Home    News Archive    Translate Traducen
News june 20004
30 june 2004

New Trojans:
Netsys 2.0

Cab of Filth 1.2e English

Ereet 2.0 (b)

Tools:
www.definitivesolutions.com:
BHODemon is a free tool that will list all Browser Helper Objects that are installed on a Windows system by scanning the registry and give you the ability to disable them. This will also list "good" BHOs as well, but nevertheless is a useful tool in detecting and disabling malicious software. Read more

Guides, Papers, etc
isc.sans.org:
New scam targets bank customers (pdf). Read more

Vulnerabilities & Exploits
www.securitytracker.com:
HP Object Action Manager WebAdmin Flaw May Yield Access to Remote Users. Read more

www.securitytracker.com:
HP-UX ARPA Transport Unspecified Flaw Lets Local Users Deny Service. Read more

www.securitytracker.com:
Open WebMail Input Validation Flaw in 'vacation.pl' Lets Remote Users Execute Arbitrary Programs. Read more

www.securitytracker.com:
BEA WebLogic role-name Tag Error May Let Remote Users Access Applications. Read more

www.securitytracker.com:
D-Link DI-614+ DHCP LEASETIME Integer Overflow Lets Remote Users Deny Service. Read more

www.securitytracker.com:
MPlayer GUI TranslateFilename() Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Apache httpd Header Line Memory Allocation Lets Remote Users Crash the Server. Read more

www.securitytracker.com:
D-Link DI-614+ Router Can Be Crashed With Certain DHCP Requests. Read more

News:
www.theregister.co.uk:
CoolWebSearch is winning Trojan war. Read more

www.detnews.com:
Computer virus steals Online banking information. Read more

acmqueue.com:
Security bug? My programming language made me do it! Read more

news.zdnet.co.uk:
Microsoft proposes Sender ID to jam spam. Read more

www.theregister.co.uk:
Anti-phishing group backs email authentication. Read more

news.zdnet.co.uk:
Survey: Nearly all phishing from forged addresses. Read more

news.zdnet.co.uk:
VeriSign launches spam-blocking service. Read more

news.netcraft.com:
Hackers Manipulating Internet Explorer Add-Ons. Read more

news.zdnet.co.uk:
Gates promotes isolation. Read more

www.crime-research.org:
Last week's most famous Russian hacker. Read more

www.theregister.co.uk:
Playboy 'hacker' jailed for two years. Read more

software.silicon.com:
Leader: Stupidest 'hacker' ever revealed. Read more

www.adn.com:
JAMES DERK: Viruses, viruses everywhere. Read more

29 june 2004

New Trojans:
Remote Process Monitor 1.0

Backdoor.Terminate

Backdoor.VB.jq

Guides, Papers, etc
www.securityfocus.com:
Packet Crafting for Firewall & IDS Audits (Part 1 of 2). Read more

Vulnerabilities & Exploits
www.guninski.com:
DoS in apache httpd 2.0.49, yet still apache much better than windows. Read more

www.securitytracker.com:
csFAQ Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
PowerPortal Input Validation Flaws Disclose Files to Remote Users and Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
CuteNews Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Cart32 Input Validation Error in 'GetLatestBuilds' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Infinity WEB Input Validation Error Lets Remote Users Inject SQL Commands. Read more

www.securiteam.com:
Artmedic Links File Inclusion Vulnerability. Read more

News:
www.theregister.co.uk:
CERT recommends anything but IE. Read more

www.securityfocus.com:
Gates Defends Microsoft Patch Efforts. Read more

www.theregister.co.uk:
Internet Explorer. Quick, call security! Read more

www.sundaytimes.co.za:
Explorer reports ‘serious' security hole. Read more

zdnet.com.com:
Spyware-killers get going online. Read more

www.crime-research.org:
Authors of the last viruses are Russians. Read more

www.demingheadlight.com:
New email scam is circulating. Read more

www.computerworld.com:
VeriSign introduces e-mail, antiphishing services. Read more

www.detnews.com:
E-mail under attack. Read more

www.theregister.co.uk:
Beastie Boys claim no virus on crippled CD. Read more

28 june 2004

New Trojans:
System33r Socks4 1.0 TEST

Backdoor.Dewin.e

Backdoor.Ierk.a

Guides, Papers, etc
www.imperva.com:
How safe is it out there?
Zeroing in on the vulnerabilities of application security. Read more

www.imperva.com:
Web Application Worms: Myth or Reality? Read more

Vulnerabilities & Exploits
www.securitytracker.com:
HelpDesk PRO Input Validation Flaw Lets Remote Users Bypass Authentication Via SQL Command Injection. Read more

News:
australianit.news.com.au:
Gates defends security record. Read more

www.timesofoman.com:
Hackers becoming more clever. Read more

www.timesofoman.com:
As the worm turns: Criminal gangs target computer users. Read more

www.ciol.com/:
Net virus steals financial data. Read more

www.theage.com.au:
Russian site spreading virus shut down. Read more

www.venicegondolier.com:
FDLE computer crime center warns of phishing scams. Read more

www.vnunet.com:
Microsoft tipped to buy security firm. Read more

www.wired.com:
Ethical Hacking Is No Oxymoron. Read more

www.crime-research.org:
"Reporters Without Borders": Free Internet in Ukraine. Read more

27 june 2004

New Trojans:
Doctor 0.13

Keylog Spy

Backdoor.Leon

Guides, Papers, etc
www.covertsystems.org:
Analysis of the Exploitation Process by Covert Systems Research. (pdf) download

www.corante.com:
What Secrets DRM Encryption is Really Hiding. Read more

conference.hackinthebox.org:
HackInTheBox Security Conference 2004 Kuala Lumpur, Malaysia. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
strongSwan X.509 Validation Error Lets Remote Users Authenticated to Protected Networks. Read more

www.securitytracker.com:
Openswan X.509 Validation Error Lets Remote Users Authenticated to Protected Networks. Read more

www.securitytracker.com:
artmedic links Discloses Files to Remote Users. Read more

www.securitytracker.com:
Confixx Discloses '/root' Contents to Remote Authenticated Users. Read more

www.securitytracker.com:
FreeBSD execve() Unaligned Memory Parameter Lets Local Users Crash the System. Read more

www.securitytracker.com:
phpmyfamily Lets Remote Users Gain Edit Privileges. Read more

www.securiteam.com:
Rplr msg() Buffer Overflow (Exploit). Read more

www.zone-h.org:
ZH2004-13SA (security advisory): Sql Injection in Help Desk Pro 2.0. Read more

News:
www.detnews.com:
Hackers try new ways to wiggle in their worms. Read more

www.detnews.com:
Computer viruses grow sicker. Read more

www.crn.com:
Experts Warn That 'Scob' Virus Could Lead To Keyboard Logging. Read more

www.reuters.com:
Ethical Hacking Is No Oxymoron. Read more

www.eweek.com:
Attack on IIS Web Sites Infects Browsers With Malicious Code. Read more

www.eweek.com:
DoS Attack May Tap Web Graphics Flaw. Read more

26 june 2004

New Trojans:
.97mm 4.1b

System33r Multi Webdownloader 1.4

Backdoor.Hackarmy.p

Guides, Papers, etc
www.oreillynet.com:
Scanning for viruses with Knoppix. Read more

www.itmanagersjournal.com:
How to use cryptography in computer security. Read more

download.microsoft.com:
TechNet Webcast: 10 Things Hackers Don’t Want You To Know - Level 300. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
'Dr.Cat' Daemon Buffer Overflows May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
giFT-FastTrack Null Pointer Dereference Lets Remote Users Crash the giFT Daemon. Read more

www.securitytracker.com:
GNATS Format String Flaw in 'misc.c' May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
ZWS Newsletter and Mailing List Manager Discloses User Passwords to Remote Users. Read more

www.securitytracker.com:
vBulletin Input Validation Flaws in 'newreply.php' and 'newthread.php' Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.debian.org:
DSA-524-1 rlpr -- several vulnerabilities. Read more

www.debian.org:
DSA-523-1 www-sql -- buffer overflow. Read more

News:
www.theregister.co.uk:
Watch out! Incoming mass hack attack. Read more

www.hindustantimes.com:
Spreading Web virus aimed at stealing financial data. Read more

www.microsoft.com:
Microsoft Statement Regarding Download.Ject Malicious Code Security Issue. Read more

www.crime-research.org:
US Congress against spyware. Read more

www.eweek.com:
Web Virus 'Scob' Recorded, Reported Keystrokes. Read more

www.jsonline.com:
'Scob' virus spreads. Read more

www.cnn.com:
Trojan virus attacks popular Web sites. Read more

news.zdnet.co.uk:
Mainstream Web sites spreading back-door infections. Read more

www.iht.com:
How a worm got into cellphones. Read more

www.theregister.co.uk:
Russia fines text hack spammer. Read more

www.theregister.co.uk:
Man charged over Google blackmail attempt. Read more

www.theregister.co.uk:
Programming pioneer Bob Bemer dies at 84. Read more

entmag.com:
Growth of Phishing Attacks Slows. Read more

www3.gartner.com:
MasterCard Antifraud Initiative Has 'Phishing' Limitations. Read more

news.zdnet.co.uk:
Australia may permit 'personal' music copying. Read more

25 june 2004

New Trojans:
Gadu Ghost 1.4

Decisive Downloader 1.0

Ccobra 1.0 client 2

Tools:
URCS - Unmanarc Remote Control Server
URCS 2.13 Current features:
- Shell based control, Shell/Remote based installation
- Reverse proxy system (Circumvent Firewalls, NAT/PAT) and keep-alive system protection
- TCP redirection for bounce. (multiple and reverse pipes...)
- Secure password interchange: (md5(md5(key)+random_seed))
- Installation over net, (Service, HKEY_LOCAL_MACHINE, HKEY_CURRENT_USER) - Configuration over URL (Any configuration parameter can be obtained from a URL)
- User-groups configurable based system
- Scripting language
- Server is linux compatible with wine
Download

Vulnerabilities & Exploits
www.securiteam.com:
Bypassing ZoneAlarm Pro 'Mobile Code'. Read more

www.securiteam.com:
Lotus Notes URI Handler Argument Injection Vulnerability. Read more

www.securiteam.com:
Linux Broadcom 5820 Cryptonet Driver Integer Overflow. Read more

www.securiteam.com:
Linux Kernel IEEE1394 (Firewire) Driver Integer Overflow Vulnerabilities. Read more

www.securitytracker.com:
BCM5820 Linux Driver Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
cplay Temporary Files May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Sun Solaris Basic Security Module 'ad' or 'as' Auditing Lets Local Users Crash the System. Read more

News:
news.zdnet.co.uk:
Mainstream Web sites spreading backdoor infections. Read more

www.eweek.com:
Web Graphics Exploit Marching Across Internet. Read more

www.globetechnology.com:
U.S. warns of large-scale virus attack. Read more

story.news.yahoo.com:
Could Search Sites Spawn Worms? Read more

www.chron.com:
Online hacker attack prompts investigation. Read more

www.theregister.co.uk:
When spyware crosses the line. Read more

www.crime-research.org:
Spam again. Read more

news.zdnet.co.uk:
AOL worker 'sold email addresses to spammers'. Read more

www.newsfactor.com:
Microsoft Moves Toward Supercomputing. Read more

24 june 2004

New Trojans:
PA HAC 1.5 NG

[The Matrix]

Destructor 2.0

Vulnerabilities & Exploits
www.waraxe.us:
Multiple security holes in PhpNuke - part 1. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Holes in Jounal and Other Modules Let Remote Users Inject SQL Commands and Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
ArbitroWeb Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Lotus Notes URL Handler Filtering Flaw Lets Remote Users Execute Arbitrary Scripting Code. Read more

www.securitytracker.com:
IEEE 1394 for Linux Has Integer Overflows That Let Local Users Crash the System. Read more

www.securitytracker.com:
ISC DHCP Hostname Options Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
BT Voyager 2000 Wireless ADSL Router Discloses Passwords Via SNMP. Read more

News:
www.theregister.co.uk:
Beastie Boys CD installs virus. Read more

www.securityfocus.com:
Feds urge secrecy over network outages. Read more

www.theregister.co.uk:
Microsoft patents the body electric. Read more

www.winnetmag.com:
AOL Engineer Arrested; Charged Will Selling 92 Million Screen Names to Spammer. Read more

www.siliconvalley.com:
Microsoft to increase Hotmail storage, add virus protection. Read more

www.theregister.co.uk:
Spanish police smash €35m dialer scam. Read more

www.theregister.co.uk:
Hotmail bins email accounts on hearsay. Read more

www.winnetmag.com:
On the Net, Awareness = Safety. Read more

zdnet.com.com:
Network Associates denies sale rumors. Read more

www.investors.com:
Network Associates closes up on Microsoft bid talk. Read more

www.theregister.co.uk:
RIAA sues 482 more unnamed file-sharers. Read more

www.chron.com:
Cell phone virus a faker. Read more

www.newsfactor.com:
Analyst: What Happened to Akamai Could Happen to You. Read more

www.theregister.co.uk:
Penis pill peddler stiffs AOL spam insider. Read more

www.overclockersclub.com:
Hotmail Storage Upgraded to 250MB. Read more

23 june 2004

New Trojans:
Fear 0.2.0

Backdoor.Unwind

Gadu Ghost 1.3

ProRat password Cracker

Guides, Papers, etc
HOWTO bypass Internet Censorship. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
D-Link Router Input Validation Flaw in DHCP HOSTNAME Lets Remote Users Inject Scripting. Read more

www.securitytracker.com:
rssh Command Argument Expansion Error Discloses Information to Remote Authenticated Users. Read more

www.securitytracker.com:
SqWebMail Input Validation Bug in print_header_uc() Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
GNU RADIUS Server Can Be Crashed By Remote Users With Specially Crafted SNMP Packets. Read more

www.securitytracker.com:
nCipher netHSM Discloses Passphrases to Local and Remote Users. Read more

www.securitytracker.com:
Sun StorEdge Enterprise Storage Manager Lets Local ESMUsers Gain Root Access. Read more

www.securitytracker.com:
ZoneAlarm Pro Mobile Code Blocking Can Be Bypassed With SSL Connections. Read more

www.securitytracker.com:
aMSN Discloses Password Hashes to Local Users. Read more

www.securitytracker.com:
osTicket Attachments Directory Permissions Let Remote Users View or Execute Certain Files on the System. Read more

www.securitytracker.com:
Usermin Input Validation Hole in E-mail Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Snitz Forum 2000 Cross Site Scripting In User Registration Form. Read more

www.securiteam.com:
BT Voyager 2000 Wireless ADSL Router Password Disclosure. Read more

www.securiteam.com:
DLink-614+ Script Injection Through DHCP HOSTNAME Option. Read more

www.securiteam.com:
GNU Radius SNMP DoS (Invalid OID). Read more

www.securiteam.com:
Sqwebmail Cross Site Scripting. Read more

www.securiteam.com:
Remote File Inclusion in Pivotlog (module_db_xml.php). Read more

www.securiteam.com:
Ircd-Hybrid-7 / Ircd-Ratbox Low-Bandwidth DoS. Read more

News:
www.crime-research.org:
Al Qaida websites blocked. Read more

www.theinquirer.net:
Chinese hackers renew attack on Taiwan democrats. Read more

zdnet.com.com:
Critical flaw found in game software. Read more

reviews-zdnet.com.com:
Who's crashing your favorite Web sites? Read more

www.geek.com:
Microsoft says it's prepared to handle mobile viruses. Read more

www.chron.com:
Four providers join in effort to stop problem before it arrives. Read more

news.zdnet.co.uk:
MasterCard fights back against phishing. Read more

22 june 2004

New Trojans:
Reload 0.39

Cab of Filth 1.2g

Iroffer 1.3b02 (1303.i)

Guides, Papers, etc
www.wtvw.com:
Phishing Scam: Protection Tips. Read more

www.securityfocus.com:
Securing Apache 2: Step-by-Step. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Linksys BEFSR41 Lets Remote Users Deny Administrative Access. Read more

www.securitytracker.com:
NETGEAR FVS318 Router Lets Remote Users Deny Administrative Access. Read more

www.securitytracker.com:
Microsoft MN-500 Wireless Base Station Lets Remote Users Deny Administrative Access. Read more

www.securitytracker.com:
ASP-Rider Lets Remote Users Gain Administrative Access. Read more

www.securitytracker.com:
Libpng 'pngrtran' Offset Buffer Overflow May Let Remote Users Deny Service or Execute Code Via Affected Applications. Read more

www.securitytracker.com:
rlpr Format String and Buffer Overflow Let Remote Users Execute Arbitrary Code and Local Users Gain Root Privileges. Read more

www.securiteam.com:
Linux Kernel Crash Due To Floating Point Exception (frstor) Exploit Code. Read more

www.securiteam.com:
Web Wiz Forums Registration Rules XSS Vulnerability. Read more

www.securiteam.com:
Checkpoint Firewall-1 IKE Vendor ID Information Leakage. Read more

www.securiteam.com:
Symantec Enterprise Firewall DNSD Cache Poisoning Vulnerability. Read more

www.securiteam.com:
Code Execution In The Unreal Engine Through \secure\ Packet. Read more

News:
www.theregister.co.uk:
China urges ISPs to sign 'self-disciplinary' pact. Read more

www.crime-research.org:
Internet crimes in Armenia. Read more

news.zdnet.co.uk:
Outlook's security compromised by spammers. Read more

www.microscope.co.uk:
Mobile worm could be just the start, users told. Read more

www.theage.com.au:
Microsoft security flaw moderate this month. Read more

strategiy.com:
MasterCard conference to combat fraud. Read more

news.zdnet.co.uk:
Stealth wallpaper shields WLANs. Read more

21 june 2004

New Trojans:
Evil Net

Stealth WebDownloader 1.1

Chloride 2.3 client

RAT Cracker 1.4.0

Vulnerabilities & Exploits
www.securitytracker.com:
WWW-SQL Buffer Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
DNS One Appliance Input Validation Holes in DHCP Reporting Lets Remote Users Inject Scripting. Read more

www.securitytracker.com:
Super Format String Errors May Let Local Users Grab Root Privileges. Read more

www.securitytracker.com:
sup Logging Function Format String Errors May Let Remote Users Execute Arbitrary Code. Read more

News:
www.theregister.co.uk:
US moves towards anti-spyware law. Read more

times.hankooki.com:
Peep Trojan Hackers Send E-Mail Via China. Read more

www.theinquirer.net:
South Korean defence hacked. Read more

www.usatoday.com:
The network strikes back: Experts worry about tech retaliation. Read more

www.crime-research.org:
Phishing spreading. Read more

www.businessweek.com:
Nothing's foolproof, but early-warning antivirus systems are getting better jumps on mischief makers. Read more

nwc.securitypipeline.com:
IM Worms Could Spread In Seconds. Read more

www.theinquirer.net:
Cure for mobile virus found. Read more

20 june 2004

New Trojans:
Sneaker

RAT Cracker 2.0

SoftWAR ShadowThief (b) server

Vulnerabilities & Exploits
www.geocities.com:
Multiple Antivirus Scanners DoS attack. Read more

www.debian.org:
DSA-522-1 super -- format string vulnerability. Read more

www.debian.org:
DSA-521-1 sup -- format string vulnerability. Read more

www.debian.org:
DSA-520-1 krb5 -- buffer overflows. Read more

www.securitytracker.com:
Extreme Networks Switch BGP Protocol Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Unreal Game Engine Has Buffer Overflow in 'Secure' Query That May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Linux Kernel Flaws in Several Drivers May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Sun Kerberos Security Patch May Disclose Kerberos Client Passwords to Local Users. Read more

www.securitytracker.com:
HP-UX Xfs Buffer Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Opera Web Browser CSS IFrame Lets Remote Users Spoof the Address Bar. Read more

www.securitytracker.com:
Novell iChain Input Validation Bug in 'url' Parameter Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
SGDynamo Discloses Installation Path to Remote Users. Read more

News:
news.com.com:
From Cisco, self-defense weapons for networks. Read more

www.idahostatesman.com:
Beware of ID theft by Social Security scam. Read more

www.antiphishing.org:
Anti-Phishing Working Group. Read more

19 june 2004

New Trojans:
Backdoor.Winker.m

YTrojan

Moon Trojan

Vulnerabilities & Exploits
www.securitytracker.com:
FreeIPS TCP Reset Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Snitz Forums 2000 Input Validation Flaw in 'register.asp' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.debian.org:
DSA-520-1 krb5 -- buffer overflows. Read more

News:
www.securityfocus.com:
Time to Dump Internet Explorer. Read more

www.winonadailynews.com:
Experts Worry About Tech Retaliation. Read more

www.informationweek.com:
Symantec Warns That IM Worms Could Devastate Business. Read more

www.usatoday.com:
San Jose firm unwillingly hosts footage of kidnapped American. Read more

www.techweb.com:
Security Vendor Launches Phishing Index. Read more

www.crime-research.org:
Police nabs a scammer. Read more

www.virusbtn.com:
Sasser author jobseeking. Read more

www.informationweek.com:
Anti-Phishing Group Aims To Restore Trust. Read more

18 june 2004

New Trojans:
FuckBot (a)

Backdoor.Shext

Snatch 1.47

Vulnerabilities & Exploits
www.securitytracker.com:
phpMyChat Grants Administrative Access to Remote Users and Has Other Flaws. Read more

www.securitytracker.com:
Linux Kernel Integer Overflow in i2c Driver Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
webAuction Lets Remote Users Delete Auction Items. Read more

www.securitytracker.com:
Singapore Discloses Encrypted Passwords to Remote Users. Read more

www.securiteam.com:
Cisco IOS Malformed BGP Packet Causes DoS. Read more

www.securiteam.com:
ignitionServer Server Linking Password Verification Vulnerability. Read more

www.securiteam.com:
"IBM Access Support" (eGatherer) Activex Dangerous Methods Vulnerability. Read more

www.securiteam.com:
IBM acpRunner ActiveX Dangerous Methods Vulnerability. Read more

www.securiteam.com:
NetBSD Kernel swapctl(2) DoS Vulnerability. Read more

www.securiteam.com:
MoinMoin Administrative Group Name Privilege Escalation Vulnerability. Read more

www.securiteam.com:
Linux Kernel i2c Integer Overflow Vulnerability. Read more

www.securiteam.com:
Pivot Remote Code Execution Vulnerability. Read more

www.securiteam.com:
Singapore MD5 Administrative Password Disclosure. Read more

News:
www.taipeitimes.com:
Beijing wages cyberwar against DPP headquarters. Read more

www.entmag.com:
Paid Microsoft Anti-Virus Subscription Service in the Works? Read more

www.computerworld.com":
Q&A: Tom Leighton, chief scientist at Akamai. Read more

www.theregister.co.uk:
'Spam King' Richter get legal roasting. Read more

www.integralis.co.uk:
Security Advisory - WLAN Hotspot Piracy through Identity Theft. Read more

www.securityfocus.com:
Feds, Private Groups to Educate Consumers About Phishing Scams. Read more

www.networkcomputing.com:
End Buffer-Manipulation Exploit Threats. Read more

www.crime-research.org:
Piracy increases. Read more

17 june 2004

New Trojans:
Backdoor.Loony.h

Snatch 1.45

YU War Troyan

Iroffer 1.3b02 (1303.f)

Iroffer 1.3b02 (1303.g)

Guides, Papers, etc
TOORCON 2004 CALL FOR PAPERS - issued June 14th 2004. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Check Point FireWall-1 IPSec IKE Packets Disclose Identifying Vendor and Version Information to Remote Users. Read more

www.securitytracker.com:
Webmin Account Lockout Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
Usermin Account Lockout Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
Cisco IOS Can Be Crashed With Malformed BGP Packet. Read more

www.securitytracker.com:
Linux Kernel FPU Processing Error Lets Local Users Crash the System. Read more

www.securitytracker.com:
Symantec Enterprise Firewall DNSD Proxy Can Be Poisoned By Remote Users. Read more

www.securitytracker.com:
IBM acpRunner ActiveX Control Has Unsafe Methods That Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
IBM eGatherer ActiveX Control Has Unsafe Methods That Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Web Wiz Forums 'registration_rules.asp' Input Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securiteam.com:
WinAgents TFTP Server Remote DoS (Long Filename). Read more

www.securiteam.com:
VP-ASP Shopping Cart Multiple Vulnerabilities. Read more

www.securiteam.com:
Multiple Antivirus DoS During Processing of Malformed Compressed Archives. Read more

www.securiteam.com:
PHP-Nuke Multiple Vulnerabilities (Reviews/Encyclopedia/FAQ Modules). Read more

News:
news.zdnet.co.uk:
Attack downs Yahoo, Google and Microsoft. Read more

zdnet.com.com:
'Zombie' PCs caused Web outage, Akamai says. Read more

news.zdnet.co.uk:
Worm cuts off antivirus programs. Read more

www.vnunet.com:
One in three PCs hosts spyware or Trojans. Read more

www.theregister.co.uk:
Americans lost $2.4bn to net fraudsters in 2003. Read more

www.crn.com:
Informant In `Sasser' Worm Case Under Investigation, German Prosecutors Say. Read more

www.crime-research.org:
Russian hackers attacked Akamai servers. Read more

news.zdnet.co.uk:
Antivirus plans 'still under development' - Microsoft. Read more

www.theregister.co.uk:
Spammer prosecutions waste time and money. Read more

www.theregister.co.uk:
Feds reject anti-spam registry. Read more

news.zdnet.co.uk:
'Concept virus' little threat to smartphones. Read more

www.nwfusion.com:
Wardriving for WLAN security. Read more

16 june 2004

New Trojans:
Snatch 1.37

Snatch 1.38

Evilsocks 0.2

Guides, Papers, etc
www.schneier.com:
Honeypots and the Honeynet Project. Read more

www.schneier.com:
E-Mail Viruses, Worms, and Trojan Horses. Read more

Vulnerabilities & Exploits
www.debian.org:
DSA-519-1 cvs -- several vulnerabilities. Read more

www.debian.org:
DSA-518-1 kdelibs -- unsanitised input. Read more

www.securitytracker.com:
Thy Web Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
KAME Racoon May Validate Invalid Certificates. Read more

www.securitytracker.com:
Pivot Include File Hole in 'module_db.php' Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
BEA WebLogic Server May Return an Unexpected User Identity to Certain RMI Requests. Read more

www.securitytracker.com:
BEA WebLogic Running SSL Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Microsoft Internet Explorer Crashes When Saving Files With Special Character Strings. Read more

News:
Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows (835732). Read more

Microsoft Security Bulletin MS04-007
ASN.1 Vulnerability Could Allow Code Execution (828028). Read more

www.theregister.co.uk:
Zafi-b speaks in many tongues. Read more

www.theregister.co.uk:
Virus attacks mobiles via Bluetooth. Read more

www.theregister.co.uk:
Akamai goes postal, kills Microsoft, Symantec, Google, Apple, Lycos...Read more

www.theregister.co.uk:
Viruses and spam hit small firms harder. Read more

www.crime-research.org:
Hackers hacked...a printing-house. Read more

zdnet.com.com:
Microsoft: No antivirus product yet. Read more

15 june 2004

New Trojans:
AmiBoide Uploader 2.0.0

SennaSpy FTP (d)

Snatch 1.3

Guides, Papers, etc
www.securityfocus.com:
TCP/IP Skills for Security Analysts (Part 2). Read more

www.securityfocus.com:
Wireless Attacks and Penetration Testing (part 2 of 3). Read more

www.microsoft.com:
Tracking and Fighting Spam: A Primer for Postmasters. Read more

Vulnerabilities & Exploits
alive.znep.com:
IE Cookie Exploit #2. Read more

www.securitytracker.com:
Skype Error in Processing 'callto://' URLs Lets Remote Users Crash the Application. Read more

www.securitytracker.com:
Linksys Video Camera Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
VICE Emulator Memory Dump Command Format String Flaw Lets Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
VP-ASP Input Validation Holes in 'shopdisplayproducts' and 'shoperror' Scripts Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Exploit Code for Firebird Database Remote Database Name Overflow. Read more

www.securiteam.com:
Yahoo's Visual Captchas a.k.a. Word Verification Systems Flawed. Read more

www.securiteam.com:
VICE Emulator Format String Vulnerability. Read more

www.securiteam.com:
Sygate Personal Firewall Pro May Be Disabled By Local Programs. Read more

www.securiteam.com:
Race Driver Security Issues and DoS. Read more

www.securiteam.com:
RealPlayer embd3260.dll Error Response Heap Overflow. Read more

www.securiteam.com:
Real Networks RealPlayer URL Parsing Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Aspell 'word-list-compress' Stack Overflow Vulnerability. Read more

www.securiteam.com:
Chora CVS/SVN Viewer Remote Vulnerability. Read more

News:
www.infoworld.com:
Russian firm reports first mobile phone worm. Read more

www.smh.com.au:
Worm Zafi.b reaches dangerous levels. Read more

www.theregister.co.uk:
Chinese cyber-dissident gets four years' house arrest. Read more

www.crime-research.org:
A hacker or a musician? Read more

news.com.com:
Microsoft releases security-minded Windows code. Read more

14 june 2004

New Trojans:
Harvester 2003 (mail) 09 (c)

Stealth Password Sender 1.3

Caznova IRC Spy 2.5

Guides, Papers, etc

Vulnerabilities & Exploits
www.securitytracker.com:
Chora Input Validation Error in Diff Viewing Lets Remote Users Inject Shell Commands. Read more

www.securitytracker.com:
Microsoft Internet Explorer '%2F' URL Parsing Error Lets Remote Users Spoof Sites in the Trusted Zone. Read more

www.securitytracker.com:
Opera '%2F' URL Parsing Error Lets Remote Users Spoof Arbitrary URLs. Read more

www.securitytracker.com:
Sygate Personal Firewall PRO Fail-Safe Feature Can Be Bypassed By Local Users. Read more

News:
news.bbc.co.uk:
Microsoft races to deter hackers. Read more

www.news-journalonline.com:
Wi-fi's popularity spawns huge security hole at home. Read more

www.globeandmail.com:
Techie alert: Even you can be hacked. Read more

www.crime-research.org:
Scammers earn on leaving examinations. Read more

www.hindustantimes.com:
The Virus Story Continues. Read more

english.chosun.com:
AhnLab Warns of Another Worm Virus. Read more

times.hankooki.com:
Zafi Worm Warned. Read more

13 june 2004

New Trojans:
A+++

System33r Socks4 0.0.2

Guides, Papers, etc

Vulnerabilities & Exploits
subversion.tigris.org:
Subversion versions up to and including 1.0.4 have a potential Denial of Service and Heap Overflow issue related to the parsing of strings in the 'svn://' family of access protocols. Read more

News:
Citibank Phishing Alert: http://web.da-us.citibank.com.@202.39.13.130/www/ct/verify.html

www.theregister.co.uk:
NTL builds bigger worm trap. Read more

news.zdnet.co.uk:
'Set-up is vital' for WLAN security. Read more

news.zdnet.co.uk:
Microsoft sues spammers for deceiving consumers. Read more

news.zdnet.co.uk:
IE flaws open back door to adware. Read more

12 june 2004

New Trojans:
MSN Messenger Hack 1.0.2 v2

Fuck MSN Troyan 2.0

Winicabras 1.1

Guides, Papers, etc
Is finding security holes a good idea? (pdf)  Read more

Vulnerabilities & Exploits
www.securitytracker.com:
(US-CERT Issues Advisory) Microsoft Internet Explorer Cross-Domain Redirect Hole Lets Remote Users Execute Arbitrary Code. Read more

www.nextgenss.com:
EAL One Player code execution through malformed media file. Read more

service.real.com:
RealNetworks, Inc. Releases Update to Address Security Vulnerabilities. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Holes in Reviews, Encyclopedia, and Faq Modules Permit Cross-Site Scripting and Other Attacks. Read more

www.securitytracker.com:
NetBSD swapctl(2) Integer Error Lets Local Users Crash the System. Read more

www.securitytracker.com:
Subversion Buffer Overflow in 'svn://' Parser Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Edimax 7205APL Wireless Router Discloses the Administrative to Remote Users. Read more

News:
www.newsfactor.com:
Who's Getting Rich on Computer Viruses? Read more

www.securityfocus.com:
Backdoor program gets backdoored. (published on MegaSecurity on 27 may 2004)Read more

www.theregister.co.uk:
Computer intrusion losses waning. Read more

www.theregister.co.uk:
MS sues 200 for spamming. Read more

www.theregister.co.uk:
Code-theft suspects nabbed, claims Half-Life 2 team. Read more

www.theregister.co.uk:
German hate mail spam attack stuns experts. Read more

11 june 2004

New Trojans:
Spyman

Backdoor.VB.oc

icebot

Vulnerabilities & Exploits
www.guninski.com:
Buffer overflow in apache mod_proxy,yet still apache much better than windows. Read more

service.real.com:
RealNetworks, Inc. Releases Update to Address Security Vulnerabilities. Read more

www.securitytracker.com:
ksymoops on Mandrake Linux Lets Local Users Cause Files to Be Deleted. Read more

www.securitytracker.com:
WinAgents TFTP Server Can Be Crashed By Remote Users Requesting Long Filenames. Read more

www.securitytracker.com:
Apache mod_proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
smtp.proxy Format String Bug Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
cPanel Access Control Flaw Lets Remote Authenticated Users Make Unauthorized Database Password Changes. Read more

www.securitytracker.com:
Invision Power Board Input Validation Bug in 'ssi.php' Permits SQL Injection. Read more

www.securitytracker.com:
AspDotNetStorefront Input Validation Hole in Uploading Image Files Lets Remote Authenticated Administrators Upload and Execute Arbitrary Code. Read more

www.securitytracker.com:
TrendMicro OfficeScan 'winhlp32.exe' Lets Local Users Execute Arbitrary Applications With Local SYSTEM Privileges. Read more

www.securitytracker.com:
Symantec Gateway Security 360R May Let Remote Wireless Users Bypass the Security Access Controls. Read more

www.securitytracker.com:
Cisco CatOS Can Be Crashed By Remote Users With a TCP-ACK Attack. Read more

www.securiteam.com:
CVS Multiple Vulnerabilities (getline, serve_notify, serve_max_dotdot, wrapper, error_prog_name). Read more

www.securiteam.com:
Crystal Reports Web Viewer Vulnerability Allows Information Disclosure and DoS (MS04-017). Read more

www.debian.org:
DSA-517-1 cvs -- buffer overflow. Reada more

0xbadc0ded.org:
remotely exploitable format string vulnerability exists in smtp.proxy. Read more

News:
www.theregister.co.uk:
Unpatched IE vuln exploited by adware. Read more

news.zdnet.co.uk:
IE flaws open back door to adware. Read more

nwc.serverpipeline.com:
Korgo Worm Threat Grows. Read more

www.crime-research.org:
Computer crimes: DDoS ordered. Read more

news.zdnet.co.uk:
Open-source code maintainer filled with flaws. Read more

10 june 2004

New Trojans:
PA HAC 1.5 Pro Beta

Cobra Uploader 1.0

Caznova IRC Spy 1.3

Guides, Papers, etc
www.securityfocus.com:
TCP/IP Skills for Security Analysts (Part 2). Read more

homepages.cwi.nl:
Analyzing Worms using Compression. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
CVS Has NULL Termination, Integer Overflow, and Double Free Bugs That Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
HP-UX FTP Client Pipe Character Input Validation Flaw Lets Remote Server Execute Arbitrary Commands. Read more

www.securitytracker.com:
GNU Aspell Buffer Overflow in 'word-list-compress' May Let Users Execute Arbitary Code. Read more

www.securitytracker.com:
Squid ntlm_check_auth() Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
US Robotics Broadband Router Discloses Administrative Password to Remote Users. Read more

www.securitytracker.com:
Race Driver Game Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Sophster 'Change Permissions' May Let Local Users Access Files. Read more

www.securiteam.com:
Cross Application Scripting in Trend Micro's Antivirus Software (Subject Line). Read more

www.securiteam.com:
Vulnerability in DirectPlay Could Allow DoS (MS04-016). Read more

www.securiteam.com:
PHP Win32 escapeshellcmd() and escapeshellarg() Input Validation Vulnerability. Read more

www.securiteam.com:
PHP-Nuke Inadequate Security Give Rise to a Variety of Attack Methods. Read more

www.securiteam.com:
Most Long Filename Buffer Overflow. Read more

www.securiteam.com:
cPanel mod_php suexec Taint Vulnerability. Read more

www.cisco.com:
Cisco Security Advisory: Cisco CatOS Telnet, HTTP and SSH Vulnerability. Read more

News:
www.theregister.co.uk:
MS hatches June patch batch. Read more

www.crime-research.org:
Korgo is written by Russian hackers. Read more

www.theregister.co.uk:
The Wi-Fi explosion: a virus writer's dream. Read more

australianit.news.com.au:
'Counterstrike software' for hackers. Read more

www.theregister.co.uk:
Police to monitor chat rooms. Read more

www.theregister.co.uk:
German fined €8000 for Kazaa uploads. Read more

09 june 2004

New Trojans:
MSN Messenger Hack 1.0.2

S-D

Iroffer 1.3b02 (1303.k)

Tools:
vthrottle: SMTP virus throttle
basically the software keeps track of what hosts and what senders have been sending mail. if they attempt to send mail from one machine or using one address more than once in a specified interval we back them off by sending a temporary failure. Read more

Guides, Papers, etc
www.sun.com:
How Hackers Do It: Tricks, Tools, and Techniques. (pdf) Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Blosxom Input Validation Holes in 'writeback' Plugin Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft DirectX DirectPlay Input Validation Error Lets Remote Users Crash the Application. Read more

www.securitytracker.com:
Horde IMP Input Validation Hole in Content-Type Header Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Linksys Video Camera Discloses Host Files to Remote Users. Read more

www.securitytracker.com:
Webmin Discloses Module Configuration Data to Remote Authenticated Users. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Hole in Reviews Module 'id' and 'title' Parameter Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Trend Micro PC-cillin Internet Security Input Validation Flaw Lets Remote Users Spoof Messages. Read more

www.securitytracker.com:
JCIFS Authentication Flaw May Let Remote Users Access the System With an Invalid Username. Read more

www.securitytracker.com:
Gnocatan Buffer Overflows May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Roundup '@@file' Input Validation Error Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
Apple Mac OS X LaunchServices Component May Let Remote Users Register and Execute Applications. Read more

www.securitytracker.com:
Apple Safari Browser May Execute Applications Via the Show in Finder Button. Read more

www.securitytracker.com:
FreeBSD Kernel jail(2) Lets Local Privileged Processes Modify the Routing Tables. Read more

www.securitytracker.com:
cPanel suEXEC Flaw May Let Remote Authenticated Users Execute Abitrary Code. Read more

News:
www.microsoft.com:
Windows Security Update for June 2004. Read more

news.zdnet.co.uk:
Microsoft issues another two patches. Read more

www.nwfusion.com:
Microsoft warns of gaming security hole; issues monthly updates. Read more

news.zdnet.co.uk:
Another Trojan on the attack. Read more

www.smh.com.au:
Several Trojan copies detected. Read more

www.theregister.co.uk:
EU attacks anti-spam industry. Read more

www.theregister.co.uk:
Cisco picks Trend to fight network worms. Read more

08 june 2004

New Trojans:
RemNet 3.6

Backdoor.VB.ej

Backdoor.Winker.g

Guides, Papers, etc
An analysis of the 180 Solutions Trojan. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
PHP escapeshellarg() and escapeshellcmd() Parsing Flaws May Let Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
odbc-postgresql Buffer Overflow in make_string() Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Oracle E-Business Suite - Multiple SQL Injection Vulnerabilities. Read more

News:
www.ecommercetimes.com:
Experts See Sharp Rise in Malware Attack Probability. Read more

www.theregister.co.uk:
Virus writers deploy bulk mail software. Read more

www.smh.com.au:
New worm exploting Sasser route. Read more

www.nwfusion.com:
Trend Micro, Cisco to fight worms. Read more

www.theregister.co.uk:
US wardriver pleads guilty to Wi-Fi hacks. Read more

www.theregister.co.uk:
Network Associates warms to behaviour blocking. Read more

news.zdnet.co.uk:
Linux gains virus armour. Read more

news.zdnet.co.uk:
Linksys flaw opens door to home networks. Read more

07 june 2004

New Trojans:
Intruder (e)

Fake Aim 1.0

LokiTech 1.0

Guides, Papers, etc
A generic threat analysis for an Internet enabled organisation by Ed Skoudis, Chris Brenton, Jason Fossen, Mike Poor and Jim Herbeck.
This paper is a summary of the threats that an organisation faces when they start to use the WWW and a description of the methods
used by hackers to enact these threats. This paper has value as it describes in logical plain English the stages involved in hacking
and what can be done to counter the threat.(PDF)
Download

www.securiteam.com:
Security Enhancements in Windows XP Service Pack 2. Read more

www.securiteam.com:
An Analysis of the 180 Solutions Trojan. Read more

Vulnerabilities & Exploits
www.k-otik.com:
TCP Connection Reset Remote Windows 2K/XP Attack Tool Source Code by Aphex. Read more

www.debian.org:
DSA-516-1 postgresql -- buffer overflow. Read more

www.debian.org:
DSA-515-1 lha -- several vulnerabilities. Read more

www.securiteam.com:
Mkdir Buffer Overflow Vulnerability in UNIX Seventh Edition. Read more

www.securiteam.com:
Phishing for Opera. Read more

www.securiteam.com:
Colin McRae Rally DoS. Read more

www.securiteam.com:
Cross Application Scripting in Trend Micro's Antivirus Software. Read more

News:
Phishing alert for US Bank. Read mor

reviews-zdnet.com.com:
Beware of keystroke-logging RATs! Read more

www.newsfactor.com:
Korgo Worm Spreads Slowly But Surely. Read more

slashdot.org:
Distributive Worm Blocking. Read more

06 june 2004

New Trojans:
Transistor 1.3

Remote Screenshot

System33r Socks4 0.0.3

Vulnerabilities & Exploits
www.securitytracker.com:
l2tpd Buffer Overflow in write_packet() Has Unspecified Impact. Read more

www.securitytracker.com:
FoolProof Security May Disclose 'Administrator' Password to Local User. Read more

www.securitytracker.com:
Oracle E-Business Suite and Oracle Applications Input Validation Holes Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Colin McRae Rally 04 'numplayers' Error Lets Remote Users Block the Game Network. Read more

www.securitytracker.com:
cPanel 'killacct' May Let Remote Authenticated Administrators Delete Accounts Belonging to Other Administrators. Read more

www.securitytracker.com:
Crafy Syntax Live Help Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
RealPlayer Has Unspecified Remote Code Execution Flaw. Read more

www.gentoo.org:
tripwire: Format string vulnerability. Read more

News:
seattletimes.nwsource.com:
Anti-spyware programs sleuth in different ways. Read more

www.computerworld.com:
New worm targets two Microsoft vulnerabilities. Read more

www.computerworld.com:
The Witty worm: A new chapter in malware. Read more

05 june 2004

New Trojans:
IRC Zombie 1.0

Caznova IRC Spy 1.1

Backdoor.Levelone.a

Vulnerabilities & Exploits
www.debian.org:
DSA-514-1 kernel-image-sparc-2.2 -- failing function and TLB flush. Read more

www.securitytracker.com:
Eudora Internet Mail Server Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Trend Micro PC-cillin Internet Security May Let Remote Users Execute Scripts in the Local Computer Zone. Read more

www.securitytracker.com:
log2mail printlog() Format String Bug May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
NETGEAR WG602 Has Default Undocumented Administrative Account. Read more

www.securitytracker.com:
Mail Manage EX 'mmex.php' Include File Error Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
UnRAR 'getopt.c' Format String Error May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
UNIX 7th Edition mkdir Buffer Overflow Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Linksys Routers Can Be Crashed With Specially Crafted sysPasswd and sysPasswdConfirm or DomainName Values. Read more

www.securitytracker.com:
InterBase Buffer Overflow in Processing Database Name Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
IBM Tivoli Configuration Manager Cookie Authentication Weakness May Let Remote Users Hijack Sessions. Read more

www.securitytracker.com:
Tivoli SecureWay Policy Director Cookie Authentication Weakness May Let Remote Users Hijack Sessions. Read more

www.securitytracker.com:
IBM WebSphere Everyplace Server Cookie Authentication Weakness May Let Remote Users Hijack Sessions. Read more

www.securitytracker.com:
IBM Tivoli Access Manager Cookie Authentication Weakness May Let Remote Users Hijack Sessions. Read more

www.securitytracker.com:
Yahoo! Mail Encoded White Space Entity Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Opera Browser Shortcut Icon May Cover URL Addresses. Read more

www.securitytracker.com:
Tripwire 'pipedmailmessage.cpp' Format String Flaw May Let Local Users Execute Arbitrary Code. Read more

www.securiteam.com:
Orenosv HTTP/FTP Server Denial Of Service. Read more

www.securiteam.com:
Mollensoft FTP Server CD Buffer Overflow. Read mopre

www.securiteam.com:
WildTangent Web Driver Long Filename Stack Overflow. Read more

News:
www.theregister.co.uk:
Zombie PCs spew out 80% of spam. Read more

news.zdnet.co.uk:
Security time bomb is triggered by 'rogue laptops'. Read more

news.zdnet.co.uk:
Hotmail trashes saved files. Read more

www.channelnewsasia.com:
Netsky-P computer worm threatens to cast nasty spell on Harry Potter fans. Read more

news.zdnet.co.uk:
'Prisoner of Azkaban' stokes worm infections. Read more

www.crime-research.org:
Terrorists relocate to the Internet. Read more

zdnet.com.com:
Zombies may spoil Microsoft's spam plan. Reda more

www.informationweek.com:
Worm Attack Could Rack Up $50 Billion In U.S. Damages. Read more

www.antiphishing.org:
e-gold - 'Please Verify Your Account'. Read more

www.securityfocus.com:
Wardriver pleads guilty in Lowes WiFi hacks. Read more

04 june 2004

New Trojans:
Amiboide Uploader 1.0

Waldo Beta 0.7 (b)

Backdoor.Hackarmy.o

Guides, Papers, etc
www.securityfocus.com:
Wireless Attacks and Penetration Testing (part 1 of 3). Read more

www.securityfocus.com:
Multiple Security Roles With Unix/Linux. Read more

Vulnerabilities & Exploits
www.greymagic.com:
Simple Yahoo! Mail Cross-Site Scripting. Read more

www.greymagic.com:
Phishing for Opera. Read more

www.debian.org:
DSA-513-1 log2mail -- format string. Read more

www.debian.org:
DSA-512-1 gallery -- unauthenticated access. Read more

www.securitytracker.com:
SurgeMail Input Validation Hole in Login Form Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PHP Shared Libraries on Slackware Linux May Let Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Gallery 'init.php' Authentication Flaw Grants Administrative Access. Read more

www.securiteam.com:
Metamail Buffer Overflow Exploit (From Header). Read more

www.securiteam.com:
Tripwire Format String Vulnerability. Read more

News:
www.theregister.co.uk:
Mutant son of MyDoom plans three-pronged attack. Read more

www.thecouriermail.news.com.au:
New virus targeting bank accounts. Read more

www.theregister.co.uk:
Security cert body gives lesson in insecurity. Read more

www.thesandiegochannel.com:
Worm Cloaks Itself As Potter Game To Spread. Read more

www.thecouriermail.news.com.au:
Sasser-like worm in the wild. Read more

zdnet.com.com:
Tests to uproot Windows passwords begin. Read more

zdnet.com.com:
Are developers stealing code? Read more

www.theregister.co.uk:
Opera snips phishing lines. Read more

www.theregister.co.uk:
Korgo raises zombie PC army. Read more

www.crime-research.org:
Ukraine: carders. Read more

03 june 2004

New Trojans:
PA HAC 1.3 2004

Snow 3.9

CN Polyserver 1.0

Guides, Papers, etc
www.securityfocus.com:
H.323 Mediated Voice over IP: Protocols, Vulnerabilities & Remediation. Read more

www.securityfocus.com Multiple Security Roles With Unix/Linux. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Nuke Cops Security Check Can By Bypassed Letting Remote Users Determine Installation Path. Read more

www.securitytracker.com:
osc2nuke Security Check Can By Bypassed Letting Remote Users Determine Installation Path. Read more

www.securiteam.com:
Linksys WRT54G Administration Page Accessible Through WAN. Read more

www.securiteam.com:
VocalTec VoIP Gateway (vtg120, vtg480) DoS. Read more

www.securiteam.com:
TinyWeb Script Disclosure Vulnerability. Read more

www.securiteam.com:
Multiple SQL Injections in JPortal (print.php). Read more

www.securiteam.com:
Krb5_aname_to_localname Buffer Overflows. Read more

www.debian.org:
DSA-512-1 gallery -- unauthenticated access. Read more

News:
www.securityfocus.com:
Catching a Virus Writer. Read more

www.smh.com.au:
Korgo worm takes phishing to new level. Read more

www.theregister.co.uk:
Attack of the bandwidth-hogging hackers. Read more

www.philly.com:
Personal Computing | Spam? Hacker? Faulty backup is the worst. Read more

itvibe.com:
Netsky-P virus still causing problems. Read more

02 june 2004

New Trojans:
Cruel Intentionz 1.23 PB1

Glacier XX [JzNKooO]

Nethief 5.6

Vulnerabilities & Exploits
www.securitytracker.com:
Linksys BEFSR41 EtherFast Router Lets Remote Users Access the Administration Page Even When Remote Administration is Disabled. Read more

www.securitytracker.com:
Kerberos Buffer Overflows in krb5_aname_to_localname() May Let Remote Users Gain Root Access. Read more

www.securitytracker.com:
PHP-Nuke Security Check Can By Bypassed Letting Remote Users Determine Installation Path. Read more

www.securitytracker.com:
Firebird Database Can Be Crashed By Remote Users With Specially Crafted Database Name. Read more

www.securitytracker.com:
Sambar Server 'showini.asp' and 'showlog.asp' Disclose Files to Remote Authenticated Administrators. Read more

www.securitytracker.com:
Microsoft Windows 2000 Domains With Eight Characters May Let Remote Users With Expired Passwords Login. Read more

www.securitytracker.com:
PHP-Nuke 'mainfile.php' Lets Local Users Execute Arbitrary SQL Queries. Read more

www.securitytracker.com:
Linksys WRT54G Lets Remote Users Access the Administration Page Even When Remote Administration is Disabled. Read more

News:
news.netcraft.com:
Phishing Worm Installs Trojan Without Trickery. Read more

www.tmcnet.com:
Spam Trojans a Growing Problem for ISPs. Read more

www.theregister.co.uk:
Viruses up - or down. Read more

news.zdnet.co.uk:
Hackers 'recycling code' to spread worms. Read more

news.zdnet.co.uk:
Sasser tops virus infections. Read more

www.crime-research.org:
Computer crime targets banks. Read more

www.theregister.co.uk:
Chinese government censors online games. Read more

www.theregister.co.uk:
New self-destructing DVD launched. Read more

01 june 2004

New Trojans:
chti WebDL (2)

HellDoor 1.0

Caznova IRC Spy 1.2

Latinus 1.5 editserver 2

Vulnerabilities & Exploits
www.rs-labs.com:
SquirrelMail "Content-Type" XSS vulnerability. Read more

www.waraxe.us:
Multiple vulnerabilities in e107 version 0.615. Read more

www.securitytracker.com:
TinyWeb Lets Remote Users Download CGI Scripts. Read more

www.securitytracker.com:
spamGuard Multiple Buffer Overflows May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
jftpgw Format String Flaw in log() May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
GATOS xatitv Privileged System() Call May Let Local Users Gain Root Privileges. Read more

News:
www.newswireless.net:
News - Symmetrical irony as Sasser virus lays Computex exhibition low. Read more

www.crime-research.org:
2003 CSI/FBI Computer Crime and Security Survey. Read more

www.crime-research.org:
Police closing in on net phishers. Read more

www.smh.com.au:
When encryption can be misleading. Read more

www.wired.com:
Complex Passwords Foil Hacks. Read more

www.baltimoresun.com:
Many Wireless Networks Lack Security. Read more

www.theage.com.au:
Storms that come from nowhere. Read more


Copyright© MegaSecurity.org