Home    News Archive    Translate Traducen
News may 20004
31 may 2004

New Trojans:
Waldo Beta 0.7

Stealth Password Sender 1.4

Tranzhva server 4.1

 

Tools:
packetstormsecurity.nl:
boclient 1.3.0 - boclient is a remote windows administration tool which uses BackOrifice or NetBus servers on Windows.
It is an improvement of version 1.21. Most recent versions have GNU readline support, NetBus commands,
portability to other platforms (BeOS, QNX and 64bit architectures like Alpha) and async network I/O. Download

 

Guides, Papers, etc
os.newsforge.com:
Linux and Windows security compared. Read more

Udp remote Controls.
Article that explains how to control any server using the connectionless protocol UDP by Angelo Rosiello. Read more

Worm Mitigation on Broadband Networks (pdf). Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-511-1 ethereal -- buffer overflows. Read more

www.debian.org:
DSA-510-1 jftpgw -- format string. Read more

www.debian.org:
DSA-509-1 gatos -- privilege escalation. Read more

www.securitytracker.com:
Land Down Under Input Validation Hole in BBcodes Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
AppleFileServer Has Unspecified Flaw in Reporting Errors. Read more

www.securitytracker.com:
Apple Mac OS X Has Unspecified Flaw in Package Installation. Read more

www.securitytracker.com:
Apple Mac OS X Has Unspecified Flaw in LoginWindow. Read more

www.securitytracker.com:
Apple Mac OS X Has Unspecified Flaw in NFS. Read more

www.securitytracker.com:
Mollensoft FTP Server Can Be Crashed By Remote Authenticated Users With a CD Command. Read more

www.securiteam.com:
SSH URI Handler Code Execution. Read more

www.securiteam.com:
Land Down Under (LDU) Cross-Site Scripting Vulnerabilities. Read more

www.securiteam.com:
e107 Multiple Vulnerabilities (Path Disclosures, File Inclusions and SQL Injections). Read more

 

News:
www.bizjournals.com:
Hackers racing even faster to beat latest security patches. Read more

www.crime-research.org:
The FBI is increasing its effort to investigate spammers. Read more

nwc.securitypipeline.com:
83% Of Financial Sector Admits Security Breaches. Read more

www.detnews.com:
Wi-Fi popularity breeds huge security hole at home. Read more

nwc.securitypipeline.com:
Police Grab Suspected Hackers In Canada, Taiwan. Read more

www.theregister.co.uk:
Spamhaus assaults 'Great Wall of Spam'. Read more

news.zdnet.co.uk:
Stealth searches scan personal data. Read more

 

30 may 2004

New Trojans:
Caznova IRC Spy 2.0.1

System33r Downloader 0.7.4b2 (LITE)

Guides, Papers, etc
www.winnetmag.com:
Honeypots for Windows. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
jPORTAL Input Validation Hole Lets Remote Users Inject SQL Commands. Read more

News:
www.computerworld.com:
Suspect charged in Canada for Randex worm. Read more

www.computerworld.com:
Cheswick: Viruses primed to be more complex, vicious. Read more

www.crime-research.org:
Cyber Crime Conference Summary. Read more

www.informationweek.securitypipeline.com:
83% Of Financial Sector Admits Security Breaches. Read more

www.nj.com:
Phishing grows as a threat. Read more

29 may 2004

New Trojans:
INSAIM 2.0

Omega 0.1.0

Backdoor.Loony.g

Iroffer 1.3b05 (a)

Vulnerabilities & Exploits
www.securitytracker.com:
PHP 'php://input' Command May Let Remote Users Bypass Include Filters to Include Remote Code. Read more

www.securitytracker.com:
WildTangent Web Driver Buffer Overflows in WTHoster and WebDriver Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Apache mod_ssl Stack Overflow in ssl_util_uuencode_binary() May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Sun Java Application Server Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
3Com OfficeConnect ADSL Router Authentication Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
Microsoft Windows IPSec Filtering Can Be Bypassed By Remote Users. Read more

xinehq.de:
Multiple vulnerabilities in the Real-Time Streaming Protocol (RTSP) client for RealNetworks servers. Read more

News:
news.zdnet.co.uk:
Peeping Taiwanese Trojan author is arrested. Read more.  See Peep Trojan

www.newsfactor.com:
Trojan Virus Writer Faces Slammer. Read more

news.zdnet.co.uk:
Mounties charge teenage virus suspect. Read more

news.zdnet.co.uk:
Banks and insurance firms facing flood of cyberattacks. Read more

www.crime-research.org:
Spam is up two-thirds of all emails. Read more

www.theregister.co.uk:
First 64-bit Windows virus sighted. Read more

www.theregister.co.uk:
Buffalo spammer jailed. Read more

www.crime-research.org:
Viruses nip Russia after the Cold War. Read more

28 may 2004

New Trojans:
Theef 2.01

Iroffer 1.3b07 (1308)

Red ZONE Christmas

Guides, Papers, etc
Create a bootable CD-ROM that will install Windows XP unattended. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
SGI IRIX libcpr Error Lets Local Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
Xdm May Open Random TCP Sockets. Read more

www.securitytracker.com:
3Com OfficeConnect 812 ADSL Router Can Be Crashed With Long Telnet String. Read more

www.securitytracker.com:
Canon imageRUNNER 210s Can Be Crashed By Scanning Port 80. Read more

www.securitytracker.com:
F-Secure Anti Virus Buffer Overflow in Processing LHA Archives May Let Remote Users Deny Service. Read more

www.securitytracker.com:
F-Secure Internet Security Buffer Overflow in Processing LHA Archives May Let Remote Users Deny Service. Read more

www.securitytracker.com:
F-Secure Internet Gatekeeper Buffer Overflow in Processing LHA Archives May Let Remote Users Deny Service. Read more

www.securitytracker.com:
Isoqlog Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
MiniShare Can Be Crashed By Remote Users With Incomplete HTTP Requests. Read more

www.securitytracker.com:
FreeBSD msync MS_INVALIDATE Error May Let Local Users Prevent File Changes. Read more

www.securiteam.com:
Isoqlog Buffer Overflow While Parsing Sendmail Logfiles. Read more

www.securiteam.com:
3Com OfficeConnect Remote 812 ADSL Router Telnet Protocol DoS Vulnerability. Read more

News:
www.smh.com.au:
Mega-patch caused mega problems: network pro. Read more

www.securityfocus.com:
Taiwanese engineer arrested for creating Trojan. Read more

www.theregister.co.uk:
Taiwanese engineer 'assisted Chinese hackers'. Read more

news.zdnet.co.uk:
Mounties arrest teenage virus suspect. Read more

www.theregister.co.uk:
Windows worms tax ISPs. Read more

www.computerworld.com:
Suspect charged in Canada for Randex worm. Read more

www.crime-research.org:
Insane hacker blackmailed Yandex. Read more

www.smh.com.au:
First virus for 64-bit Windows trapped. Read more

news.zdnet.co.uk:
Stealth searches scan personal data. Read more

news.zdnet.co.uk:
Yahoo joins spyware fight with toolbar upgrade. Read more

news.com.com:
Antispam framework scores Microsoft endorsement. Read more

27 may 2004

New Trojans:
Lame RAT 1.0

System33r Downloader 0.7.4b (LITE)

Caznova Spy IRC 1.0

Hackarmy (n)

Vulnerabilities & Exploits
www.securitytracker.com:
Orenosv HTTP/FTP Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Linksys Routers May Disclose Kernel Memory Contents in Response to BOOTP Packets. Read more

www.securitytracker.com:
Mailman Discloses Subscriber Passwords to Remote Users. Read more

www.securitytracker.com:
F-Secure Anti Virus Fails to Detect Sober.D/G Worms Within Zip Archives. Read more

www.securitytracker.com:
HP OpenView Select Access UTF-8 Decoding Flaw May Let Remote Users Access Restricted Resources. Read more

www.securitytracker.com:
HP integrated Lights Out Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Linux Kernel e1000 Buffer Overflow May Let Local Users Execute Arbitrary Code With Elevated Privileges. Read more

www.securitytracker.com:
BusyBox Netlink Messages Can Be Spoofed By Local Users. Read more

News:
www.internetnews.com:
Korgo Worm Targets LSASS Flaw. Read more

www.extremetech.com:
Dangerous Bobax Worm Hits System Files. Read more

zdnet.com.com:
Back to school for cybercops. Read more

www.crime-research.org:
Investigating Computer Crimes. Read more

www.hardwarezone.com:
Hackers Faster, Harder To Keep Out. Read more

www.theregister.co.uk:
Regulator fines Net sex firm. Read more

www.theregister.co.uk:
Singapore to make spammers pay - literally. Read more

26 may 2004

New Trojans:
BlackCore 2.1

Mafia Downloader 1.0

Infector 1.3 v2

Vulnerabilities & Exploits
www.k-otik.com:
Windows Lsasrv.dll Remote Universal Exploit XP/2K (MS04-011). Read more

www.securitytracker.com:
cPanel Apache mod_phpsuexec Options Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
e107 Input Validation Hole in 'usersettings.php' Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
VocalTec Telephony Gateway Can Be Crashed By Specially Crafted Packets. Read more

www.securitytracker.com:
Apple Safari SSH URL Processing Flaw Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
F5 BIG-IP TCP SYN Cookie Processing Flaw Lets Remote Users Deny Service. Read more

www.securitytracker.com:
NETGEAR RP114 URL Filtering Can By Bypassed With Long URLs. Read more

www.securitytracker.com:
Mollensoft Lightweight FTP Server Can Be Crashed By Remote Authenticated Users With CWD Commands. Read more

News:
zone-h.org:
Microsoft defaced once again! Read more

www.crime-research.org:
Phishing - phish for some fish. Read more

www.theregister.co.uk:
Two thirds of emails now spam: official. Read more

news.zdnet.co.uk:
Mac patch fails to fix problem. Read more

australianit.news.com.au:
Eastern mob hires hackers. Read more

news.zdnet.co.uk:
Email gateway products get smart with spam. Read more

news.zdnet.co.uk:
Open season for phishing as attacks soar. Read more

news.zdnet.co.uk:
Microsoft pre-installs network security. Read more

www.iseriesnetwork.com:
Is Linux Truly More Secure than Windows? Read more

www.computerweekly.com:
Hackers on the move. Read more

25 may 2004

New Trojans:
Ccobra 1.0

Only1 1.92

Satan RAT 1.50

Iroffer 1.3b02 (1303.d)

Iroffer 1.3b02 (1303.e)

Vulnerabilities & Exploits
www.securitytracker.com:
xpcd Buffer Overflow in libpcd pcd_open() May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Liferay Enterprise Portal Lack of Input Validation Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PimenGest2 Debug Error in 'rowLatex.inc.php' May Disclose Database Password. Read more

www.securitytracker.com:
Liferay Cross Site Scripting Flaw. Read more

www.securitytracker.com:
Mollensoft Lightweight FTP Server CWD Buffer Overflow. Read more

www.securitytracker.com:
cPanel mod_phpsuexec Vulnerability. Read more

www.insecure.ws:
SSH URI handler code execution. Read more

News:
www.theregister.co.uk:
Beware of 'IBM laptop order' email. Read more

www.smh.com.au:
Hackers getting harder to keep out: survey. Read more

congreso.seguridad.unam.mx:
Computer Security Mexico 2004
"10th Years celebrating Computer Security Mexico". Read more

www.news-journalonline.com:
Computer virus researcher looks to biology for clues. Read more

www.smh.com.au:
Organisations losing ground to hackers. Read more

nwc.securitypipeline.com:
Zone Labs Adds Anti-Virus To Firewall. Read more

www.computerweekly.com:
Hackers on the move. Read more

www.vnunet.com:
Phishing rocks the e-commerce boat. Read more

24 may 2004

New Trojans:
ProRat 1.6 Special Edition

Fuck MZN Troyan 3.0 v2

ServerSpyDD

Vulnerabilities & Exploits
www.securiteam.com:
Allegro RomPager DoS Exploit. Read more

www.securiteam.com:
CVS Remote Entry Line Heap Overflow Root Exploit. Read more

www.securiteam.com:
BNBT BitTorrent Tracker DoS. Read more

www.securiteam.com:
Firebird Database Remote Database Name Overflow. Read more

www.securiteam.com:
PHP / Apache DoS (Resource Consumption). Read more

www.gentoo.org:
Buffer Overflow in Firebird. Read more

News:
news.com.com:
New Zone Alarm to warn of viruses. Read more

www.crime-research.org:
Russia: credit card frauds. Read more

australianit.news.com.au:
Security game won't 'end nicely'. Read more

www.theinquirer.net:
More emerges about Brazilian hacking hacker. Read more

www.nwfusion.com:
Are you l33t? Read more

23 may 2004

New Trojans:
Remote Format 2

LAN Supervisor

Backdoor.Hackarmy.m

Vulnerabilities & Exploits
www.securitytracker.com:
Apple Mac OS X Terminal URL Processing Flaw Has Unspecified Impact. Read more

www.securitytracker.com:
CBTT Can Be Crashed By Remote Users Sending Specially Crafted HTTP Basic Authentication Headers. Read more

www.securitytracker.com:
BNBT Can Be Crashed By Remote Users Sending Specially Crafted HTTP Basic Authentication Headers. Read more

www.securitytracker.com:
e107 Input Validation Flaw in 'log.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.debian.org:
DSA-508-1 xpcd -- buffer overflow. Read more

News:
www.sacbee.com:
Child-porn probe used first live Internet wiretap. Read more

www.suburbanchicagonews.com:
Identity thieves, con men turn to 'phishing' to get consumer info. Read more

www.zone-h.com:
Mitnick: feel foolish if Sasser hit you. Read more

22 may 2004

New Trojans:
Hackerz Backdoor 3.7

Backdoor.Shabo

Backdoor.Zhangpo

Guides, Papers, etc
www.imperva.com:
SQL Injection Signatures Evasion. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Symantec Norton Anti-Virus Lets Remote Users Execute Applications on the Target User's System. Read more

www.maths.usyd.edu.au:
Do not use Eudora. Read more

security.e-matters.de:
CVS remote vulnerability. Read more

security.e-matters.de:
libneon date parsing vulnerability. Read more

security.e-matters.de:
Subversion remote vulnerability. Read more

News:
www.theregister.co.uk:
Sasser fan club stops rattling tin. Read more

news.zdnet.co.uk:
Spammers get fussy as zombie army grows. Read more

www.securitypipeline.com:
Microsoft Needs To Work Harder Distributing Software Patches. Read more

news.bbc.co.uk:
Taming the Wild West of viruses. Read more

itmanagement.earthweb.com:
Sneak Peek Into Microsoft Research. Read more

www.foundstone.com:
Computer Vulnerability-to-Worm Cycle Compressing Dramatically. Read more

www.infosyssec.com:
India's Secret Army of Ad Clickers - Rupees for Clicks. Read more

www.techworld.com:
Phishing attacks getting worse. Read more

straitstimes.asia1.com.sg:
Microsoft hacks employee benefits. Read more

kerneltrap.org:
Interview: Andrea Arcangeli. Read more

21 may 2004

New Trojans:
Backdoor.VB.n

Backdoor.Angelfire.b

Backdoor.VB.im

Guides, Papers, etc
www.securityfocus.com:
Malware Analysis for Administrators. Read more

Vulnerabilities & Exploits
www.securiteam.com:
Configuration Disclosure on Sweex 802.11g Wireless Accesspoint/Router. Read more

www.securiteam.com:
OpenBSD Procfs Memory Disclosure Vulnerability. Read more

News:
www.theinquirer.net:
Hackers hacked by hacker. Read more

www.theregister.co.uk:
'Deceptive duo' hacker pleads guilty. Read more

www.vnunet.com:
Hackers penetrate global finance firms. Read more

zdnet.com.com:
How to stop viruses? Build a 'killer bot'. Read more

20 may 2004

New Trojans:
SndCom 0.4

Ras51D

TNT 1.1 v2

Tools:
Netwox, network testing toolbox.
Toolbox netwox helps to find and solve network problems :
- sniff, spoof
- clients, servers
- DNS, FTP, HTTP, IRC, NNTP, SMTP, SNMP, SYSLOG, TELNET, TFTP
- scan, ping, traceroute
- etc.
Read more

Guides, Papers, etc
www.microsoft.com:
Help: I Got Hacked. Now What Do I Do? Read more

www.worldwidewardrive.org:
The OFFICIAL DEF CON 12 WARDRIVING CONTEST. Read more

Vulnerabilities & Exploits
Phorum Sessions Can Be Hijacked By Remote Users. Read more

Subversion Date Parsing Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

CVS Entry Line Heap Overflow Lets Remote Users Execute Arbitrary Code. Read more

neon Library Heap Overflow in ne_rfc1036_parse() Date Parsing Function May Let Remote Users Execute Arbitrary Code. Read more

OmniHTTPd Buffer Overflow in HTTP GET Range Header May Let Remote Users Execute Arbitrary Code. Read more

www.debian.or:
DSA-507-1 cadaver -- buffer overflow. Read more

www.debian.or:
DSA-506-1 neon -- buffer overflow. Read more

www.debian.or:
DSA-505-1 cvs -- heap overflow. Read more

www.debian.or:
DSA-504-1 heimdal -- missing input sanitising. Read more

www.oliverkarow.de:
ActiveState ActivePerl Buffer Overflow. Read more

News:
www.theregister.co.uk:
MS' anti-virus bounty success. Read more

www.newsfactor.com:
How Are Script Kiddies Outwitting I.T. Experts? Read more

www.crime-research.org:
Russia: Citybank clients scammed. Read more

www.securityfocus.com:
'Patriot' hacker pleads guilty. Read more

www.eweek.com:
Kibuv Worm, Bobax Trojan Try Many Methods. Read more

news.com.com:
Bobax worm takes tip from Sasser. Read more

www.informationweek.com:
New Worm Spreads By Replying To All Mail. Read more

news.zdnet.co.uk:
Plug and Play port scan reveals new worms. Read more

www.businessweek.com:
A New Chinese Specialty: Spam. Read more

www.techuser.net:
Why Windows is a Security Nightmare. Read more

news.zdnet.co.uk:
Researcher reveals details of OS X security flaw. Read more

www.computerworld.com:
Spyware sneaks into the desktop. Read more

19 may 2004

New Trojans:
Backdoor.Kalmer

RedHacker

Iroffer 1.3b02 (1303.a)

Iroffer 1.3b02 (1303.b)

Iroffer 1.3b02 (1303.c)

Vulnerabilities & Exploits
www.securitytracker.com:
Sun Java Secure Socket Extension (JSSE) Authentication Flaw May Validate Invalid Certificates. Read more

www.securitytracker.com:
Blue Coat ProxySG May Disclose Private Key to Remote Users. Read more

www.securitytracker.com:
phpMyFAQ Input Validation Holes Let Remote Users View and Execute Files on the Target System. Read more

www.securitytracker.com:
Microsoft Outlook 2003 Scripting Restrictions Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
Libuser Memory Error May Cause Denial of Service Conditions. Read more

www.securitytracker.com:
PHP-Nuke $modpath Include File Flaw May Let Remote Users Execute Arbitrary Commands in Certain Cases. Read more

www.securitytracker.com:
SGI IRIX rpc.mountd Has Infinite Loop Denial of Service Flaw. Read more

www.securitytracker.com:
Linux passwd May Truncate Passwords Supplied Via stdin. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Flaw in Union Tap Prevention Feature Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
osCommerce Directory Traversal Flaw in 'admin/file_manager.php' Discloses Files to Remote Authenticated Administrators. Read more

www.securitytracker.com:
Microsoft Visual Basic Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Turbo Traffic Trader C Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
KDE URL Processing Flaw Lets Remote Users Create or Overwrite Files or Execute Commands. Read more

www.securitytracker.com:
Zen Cart Password Input Validation Flaw Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
NetChat Buffer Overflow in HTTP Service Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Wget May Overwrite Files in Certain Cases and Allow a Local User to Gain Elevated Privileges. Read more

www.securiteam.com:
Microsoft Internet Explorer ImageMap URL Spoof Vulnerability. Read more

www.debian.org:
DSA-504-1 heimdal -- missing input sanitising. Read more

www.oliverkarow.de:
ActiveState ActivePerl Buffer Overflow. Read more

News:
www.theregister.co.uk:
Police probe Sasser informant. Read more

news.zdnet.co.uk:
Analysts downplay Cisco code leak. Read more

news.zdnet.co.uk:
Skills not money needed to fight cybercrime. Read more

www.infoworld.com:
Phishing scam reports skyrocket in April. Read more

www.techweb.com:
High Port 5000 Traffic Indicates Kibuv.b Worm At Work. Read more

18 may 2004

New Trojans:
System33r Multi Webdownloader 1.2

Manslut Uploader 1.0rc4

pseudoRAT 0.1 (b)

Backdoor.Wowhack

Guides, Papers, etc
www.securityfocus.com:
TCP/IP Skills Required for Security Analysts. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
WebCT Input Validation Holes in Discussion Board Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Apple Safari 'runscript' Function Lets Remote Users Execute Code. Read more

www.securitytracker.com:
Microsoft Outlook Express Mail Troubleshooting Function May Disclose SMTP Password to Local Users. Read more

www.securitytracker.com:
Microsoft Internet Explorer Image Map URL Display Error Lets Remote Users Spoof URLs. Read more

www.securiteam.com:
Internet Explorer Crash (Malformed META Tag). Read more

www.securiteam.com:
Mac OS-X/Safari Remote Help-Call Script Execution. Read more

www.securiteam.com:
Linksys BOOTP Memory Leak. Read more

www.deprotect.com:
Kernel memory disclosure via procfs. Read more

www.oliverkarow.de:
ActiveState ActivePerl Buffer Overflow. Read more

News:
www.theregister.co.uk:
Phatbot suspect released on bail. Read more

www.computerweekly.com:
Learn to identify the new generation of security threats and protect your network. Read more

www.theregister.co.uk:
Google's Ethics Committee revealed. Read more

www.theregister.co.uk:
FBI arrest 65 in P2P child porn raids. Read more

www.microscope.co.uk:
Teenage hackers shame IT industry again. Read more

www.crime-research.org:
Computer crimes to block business activity. Read more

www.crime-research.org:
Ukrainian Hacker Story. Read more

www.iht.com:
Criminal gangs exploit Internet employment sites. Read more

news.zdnet.co.uk:
Bagle turns to anti-spam trick. Read more

17 may 2004

New Trojans:
2004 Hacking RAT 1.0

Little Witch 6.1 (aa) server

MiniDL

Lamers Death 2.7 undetected server

Vulnerabilities & Exploits
www.securiteam.com:
DoS Vulnerability in IEEE 802.11 Wireless Devices. Read more

www.securiteam.com
Symantec Multiple Firewall DNS Response DoS Exploit (PoC). Read more

www.eeye.com:
Symantec Multiple Firewall NBNS Response Processing Stack Overflow. Read more

www.eeye.com:
Symantec Multiple Firewall DNS Response DoS. Read more

www.eeye.com:
Symantec Multiple Firewall NBNS Response Remote Heap Corruption. Read more

www.eeye.com:
Symantec Multiple Firewall Remote DNS KERNEL Overflow. Read more

News:
nwc.securitypipeline.com:
"Wallon" Virus Contains Phony Yahoo Link. Read more

www.smh.com.au:
Singapore schools hit by Agobot worm. Read more

16 may 2004

New Trojans:
PhatBot

BAD R.A.T. 1.0

TWeb Web Server 1.1

RPC-2

News:
news.zdnet.co.uk:
'Survivor' site contains malicious code. Read more

www.intego.com:
Intego Announces Protection against a new Mac OS X Trojan Horse: AS.MW2004.Trojan. Read more

www.computerworld.com:
Wallon worm uses Yahoo, IE flaw to spread. Read more

www.usatoday.com:
Vietnam to monitor its Internet users. Read more

www.computerworld.com:
Intrusion response dips down to end-user level. Read more

www.computerworld.com:
How to protect the network from the inside out. Read more

www.computerworld.com:
Behavioral network security: Is it right for your company? Read more

15 may 2004

New Trojans:
Cerberus 0.1

Serial Thief

SSPPYY version 2

Hook p2p

Vulnerabilities & Exploits
www.securitytracker.com:
Solaris Management Console Server Discloses File and Directory Existence to Remote Users. Read more

www.securitytracker.com:
libtASN1 DER Parsing Flaw Has Unspecified Impact. Read more

www.securitytracker.com:
Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code. Read more

News:
www.theregister.co.uk:
Dabber exploits Sasser flaw. Read more

www.techweb.com:
Sneaky Virus Pretends To Be Yahoo. Read more

software.silicon.com:
Virus warning: Wallon destroys Media Player. Read more

www.zone-h.org:
Agobot Trojan author released in Germany. Read more

www.newsfactor.com:
As the Worm Turns. Read more

www.securityfocus.com:
Sasser suspect has fans. Read more

www.theregister.co.uk:
Spam fighters infiltrate spam clubs. Read more

www.theregister.co.uk:
Symantec fights auto-responder menace. Read more

www.sophos.com Police breaking open Skynet virus gang in North Germany, Sophos reports. Read more

14 may 2004

New Trojans:
Reload 0.33

Remote Format

FTH2004

CiGiCiGi ViP 1.7 English

Vulnerabilities & Exploits
xforce.iss.net:
Multiple Vulnerabilities in Symantec Client Firewall Products. Read more

www.securitytracker.com:
Symantec Client Firewall SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System. Read more

www.securitytracker.com:
Symantec Client Security SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System. Read more

www.securitytracker.com:
Norton AntiSpam SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System. Read more

www.securitytracker.com:
Microsoft Internet Explorer showHelp Path Search Lets Remote Users Load Existing Local CHM Files. Read more

secunia.com:
Microsoft Outlook Express Loading of Arbitrary Web Content. Read more

www.securitytracker.com:
mah-jong Game Can Be Crashed By Remote Users With Empty Name Value. Read more

www.securitytracker.com:
Opera Web Browser URL Redirect Error Lets Remote Users Spoof the Status Bar Address. Read more

www.securitytracker.com:
OpenBSD procfs Integer Overflow Discloses Kernel Memory to Local Users. Read more

www.securitytracker.com:
IEEE 802.11 Wireless LANs Can Be Disrupted By Remote Users Within Transmission Range. Read more

www.securitytracker.com:
Agnitum Outpost Firewall Pro Can Be Crashed By Remote Users Sending a Sustained Packet Flood. Read more

www.securitytracker.com:
Sweex Wireless Broadband Router Disclosed Administrative Password to Remote Users. Read more

www.securitytracker.com:
Opera Telnet URL Processing Flaw Lets Remote Users Create or Overwrite Files. Read more

www.gentoo.org:
Utempter symlink vulnerability. Read more

News:
www.theregister.co.uk:
Red alert over Symantec firewall flaw. Read more

news.com.com:
Worm feeds on Sasser-infected computers. Read more

www.theregister.co.uk:
German police raid five homes in Sasser case. Read more

support-sasser.homepage.dk:
Support the Sasser-author fund started. Read more

www.smh.com.au:
Skynet virus gang in Germany busted. Read more

www.theregister.co.uk:
New flaw takes Wi-Fi off the air. Read more

www.internetweek.com:
New Worm With A Twist Targets Sasser-Infected System. Read more

www.neowin.net:
Wallon worm uses Yahoo, MS to spread. Read more

www.theregister.co.uk:
Student uncovers US military secrets. Read more

news.com.com:
Search engines delete adware company. Read more

www.wired.com:
Microsoft to Battle Spyware. Read more

www.crime-research.org:
7 years for doubtful photo business on the Net. Read more

www.theregister.co.uk:
Child porn case highlights browser hijack risks. Read more

www.wired.com:
Browser Hijackers Ruining Lives. Read more

13 may 2004

New Trojans:
A-311 1.29

NeoControlRed 3.0.0

Yet Another Trojan 1.4

HGZ MiniHacker

Vulnerabilities & Exploits
www.securitytracker.com:
ZoneMinder Buffer Overflow in zms May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Linux Kernel Integer Overflow in sctp_setsockopt() Lets Local Users Execute Arbitrary Code With Kernel Privileges. Read more

www.securitytracker.com:
BEA WebLogic May Let Remote Authenticated Admin/Operator Users Start or Stop Server. Read more

www.securitytracker.com:
BEA WebLogic 'security-role-assignment' Coding Error May Delete Access Controls Tag. Read more

www.securitytracker.com:
GTK+ Support Libraries Directory Permission Flaw on HP-UX Lets Local Users Gain Elevated Privileges. Read more

www.securiteam.com:
Monit Remote Shell Exploit (Long HTTP Request). Read more

www.securiteam.com:
Sasser Worm Remote FTPD Buffer Overflow Exploit Code (Port 5554). Read more

www.securiteam.com:
PaX Linux Kernel Patch DoS (Exploit). Read more

www.securiteam.com:
Trend OfficeScan Corporate Antivirus Permissions Insecurity. Read more

www.securiteam.com:
Outlook 2003 File Upload And Execution Vulnerability. Read more

www.securiteam.com:
Agnitum Outpost Firewall Pro DoS. Read more

www.securiteam.com:
Vulnerability in Help and Support Center Remote Code Execution (MS04-015). Read more

www.securiteam.com:
Outlook 2003 Not Yet SPAM Proof (PING). Read more

News:
www.theregister.co.uk:
Phatbot arrest throws open trade in zombie PCs. Read more

www.newsfactor.com:
Why Are Virus Writers So Tough To Catch? Read more

www.nzherald.co.nz:
Police question more Sasser worm suspects. Read more

www.eweek.com:
German Police Hunt for Sasser Worm Accomplices. Read more

www.smh.com.au:
Suspected Agobot Trojan author arrested. Read more

zdnet.com.com:
Antivirus companies muting false alarms. Read more

news.com.com:
The lessons of Sasser. Read more

www.theregister.co.uk:
Chinese youths trash Internet café. Read more

www.computerworld.com:
Sasser arrest seen as small step in cybercrime fight. Read more

12 may 2004

New Trojans:
BAD R.A.T. 1.1

TUploaderC2

TNT 1.1

Screen Spy 1.0

Guides, Papers, etc
www.securityfocus.com:
Automating Windows Patch Management: Part III. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft Outlook 2003 Lets Remote Users Send E-mail to Cause the Recipient's Client to Contact a Remote Server. Read more

www.securitytracker.com:
Microsoft Help and Support Center HCP URL Validation Error May Let Remote Users Execute Arbitrary Code If User Interactions Occur. Read more

www.securitytracker.com:
Eudora Fails to Correctly Display the Status Bar for URLs Containing Many HTML Character Entities. Read more

www.securitytracker.com:
SCO OpenServer X Session Access Controls Do Not Permit Xauthority Controls for Some X Sessions. Read more

www.securitytracker.com:
Systrace BSD Privilege Check Error Lets Local Users Gain Root Privileges. Read more

www.fribble.net:
Arbitrary code inclusion vulnerability in phpShop. Read more

xforce.iss.net:
McAfee ePolicy Orchestrator Remote Compromise Vulnerability. Read more

www.securitytracker.com:
IBM Parallel Environment Sample Code Lets Local Users Execute Arbitrary Commands With Root Privileges. Read more

www.securitytracker.com:
eMule Service Can Be Crashed By Remote Users Sending a Variety of Malformed Requests. Read more

www.securitytracker.com:
MailEnable Buffer Overflow in HTTPMail Lets Remote Users Execute Arbitrary Code. Read more

www.debian.org:
DSA-502-1 exim-tls -- buffer overflow. Read more

News:
Microsoft Security Bulletin MS01-052
Invalid RDP Data can Cause Terminal Service Failure. Read more

Microsoft Security Bulletin MS04-014
Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001). Read more

www.reuters.com:
Net Worm Arrests Could Crack Cyber Ring: Experts. Read more

www.theregister.co.uk:
MS spells it out: pirates can, can't install WinXP Sp2. Read more

www.theregister.co.uk:
Lottery scams new flavour of the month. Read more

zdnet.com.com:
Microsoft patches new Windows flaw. Read more

news.netcraft.com:
Anti-Phishing Site Targeted by Hack Attacks. Read more

11 may 2004

New Trojans:
BlackCore 2.0

JRat 1.3

NeoControlRed 2.5.1

New Cam Viewer

Vulnerabilities & Exploits
www.k-otik.com:
Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554). Read more

www.securitytracker.com:
Mac OS X TruBlueEnviroment Argument Processing Flaw Lets Local Users Deny Service. Read more

www.securitytracker.com:
NukeJokes Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
icecast Heap Overflow in Processing Basic Authentication Lets Remote Users Crash the Service. Read more

News:
www.theregister.co.uk:
New version of Sasser undermines lone coder theory. Read more

www.theinquirer.net:
Microsoft paid $25,000 for the head of virus writer. Read more

www.theregister.co.uk:
German police arrest Sasser worm suspect. Read more

www.suburbanchicagonews.com:
Worm's creator tried to limit damage done. Read more

www.newsfactor.com:
Second German Teen Arrested After Sasser Author. Read more

www.newsfactor.com:
Despite German Teen Arrest, Sons of Sasser Live On. Read more

nwc.securitypipeline.com:
Hackers Moving Faster To Exploit Vulnerabilities. Read more

news.com.com:
Microsoft: Separate trail led to second virus writer. Read more

10 may 2004

New Trojans:
Remote Password Reventator

Harvester 2003 (mail) 08

Exception 1.0

Stealth Lan Downloader

Guides, Papers, etc
www.microsoft.com:
Introduction to viruses, worms, and Trojan Horses. Read more

Vulnerabilities & Exploits
www.securiteam.com:
SMC Routers Passwordless Remote Administration. Read more

www.securiteam.com:
Remote Command Execution Vulnerability In oMail. Read more

www.securiteam.com:
NukeJokes Module For PhpNuke Multiple Vulnerabilities. Read more

www.securiteam.com:
Pound Format String Exploit. Read more

www.securiteam.com:
Internet Explorer Remote Dos (Memory Access Violation). Read more

www.securiteam.com:
Eudora File URL Buffer Overflow. Read more

www.securiteam.com:
MyWeb Buffer Overflow. Read more

News:
nwc.securitypipeline.com:
Sasser Worm Bites Businesses Worldwide. Read more

www.newsfactor.com:
Arrested German Teen Admits Being Sasser Worm Author. Read more

www.informationweek.com:
German Teenager Admits To Creating Sasser Worm. Read more

www.microsoft.com:
Microsoft Reward Program Helps Lead to Information Resulting in Arrest Related to Sasser Internet Worm. Read more

www.crime-research.org:
Who hacks? Who cracks? Read more

09 may 2004

New Trojans:
Backdoor.VisualServer

Savage dDevil Trojan

TX

chti WebDL

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft Internet Explorer 'file://' URL Processing Flaw Lets Remote Users Damage the Registry. Read more

www.securitytracker.com:
efFingerD Buffer Overflow in sockFinger_DataArrival() Lets Remote Users Crash the Daemon. Read more

www.securitytracker.com:
TrendMicro OfficeScan Default Permissions Let Local Users Modify the Configuration. Read more

www.securitytracker.com:
Sun Java Virtual Machine Infinite Loop in decodeArrayLoop() Lets Remote Users Deny Service. Read more

News:
www.microsoft.com:
Microsoft Reward Program Helps Lead to Information Resulting in Arrest Related to Sasser Internet Worm. Read more

www.620ktar.com:
Teen Confesses to Creating 'Sasser' Worm. Read more

www.snpx.com:
German police also arrest author of the Agobot and Phatbot worms. Read more

www.snpx.com:
Microsoft Reward Program Helped Lead to Arrest of Sasser author. Read more

www.reuters.com:
Net Worm Arrests Could Crack Cyber Ring: Experts. Read more

www.signonsandiego.com:
FACTBOX-Five major viruses on the Internet. Read more

www.ctv.ca:
German student arrested over computer virus. Read more

www.wired.com:
Sasser Worm Suspect Confesses. Read more

zdnet.com.com:
Microsoft reward snags suspected Sasser author. Read more

www.gridtoday.com:
Arrest Made In United Kingdom "Phishing" Case. Read more

www.heise.de:
German Language: Mutmaßlicher Phatbot-Entwickler bei Lörrach festgenommen. Read more

08 may 2004

New Trojans:
PA HAC 1.2 2004

Infector NG 2004

Toxic Backdoor 1.0

Vulnerabilities & Exploits
www.securitytracker.com:
MyWeb Buffer Overflow Lets Remote Users Crash the Server With Long URLs. Read more

www.securitytracker.com:
Eudora Has Buffer Overflow in Loading 'file://' URLs. Read more

www.securitytracker.com:
Kolab Discloses LDAP Server Password to Local Users. Read more

www.securitytracker.com:
SUSE LINUX Live CD Configuration Error Yields Root Access to Remote Users. Read more

www.securitytracker.com:
e107 Input Validation Bug in 'News Submit' and 'Article Submit' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
DeleGate Buffer Overflow in static ssl_prcert() Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code. Read more

News:
Latest news.
Author of Sasser arrested. A german man is arrested for making the Sasser worm.

www.techweb.com:
Sasser, Netsky Work Of Same Hacker. Read more

www.internetweek.com:
Symantec: Sasser, Netsky Work Of Same Hacker. Read more

www.internetnews.com:
MS to Help Zap Worms Automatically. Read more

www.theregister.co.uk:
Sasser ups cost of Windows - Gartner. Read more

www.newsfactor.com:
Report: Phishing Scam Hits 57 Million Users. Read more

www.theregister.co.uk:
Mystery of MS's missing AV software. Read more

www.theregister.co.uk:
Stalkers target victims with email. Read more

www.chron.com:
University's computer system hit by hackers. Read more

www.crime-research.org:
Russia: Computer crimes statistics. Read more

www.iht.com:
Pirates and hackers roam in the Internet's Wild West. Read more

07 may 2004

New Trojans:
Acid Drop 1.0

Visitor 1.1 [Dropper]

Gadu Ghost 1.2 server

Vulnerabilities & Exploits
www.guninski.com:
Buffer overflows in exim, yet still exim much better than windows. Read more

www.securitytracker.com:
FuseTalk Grants Remote Users Access to 'banning' Template. Read more

www.securitytracker.com:
Microsoft IIS ASP Script Cookie Processing Flaw May Disclose Application Information to Remote Users. Read more

www.securitytracker.com:
P4DB Input Validation Holes Let Remote Users Execute Arbitrary Shell Commands. Read more

www.securitytracker.com:
Heimdal k5admind Framing Length Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Bugs in 'sid' Variable in 'Downloads' Module Permits SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Simple Machines SMF '[size]' Tag Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Verity Ultraseek Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
SurgeLDAP Web Administration Interface Authentication Flaw Lets Remote Users Gain Access. Read more

www.securitytracker.com:
PHPX Cookie Authentication Flaw Lets Remote Users Hijack a Target User's Account. Read more

www.securiteam.com:
DeleGate SSL Filter Buffer Overflow. Read more

www.debian.org:
DSA-501-1 exim -- buffer overflow. Read more

www.securityfocus.com:
Multiple LHA Buffer Overflow/Directory Traversal Vulnerabilities. Read more

News:
www.theregister.co.uk:
China shuts 8,600 cybercafes. Read more

www.channelnewsasia.com:
Virus researchers warn of new Netsky worm that poses as Sasser cure. Read more

www.tmcnet.com:
Expected ''Nastier Sasser'' Worm Highlights Dangers of Relying on Patches -- Recent Attacks Are a ''Wake-up Call'' for Improving Application Defenses of Networks. Read more

www.theregister.co.uk:
Prison time for cyber stock swindler. Read more

www.theregister.co.uk:
Sasser boosts AV share prices. Read more

www.adn.com:
Hackers access University of California, San Diego server. Read more

www.crime-research.org:
Who are these cyber criminals? Read more

www.terra.net.lb:
New scourge of Web, spyware draws fire from US Congress, others. Read more

06 may 2004

New Trojans:
Magic PS 1.5

Hotmail Hacker Log Edition 3.5

NeoControlRed 2.4.0

Vulnerabilities & Exploits
www.securitytracker.com:
ipmenu Unsafe 'ipmenu.log' Temporary File Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Titan FTP Server Can Be Crashed By Remote Authenticated Users Sending and Aborting a LIST Command. Read more

www.securitytracker.com:
PHPX Has Mulitple Input Validation Holes That Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Check Point VPN-1 ISAKMP Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

News:
news.bbc.co.uk:
Hunt is on for Sasser worm writer. Read more

www.theregister.co.uk:
Sasser creates European pandemonium. Read more

www.theregister.co.uk:
Fear of phishing hits e-commerce. Read more

www.globetechnology.com:
Sasser worm sign of things to come? Read more

www.theregister.co.uk:
UK police arrest 12 phishing mule suspects. Read more

www.hardwarezone.com:
Sasser Worm Infections Increase by 43% during Second Day of Alert. Read more

www.newsfactor.com:
Sasser Fizzles Out as Search for Culprits Heats Up. Read more

www.chron.com:
Worm may join pals for trouble. Read more

www.usatoday.com:
Computer security experts lament laggardly pace of patches. Read more

www.smh.com.au:
Open source group says monoculture breeds worms. Read more

www.crime-research.org:
How to avoid Internet fraud. Read more

www.theregister.co.uk:
MS opens Hotmail to bulk mailers. Read more

05 may 2004

New Trojans:
MiniMO 0.6 Beta

Acessor 2.0

Snow 3.8

Vulnerabilities & Exploits
www.securitytracker.com:
SuSE Linux '/proc/scsi/qla2300/HbaApiNode' Permissions Let Local Users Deny Service. Read more

www.securitytracker.com:
Message Foundry Lets Remote Users Deny Service By Requesting '/com1'. Read more

www.securitytracker.com:
Apple Mac OS X RAdmin Bug in Processing Large Requests Has Unspecified Impact. Read more

www.securitytracker.com:
Apple CoreFoundation Environment Variable Flaw Has Unspecified Impact. Read more

www.securitytracker.com:
AppleFileServer Buffer Overflow in Processing Cleartext User Authentication Method Packets Lets Remote Users Execute Code With Root Privileges. Read more

www.securitytracker.com:
PaX Infinite Loop Lets Local Users Deny Service. Read more

www.securitytracker.com:
Aldo's Web Server Discloses Arbitrary Files to Remote Users. Read more

www.securitytracker.com:
YaBB Input Validation Flaw in 'Subject' Field Lets Remote Users Modify the '.txt' File. Read more

www.securitytracker.com:
Crystal Reports Unspecified Flaws Let Remote Users View and Delete Files and Deny Service. Read more

www.securiteam.com:
autoRST - Automated TCP RST Exploit. Read more

www.securiteam.com:
Squirrelmail Local Root Chpasswd Exploit. Read more

www.securiteam.com:
Dameware Mini Remote Control Weak Key Agreement Scheme. Read more

www.securiteam.com:
Web Wiz Forum SQL Injection and Security Bypass, Read more

www.securiteam.com:
Titan FTP Server Aborted LIST DoS. Read more

News:
www.theregister.co.uk:
We've seen worse than Sasser - MS. Read more

www.theregister.co.uk:
'Deceptive Duo' hacker charged. Read more

www.theregister.co.uk:
Sasser worm creates havoc. Read more

www.chron.com:
Way to keep worms at bay: automatic security updates. Read more

www.detnews.com:
Computer security experts lament laggardly pace of patches. Read more

www.stuff.co.nz:
Worm may help hackers. Read more

www.stuff.co.nz:
Microsoft details Windows plans amid security woes. Read more

04 may 2004

New Trojans:
Backdoor.Autocrat.a

Backdoor.Hackarmy.a

Backdoor.Welkom

Guides, Papers, etc
chitchat.at.infoseek.co.jp:
VMware Backdoor I/O Port. Read more

Vulnerabilities & Exploits
www.atstake.com:
AppleFileServer Remote Command Execution. Read more

www.securitytracker.com:
Pound Format String Flaw in Syslog Processing Lets Remote Users Execute Arbitrary Code. Read more

www.theregister.co.uk:
Mitnick busts bomb hoaxer. Read more

News:
english.chosun.com:
Variants of Computer Worm 'Sasser' Spread Rapidly. Read more

www.startribune.com:
'Sasser' worm hits computers Windows flaw exploited worldwide. Read more

www.news-journalonline.com:
New virus snarls hundreds of thousands of machines worldwide. Read more

news.bbc.co.uk:
Sasser net worm disruption grows. Read more

www.techweb.com:
How To Protect PCs Against The Sasser Worm. Read more

www.crime-research.org:
Computer Crime Classification. Read more

news.com.com:
Microsoft signs security pact with Germany. Read more

www.smh.com.au:
Microsoft says mega-patch problems unresolved. Read more

03 may 2004

New Trojans:
NeoControlRed 2.5.0

Magic PS 1.42

Beast 2.06 [b] server

Tools:
fileforum.betanews.com:
Microsoft Sasser.A & .B Worm Removal Tool 1.0. Read more

Vulnerabilities & Exploits
www.securiteam.com:
LHa Local Stack Overflow Proof of Concept. Read more

www.securiteam.com:
Windows Lsasrv.dll Remote Universal Exploit (MS04-011). Read more

www.securiteam.com:
HSFTP Format String Vulnerability (Walkthrough). Read more

www.securiteam.com:
3Com NBX VoIP NetSet DoS. Read more

www.securiteam.com:
Buffer Overflows and Directory Traversal in LHA. Read more

www.securiteam.com:
SquirrelMail Cross Scripting Attacks (compose.php). Read more

www.securiteam.com:
Remote Buffer Overflow Vulnerabilities in Real RTSP Streaming. Read more

www.securiteam.com:
ssmtp Insecure File Creation. Read more

www.securiteam.com:
phpBB IP Spoofing Vulnerability. Read more

www.securiteam.com:
paFileDB Multiple Vulnerabilities (XSS, Path Disclosure). Read more

www.securiteam.com:
OpenBB Multiple Vulnerabilities (board.php, search.php, member.php, post.php, myhome.php, index.php). Read more

www.securitytracker.com:
FLIM Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

www.debian.org:
DSA-500-1 flim -- insecure temporary file. Read more

www.debian.org:
DSA-499-1 rsync -- directory traversal. Read more

News:
www.microsoft.com:
Microsoft Joins Law Enforcement to Track Perpetrators of Emerging Worm Attacks against Computer Users. Read more

www.overclockersclub.com:
Very Fast Spreading Worm on the Loose. Read more

www.crime-research.org:
FraudWatch warns of the escalation of Internet fraud. Read more

02 may 2004

New Trojans:
Leviathan 0.1

Ramirez 1.1

DJ Client Server

Tools:
www.fpx.de:
UUDeview is a program that helps you transmit and receive binary files over the Internet, using electronic mail or newsgroups. Read more

Guides, Papers, etc
www.zeltser.com:
Reverse Engineering Malware. Read more

Know Your Enemy:
Honeynets in Universities. Read more

www.eeye.com:
Sasser Worm Technical Analysis. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
PROPS Input Validation Flaws Disclose Files to Remote Users and Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
SmartPeer Has Password Command Flaw With Unspecified Impact. Read more

www.securitytracker.com:
SMC Routers Enable Remote WAN-Side Administration With No Password By Default. Read more

www.securitytracker.com:
MPlayer Buffer Overflow in Playing Real Streams Lets Remote Servers Execute Arbitrary Code. Read more

www.securitytracker.com:
Xine Buffer Overflow in Playing Real Streams Lets Remote Servers Execute Arbitrary Code. Read more

www.securitytracker.com:
NetCache Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Web Wiz Forums Input Validation Hole in 'pop_up_ip_blocking.asp' Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Veritas NetBackup Buffer Overflow and Format String Flaws Let Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Apple QuickTime Bug Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Internet Explorer SSL Icon Error May Let Remote Users Impersonate Secure Web Sites. Read more

www.securitytracker.com:
Moodle Input Validation Bug in 'help.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
SquirrelMail Input Validation Hole in 'mailbox' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
3Com NBX NetSet Configuration Utility Can Be Crashed By a Remote User Conducting a Nessus Scan. Read more

www.securitytracker.com:
Coppermine Photo Gallery Include File Flaw Lets Remote Users Execute Arbitrary Code on the Target System. Read more

News:
www.theregister.co.uk:
The illicit trade in compromised PCs. Read more

english.aljazeera.net:
Sasser virus infects cyberspace. Read more

xforce.iss.net:
Microsoft LSASS Sasser Worm Propagation. Read more

www.microsoft.com:
What You Should Know About the Sasser Worm and Its Variants. Read more

seattletimes.nwsource.com:
What are pesky spyware 'parasites' nibbling on? Read more

01 may 2004

New in Archive
Bifrost 1.0

SndCom 0.2

ViriL.Devil 3.0

Vulnerabilities & Exploits
www.securitytracker.com:
ProFTPD Access Control Bug With CIDR Addresses May Let Remote Authenticated Users Access Files. Read more

www.securitytracker.com:
lha Buffer Overflows Let Remote Users Create Malicious Archives to Execute Arbitrary Code. Read more

www.securitytracker.com:
libpng Memory Access Violation When Creating Error Messages May Cause Denial of Service Conditions. Read more

www.securitytracker.com:
Linux Kernel do_fork() Memory Allocation Flaw Lets Local Users Consume Memory Resources and Deny Service. Read more

www.securitytracker.com:
ReciPants Input Validation Holes Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Rsync Path Validation Flaw May Let Remote Authenticated Users Write Files on the System. Read more

www.securitytracker.com:
Midnight Commander Has Multiple Bugs That May Let Local Users Gain Elevated Privileges. Read more

www.debian.org:
DSA-498-1 libpng -- out of bound access. Read more

News:
news.com.com:
Worm warning intensifies. Read more

www.esecurityplanet.com:
Large Numbers of Gaobot Worm Variants Proliferating. Read more

zdnet.com.com:
Alarm growing over bot software. Read more

searchsecurity.techtarget.com:
New variants of the prolific Bagle and Netsky families get legs. Read more

www.securityfocus.com:
Takedown: Mitnick busts bomb hoaxer. Read more

www.computerworld.com:
Microsoft hole spawns false alarm, real attacks. Read more


CopyrightŠ MegaSecurity.org