securitytracker.com:
OpenBSD 'rshd' Remote Shell Daemon May Let Remote Users Execute Commands As a Different User. Read more

www.securitytracker.com:
OpenBSD '/usr/bin/mail' May Let Local Users Execute Commands With Root Privileges By Specifying a Malicious Crontab Entry. Read more

www.securitytracker.com:
Tivoli Storage Manager Buffer Overflows May Let Remote Users Execute Arbitrary Code on the System. Read more

www.securitytracker.com:
Microsoft Windows 2000 Group Policy Object Enforcement Can Be Circumvented if User License Limits are Exceeded. Read more

www.eweek.com:
Microsoft's Flaw-Finding Tool Has Its Own Flaw. Read more

security.alldas.org:
Automatic tool to mass-hack computers using the lpd exploit for RedHat 7. Read more

www.newarchitectmag.com:
distributing viruses. Should virus writers be allowed to post harmful code on the Web? Read more

www.newsbytes.com:
Another Computing Platform Gets Its First Virus. Read more

newsforge.com:
Ottawa Linux Symposium: Kernel hackers can avoid United States. Read more

www.latimes.com:
Firms to Introduce Anti-Hacking Standard. Read more

www.businessweek.com:
This Ex-Hacker's Fat Is in the Fire. Read more

www.silicon.com:
Meet the world's most dangerous hacker - Doris from Accounts. Read more

staging.infoworld.com:
We can work it out. Read more

13 April 2002

New trojan(s):
Wolff 1.1

EvilGoar Server

F-Backdoor 1.5

News:
New Startup Methods by Doc~

online.securityfocus.com:
Microsoft IIS Help File Search Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS HTR ISAPI Extension Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
WatchGuard SOHO Firewall Vanishing IP Restrictions Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS HTTP Header Field Delimiter Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS FTP Connection Status Request Denial of Service Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS Chunked Encoding Transfer Heap Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS HTTP Redirect Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
EMUMail HTTP Host Arbitrary Config File Loading Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS Chunked Encoding Heap Overflow Variant Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS ISAPI Filter Access Violation Denial of Service Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS HTTP Error Page Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS ASP Server-Side Include Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
ASP-Nuke Plaintext Cookie Authentication Credentials User Account Compromise Vulnerability. Read more

online.securityfocus.com:
ASP-Nuke Cross-Agent Scripting Vulnerability. Read more

www.securitytracker.com:
Microsoft Internet Information Server ASP HTTP Header Processing Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server. Read more

www.securitytracker.com:
Microsoft Internet Information Server (IIS) Buffer Overflow in ASP Server-Side Include Function May Let Remote Users Execute Arbitrary Code on the Web Server. Read more

www.securitytracker.com:
Anthill Bug Tracking System Flaws Let Remote Users Enter Bug Reports Without Having an Account and Also Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Abyss Web Server Discloses Web Server Password File to Remote Users. Read more

www.securitytracker.com:
Microsoft Internet Information Server Comes With Code That Allows Remote Users to Conduct Cross-Site Scripting Attacks. Read more

www.eurekalert.org:
UMass computer scientist offers a new way to track internet vandals. Read more

www.vnunet.com:
Can you trust an ethical hacker? Read more

www.netmag.co.uk:
The hacking mirror crack'd. Read more

english.pravda.ru:
PEOPLE PREFER NOT TO COMPLAIN OF HACKERS. Read more

www.sfgate.com:
Voice mail systems have few safeguards. Read more

www.bday.co.za:
Theft is top information security risk. Read more

www.vnunet.com:
Users slam Microsoft Security Analyser. Read more

12 April 2002

New trojan(s):
Zaratustra 0.99

Zombie Server version c

XHX Server

News:
online.securityfocus.com:
Microsoft IIS HTR ISAPI Extension Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Powerboards User Account Arbitrary File Creation Vulnerability. Read more

online.securityfocus.com:
Powerboards Cookie Manipulation Account Compromise Vulnerability. Read more

online.securityfocus.com:
Powerboards Administrative Access Vulnerability. Read more

online.securityfocus.com:
Powerboards error.php Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Microsoft Windows Terminal Server Group Policy Bypass Vulnerability. Read more

online.securityfocus.com:
Powerboards Unauthorized Post Deletion Vulnerability. Read more

www.securitytracker.com:
Cisco Aironet Wireless Devices Have an Unspecified Flaw in the Telnet Access Daemon That Lets Remote Users Cause Denial of Service Conditions. Read more

www.securitytracker.com:
Sun Cluster Process (in.mond) Daemon May Let Remote Users Access System Logs and Configuration Data. Read more

www.securitytracker.com:
Anthill Login and JavaScript Vulnerabilities. Read more

www.securitytracker.com:
Multiple CGIscript.net Scripts Allow Remote Code Execution. Read more

www.computeruser.com:
Microsoft patches ten new security bugs in IIS. Read more

www.theregister.co.uk:
Win-XP Search Assistant silently downloads files. Read more

CERT® Advisory CA-2002-09
Multiple Vulnerabilities in Microsoft IIS. Read more

linuxtoday.com:
Red Hat Unveils CVE Security Compatibility. Read more

www.secadministrator.com:
Denial of Service in Watchguard Firebox. Read more

www.rfc-editor.org:
Clarifications to the DNS Specification. Read more

www.businessweek.com:
This Ex-Hacker's Fat Is in the Fire. Read more

www.theregister.co.uk:
Give your password to complete strangers? No problem..Read more

11 April 2002

New trojan(s):
Webcam Trojan

Spie Server

Messah 1.0 Client

News:
Microsoft Security Bulletin MS02-018
Cumulative Patch for Internet Information Services (Q319733). Read more

www.iss.net:
Multiple Remote Vulnerabilities in Microsoft IIS. Read more

Thor Larholm security advisory TL#001.
IIS allows universal CrossSiteScripting. Read more

Cgi Security Advisory #9
Netware Web Search Engine, and Microsoft IIS Help File Search Facility Cross Site Scripting Holes. Read more

www.eeye.com:
Digital Security Announces a Major Vulnerability in Default Installations of Windows NT 4.0 and Windows 2000 Server Systems Running IIS. Read more

archives.neohapsis.co:
Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow. Read more

www.cisco.com:
Cisco Security Advisory: Solaris /bin/login Vulnerability. Read more

www.securitytracker.com:
Microsoft Office Web Components Let Remote Users Determine if Specified Files Exist on Another User's Host. Read more

www.securitytracker.com:
Microsoft Office Web Components Let Remote Users Gain Full Read and Write Control Over Another User's Clipboard, Even if Clipboard Access Via Scripts is Disabled. Read more

www.securitytracker.com:
Microsoft Office Web Components Let Remote Users Write Code to Run in the Victim's Local Security Domain and Access Local or Remote Files. Read more

www.securitytracker.com:
Microsoft Office Web Components in Office XP Lets Remote Users Cause Malicious Scripting to Be Executed By Another User's Browser Even If Scripting is Disabled. Read more

www.securitytracker.com:
TYPSoft FTP Server Discloses Listing of Directory Contents for Any Directory on the Disk Drive. Read more

www.securitytracker.com:
Horde Internet Messaging Program (IMP) Has Another Unfiltered Input That Allows Remote Users to Conduct Cross-Site Scripting Attacks Against IMP Users. Read more

www.securitytracker.com:
Infopop's Ultimate Bulletin Board (UBB) Forum Software Filtering Bug Lets Remote Users Conduct Cross-Site Scripting Attacks Against Some UBB Users. Read more

www.securitytracker.com:
Bulk Mailer Software Buffer Overflow and Race Condition May Let Local Users Obtain Root Level Access. Read more

www.securitytracker.com:
Funk Software Proxy Remote Control Software May Let Remote Users Gain Unauthorized Access to the System. Read more

www.securitytracker.com:
WatchGuard Firebox SOHO IP Options Processing Bug Lets Remote Users Crash the Firewall When in a Certain Configuration. Read more

www.securiteam.com:
Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow (Additional Details). Read more

www.theregister.co.uk:
A trio of MS-Office security vulns. Read more

www.theregister.co.uk:
Eight new IIS security holes exposed. Read more

www.internetnews.com:
Microsoft IIS Patch, Round Two. Read more

www.computerworld.com:
Tricky worm can spread via AOL's instant message. Read more

www.vnunet.com:
'Free porn' worm turns nasty. Read more

www.computerworld.com:
Denial-of-service attacks still a threat. Read more

www.theregister.co.uk:
Scottish ISP floored as DDoS attacks escalate. Read more

www.businessweek.com:
This Ex-Hacker's Fat Is in the Fire. Read more

www.siliconvalley.com:
Judge sentences man to 16 months in prison for hacking. Read more

asia.cnn.com:
Experts: Chat rooms a haven for hackers. Read more

10 April 2002

New trojan(s):
Bionet 4.0.1 BE

Zany 1.0 Client

Dosh Server version a

News:
www.securiteam.com:
Windows 2000 Server Running Terminal Services Security Vulnerability (Licenses). Read more

www.securiteam.com:
Abyss Web Server Administration Password File Retrieval Exploit. Read more

www.pcworld.com:
Tricky Worm Can Spread via AIM, IRC. Read more

www.computing.vnunet.com:
Those top 20 viruses in full. Read more

www.zdnet.com:
How to beat software's gaping security hole. Read more

www.computing.vnunet.com:
Cert warns of automated attacks. Read more

www.CybercrimeConference.org:
National Cybercrime Conference. Read more

www.computerworld.com:
Outflanking The Cyberterrorist Threat. Read more

www.computing.vnunet.com:
:
NetViews: Stop the war on security. Read more

www.businessweek.com:
Cracks in the Firewall. Read more

www.cs.berkeley.edu:
Reflections on Brilliant Digital: Single Points of Internet 0wnership. Read more

www.computerworld.com:
Terrorism 101 With Eric Shaw. Read more

staging.infoworld.com:
We can work it out. Read more

09 April 2002

New trojan(s):
Lithium 1.01

Gibbon Server (b)

Nether 2.5 Server

Tool:
Internet Security Systems' Wireless Scanner(tm) application provides automated detection and security analyses of mobile networks utilizing 802.11b WLAN (Wi-Fi) access points and clients. Read more

News:
GreyMagic Security Advisory GM#005-IE
Read more

GreyMagic Security Advisory GM#006-IE
Read more

GreyMagic Security Advisory GM#007-IE
Read more

GreyMagic Security Advisory GM#008-IE
Multiple local files detection issues with OWC in IE. Read more

online.securityfocus.com:
Anthill Cross-Agent Scripting Vulnerability. Read more

www.securiteam.com:
Exploiting the Race Conditions in LogWatch. Read more

www.securiteam.com:
Unauthorized Remote Control Access to Systems Running Funk Software's Proxy. Read more

www.securiteam.com:
WatchGuard SOHO Denial of Service (Packet Parsing). Read more

www.securiteam.com:
Apache Security Configuration Guide. Read more

www.securiteam.com:
Fingerprinting Port 80 Attacks: A Look into Web Server, and Web Application Attack Signatures: Part Two. Read more

www.linuxsecurity.com:
Dsniff 'n the Mirror. A practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. Read more

www.linuxsecurity.com:
Overview of Attack Trends. Read more

vnunet.com:
Expert warns of Trojan explosion. Read more

www.theregister.co.uk:
Not Brilliant, KaZaA's crackers. Read more

www.silicon.com:
'Smart' viruses plaguing end users. Read more

www.theregister.co.uk:
My daily virus. Read more

vnunet.com:
US cyber attacks on the rise. Read more

vnunet.com:
NetWare flaw threatens servers. Read more

www.fcw.com:
NIST guides target e-mail, patches. Read more

www.cnn.com:
FBI: Cybercrime rising. Read more

www.wininformant.com:
Microsoft Releases Baseline Security Analyzer. Read more

08 April 2002

New trojan(s):
Intruzzo 2002

Belio Server

Wollf Server

News:
online.securityfocus.com:
CA-MLink MLClear Command Line Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
Oracle Database TSN Listener Buffer Overflow Lets Local Users Gain Elevated Privileges on the System. Read more

www.securitytracker.com:
Tarantella Native Client Password Saving Restriction Can Be Circumvented. Read more

www.securitytracker.com:
EMU Webmail Server Discloses Files on the Server to Remote Users. Read more

www.securitytracker.com:
Dynamic Guestbook Input Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks Against Other Users and May Allow Arbitrary Commands to be Executed in Certain Situations. Read more

www.securitytracker.com:
phpBB Forum May Let Remote Users Corrupt the phpBB Database Using Malicious 'BBcode'. Read more

cryptome.org:
Dirty AntiSec - DIRT's Firewall Disabler. Read more

online.securityfocus.com:
Past its Prime: Is Anti-Virus Scanning Obsolete? Read more

www.cnet.com:
Theft of data, viruses rank high in cyber security. Read more

www.businessweek.com:
Sentencing Study Probes Hacker Motives. Read more

www.neowin.net:
Hacking up, disclosure down, FBI survey says. Read more

07 April 2002

New trojan(s):
Delta Remote Access (c)

Lurker 1.1 Client

Gaura Server

News:
cryptome.org:
called TOAST (Tactical Overload Assured System Termination), which is a DDoS tool for governments. Read more

cryptome.org:
Dirty Spock, the minutes from the meeting where Frank Jones initially scammed the government and got them to invest hard money into the development of DIRT. Read more

www.securiteam.com:
Exploit for Tarantella Enterprise 3 Installations. Read more

www.securiteam.com:
ICECast Remote Exploit Code (GET Overflow). Read more

online.securityfocus.com:
PHPBB BBCode Denial Of Service Vulnerability. Read more

online.securityfocus.com:
PHPBB BBCode Database Corruption Vulnerability. Read more

online.securityfocus.com:
EMUMail Arbitrary File Reading Vulnerability. Read more

online.securityfocus.com:
Oracle Configurator Test Parameter Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Floosietek FTGate USER Command Mailbox Lock Vulnerability. Read more

online.securityfocus.com:
Floosietek FTGate Rcpt to: Flood Denial of Service Vulnerability. Read more

www.securiteam.com:
Cisco Secure ACS Web Server has a Directory Traversal Issue (Additional details). Read more

www.securiteam.com:
VNC Vulnerable to Zlib Double Free Security Issue. Read more

www.securiteam.com:
MP3 Files Opened by Winamp Can Take Control of the Winamp's Minibrowser. Read more

www.securiteam.com:
Windows 2000 DCOM Clients May Leak Sensitive Information onto the Network. Read more

www.securiteam.com:
Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution. Read more

www.securiteam.com:
Opening Group Policy Files for Exclusive Read Blocks Policy Application. Read more

www.securiteam.com:
PHPBB BBcode Process Vulnerability (DoS). Read more

www.securiteam.com:
SQL Injection Vulnerability Found in phpGroupWare. Read more

www.securiteam.com:
EMU Webmail Allows Reading of Arbitrary Files and View Directories. Read more

www.theregister.co.uk:
Sentencing commission considers hackers' motives. Read more

www.nandotimes.com:
Hacking up, disclosure down, FBI survey says. Read more

www.washtech.com:
Sourcefire Finds Big Market In Sniffing Out Cyber-Attacks. Read more

zdnet.com.com:
Don't let Brilliant hijack your PC. Read more

06 April 2002

New trojan(s):
NewFuture 1.0 beta 1

Little Witch 5.0.1 Client verion c

Ramus Client

News:
www.digitux.net:
Race conditions in logwatch. Read more

www.digitux.net:
Security vulnerability in audit subsystem. Read more

www.computer.org:
Bug Hunting: The Seven Ways of the Security Samurai. Read more

online.securityfocus.com:
Microsoft Windows 2000 / NT / XP MUP UNC Request Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Floosietek FTGate APOP Command Heap Overflow Vulnerability. Read more

online.securityfocus.com:
IRIX SNMP Daemon Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Dynamic Guestbook Remote Command Execution Vulnerability. Read more

online.securityfocus.com:
Quik-Serv Web Server Arbitrary File Disclosure Vulnerability. Read more

online.securityfocus.com:
Multiple Vendor TalkD User Validation Vulnerability. Read more

online.securityfocus.com:
CiscoSecure ACS For Windows Format String Vulnerability. Read more

online.securityfocus.com:
Dynamic Guestbook Cross-Agent Scripting Vulnerability. Read more

www.theregister.co.uk:
Sentencing commission considers hackers' motives. Read more

www.extremetech.com:
Crypto Keys At Risk. Read more

rtnews.globetechnology.com:
Virus showcases Russian porn. Read more

www.geek.com:
The difference between hackers and terrorists. Read more

05 April 2002

New trojan(s):
Snape 1.2

DataSpy Network X 0.5 beta

Hidedoor Server

News:
Microsoft Security Bulletin MS02-016
Q318593: Opening Group Policy Files for Exclusive Read Blocks Policy Application. Read more

Microsoft Security Bulletin MS02-017
Q311967: Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution. Read more

online.securityfocus.com:
Nullsoft Winamp Script Injection Vulnerability. Read more

online.securityfocus.com:
Icecast AVLLib Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Lotus Domino MS-DOS Device Path Disclosure Vulnerability. Read more

online.securityfocus.com:
ZoneLabs ZoneAlarm MailSafe Extension Dot Filtering Bypass Vulnerability. Read more

online.securityfocus.com:
Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer Cascading Style Sheet File Disclosure Vulnerability. Read more

online.securityfocus.com:
Netware Remote Manager Authentication Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Sun Solaris XSun Color Database File Heap Overflow Vulnerability. Read more

online.securityfocus.com:
Oracle 8i TNS Listener Local Command Parameter Buffer Overflow Vulnerability. Read more

Tarantella Security Bulletin #04
Incorrect file permissions during installation may allow a user to gain root privileges. Read more

www.securiteam.com:
Cisco Products found to Contain zlib Compression Library Vulnerability. Read more

www.securiteam.com:
Netware Remote Manager Found to Contain a Buffer Overflow. Read more

www.securiteam.com:
Cisco Secure ACS Web Server Found to Contain Vulnerabilities. Read more

www.securiteam.com:
Quik-Serv Web Server Arbitrary File Disclosure. Read more

www.securiteam.com:
FTGate PRO/Office Security Vulnerabilities (Released Hotfixes). Read more

www.securiteam.com:
Lotus Domino Physical Path Revealed. Read more

www.securiteam.com:
Huge Privacy Threats in Webmails and How Big Companies Handle Them. Read more

www.securiteam.com:
Dynamic Guestbook CSS and Arbitrary Command Execution. Read more

www.securiteam.com:
Multiple Vendor "talkd" User Validation Fault. Read more

www.securiteam.com:
Remote Buffer Overflow Vulnerability in IRIX SNMP Daemon. Read more

zdnet.com.com:
Sick of IE? Then try a new Web browser. Read more

www.silicon.com:
Cisco security not up to the job - Check Point. Read more

www.computeruser.com:
'Rent-a-hacker' site says it offers cracking for hire. Read more

www.nikkeibp.asiabiztech.com:
Klez.E Virus Still Rampant on 6th of Month. Read more

www.pcworld.com:
PDASecure Keeps Microdrives Secure. Read more

04 April 2002

New trojan(s):
Cyn 2.1

Netvaiser 2.09 Client

Shipper 1.1 Server

News:
www.slipstick.com:
Avoid WordMail to Lessen Impact of Outlook's Latest HTML Mail Vulnerability. Read more

Cisco Security Advisory:
Web Interface Vulnerabilities in Cisco Secure ACS for Windows. Read more

online.securityfocus.com:
Caldera OpenLinux StartKDE Script LD_LIBRARY_PATH Vulnerability. Read more

online.securityfocus.com:
Sambar Server Authentication Buffer Overflow Vulnerability. Read more

www.blackhat.com:
Black Hat Briefings (Vegas) Call for Papers. Read more

www.itworld.com:
Security researcher uncovers two Office XP flaws. Read more

www.itworld.com:
ISS: Worms overtake DoS as top attacks in 2002. Read more

www.siliconvalley.com:
Miami Judge Drops Hacker Conviction. Read more

www.govexec.com:
Army official warns that hackers could infiltrate battlefield. Read more

www.zdnet.com:
Why con artists are your biggest security threat. Read more

www.aftenposten.no:
Norway vulnerable to computer terror. Read more

www.idg.net:
Server port 80 plagues Internet security. Read more

www.theregister.co.uk:
US courts claim jurisdiction over Sklyarov. Read more

www.themoscowtimes.com:
Workers Are No. 1 Threat to Russia's IT. Read more

www.nypost.com:
LOSER LOVER JAILED FOR HACKING PAY FILES. Read more

03 April 2002

New trojan(s):
Remote XS

Onalf Server

Radix Server

News:
www.insecure.org:
Nmap 2.54BETA32 released. Read more

www.edvicesecurity.com:
Various Vulnerabilities in ZoneAlarm MailSafe. Read more

www.nsfocus.com:
Buffer overflow vulnerability in Xsun shiped with Solaris system. Read more

agricola.myweb.nl:
Creating an anti-virus rule in Outlook 2002 (XP). Read more

online.securityfocus.com:
Microsoft Office XP Spreadsheet Host().SaveAs() File Creation Vulnerability. Read more

online.securityfocus.com:
Microsoft Outlook 2002 HTML Mail Script Execution Vulnerability. Read more

www.securitytracker.com:
Microsoft Office XP Active Content Bug Lets Remote Users Cause Code to Be Executed on an Office User's Computer. Read more

www.theregister.co.uk:
MS security patch fails to work. Read more

www.theregister.co.uk:
Windows Messenger 'Trojan update'. Read more

securityresponse.symantec.com:
Microsoft Virtual Machine multiple flaws allow malicious control. Read more

www.itworld.com:
Security flaw in Cisco CallManager could lead to DoS. Read more

www.silicon.com:
Virus warning: it's MyLife. Read more

techupdate.zdnet.com:
MyLife worm mutating into new forms. Read more

www.theregister.co.uk:
Undead virus infects the dim-witted. Read more

www.newsfactor.com:
Whatever Happened to Carnivore? Read more

www.linuxsecurity.com:
Tales of a White Hat War Driver. Read more

www.theregister.co.uk:
Cumulative IE patch for malicious cookies. Read more

www.pcmag.com:
XML Security Risks. Read more

www.nwfusion.com:
Security researcher uncovers two Office XP flaws. Read more

www.silicon.com:
eBay locks down serious security hole. Read more

news.com.com:
eBay closes password option to plug hole. Read more

linuxtoday.com:
LinuxPR: Linux and BSD Security Workshop in Everett, Wash. Read more

linuxtoday.com:
NewsForge: Three of the Internet's Best Places to Get Started with Linux. Read more

02 April 2002

New trojan(s):
Ducktoy 1.0

Starline 2.0 beta (complete)

Wukaz 1.03 Server

News:
www.securitytracker.com:
Caldera OpenLinux Name Service Cache Daemon (ncsd) Flaw May Let Users Spoof the DNS and Bypass Security Checks. Read more

www.securiteam.com:
Privacy Issues found in metor.com (A Search Engine). Read more

www.securiteam.com:
New Office XP Security Problems Discovered. Read more

www.eweek.com:
Warning: Any User Can 'Root' Win NT, 2000. Read more

www.theregister.co.uk:
Win-NT, 2K debug process gives up control. Read more

asia.cnet.com:
"Critical" holes trouble Microsoft. Read more

asia.cnet.com:
New antivirus software targets worm holes. Read more

zdnet.com.com:
Golden-oldie worms top the hit list. Read more

www.fcw.com:
DISA seeks detection system. Read more

www.newsbytes.com:
Government Agencies Exposed Internal Databases. Read more

www.computeruser.com:
Hackers, remote computing fuel security market, not 9-11. Read more

www.gcn.com:
CVE dictionary contains more than 2,000 entries. Read more

01 April 2002

New trojan(s):
Sambus

Arsd

Diego

Tool:
Stealth Tools 2.0 by Gobo

News:
Georgi Guninski security advisory #53, 2002
More Office XP problems. Read more

online.securityfocus.com:
Always On, Always Vulnerable: Securing Broadband Connections. Read more

online.securityfocus.com:
ZeroForum User-Embedded Scripting Vulnerability. Read more

www.securiteam.com:
Anonymizer and MSIE Make Up a Bad Combination. Read more

www.securiteam.com:
Oracle9i TSN Vulnerable to a DoS Attack. Read more

www.securiteam.com:
PGP with Outlook Stores Password Pass Phrases in the Clear. Read more

www.securiteam.com:
WWWIsis Remote Command Execution and File Retrieval. Read more

asia.cnet.com:
"Critical" holes trouble Microsoft. Read more

www.chron.com:
Tracing terror's digital footprints. Read more

www.cnn.com:
U.S. government trains cyberdefenders. Read more

zdnet.com.com:
Europe falters on Echelon spy network. Read more

news.scotsman.com:
Data rape. Read more


Copyright© MegaSecurity.org