Home    News Archive    Translate Traducen
News april 20003
30 april 2003

New Trojans:
Nuclear Keys 1.2

Iddono 2.0 (beta 1.0)

Rouge-Bots Xdcc

Vulnerabilities & Exploits:
www.securitytracker.com:
album.pl Photo Album Software May Let Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
BRS WebWeaver Can Be Crashed By Remote Authenticated Users Via the RETR Command. Read more

www.securitytracker.com:
Tridion R5 Content Management System May Disclose Administrator Password to Local Users. Read more

www.securitytracker.com:
Macromedia ColdFusion MX Server Discloses Installation Path to Remote Users. Read more

News:
boston.com:
British authorities arrest hacker wanted as `Fluffi Bunni'. Read more

news.bbc.co.uk:
Viruses bite businesses hard. Read more

www.computerworld.com.au:
Tackling security threats from within. Read more

www.sfgate.com:
Student pleads guilty to economic espionage. Read more

www.eweek.com:
Microsoft Braces for Windows Attacks. Read more

29 april 2003

New Trojans:
Corrupted Lite 1.0

Oxygene Light

Red-Spy 1.2

Express 2.01

Vulnerabilities & Exploits:
www.securiteam.com:
PoPToP PPTP Server Remote Exploit Code Released. Read more

www.securiteam.com:
Cross Site Scripting in OneCenter Forum. Read more

www.securiteam.com:
Xeneo Web Server Vulnerable to a Denial of Service Attack. Read more

www.securiteam.com:
JBoot Password Bypassing Vulnerability. Read more

www.securiteam.com:
PTNews Vulnerability Allows Administrator Access without Authentication. Read more

www.securiteam.com:
Poppassd Local Root Vulnerability and Exploit (smbpasswd). Read more

www.securiteam.com:
PY-Members Vulnerable to SQL Injection. Read more

www.securiteam.com:
Bugzilla Patch Available for the XSS and Insecure Temporary Filenames Vulnerabilities. Read more

www.securiteam.com:
OpenBB Forums Vulnerable to SQL Injection. Read more

www.securiteam.com:
Multiple Vulnerabilities Found in phpSysInfo. Read more

www.securiteam.com:
Album.pl Vulnerable to Remote Command Execution. Read more

www.securiteam.com:
Options Parsing Tool Shared Library Vulnerability. Read more

News:
www.vnunet.com:
Comment: The perils of browsing. Read more

28 april 2003

New Trojans:
Z-downloader 1.0

KoKo 1.0 (b)

AlexMessoMalex Beta 2 (version 2)

Little Witch 6.1 (t) server

ZomBot 1.0

Vulnerabilities & Exploits:
www.securitytracker.com:
SGI IRIX libns_ldap Bug May Let Remote Users Access Systems Without a Password. Read more

www.securitytracker.com:
Bugzillia Insecure Temporary File Processing May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
TrueGalerie Authentication Flaw Lets Remote Users Gain Administrator Access to the Application. Read more

www.securiteam.com:
Snort TCP Stream Reassembly Integer Overflow Exploit. Read more

www.securiteam.com:
Path Disclosure in Macromedia ColdFusion MX Server. Read more

www.securiteam.com:
Buffer Overflow in Internet Explorer's HTTP Parsing Code. Read more

www.securiteam.com:
SAP Database Local Root Vulnerability During the Installation Process. Read more

News:
slashdot.org:
Spamming Trojan "Proxy Guzu". Read more

story.news.yahoo.com:
Hackers Have Field Day with Madonna Decoy. Read more

observer.co.uk:
They've got your number... Read more

27 april 2003

New Trojans:
Medusa 1.2

rcmd

KWA (a)

Satanz Backdoor1.0 (b) server

Vulnerabilities & Exploits:
www.securityfocus.com:
Microsoft Internet Explorer dragDrop Method Local File Reading Vulnerability. Read more

www.securityfocus.com:
Microsoft Outlook Express MHTML URL Handler File Rendering Vulnerability. Read more

www.securityfocus.com:
Microsoft Internet Explorer Remote URLMON.DLL Buffer Overflow Vulnerability. Read more

www.securityfocus.com:
Microsoft Internet Explorer Dialog Style Same Origin Policy Bypass Vulnerability. Read more

www.securityfocus.com:
Microsoft Shlwapi.dll Malformed HTML Form Tag Denial of Service Vulnerability. Read more

www.securitytracker.com:
Nokia IPSO Appliances Disclose Files on the System to Remote Authenticated Users. Read more

www.securitytracker.com:
VisNetic ActiveDefense Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Cisco Catalyst OS Lets Remote Authenticated Users Enter 'enable' Mode Without a Password. Read more

www.securiteam.com:
ATM on Linux Exploit Code Release (les, local). Read more

www.securiteam.com:
Cisco Catalyst Enable Password Bypass Vulnerability. Read more

www.securiteam.com:
UDP Bypassing in Kerio Firewall (UDP Scan). Read more

www.securiteam.com:
Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS. Read more

www.securiteam.com:
Internet Explorer ActiveX Control Heap Overflow (Plugin.ocx, Load). Read more

www.securiteam.com:
YABB SE Allows Remote Command Execution. Read more

News:
www.crime-research.org:
Cyber attacks a concern. Read more

www.theregister.co.uk:
Judge backs P2P file traders. Read more

www.blackhat.com:
Black Hat Europe 2003 Briefings and Training. Read more

26 april 2003

New Trojans:
AIMVision [NextGen] 1.3

AimFrame - Alpha 1

Snow 1.5

NetCrack 1.3 (b)

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft Internet Explorer Bugs (URLMON.DLL Buffer Overflow, File Upload Control Bypass, Plug-in URL Input Validation Flaw, CSS Modal Dialog Input Validation Flaw) Let Remote Users Execute Arbitrary Code or Access Local Files. Read more

www.securityfocus.com:
Microsoft Windows RegEdit.EXE Registry Key Value Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
HP Jetdirect Printer FTP Service Lets Any Remote User Print. Read more

www.securitytracker.com:
GKrellM Newsticker Lets Remote Users Execute Arbitrary Shell Commands on the Target User's Client. Read more

www.securitytracker.com:
Sambar Server WebMail Discloses User Passwords Transmitted Via the Network. Read more

www.securitytracker.com:
Cisco Secure Access Control Server Buffer Overflow May Yield System Administrator Access to Remote Users. Read more

www.securitytracker.com:
bttlxeForum Input Validation Flaw in Login Process Lets Remote Users Gain Access Without Authenticating. Read more

News:
www.securityfocus.com:
Rise of the Spam Zombies. Read more

www.net4nowt.com:
New Coronex worm uses SARS Virus as theme. Read more

www.techweb.com:
Not All Microsoft Apps Run On Windows Server 2003. Read more

zdnet.com.com:
Windows guru--hackers to hire. Read more

25 april 2003

New Trojans:
Optix PRO 1.3

Vision de Control 2.0

Litmus 1.08

Tool:
www.insecure.org:
Nmap 3.26 Released. Read more

Vulnerabilities & Exploits:
www.cisco.com:
Cisco Catalyst Enable Password Bypass Vulnerability. Read more

www.securitytracker.com:
Xeneo PHP Web Server URL Encoding Input Validation Bug Lets Remote Users Crash the Web. Read more

www.securitytracker.com:
'screend' on HP Tru64 UNIX Has Unspecified Flaw That Allows Remote Users to Cause Denial of Service. Read more

www.securitytracker.com:
HP Tru64 UNIX Flaw in NFS on TruCluster Servers May Let Remote Users Cause Denial of Service. Read more

www.securitytracker.com:
SAP DB Helper Tools Provide Root Access to Local Users. Read more

www.securitytracker.com:
Kerio Personal Firewall Default Setting Lets Remote Users Send UDP Packets Through the Firewall. Read more

www.securitytracker.com:
XMB Forum Input Validation Hole in 'members.php' Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
'mime-support' Insecure Temporary File Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
YaBB SE Include File Error in Language Setting Lets Remote Authenticated Users Execute Arbitrary Operating System Commands. Read more

www.securiteam.com:
MHTML vulnerability in Outlook Express. Read more

www.securiteam.com:
Cumulative Patch for Internet Explorer. Read more

News:
www.theregister.co.uk:
Look out for the latest IE and Outlook patches. Read more

www.nwfusion.com:
Microsoft fixing patch that can slow Windows XP. Read more

www.computerworld.com.sg:
Silent enemy. Read more

www.getreading.co.uk:
Program put child porn pics on my PC. Read more

www.smudailycampus.com:
Hackers wreak havoc on university campuses. Read more

www.chinapost.com.tw:
Tougher penalties for cybercrimes. Read more

news.bbc.co.uk:
Hacker causes havoc for websites. Read more

www.wired.com:
Organizer: 'Hackathon' Will Go On. Read more

www.kypost.com:
Porn pops up on NKU channel. Read more

www.bayarea.com:
AT&T says victims should pay hackers' bills. Read more

www.theregister.co.uk:
DirecTV mole to plead guilty. Read more

24 april 2003

New Trojans:
PowerSpider 2.03

Remote Viewport 0.91

ProRat 1.0b

AIMVision [NextGen]

Vulnerabilities & Exploits:
www.securitytracker.com:
Xeneo Web Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
AN HTTPD Web Server Sample Script ('count.pl') Lets Remote Users Create or Overwrite Files on the System. Read more

www.securitytracker.com:
PT News Authentication Flaw Lets Remote Users Access Administrative Functions. Read more

www.securitytracker.com:
Apache mod_ntlm Buffer Overflow and Format String Flaw Let Remote Users Execute Arbitary Code. Read more

www.securitytracker.com:
360 Degree Web PlatinumSecret Access Control Flaw Gives Physically Local Users Limited Access. Read more

www.securitytracker.com:
MPCSoftWeb GuestBook Discloses Administrator Password to Remote Users. Read more

www.secunia.com:
Internet Explorer Four Vulnerabilities. Read more

www.cisco.com:
Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability. Read more

www.aqtronix.com:
Microsoft Active Server Pages DoS. Read more

www.debian.org:
DSA-294-1 gkrellm-newsticker -- missing quoting, incomplete parser. Read more

www.debian.org:
DSA-293-1 kdelibs -- insecure execution. Read more

News:
Microsoft Security Bulletin MS03-015
Cumulative Patch for Internet Explorer (813489). Read more

Microsoft Security Bulletin MS03-007
Unchecked Buffer In Windows Component Could Cause Server Compromise (815021). Read more

Microsoft Security Bulletin MS03-014
Cumulative Patch for Outlook Express (330994). Read more

www.eweek.com:
Microsoft Patches IE, Outlook Flaws. Read more

www.web-user.co.uk:
New virus exploits SARs worries. Read more

www.zdnet.com.au:
Ruxcon: A security conference with a difference. Read more

www.zdnet.com.au:
New spy tools--for good or evil? Read more

news.bbc.co.uk:
Hacker causes havoc for websites. Read more

www.cornellsun.com:
I.D. Fraud Hits Colleges. Read more

www.washingtonpost.com:
Cyber War Game Tests Future Troops. Read more

www.guardian.co.uk:
The paranoia that paid off. Read more

23 april 2003

New Trojans:
LANfiltrator Beta 11

LANfiltrator Beta 7

Skull Burrow Connection Bouncer 2.0

Chat Spy 1.0

Tools:
AFX Windows Rootkit 2003
This software generates a system patch that will hide files, registry keys and netstat entries from Windows 95/98/ME/NT/2k/XP/2003. Read more

VNCPwdump can be used to dump and decrypt the registry key containing the encrypted VNC password in a few different ways. Read more

Vulnerabilities & Exploits:
www.ngsec.com:
YABB SE, remote command execution. Read more

www.debian.org:
DSA-292-1 mime-support -- insecure temporary file creation. Read more

www.debian.org:
DSA-291-1 ircii -- buffer overflows. Read more

www.securitytracker.com:
Monkey Web Server Buffer Overflow in Processing POST Requests Lets Remote Users Execute Arbitary Code. Read more

www.securitytracker.com:
BadBlue Server. Read more

www.securiteam.com;
Xeneo Web Server Denial of Service Vulnerability (? Attack). Read more

News:
www.eweek.com:
Thwarting the Zombies. Read more

www.eweek.com:
Up With Good Worms. Read more

www.nwfusion.com:
Latest Windows XP patch can slow down PCs. Read more

www.hivercon.com:
HiverCon 2003 Call For Papers. Read more

www.theregister.co.uk:
Like a virgin - Madonna hacked for the very first time. Read more

grep.law.harvard.edu:
Court Rules Trojan Responsible For Child pr0n. Read more

the.honoluluadvertiser.com:
Student faces hacking charges. Read more

www.informationweek.com:
Retailers Report Sales Bounce Using Security Certificate. Read more

www.hindustantimes.com:
Hyderabad institute to train ethical hackers. Read more

22 april 2003

New Trojans:
Oblivion Joiner 0.1

BlueAngel

Little Witch 6.1 (n) server

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft NTLM Authentication Protocol Flaw Lets Malicious SMB Servers Gain Access to Systems. Read more

www.securitytracker.com:
Windows XP Service Control Manager Timing Flaw in Service Shutdown May Disclose Sensitive Information to Local Users. Read more

www.securitytracker.com:
CGIC Library Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Cerberus FTP Server Discloses Existence of User Accounts to Remote Users. Read more

www.securiteam.com:
Half-Life Exploit Code Released (Malformed Packet). Read more

www.securiteam.com:
Interbase ISC_LOCK_ENV Overflow. Read more

www.securiteam.com:
Java Agent Freezes Lotus Notes and Domino. Read more

www.securiteam.com:
Directory Traversal bug in QuickFront Webserver. Read more

www.securiteam.com:
Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges. Read more

www.securiteam.com:
BadBlue Arbitrary Administrative Actions Vulnerability. Read more

www.securiteam.com:
Remote Vulnerabilties in mod_ntlm. Read more

www.securiteam.com:
ChiTeX Local Root Vulnerability. Read more

www.securiteam.com:
Monkey HTTP Daemon Remote Buffer Overflow. Read more

News:
www.securityfocus.com:
Anti-Virus Defence In Depth. Read more

zdnet.com.com:
New spy tools--for good or evil? Read more

www.nytimes.com:
AT&T Trying to Collect Bills From the Victims of Hackers. Read more

www.crime-research.org:
A hacker committed to ethics. Read more

www.smh.com.au:
Hack attacks launched mainly by outsiders. Read more

www.dailypennsylvanian.com:
Students work to combat hackers. Read more

zdnet.com.com:
Windows faces new competition: Itself. Read more

21 april 2003

New Trojans:
Sin Static Ip Notifier

Nethief 4.3

Iowa's Webdownloader 2.0

Lamers Death 2.6 (c) server

IC-Manage-IT

Vulnerabilities & Exploits:
www.securitytracker.com:
Xinetd Has Another File Descriptor Leak That May Let Remote Users Deny Service. Read more

www.securitytracker.com:
Quickfront Input Validation Flaw Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
Vexira Antivirus Buffer Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Twilight Utilities Denial of Service Vulnerability (TW-WebServer). Read more

www.securitytracker.com:
Directory Traversal Vulnerability in EZ Server. Read more

www.securitytracker.com:
Authentication Flaw in Microsoft SMB Protocol Still Present After 3 Years. Read more

www.securiteam.com:
Apache mod_access_referer Denial of Service Issue. Read more

www.securiteam.com:
Heap Corruption in Gaim-Encryption Plugin. Read more

News:
www.hardwarezone.com:
Arrival of Windows Server 2003 Heralds New Era for Software Security. Read more

www.crime-research.org:
Student faces hacking charges. Read more

www.theregister.co.uk:
Office workers give away passwords for a cheap pen. Read more

www.thesun.co.uk:
Madonna's net amused. Read more

20 april 2003

New Trojans:
Nuclear WebDownloader 1.0

Invasion Crash

Drive The Bus

Serial Pager 1.3

Tool:
www.insecure.org:
Nmap 3.25 Released. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft REGEDIT.EXE May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Snitz Forums Input Validation Script Filtering Can Be Circumvented By Remote Users to Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Web Wiz Forums Discloses Forum Database to Remote Users. Read more

News:
www.crime-research.org:
Beware of Cyber crimes. Read more

19 april 2003

New Trojans:
Sequel 0.1.2 [ROULA]

Titi 1.01

Ptakks resurrecion Beta 1

Vulnerabilities & Exploits:
www.securitytracker.com:
'rinetd' Buffer Management Flaw Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
Apache mod_access_referer Module Null Pointer Dereference May Faciliate Denial of Service Attacks. Read more

www.securitytracker.com:
NetScreen Global PRO Policy Manager May Configure VPNs With a Weaker Cryptographic Algorithm. Read more

www.securitytracker.com:
EZ Server Discloses Files Located Outside of the Document Directory to Remote Users. Read more

www.securitytracker.com:
Microsoft Windows OS Kernel Messaging Buffer Overflow Lets Local Users Gain Full Control of the System. Read more

www.securiteam.com:
Remote BSD Samba call_trans2open i386 Buffer Overflow Exploit. Read more

www.securiteam.com:
Local Exploit for Sendmail's prescan() Function. Read more

www.securiteam.com:
Vignette Story Server Sensitive Information Disclosure. Read more

www.securiteam.com:
Snort TCP Stream Reassembly Integer Overflow Vulnerability. Read more

www.securiteam.com:
MacOS X DirectoryService Privilege Escalation and DoS Attack. Read more

www.securiteam.com:
Multiple Vulnerabilities in Snort Preprocessors (RPC, stream4). Read more

www.securiteam.com:
Directory Traversal Bug Found in QuickFront Web Server. Read more

www.securiteam.com:
iWeb Mini Web Server Remote Directory Traversal. Read more

www.securiteam.com:
Root Directory Revealing Vulnerability found in 12Planet Chat Server. Read more

www.securiteam.com:
Path Disclosure Vulnerability found in MailMax/Web. Read more

www.securiteam.com:
Buffer Overflow Vulnerability found in MailMax. Read more

www.securiteam.com:
Buffer Overflow in Vexira Antivirus. Read more

www.securiteam.com:
Multiple Vulnerabilities in Ez Publish. Read more

News:

18 april 2003

New Trojans:
HDDL 1.0

G0te

Cruel Intentionz 1.1

Vulnerabilities & Exploits:
www.chez.com:
Vulnerability in regedit.exe. Read more

www.securitytracker.com:
NETGEAR RP114 Router Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks Against Administrators. Read more

www.securitytracker.com:
Mozilla Browser Domain Change Security Context Flaw Lets Scripts in One Page Execute in the Security Context of Another Page. Read more

www.securitytracker.com:
iWeb Server Input Validation Directory Traversal Flaw Discloses Files to Remote Users. Read more

www.securitytracker.com:
Twilight Utilities Web Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Snort Buffer Overflow in Processing TCP Sequence Numbers Lets Remote Users Execute Arbitrary Code. Read more

www.debian.org:
DSA-289-1 rinetd -- incorrect memory resizing. Read more

www.debian.org:
DSA-290-1 sendmail-wide -- char-to-int conversion. Read more

News:
www.securityfocus.com:
Getting Realistic in the War on Hackers.
Give up on the notion that computer security can be improved by putting more people in prison. Read more

www.sfgate.com:
Pros, cons of hiring ex-criminal hackers. Read more

www.internetweek.com:
Microsoft Posts Security Alert And Patch For Windows NT, 2000, XP. Read more

www.washingtonpost.com:
Blackboard Gets Gag Order Against Smart-Card Hackers. Read more

www.msnbc.com:
Cadets train for cyber combat. Read more

www.accessatlanta.com:
Student finds debit card flaw, but can't tell. Read more

straitstimes.asia1.com.sg:
Iraq war opens another front - online attacks on Arab sites. Read more

17 april 2003

New Trojans:
Nuclear Uploader 1.0

PowerSpider 3.20

Lamers Death 2.6 (d) server

FiendishPerson 1.6

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft Windows 2003 'win2k.sys' Printing Bug Lets Users Crash the System. Read more

www.securitytracker.com:
NetComm NB1300 ADSL Router Default Configuration Discloses Administrator Password to Remote Users. Read more

www.securitytracker.com:
Ez publish Forum Discloses Installation Path and Database Password to Remote Users. Read more

www.securitytracker.com:
Progress Database Buffer Overflow in BINPATHX Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
fipsGastebuch Input Validation Flaw in 'new_entry.asp' Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Web Wiz Site News Discloses Administrator Password to Remote Users. Read more

www.securitytracker.com:
ActivCard Discloses Usernames and Passwords to Local Users via Memory Dumps. Read more

www.debian.org:
DSA-288-1 openssl -- several vulnerabilities. Read more

News:
Microsoft Security Bulletin MS03-013
Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493). Read more

www.securityfocus.com:
Use a Honeypot, Go to Prison? Read more

www.eetimes.com:
Cryptographers sound warnings on Microsoft security plan. Read more

www.techweb.com:
Hiring Hackers: A Heated Debate. Read more

www.sunspot.net:
Voicemail hacking leaves ears ringing. Read more

www.businessweek.com:
Sparks over Power Grid Cybersecurity. Read more

sportsillustrated.cnn.com:
Mass. man will ask for probation in mass e-mail case. Read more

www.thecrimson.com:
Swipe Card Hack Prompts Complaint. Read more

www.bayarea.com:
Partnership creates standards to combat cyberterrorism. Read more

www.pcworld.com:
What's the Biggest Security Problem? Read more

siliconvalley.internet.com:
RSA Unveils 'Internet Insecurity Index'. Read more

16 april 2003

New Trojans:
Prophet

Backdoor.VB.bs server

HTTP RAT 0.1b (g)

pseudoRAT 0.1 (d)

Tool:
www.klcconsulting.net:
SMAC is a Windows MAC Address Modifying Utility which allows users to change MAC address for almost any Network Interface Cards (NIC) on the Windows 2000 and XP systems. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
InstaBoard Input Validation Flaws Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Ximian Evolution Bug in GtkHTML Library Allows Remote Users to Crash a Client. Read more

www.securitytracker.com:
Linksys WAP11 Wireless Access Point Transmits Administrator Password in Clear Text. Read more

www.securitytracker.com:
LPRng Unsafe Temporary File in 'psbanner' May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
(Sun Issues Fix) Sun XView Library Buffer Overflow Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Macromedia Flash Content May Facilitate Cross-Site Scripting Via the 'clickTAG'. Read more

www.debian.org:
DSA-287-1 epic -- buffer overflows. Read more

News:
www.securityfocus.com:
Debate: Should You Hire a Hacker? Read more

timesofindia.indiatimes.com:
Expert at 17, will lecture IT big wigs on Net security. Read more

www.internetweek.com:
Microsoft Aims To Tighten Windows Security. Read more

www.securityfocus.com:
BitchX Trojan Horse Vulnerability. Read more

www.vnunet.com:
RSA splits data to stop hackers. Read more

catless.ncl.ac.uk:
Nevada hospital system hack traced to Russia. Read more

zdnet.com.com:
Taking on Microsoft and the DMCA. Read more

www.eetimes.com:
Cryptographers sound warnings on Microsoft security plan. Read more

www.zdnet.com.au:
US court bars security speakers. Read more

www.salon.com:
The copyright cops strike again. Read more

15 april 2003

New Trojans:
Assasin 2.0 Pegasus final

Tunnel

AntiLamer Backdoor 1.3 (a) server

VC 1.0

Vulnerabilities & Exploits:
www.securitytracker.com:
SheerDNS Directory Traversal and Buffer Overflow Bugs Allow Local Users (and Possibly Remote Users) to Gain Root Privileges. Read more

www.securiteam.com:
Report Review Agent (RRA/FNDFS) Vulnerability in Oracle E-Business Suite. Read more

www.securiteam.com:
Linksys WAP11 Password in Clear Text Vulnerability. Read more

www.securiteam.com:
Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach. Read more

www.securiteam.com:
KDE PS/PDF handling vulnerability. Read more

www.debian.org:
DSA-286-1 gs-common -- insecure temporary file. Read more

www.debian.org:
DSA-285-1 lprng -- insecure temporary file. Read more

News:
www.zdnet.com.au:
US court bars security speakers. Read more

www.theregister.co.uk:
It's another bug, confirms Google. Read more

www.theregister.co.uk:
Application Vulnerability Description Language coined. Read more

www.salon.com:
The copyright cops strike again. Read more

www.theregister.co.uk:
How to automate a DoS attack using the Post Office. Read more

hoovnews.hoovers.com:
The Threat From Inside -- The biggest danger to computer systems comes from employees. Read more

www.globeandmail.com:
Big Brother stalks cyberspace. Read more

www.prnewswire.com:
Microsoft Outlines Plans to Simplify Secure Computing. Read more

www.theregister.co.uk:
Hoaxster hacker discovers infinite-wealth algorithm. Read more

www.theregister.co.uk:
DNS inventor calls for security overhaul. Read more

14 april 2003

New Trojans:
Nethief XP

EvilBot (a)

Troyen 1.0

Vulnerabilities & Exploits:
www.securitytracker.com:
Ocean12 ASP Guestbook Manager Discloses Database, Including the Administrator's Password, to Remote Users. Read more

www.securitytracker.com:
Linksys BEFVP41 VPN Router Discloses Internal Host Information to Remote Users. Read more

www.securitytracker.com:
Gaim-Encryption Plugin May Let Remote Users Crash the GAIM Client. Read more

News:
www.securityfocus.com:
Cryptographic File Systems, Part Two: Implementation. Read more

www.securityfocus.com:
'Super-DMCA' fears suppress security research. Read more

www.smh.com.au:
The slippery world of spyware. Read more

www.zdnet.com:
Want to foil hackers? Pick a better password. Read more

www.orlandosentinel.com:
Encryption proposal makes activists uneasy. Read more

asia.cnet.com:
Open-source team fights buffer overflows. Read more

13 april 2003

New Trojans:
Backdoor.Delf.er server

Backdoor.VB.ga server

AMS

Vulnerabilities & Exploits:
www.debian.org:
DSA-284-1 kdegraphics -- insecure execution. Read more

www.securitytracker.com:
Mac OS X File Sharing/Service Gives Authenticated Users Read Access to the Write-Only DropBox. Read more

www.securitytracker.com:
MailMax/Web Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
MailMax IMAP Server Buffer Overflow in 'Login' Parameter Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
12Planet Chat Server Sends Administrative Password Over the Network in Clear Text. Read more

www.securitytracker.com:
FileMaker Pro and FileMaker Server Send Unencrypted Passwords Via the Network. Read more

www.securitytracker.com:
KDE Configuration Flaw Lets Remote Users Create Files That Will Execute Arbitrary Commands When Loaded. Read more

www.securitytracker.com:
Oracle E-Business Suite Report Review Agent Discloses Files to Remote Users. Read more

www.securitytracker.com:
Super Guestbook Discloses Configuration and Administrative Password to Remote Users. Read more

www.securitytracker.com:
Rainman's GuestBook Software Discloses the Administrator Password to Remote Users. Read more

www.securitytracker.com:
CC Guestbook Input Validation Flaw in 'Name' and 'Webpage Title' Lets Remote Users Conduct Cross-Site Scripting Attack. Read more

www.securitytracker.com:
CC Log Input Validation Hole in HTTP Header Fields Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Mac OS X DirectoryService Unsafe System() Call Lets Local Users Gain Root Privileges. Read more

News:
www.theregister.co.uk:
Microsoft licenses WinCE source code for commercial use. Read more

www.theregister.co.uk:
DNS inventor calls for security overhaul. Read more

news.com.com:
Open-source team fights buffer overflows. Read more

www.nwfusion.com:
XML security standard touted at show. Read more

www.theregister.co.uk:
Why we love the Iraqi information minister. (no security link)Read more

12 april 2003

New Trojans:
Fear and Hope 1.0

Msn Trojan 1.0

Remote Operations Console Interface

Vulnerabilities & Exploits:
www.securitytracker.com:
Python Documentation Server Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Hyperion FTP Server Buffer Overflow in USER Command May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
PoPToP PPTP Server Buffer Overflow in 'read_pptp_header' May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
phPay Web Shopping Input Validation Flaws Disclose Information to Remote Users and Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft Proxy Service in Proxy Server 2.0 Has Unspecified Flaw That Lets Remote Users Stop Traffic. Read more

www.securitytracker.com:
Microsoft Firewall Service in ISA Server Has Unspecified Flaw That Lets Remote Users Stop Traffic. Read more

www.securitytracker.com:
Microsoft Windows VM Input Validation Flaw in ByteCode Verifier Lets Malicious Java Applets Execute Arbitrary Code. Read more

News:
news.com.com:
Honeypots get stickier for hackers. Read more

seattletimes.nwsource.com:
Blocking file attachments helps tackle virus problem. Read more

news.com.com:
Windows key leak threatens mass piracy. Read more

11 april 2003

New Trojans:
Sequel 0.1 beta 1 client [Special Edition]

Skull De-Burrower 1.0

pseudoRAT 0.1b (version c)

Vulnerabilities & Exploits:
www.debian.org:
DSA-283-1 xfsdump -- insecure file creation. Read more

www.securitytracker.com:
Internet Software Center's ASP Gastebuch Input Filtering Hole Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
AMaViS Anti-Virus Scanner May Let Remote Users Relay E-Mail. Read more

www.securitytracker.com:
Orplex Guest Book Input Filtering Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

News:
asia.cnet.com:
Flaw leaves Windows open to Java attack. Read more

www.theage.com.au:
New charges over web bank scam. Read more

www.nbr.co.nz:
Gartner tips top 11 cyberthreat issues. Read more

10 april 2003

New Trojans:
Near Mohists 1.6

Evil-X 2.0

Lamers Death 2.5 (j) server

Vulnerabilities & Exploits:
www.idefense.com:
Denial of Service in Microsoft Proxy Server 2.0 and Internet Security and Acceleration Server 2000. Read more

www.debian.org:
DSA-282-1 glibc -- integer overflow. Read more

www.securitytracker.com:
Mgetty Buffer Overflow in Processing Caller ID May Let Remote Callers Crash the System or Execute Arbitrary Code. Read more

www.securitytracker.com:
Opera Browser Buffer Overflow in Loading URLs May Let Remote Users Execute Code. Read more

www.securitytracker.com:
Coppermine Photo Gallery File Extension Validation Flaw Lets Remote Users Upload and Execute PHP Code. Read more

www.securitytracker.com:
Jpegx Steganography Software Access Control Can Be Bypassed. Read more

www.securitytracker.com:
Vignette StoryServer Discloses Server Stack Contents to Remote Users. Read more

www.securitytracker.com:
'metrics' Uses Unsafe Temporary Files, Permitting Local Users to Gain Elevated Privileges. Read more

www.securitytracker.com:
Samba-TNG Buffer Overflow in call_trans2open() Function Lets Remote Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
Samba Buffer Overflow in call_trans2open() Function Lets Remote Users Execute Arbitrary Code With Root Privileges. Read more

News:
Microsoft Security Bulletin MS03-011
Flaw in Microsoft VM Could Enable System Compromise (816093). Read more

Microsoft Security Bulletin (MS00-084)
Patch Available for 'Indexing Services Cross Site Scripting' Vulnerability. Read more

Microsoft Security Bulletin MS03-012
Flaw In Winsock Proxy Service And ISA Firewall Service Can Cause Denial Of Service (331066). Read more

www.internetweek.com:
Microsoft Warns Of Security Hole In Java Virtual Machine. Read more

newsobserver.com:
Internet security worries on rise. Read more

www.theage.com.au:
Sophos questions release of OptusNet cracker. Read more

www.securityfocus.com:
Steganography Revealed. Read more

www.zdnet.com.au:
Commentary: Encryption, hashing, and obfuscation. Read more

09 april 2003

New Trojans:
Neol

SA Downloader Lite 1.0

War Trojan 1.06 client

Vulnerabilities & Exploits:
www.debian.org:
DSA-281-1 moxftp -- buffer overflow. Read more

www.securitytracker.com:
SETI@home Buffer Overflow Allows Remote Server to Execute Arbitrary Code. Read more

www.securiteam.com:
New Oracle Database Listener Security Guide Released. Read more

News:
Cabronator coder arrested in Spain. Read more and here (spanish language)

www.businessweek.com:
Security firm regrets Samba disclosure. Read more

www.businessweek.com:
Don't Put All Your Data in One Basket. Read more

www.eweek.com:
Clarke: No One's Minding the Cyber Store. Read more

www.bangkokpost.com:
Catch viruses, enhance security. Read more

cryptome.org:
The court's order of 21 February 2003, gagging public disclosure of Citibank's crypto vulnerabilities. Read more

08 april 2003

New Trojans:
Cabronator 3.12b

X-filer

prjIP 1.0 server

Vulnerabilities & Exploits:
www.atstake.com:
Vignette Story Server sensitive information disclosure. Read more

www.debian.org:
DSA-280-1 samba -- buffer overflow. Read more

www.debian.org:
DSA-279-1 metrics -- insecure temporary file creation. Read more

www.securitytracker.com:
PY-Membres Input Validation Flaw Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Firebird Database External Tables Access Control Flaw May Let Authenticated Users Modify Arbitrary Files on the System. Read more

www.securitytracker.com:
Borland InterBase External Tables Access Control Flaw May Let Authenticated Users Modify Arbitrary Files on the System. Read more

www.securitytracker.com:
Sign Here! Guest Book Input Validation Flaw Allows Cross-Site Scripting Attacks. Read more

News:
www.rgj.com:
Ely hospital hacker traced to former Soviet Union. Read more

www.businessweek.com:
Samba flaw threatens Linux file servers. Read more

www.smh.com.au:
Australia leaves the hack door open to cyber sabotage. Read more

www.pcworld.com:
Space Searcher SETI@home Has Bugs. Read more

www.informationweek.com:
Security Threats To Business Are On The Rise. Read more

www.salon.com:
Libertarians struggle with surveillance. Read more

07 april 2003

New Trojans:
Massaker 1.2 (b) server

Red-Spy 1.0

Red-Spy 1.1

Vulnerabilities & Exploits:
www.securitytracker.com:
Abyss Web Server HTTP Header Validation Flaw Lets Remote Users Crash the Web Server. Read more

www.securitytracker.com:
Entrust Authority Security Manager Command Line Lets Local Authenticated Master Users Bypass the Multiple Authorization Feature. Read more

www.securitytracker.com:
ASPjar GuestBook Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Hyperion FTP Server Buffer Overflow in Processing Commands Lets Remote Users Crash the Server. Read more

www.securitytracker.com:
libESMTP Buffer Overflow in 'read_smtp_response' May Let Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
Clear Text Password Vulnerability Found in DeskNow. Read more

www.securiteam.com:
Remote Multiple Buffer Overflow Vulnerabilities in Passlogd Sniffer. Read more

www.securiteam.com:
Integer overflow in PHP array_pad() function. Read more

News:
www.theage.com.au:
Virus disrupts e-voting. Read more

www.globetechnology.com:
U.S. military helps fund Calgary hacker. Read more

www.internetweek.com:
Worms, Attacks, Assorted Security Threats On Businesses Rise Sharply In 2003. Read more

www.stuff.co.nz:
Defence against hackers. Read more

www.crime-research.org:
Criminalistics Characteristic of Cybercrimes’ Committers. Read more

06 april 2003

New Trojans:
The[X] 1.2

HTTP RAT 0.1b

Lorexp

Vulnerabilities & Exploits:
www.securitytracker.com:
Sakki's Guestbook Input Validation Flaw Allows Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Level One Routers Disclose Connection Password and May Allow Remote Re-configuration When Using UPNP. Read more

www.securitytracker.com:
NETGEAR FM114P Prosafe Wireless Firewall Discloses Connection Password When Using UPNP. Read more

www.securitytracker.com:
Progress Database Configuration File Error Messages May Disclose Root-Owned Information to Local Users. Read more

www.securitytracker.com:
WebC Shopping Cart Has Multiple Flaws That Allow Remote Users to Execute Arbitrary Code and Local Users to Gain Elevated Privileges. Read more

News:
www.upi.com:
Spammers keep in touch with troops. Read more

05 april 2003

New Trojans:
SEQRAT 1.0

Fade 1.0 beta2

Remscan

Vulnerabilities & Exploits:
www.securitytracker.com:
IBM AIX 'ftpd' Server May Grant Root Access to Remote Users When Using Kerberos Authentication. Read more

www.securitytracker.com:
Borland Interbase Buffer Overflow in Processing ISC_LOCK_ENV Lets Local Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
Compaq Insight Manager Discloses File Existence to Remote Users and May Allow Denial of Service Attacks. Read more

www.securitytracker.com:
ChiTex Path Specification Flaw Lets Local Users Execute Code With Root Privileges. Read more

www.securitytracker.com:
Phorum Input Validation Hole in Filtering 'Title' Field Allows Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
BEA WebLogic May Disclose Internal Hostname to Remote Users. Read more

www.securitytracker.com:
Microsoft Windows Terminal Services RDP Implementation Does Not Validate Server Identity, Allowing Man-in-the-Middle Attacks. Read more

www.securitytracker.com:
IkonBoard Input Validation Flaw in Processing Cookies Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
osCommerce Input Validation Flaws Allow Remote Users to Access the Application and Deny Service. Read more

www.securitytracker.com:
Apache 2.0 Web Server Has Unspecified Significant Denial of Service Flaw. Read more

www.securitytracker.com:
'passlogd' Syslog Sniffer Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
DeskNow Web Mail Uses Clear Text Authentication for Web Mail Access. Read more

www.debian.org:
DSA-278-1 sendmail -- char-to-int conversion. Read more

News:
www.securityfocus.com:
Fear of a Million Big Brothers. Read more

www.europemedia.net:
Cyber-attack blocks 400,000 websites. Read more

www.networkmagazine.com:
Strategies & Issues: Honeypots - Sticking It to Hackers. Read more

cryptome.org:
Citibank tries to gag crypto bug disclosure. Read more

04 april 2003

New Trojans:
Goy FTP

LANfiltrator Beta 6

Cruel Intentionz 1.0 (b)

Vulnerabilities & Exploits:
www.securitytracker.com:
Progress Database DLC Bounds Checking Error May Give Local Users Root Privileges. Read more

www.securitytracker.com:
MiniPortal SOHO FTP Server Default Configuration Lets Anonymous Users Delete Directories. Read more

www.securitytracker.com:
Broker FTP Server 'CWD' Buffer Overflow Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
TYPSoft FTP Server Default Configuration Lets Remote Authenticated Users Create/Delete Directories. Read more

www.securitytracker.com:
XOOPS Glossary Module Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.debian.org:
DSA-275-1 lpr-ppd -- buffer overflow. Read more

www.debian.org:
DSA-276-1 linux-kernel-s390 -- local privilege escalation. Read more

www.debian.org:
DSA-277-1 apcupsd -- buffer overflows, format string. Read more

News:
www.europemedia.net:
Cyber-attack blocks 400,000 websites. Read more

zdnet.com.com:
Security--still in its infancy. Read more

zdnet.com.com:
Apache patch to thwart DoS attack. Read more

www.pcworld.com:
Dawn of the Superworm. Read more

www.eweek.com:
Thwarting the Zombies. Read more

boston.com:
Former hacker warns lawmakers about dangers to personal financial information. Read more

newsobserver.com:
Hackers target Florida congresswoman in e-mail prank. Read more

www.vnunet.com:
Spammers attack wireless networks. Read more

03 april 2003

New Trojans:
GOP 1.01

Guangwai Girl 2.0

Musdie 1.1

nt

Vulnerabilities & Exploits:
www.securitytracker.com:
Chindi Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
BajieServer Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Apple QuickTime Player Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Kerio WinRoute Firewall Administration Interface Flaw Lets Remote Users Create Denial of Service Conditions. Read more

www.securitytracker.com:
HP Instant TopTools Can Be Crashed By Remote Users Sending Specific Requests. Read more

www.securitytracker.com:
SAP DB File Permissions Let Local Users Modify Files to Gain Elevated Privileges. Read more

www.securitytracker.com:
Xonic.ru News Application Lets Remote Users Post Items and Execute Arbitrary Commands on the Server. Read more

www.securitytracker.com:
Solaris 'dtsession' Buffer Overflow May Let Local Users Obtain Root Privileges. Read more

www.securitytracker.com:
Sun Solaris 'lpq' Buffer Overflow May Let Local Users Obtain Root Privileges. Read more

www.securiteam.com:
3Com OfficeConnect Remote 812 ADSL router exposes internal LAN computer's ports. Read more

www.securiteam.com:
Quick Time Media Player for Windows Buffer Overflow. Read more

www.securiteam.com:
PowerFTP 2.25 Remote DoS. Read more

News:
www.smh.com.au:
Many web sites still open to IIS 5.0 exploit. Read more

zdnet.com.com:
Holes found in RealPlayer, QuickTime. Read more

www.suntimes.com:
Point, click, fire: Hackers nail sites. Read more

www.inform.umd.edu:
Hackers strike Dorchester website. Read more

asia.cnet.com:
China: Watching what users type. Read more

www.zdnet.com.au:
Evil bit arrives on April Fools'. Read more

www.theregister.co.uk:
IT managers trust Microsoft on security...Read more

www.thescotsman.co.uk:
Vigilance is vital in keeping the hackers out. Read more

www.pcmag.com:
Spyware: It's Lurking on Your Machine. Read more

02 april 2003

New Trojans:
NetCrack 1.1 (a)

NetCrack 1.2

Lamers Death 2.5 (e) server

Universal Cracker 3.0

Vulnerabilities & Exploits:
www.securitytracker.com:
EZ Server FTP Server Can Be Crashed By Remote Users Due to FTP Command Buffer Overflow. Read more

News:
www.thescotsman.co.uk:
Vigilance is vital in keeping the hackers out. Read more

www.reuters.co.uk:
Norway Teen to Be Retried in DVD Piracy Case. Read more

news.bbc.co.uk:
Al-Jazeera site tackles hackers. Read more

www.crime-research.org:
Al-Qaida supporters hack into student's Web site. Read more

www.mytelus.com:
'Al-Jazeera' beats 'sex' to become top Internet search term despite hacking. Read more

www.pcworld.com:
Tech Managers Wary of Microsoft Security. Read more

news.com.com:
Do you trust Microsoft? Read more

www.commsdesign.com:
DNS pioneer warns of Internet security. Read more

01 april 2003

New Trojans:
pseudoRAT 0.1 (e)

Skull De-Burrower 1.0.3

Progetto1

Vulnerabilities & Exploits:
www.idefense.com:
Buffer Overflow in Windows QuickTime Player. Read more

www.securitytracker.com:
ScozBook Guestbook Input Validation Flaws Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Justice Guestbook Input Validation Flaws Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Solaris newtask(1) Command Flaw Lets Local Users Grab Root Access. Read more

www.securitytracker.com:
Beanwebb Guestbook Lack of Authentication Gives Remote Users Administrative Access to the Guestbook. Read more

www.securitytracker.com:
Sendmail Buffer Overflow in Parsing Addresses May Let Remote or Local Users Execute Arbitrary Code With Root Privileges. Read more

www.securiteam.com:
Chindi DoS Exploit Code. Read more

News:
www.washingtonpost.com:
Feds: Chinese Hack Attacks Likely. Read more

www.theregister.co.uk:
Klez-H hangs around like a bad smell. Read more

www.theage.com.au:
Language inspired by Orwell set to fool hackers. Read more

www.theregister.co.uk:
UK SMEs are sitting ducks for crackers. Read more

www.yomiuri.co.jp:
Cyberterrorism seen as future threat. Read more

www.theregister.co.uk:
Qualcomm 'superhacker' wins change of venue. Read more

www.smh.com.au:
Email creates tension for US soldiers, families. Read more


Copyright© MegaSecurity.org