Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!
Home    News Archive    Translate Traducen
News July 2003
31 july 2003

New Trojans:
BlueWater 1.6

MSN Crack Store 2.0

Sect 1.0

Iroffer 1.2b10

Tools
www.thc.org:
The Reverse-WWW-Tunnel-Backdoor is proof-of-concept Perl program for the paper "Placing Backdoors through Firewalls". It allows communicating with a shell through firewalls and proxy servers by imitating webtraffic. The master/slave relation is reversed, therefore no listening ports are used on the target machine. Download

Vulnerabilities & Exploits:
www.securecoding.org:
Analysis of Topical Vulnerabilities. Read more

www.securitytracker.com:
'man-db' Buffer Overflows Let Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Linux 'lockdev' May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Linux 2.4 Kernel NFSv3 Integer Overflow May Let Remote Users Cause a Kernel Panic. Read more

www.securitytracker.com:
NetScreen ScreenOS Can Be Crashed By Remote Users Sending Packets With Certain TCP Window Sizes. Read more

www.securitytracker.com:
Sun Solaris 'ld.so.1' Runtime Linker Buffer Overflow Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Roundup Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
KDE Konqueror May Disclose URL-based Passwords to Remote Users Via the Referer Field. Read more

www.securitytracker.com:
FreeRADIUS Buffer Overflow in Processing CHAP Challenges Lets Remote Users Execute Arbitrary Code. Read more

www.debian.org:
DSA-356-1 xtokkaetama -- buffer overflows. Read more

www.debian.org:
DSA-355-1 gallery -- cross-site scripting. Read more

www.debian.org:
DSA-354-1 xconq -- buffer overflows. Read more

News:
www.securityfocus.com:
Panel Probes the Half-life of Bugs. Read more

www.securityfocus.com:
Legislation takes aim at spyware. Read more

www.theregister.co.uk:
I'm working for the FBI, claims accused hacker. Read more

www.eurekalert.org:
Hackers turn to Google. Read more

gcn.com:
Zimmermann: Public too slow to adopt encryption. Read more

news.bbc.co.uk:
The leaky net. Read more

30 july 2003

New Trojans:
Stealth Redirector 1.4

Inspiration 1.1

Pro Agent 1.21

Guides, Papers, etc.
www.securityfocus.com:
Firewall Evolution - Deep Packet Inspection. Read more

www.linuxsecurity.com:
Fun Things To Do With Your Honeypot. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
TelnetXQ Default Account With Common Password Lets Remote Users Access the System. Read more

www.securitytracker.com:
Novell iChain Login Buffer Overflows Let Remote Users Crash the Software. Read more

www.securitytracker.com:
Hassan Shopping Cart Discloses Configuration Data to Remote Users. Read more

www.securitytracker.com:
Opera Browser 'Location' Header Flaw Lets Remote Users Crash the Browser. Read more

www.securitytracker.com:
Gallery Input Validation Hole in Search Feature Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Cisco Aironet Wireless Devices Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Cisco IOS-based Devices Disclose Valid User Account Names to Remote Users. Read more

www.securitytracker.com:
Xconq Game USER Environment Variable Buffer Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
'mod_mylo' Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
HP Patch for 'nettl' and 'netfmt' Lets Local Users Deny Service. Read more

www.securitytracker.com:
MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges. Read more

www.debian.org:
DSA-353-1 sup -- insecure temporary file. Read more

News:
www.networknews.co.uk:
Hackers pounce on latest Microsoft flaw. Read more

www.crn.com:
More Exploit Code For Windows Vulnerability Posted--Worms Expected To Follow. Read more

www.eweek.com:
Black Hat: Joining Forces to Fight Hacking. Read more

news.bbc.co.uk:
Virus writers turn to spam. Read more

www.theregister.co.uk:
So what info does WinXP really send to MS? Read more

www.editorandpublisher.com:
Credit Card Server Hacked at 'Greenville News'. Read more

www.thesundaymail.news.com.au:
Hacker's computer returned. Read more

www.mytelus.com:
French, Canadian hackers use Kentucky state computers to store pirated files. Read more

www.theregister.co.uk:
Red Hat Enteprise Linux 3.0 beta up for grabs. Read more

www.theregister.co.uk:
Hi-Fi meets Wi-Fi with Linksys. Read more

zdnet.com.com:
McDonald's beefs up Wi-Fi trials. Read more

29 july 2003

New Trojans:
SomeTrouble 1.0

Peeper1st 2.3

NT RootKit 0.44

G-SPOT www 1.0 server 2

Tools
www.kodeit.org:
IISShield - Application Layer Firewall. Read more

www.team-teso.net:
Zodiac - DNS protocol monitoring and spoofing program. Read more

www.eeye.com:
Retina RPC DCOM Vulnerability Scanner from eEye Digital Security. Read more

Vulnerabilities & Exploits:
www.cisco.com:
Cisco Security Advisory: HTTP GET Vulnerability in AP1x00. Read more

www.securitytracker.com:
Mitel Voice Over IP Servers Disclose Calling Data to Remote Users. Read more

www.securiteam.com:
miniSQL Format String Vulnerability Exploit Code. Read more

www.securiteam.com:
Microsoft SQL Server DoS Exploit Code. Read more

www.securiteam.com:
RPC Overflow Exploit Code. Read more

www.securiteam.com:
XBlast Local Root Exploit. Read more

www.securiteam.com:
Samba reply_nttrans() Remote Root Exploit. Read more

www.securiteam.com:
Buffer Overflow in EF Commander. Read more

www.securiteam.com:
Analysis of LSD's Buffer Overrun in Windows RPC Interface. Read more

www.securiteam.com:
NetScreen non-IP Protocol Denial of Service (And non-IP Machine Compromise). Read more

www.securiteam.com:
CPU/BIOS/OS Issue Allows Local Attacker to Cause a DoS Attack. Read more

www.securiteam.com:
Oracle E-Business Suite AOL/J Setup Test Information Disclosure. Read more

www.securiteam.com:
Oracle E-Business Suite FNDWRR Buffer Overflow. Read more

www.securiteam.com:
Oracle Extproc Buffer Overflow. Read more

www.securiteam.com:
Opera Denial of Service (Long Protocol Name). Read more

www.securiteam.com:
Remotely Exploitable Overflow In mod_mylo For Apache. Read more

News:
www.zdnet.com.au:
Hacker code could unleash Windows worm. Read more

australianit.news.com.au:
Data logger pirate caught. Read more

www.technewsworld.com:
WiFi Is Open, Free and Vulnerable to Hackers. Read more

www.govexec.com:
Security officials discuss efforts to combat computer crime. Read more

www.enquirer.com:
Hacker claims he was working for FBI. Read more

www.mg.co.za:
Police charge Absa hacker suspect. Read more

www.theregister.co.uk:
Copying is Theft - and other legal myths. Read more

28 july 2003

New Trojans:
Glacier XX4

WinEggDrop Shell 1.39

Guangwai Girl 1.52c server

BlueWater 1.4

CN Black Dream 1.0

Vulnerabilities & Exploits:
none today

News:
www.zdnet.com:
Beware: It's now easier to crack your passwords. Read more

www.news.com.au:
Hacker gets four-year term. Read more

finance.lycos.com:
Owner of stolen 'sex.com' can sue VeriSign-court. Read more

27 july 2003

New Trojans:
Snow 2.2

Blackhole 2002

Beast 2.00 (d & e) (may 24, 2003)

MiniuII 1.1

Vulnerabilities & Exploits:
illmob.org:
DCOM RPC exploit paper by illwill. Read more

www.xfocus.org:
The Analysis of LSD's Buffer Overrun in Windows RPC Interface. Read more

www.xfocus.org:
Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability. Read more

www.securitytracker.com:
EF Commander Buffer Overflow in Processing FTP Banners May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
e107 Website System Input Validation Hole in Custom Format Tags Permits Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PBLang Input Filtering Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft Outlook Express Again Executes Scripting Code in Plain Text E-mail Messages. Read more

www.securitytracker.com:
QmailAdmin Forwarding Rule Lets Remote Users Execute Arbitrary Commands on the System. Read more

www.securitytracker.com:
'top' Environment Variable Buffer Overflow Lets Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Outpost Firewall Software Can Be Silently Crashed By Local Users. Read more

News:
www.business.scotsman.com:
Edinburgh firms' wireless networks open for hackers. Read more

www.eweek.com:
Group Posts Program That Exploits Windows. Read more

www.themoscowtimes.com:
Don't Spam This Deputy Minister. Read more

26 july 2003

New Trojans:
Near Mohists 1.99

Optix Pager 2.0 Firewall Bypass

Pro Agent 1.2

AGM65's Keylog Trojan 1.0

Harvester 5.0

Vulnerabilities & Exploits:
www.securitytracker.com:
mSQL Database Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
e107 Website System Discloses Usernames and Hashed Passwords to Remote Users. Read more

www.securitytracker.com:
paFileDB Authentication Flaw Lets Remote Users Upload and Execute Arbitrary Code. Read more

www.securitytracker.com:
UMN Gopherd do_command() Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
HP Color LaserJet Web Interface Permits Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PHP-Gastebuch Discloses System Information and Hashed Admin Password to Remote Users. Read more

www.securitytracker.com:
Opera M2 Mail Client Embedded Image Viewing Restrictions Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
VMware Workstation Lets Local Users Execute Programs With Root Privileges. Read more

www.securitytracker.com:
VMware GSX Server Lets Local Users Execute Programs With Root Privileges. Read more

www.securitytracker.com:
Windows Media Player Again Lets Remote Users Install and Execute Code. Read more

www.lsd-pl.net:
Buffer Overrun in Windows RPC Interface. Read more

News:
www.securityfocus.com:
The Hackers Who Broke Windows. Read more

www.securityfocus.com:
Group posts code to exploit Windows flaw, attack computers. Read more

www.vnunet.com:
Credit card hackers swap tricks online. Read more

www.ecommercetimes.com:
Microsoft Warns of DirectX Security Flaw. Read more

fileforum.betanews.com:
Keyser Soze's Unofficial XP Security Pack 1.002. Read more

story.news.yahoo.com:
Japan Cancels National Hacking Contest. Read more

www.onlineathens.com:
Brawl over online music file-swapping spawns 'secure' software. Read more

news.com.com:
Hacker code could unleash Windows worm. Read more

www.ecommercetimes.com:
Cracking Technique Highlights Password Concerns. Read more

www.theregister.co.uk:
A virus ate my exam results. Read more

www.theregister.co.uk:
Alcatel beefs up router security with Tripwire. Read more

25 july 2003

New Trojans:
Inspiration 1.0

Little Witch 6.1 (x) server

Msn Trojan 2.0

Vulnerabilities & Exploits:
www.securitytracker.com:
Apple Mac OS X Workgroup Manager May Let Remote Users Access New Accounts. Read more

www.securitytracker.com:
Oracle E-Business Suite Discloses Configuration and System Information to Remote Users. Read more

www.securitytracker.com:
Oracle Database EXTPROC Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Oracle E-Business Suite FNDWRR Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Windows NT File Management Flaw May Let Remote Users Crash Certain Applications. Read more

www.securitytracker.com:
Microsoft Data/Desktop Engine Named Pipe and LPC Flaws Let Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft SQL Server Named Pipe and LPC Flaws Let Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft DirectX Heap Overflow in Loading MIDI Files Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
phpGroupWare Unspecified Bug Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
XAVi X7028r Wireless ADSL Router Can Be Rebooted By Remote Users. Read more

www.securitytracker.com:
3Com OfficeConnect DSL Router Can Be Crashed With Long URL. Read more

www.securitytracker.com:
NetWare Enterprise Web Server PERL Handler Buffer Overflow Lets Remote Users Crash the Web Service. Read more

www.securitytracker.com:
FDclone /tmp Directory Permission Flaw May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Microsoft MDAC ODBC Component May Store Database Passwords in Plaintext in the Registry. Read more

www.securitytracker.com:
more.groupware Include File Hole May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Apple QuickTime/Darwin Streaming Server Bugs Let Remote Users View Files and Crash the Server. Read more

www.securitytracker.com:
Microsoft IIS 6.0 Vulnerabilities Permit Cross-Site Scripting and Password Changing Attacks Against Administrators. Read more

www.securiteam.com:
University of Minnesota Gopherd do_command Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Drupal XSS Vulnerability. Read more

www.securiteam.com:
Windows NT 4.0 with IBM JVM Denial of Service. Read more

www.securiteam.com:
Windows MIDI Decoder (QUARTZ.DLL) Heap Corruption. Read more

www.securiteam.com:
Flaw in Windows Function Could Allow Denial of Service. Read more

www.securiteam.com:
Unchecked Buffer in DirectX Could Enable System Compromise. Read more

www.eeye.com:
Windows MIDI Decoder (QUARTZ.DLL) Heap Corruption. Read more

News:
www.mg.co.za:
Spyware, scumware and Absa. Read more

edition.cnn.com:
U.S. bank hit by international hackers. Read more

www.iol.co.za:
'Users at fault in Net fraud cases, not bank'. Read more

www.hackexpo.com:
HACK ASIA 2003, Asian Information Technology Security Conference. Read more

www.theregister.co.uk:
MS alerts users to Windows DirectX vulnerability. Read more

www.infoworld.com:
Security experts question DOD cybersecurity. Read more

24 july 2003

New Trojans:
Danton 4.1.0 beta

Remote Control 1.0

Double Helix 2.5

Lamers Death 2.7 (e) server

WinEggDrop Shell 1.38

Remotecmd 1.0

Guides, Papers, etc.
www.securityfocus.com:
Detecting SQL Injection in Oracle. Read more

Vulnerabilities & Exploits:
www.pivx.com:
Unpatched IE security holes. Read more

www.atstake.com:
Microsoft SQL Server DoS. Read more

www.atstake.com:
Microsoft SQL Server Local Code Execution. Read more

www.atstake.com:
Windows NT 4.0 with IBM JVM Denial of Service. Read more

www.securitytracker.com:
GuanxiCRM Include File Holes Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Linux 2.4 Kernel Forwarding Table Can Be Spoofed By Remote Users. Read more

www.securitytracker.com:
XBlast Buffer Overflow in $HOME Variable Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Linux 2.4 Kernel '/proc/self' Error May Disclose Sensitive Information to Local Users. Read more

www.securitytracker.com:
ashnews '$pathtoashnews' Include File Flaw Lets Remote Users Execute Arbitrary Code on the System. Read more

www.securitytracker.com:
Linux 2.4 Kernel execve() Access Control Flaw May Let Local Users Access File Descriptors. Read more

www.securitytracker.com:
Linux 2.4 Kernel RPC Bug Lets Local Users Bind to Ports Already in Use. Read more

www.securitytracker.com:
Linux 2.4 Kernel execve() Race Condition May Let Local Users Crash the System. Read more

www.securitytracker.com:
Linux 2.4 Kernel /proc/tty/driver/serial May Disclose Password Characteristics to Local Users. Read more

www.securitytracker.com:
Linux 2.4 Kernel Spanning Tree Protocol Bug Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Sun Solaris 8 Can Be Crashed By Remote Users Sending IPv6 Packets. Read more

www.securitytracker.com:
phpGroupWare Include File Bug in 'tables_update.inc.php' Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Outlook Web Access Can Be Crashed By Remote Authenticated Users With an Outlook 2003 Client. Read more

www.securiteam.com:
Another Exploit Code Release for Toppler Game Vulnerability. Read more

www.securiteam.com:
Buffer Overflow in Netware Web Server PERL Handler. Read more

www.securiteam.com:
Denial of Service in XAVI X7028r DSL Wireless Router (Long GET Request). Read more

www.securiteam.com:
Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server. Read more

News:
www.theregister.co.uk:
Welsh virus writer loses appeal. Read more

news.bbc.co.uk:
Virus writer's appeal fails. Read more

Microsoft Security Bulletin MS03-029
Flaw in Windows Function Could Allow Denial of Service (823803). Read more

Microsoft Security Bulletin MS03-030
Unchecked Buffer in DirectX Could Enable System Compromise. Read more

Microsoft Security Bulletin MS03-031
Cumulative Patch for Microsoft SQL Server (815495). Read more

zdnet.com.com:
Microsoft reveals 'critical' flaw. Read more

news.com.com:
Cracking Windows passwords in seconds. Read more

www.santacruzsentinel.com:
Cyber-cafes prepared for sabotage. Read more

www.detnews.com:
Internet in China, handheld shipments, advertising lawsuit, security tech, Google news. Read more

www.fcw.com:
Security adviser warns of cyberthreats. Read more

www.theregister.co.uk:
'Online banking in SA was a time-bomb waiting to go off'. Read more

www.newsfactor.com:
Do Security Companies Create Monsters? Read more

www.thestar.co.za:
Another bank attacked as hackers go on spree. Read more

www.theregister.co.uk:
Spam clients outed, credit card details published. Read more

23 july 2003

New Trojans:
iA Keylogger & Downloader

Beast 2.00 (d) (may 28, 2003)

Notify

Gold 1.0.0.1

Guides, Papers, etc.
www.hackinthebox.org:
Camouflaging Nmap Scans. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Drupal Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
AtomicBoard Input Validation Flaw Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
Guidescope Filetering Software May Let Remote Users Relay Connections (SPAM) Via the System. Read more

www.securitytracker.com:
CGI.pm Library Input Validation Flaw Permits Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
WebCalendar $user_inc Global Variable Lets Remote Users View Files on the System. Read more

www.securitytracker.com:
Savant Web Server Can Be Crashed By Remote Users Making Many Connections. Read more

www.securiteam.com:
Microsoft Windows 2000 RPC DCOM Interface DOS and Privilege Escalation Vulnerability. Read more

www.securiteam.com:
BRU Format String Vulnerability Exploit. Read more

www.debian.org:
DSA-351-1 php4 -- cross-site scripting. Read more

News:
www.capetimes.co.za:
Hacking into bank accounts is dead easy, say experts. Read more

www.sabcnews.com:
Big Four Banks Meet Over Internet Fraud. Read more

www.bankrate.com:
Feds warn of latest e-mail scams. Read more

www.nydailynews.com:
Phishin' for your ID. Read more

www.fbi.gov:
The Case of the Hacked South Pole. Read more

www.accountingweb.com:
Internet Vulnerability Mobilizes Hackers. Read more

www.information-security.net:
Firms Raced to Fix Internet Hardware Flaw. Read more

www.fcw.com:
Security without the sweat. Read more

22 july 2003

New Trojans:
Global Patrol 1.31

QQ Ambush 1.0

Little Witch 6.1 client (s)

RMT

Vulnerabilities & Exploits:
www.securiteam.com:
GNATS Buffer Overflow Exploit Code Released (queue-pr). Read more

www.securiteam.com:
GopherD's FTP Gateway, and GSisText() Buffer Overflow Vulnerabilities (Exploit). Read more

www.securiteam.com:
Cisco IOS Interface Blocked by IPv4 Packets. Read more

www.securiteam.com:
Firewall Bypassing With BHO and MSIE. Read more

www.securiteam.com:
Splatt Forum XSS Vulnerability in icon Posting. Read more

www.securiteam.com:
Default CGI.pm Settings Vulnerable to Cross-site Scripting. Read more

www.securiteam.com:
Web Calendar Directory Traversal. Read more

News:
www.news.com.au:
FBI issues fraud email warning. Read more

www.canada.com:
Con artists pretending to be Internet companies a growing problem. Read more

news.zdnet.co.uk:
Cisco flaw exploit posted online. Read more

australianit.news.com.au:
Cybercrime wave stretches resources. Read more

www.theregister.co.uk:
Trojan infection linked to SA Net bank thefts. Read more

www.theregister.co.uk:
ID thieves rip off 7m US adults a year. Read more

www.theregister.co.uk:
E-mail abuses cost UK firms millions. Read more

afr.com:
Police training to lift network-security skills. Read more

www.theregister.co.uk:
The War against 'Viagra'. Read more

21 july 2003

New Trojans:
Jack Trojan 1.1 beta

Double Helix 1.5

Antilamer 2.0 (m) server

Vulnerabilities & Exploits:
www.securitytracker.com:
Witango Application Server Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Apache HTTP Server 'rotatelogs' Bug on Win32 and OS/2 May Cause the Logging to Stop. Read more

www.securiteam.com:
Denial-of-Service of TCP-based Services in CatOS (Exploit). Read more

www.securiteam.com:
EST BRU Backup and Restore Utility Local Root Exploit. Read more

www.securiteam.com:
SurfControl Filter for SMTP Can Be Bypassed via Nested Zips. Read more

www.securiteam.com:
RAV Online Scanning ActiveX Buffer Overflow. Read more

www.securiteam.com:
Buffer Overflow in MSN Messenger. Read more

www.securiteam.com:
Witango & Tango 2000 Application Server Remote System Buffer Overrun. Read more

www.securiteam.com:
Digi-News and Digi-Ads Allow Gaining of Admin Privileges without Authentication. Read more

www.securiteam.com:
IBM U2 UniVerse Users with UVADM Rights can Elevate Privileges via UVADMSH. Read more

www.securiteam.com:
CFTP Buffer Overflow Vulnerability (HOME). Read more

News:
www.ebcvg.com:
Trojans - and how to protect your network against them. Read more

newsobserver.com:
Researchers report hackers trying to abuse Cisco flaw. Read more

www.theregister.co.uk:
Service tunes 56Kbps modems up to 784Kbps. Read more

www.recordonline.com:
Warning: Thieves want your identity. Read more

www.news24.com:
'Cyber hacker' not involved. Read more

20 july 2003

New Trojans:
Guangwai Girl 1.53A

Nethief 4.9

The Cryptic Remote Keylogger

Gnotify 1.0 by Gobo

Vulnerabilities & Exploits:
www.securitytracker.com:
Simpnews Include File Error Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
WatchGuard ServerLock Access Control Flaws Let Local Users Take Control of the System. Read more

www.securitytracker.com:
eStore Input Validation Flaw Lets Remote Users Inject SQL Commands. Read more

News:
www.washingtonpost.com:
Internet Security Experts Escalate Warnings. Read more

www.theregister.co.uk:
Cisco IOS DoS exploit released in the wild. Read more

www.theregister.co.uk:
Bush's e-mail faces DoS attack. Read more

www.wired.com:
Upload a File, Go to Prison. Read more

19 july 2003

New Trojans:
Liciaa Fwb Downloader 1.0

IP Rape 1.0

Insecure Executable Downloader 1.0

Win-Spy 7.2.3

Vulnerabilities & Exploits:
www.securitytracker.com:
SGI IRIX Login Hole May Let Local Users Gain Root Privileges. Read more

www.securitytracker.com:
SGI IRIX Name Service Daemon (nsd) Bugs Let Remote Users Crash the System. Read more

www.securitytracker.com:
Message Foundry Permits Cross-Site Scripting Attacks and Lets Remote Authenticated Users Change Other User Passwords. Read more

www.securitytracker.com:
Elite News Authentication Flaw Grants Remote Users Administrative Privileges. Read more

www.securitytracker.com:
Cisco IOS Router Interfaces Can Be Blocked by Remote Users Sending Certain IPv4 Packets. Read more

www.securitytracker.com:
BRU Backup Software Buffer Overflow and Format String Bugs Let Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
digi-ads Authentication Error Grants Administrative Access to Remote Users. Read more

www.securitytracker.com:
digi-news Authentication Error Grants Administrative Access to Remote Users. Read more

www.securitytracker.com:
Synthigence Forum/Chat Software Discloses User Passwords to Remote Users. Read more

www.securitytracker.com:
.netCART Discloses Credit Card and Other Shopping Cart Information to Remote Users. Read more

www.securitytracker.com:
OmniHTTPd Web Server Has Input Validation Holes in Additional Sample Scripts That Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft Windows XP Shell Buffer Overflow in Processing Folder Display Attributes Permits Remote Code Execution. Read more

www.securitytracker.com:
Microsoft Windows Remote Procedure Call (RPC) Service Buffer Overflow in Processing DCOM Requests Allows Remote Code Execution. Read more

News:
www.securityfocus.com:
Guilty Plea in Kinko's Keystroke Caper. Read more

www.securityfocus.com:
Forensic Log Parsing with Microsoft's LogParser. Read more

www.theage.com.au:
Fraudsters net gullible users. Read more

www.boston.com:
Cisco offering patch to fix networking software flaw. Read more

www.vnunet.com:
Spammers target Wi-Fi security. Read more

www.bayarea.com:
Unshackling the Xbox: hackers and the right to tinker. Read more

18 july 2003

New Trojans:
Back Attack 1.7

Poltergeist 1.0

Snow 2.1

URCS 1.05 (build1)

Vulnerabilities & Exploits:
www.cisco.com:
Cisco IOS Interface Blocked by IPv4 Packet. Read more

www.securitytracker.com:
Deutsche Telekom Teledat 530 DSL Router Can Be Crashed By Remote Users Conducting Port Scans. Read more

www.securitytracker.com:
IBM U2 UniVerse Database Flaws in 'cci_dir' and 'uvadmsh' Let Local Users Obtain Root Privileges. Read more

www.securitytracker.com:
xfstt TrueType Font Server Buffer Overflow Lets Remote Users Crash the Server. Read more

www.securitytracker.com:
Microsoft SMTP Service Can Be Crashed By Remote Users Sending Mail With an Invalid FILETIME Header. Read more

www.securitytracker.com:
Microsoft Exchange Server Can Be Crashed By Remote Users Sending Mail With an Invalid FILETIME Header. Read more

www.securitytracker.com:
Splatt Forum Input Validation Hole in Icon IMG Tag Allows Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Citadel/UX Input Validation Flaw and Buffer Overflows Let Remote Authenticated Users Execute Arbitrary Code. Read more

www.securiteam.com:
Hummingbird's Exceed X Emulator Fonts Directive Mishandling. Read more

www.securiteam.com:
ISA Server - Error Page Cross-Site Scripting (Additional Details). Read more

www.securiteam.com:
Moby's Netsuite Directory Traversal Vulnerability. Read more

www.securiteam.com:
Unchecked Buffer in Windows Shell Could Enable System Compromise (XP). Read more

www.securiteam.com:
IBM U2 UniVerse UVADM Can Take Root via Buffer Overflows. Read more

www.securiteam.com:
BRU Buffer Overflow and Format String Vulnerabilities. Read more

www.securiteam.com:
Linux nfs-utils xlog() Off-by-One Bug. Read more

News:
www.theregister.co.uk:
Trojan turns victims into DDoS, spam zombies. Read more

www.theregister.co.uk:
Cisco issues network security brown alert. Read more

news.com.com:
Twin flaws have security pros worried. Read more

www.securityfocus.com:
Honeytokens: The Other Honeypot. Read more

australianit.news.com.au:
Disk clone tells all on Bali suspect. Read more

cryptome.org:
Web Privacy Services Complicate Work of Federal Investigators. Read more

www.vnunet.com:
Spammers target Wi-Fi security. Read more

17 july 2003

New Trojans:
Joker 1.0 (SourceForge-Version)

KPSULE 1.0

ProAgent 1.1

XQ 0.998

Vulnerabilities & Exploits:
xforce.iss.net:
Cisco IOS Remote Denial of Service Vulnerability. Read more

www.pivx.com:
ISA Server HTTP error handler XSS. Read more

www.securitytracker.com:
Hummingbird Exceed Font Processing Bug May Let Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
ASUS ADSL Router Web Interface Discloses Passwords to Remote Users. Read more

www.securitytracker.com:
ImageMagick May Execute Arbitrary Code in Malicious Image Files. Read more

www.securitytracker.com:
Sierra Starsiege Tribes Game Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Netscape Client Detection Tool Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Internet Explorer 'Chromeless' Window May Let Remote Users Spoof Various User Interface Characteristics. Read more

www.securitytracker.com:
WebShield SMTP for Windows NT Lets Remote Users Send Executables Through the Filter. Read more

www.securitytracker.com:
'nfs-utils' Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
NeoModus Direct Connect Permits Remote Denial of Service Attacks. Read more

www.securiteam.com:
Buffer Overflows Vulnerability in IglooFTP PRO (Exploit). Read more

www.securiteam.com:
DoS Attack Against Twilight Web Server (Long GET Request). Read more

www.securiteam.com:
Remote DoS Vulnerability in NeoModus Direct Connect. Read more

www.securiteam.com:
Microsoft JET Database Engine 4.0 Buffer Overflow. Read more

www.securiteam.com:
Apple Issues Patch to Address Screen Saver Bypassing. Read more

www.debian.org:
DSA-350-1 falconseye -- buffer overflow. Read more

www.debian.org:
DSA-349-1 nfs-utils -- buffer overflow. Read more

News:
Microsoft Security Bulletin MS03-026
Buffer Overrun In RPC Interface Could Allow Code Execution (823980). Read more

Microsoft Security Bulletin MS03-027
Unchecked Buffer in Windows Shell Could Enable System Compromise (821557). Read more

Microsoft Security Bulletin MS03-028
Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack (816456). Read more

www.securityfocus.com:
Microsoft admits critical flaw in nearly all Windows software. Read more

asia.reuters.com:
Microsoft Warns of Flaw in Windows. Read more

www.globeandmail.com:
Windows cracked again. Read more

www.theregister.co.uk:
Symantec 'security scan' distributes rootkit. Read more

www.infoworld.com:
New worm poses as Microsoft patch. Read more

www.guardian.co.uk:
Beware Trojans bearing gifts. Read more

www.securitynewsportal.com:
Was Google hacked or is Google getting into the SPAM business. Read more

money.cnn.com:
Burden of spoof. Read more

www.theregister.co.uk:
Student hackers: we didn't defeat campus debit card system. Read more

www.iht.com:
Walking through a hacker's wireless paradise. Read more

www.attrition.org:
Deconstructing the Defacer Challenge Hoax/FUD. Read more

16 july 2003

New Trojans:
Hotmail Hacker X 0.9

Kaos Webdownloader

WAY 2.5 [skyfire]

Vulnerabilities & Exploits:
www.securitytracker.com:
Traceroute NANOG Integer Overflow Lets Local Users Access Privileged Sockets. Read more

www.securitytracker.com:
Grub Web Crawler Discloses Password to Local Users. Read more

www.securitytracker.com:
MDaemon Buffer Overflow in EXAMINE and SELECT IMAP Commands Allows Remote Authenticated Users to Execute Code. Read more

www.securitytracker.com:
CyberShop ASP May Disclose Shopping Cart Database to Remote Users. Read more

www.securitytracker.com:
Moby's NetSuite Input Validation Flaw Discloses Files on the System to Remote Users. Read more

www.securiteam.com:
Denial-of-Service of TCP-based Services in CatOS. Read more

www.securiteam.com:
IE Chromeless Window Vulnerabilities (More Examples). Read more

www.securiteam.com:
Grub Distributed Webcrawling Client Clear Text Password Vulnerability. Read more

www.securiteam.com:
StoreFront Vulnerable to SQL Injection. Read more

www.securiteam.com:
Multiple Vulnerabilities in Citadel/UX. Read more

www.securiteam.com:
Format String Vulnreability Found in ImageMagick. Read more

News:
www.hivercon.com:
HIVERCON 2003 CALL FOR PAPERS. Read more

www.newscientist.com:
Red alert on the e-war front. Read more

www.crbj.com:
Identity theft: When bad things happen to good names. Read more

www.forbes.com:
Trojan Horse, Meet The Home Office. Read more

www.ntsecurity.net:
Honeynet Affiliates Help Dampen Credit Card Fraud. Read more

www.pcworld.com:
Securing Cyberspace: A Shared Duty. Read more

15 july 2003

New Trojans:
Snow 2.0

Near Mohists 1.9

Svchost 0.2 beta

Beast 1.92 (a & d) (march 05, 2003)

URCS 1.04 (build1)

Vulnerabilities & Exploits:
www.securitytracker.com:
BlazeBoard Default Installation May Disclose Installation Files to Remote Users. Read more

www.securitytracker.com:
Mabry FTPServer/X Buffer Overflows in Several FTP Commands Let Remote Users Crash the Server. Read more

www.securitytracker.com:
Polycom MGC-25 Conferencing System Management Port Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
BlackBook Guest Book Contains Input Validation and Access Control Flaws. Read more

www.securitytracker.com:
ASP-DEV Discussion Forum Grants Admin Access to Remote Users and Discloses User Passwords. Read more

www.securitytracker.com:
StoreFront ASP Shopping Cart Input Validation Flaw Discloses User Information to Remote Users. Read more

www.securiteam.com:
Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation. Read more

www.securiteam.com:
Buffer Overflow Vulnerabilities in TurboFTP. Read more

www.securiteam.com:
Vulnerability in Microsoft's HTML Converter Could Allow Code Execution. Read more

www.securiteam.com:
CyberShop-ASP Vulnerable With Shopdbtest.ASP. Read more

News:
ntbugtraq.ntadvice.com:
NTBugtraq Retreat. Read more

www.virusbtn.com:
Virus Bulletin 2003 conference. Read more

story.news.yahoo.com:
From Russia with porn: new Internet attacks baffle security experts. Read more

news.com.com:
Sony warns online buyers of spam scam. Read more

www.nj.com:
Bold thieves troll Web in slick, new scams for money and IDs. Read more

www.adn.com:
Student hackers settle debit-card device lawsuit. Read more

www.computerweekly.com:
Could hackers launch a denial-of-spam attack? Read more

www.zdnet.com:
Who's really responsible for hacker attacks. Read more

www.themoscowtimes.com:
Russia-Linked Porn Hackers Target PCs. Read more

www.canada.com:
Keeping cyber-thieves at bay. Read more

www.dailyherald.com:
British man arrested for hacking into Fermilab computers. Read more

www.sunspot.net:
Prank Message Via Google Mocks WMD Search. Read more

14 july 2003

New Trojans:
Zalivator 1.4.2 Pro (build 92)

MSN Log Thief 0.5

ProAgent 1.0

Remote GUI 0.92

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft Jet Database Engine Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
UMN Gopherd Buffer Overflows in GSisText() and in FTP Proxy Code Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Trend Micro HouseCall Scanner Has Buffer Overflows That May Allow Remote Code Execution. Read more

www.securitytracker.com:
Invision Power Board Input Validation Hole in 'ipchat.php' Permits Remote SQL Injection. Read more

www.securitytracker.com:
W-Agora Input Validation Flaws Disclose System Information and May Permit Remote Code Execution. Read more

www.securiteam.com:
ASP-DEV Discussion Forum Information Disclosure. Read more

www.securiteam.com:
Gattaca Server Vulnerable to Multiple vulnerabilities. Read more

News:
www.dailyherald.com:
British man arrested for hacking into Fermilab computers. Read more

www.nj.com:
Bold thieves troll Web in slick, new scams for money and IDs. Read more

www.neowin.net:
Trojan Hijacks PCs to Peddle Porn. Read more

13 july 2003

New Trojans:
Annoy Toys 1.0

Resident Evil 1.0 beta

R-Desktop 1.0

Fox Q 1.5

Nethief 4.8

Tools:
www.thc.org:
Amap is a scanning tool that allows you to identify the applications that are running on a specific port (linux). Download

Guides, Papers, etc.
packetwatch.net:
Analysis of Remote Active Operating System Fingerprinting Tools (pdf). Read more

www.idefense.com:
Win32 Message Vulneralilities Redux. (pdf) Read more

mutsonline.com:
NetBIOS Enumeration and Bruteforce. (pdf) Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Gattaca Server Discloses Files to Remote Users and Can Be Crashed By Remote Authenticated Users. Read more

www.securitytracker.com:
phpForum Include File Error Lets Remote Users Execute Arbitrary Code on the System. Read more

www.securitytracker.com:
aMSN Client May Disclose the User's Password to Local Users. Read more

www.securitytracker.com:
TurboFTP Client Buffer Overflow in Processing Server Responses May Crash the Client. Read more

www.securitytracker.com:
BiTBOARD Discloses Administrator's Hashed Password to Remote Users. Read more

www.securitytracker.com:
Macromedia JRun Discloses Page Source Code to Remote Users. Read more

www.securitytracker.com:
ColdFusion MX Discloses Page Source Code to Remote Users . Read more

www.securitytracker.com:
Mabry HTTPServer/X Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
Naviscope Processing Loop May Cause Denial of Service Conditions. Read more

News:
www.theregister.co.uk:
Trojan serves porn off home PCs, not many dead. Read more

www.theregister.co.uk:
'Open and helpful community' - of credit card thieves. Read more

www.onlineathens.com:
Student hackers blessing, curse to universities. Read more

silicon.com:
Ginseng Jim Twist To Spoof PayPal ID Theft Scam. Read more

www.ecommercetimes.com:
'Brand Spoofing' a Growing E-Mail Scam. Read more

12 july 2003

New Trojans:
The Infector 1.0

Zirgt 1.0

Sensive 5.1 (b)

Sub-Mariner 1.1 client

Vulnerabilities & Exploits:
www.securitytracker.com:
TinyWEB URL Processing Flaw Lets Remote Users Create Denial of Service Conditions. Read more

www.securitytracker.com:
ZoneAlarm Pro 4.0 May Drop Some Firewall Rules When Upgrading From a Previous Version. Read more

www.securitytracker.com:
Q-Shop Shopping Cart Authentication Flaw Lets Remote Users Upload and Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft SMB Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Windows 2000 Accessibility Utility Manager Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Coda File System RPC2 Library Bug Lets Remote Users Crash Affected Application. Read more

www.securitytracker.com:
terminatorX Environment Variable Buffer Overflow Lets Local Users Run Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
NetScreen Firewall Bridging Flaw Lets Remote Users Bypass the Firewall With Non-IP Packets. Read more

www.securitytracker.com:
Cisco CatOS Bug in Processing Non-Standard TCP Flags Permits Remote Denial of Service Attacks. Read more

www.securitytracker.com:
Apache HTTP Server FTP Proxy Bug May Cause Denial of Service Conditions. Read more

www.securitytracker.com:
Apache 'accept()' Errors May Cause Denial of Service Conditions. Read more

www.securitytracker.com:
Apache Web Server 'type-map' File Error Permits Local Denial of Service Attacks. Read more

www.securitytracker.com:
Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases. Read more

News:
www.securityfocus.com: Honeynet: Carders are Getting Slick. Read more

silicon.com:
Ginseng Jim twist to spoof PayPal ID theft scam. Read more

www.ecommercetimes.com:
'Brand Spoofing' a Growing E-Mail Scam. Read more

www.zdnet.com.au:
ID Theft Battle Threatens Privacy. Read more

www.examiner.ie:
Call centre hackers spark terror probe. Read more

11 july 2003

New Trojans:
SlimFTPd 3.14

M-ld beta

URCS 1.0.3 build4

Peep 2.02

Vulnerabilities & Exploits:
www.securitytracker.com:
KNOPPIX CD Default Configuration May Let Local Users Grab Root Privileges. Read more

www.securitytracker.com:
phpSysInfo May Disclose Files on the System to Remote Users. Read more

www.securitytracker.com:
radware LinkProof SSH Connection Limitation Lets Remote Users Deny Administrative Service. Read more

www.securitytracker.com:
News51 Discloses Hashed Password File to Remote Users. Read more

www.securitytracker.com:
Forum51 Discloses Hashed Password File to Remote Users. Read more

www.securitytracker.com:
Board51 Discloses Hashed Password File to Remote Users. Read more

www.securitytracker.com:
BEA WebLogic Server May Disclose the Node Manager Password to Local Users. Read more

www.securitytracker.com:
BEA WebLogic Managed Server Independence Access Control Flaw May Yield Console Access to Remote Users. Read more

www.securitytracker.com:
Microsoft Outlook Web Access (OWA) May Disclose The User's OWA Password to Remote Users. Read more

www.securitytracker.com:
Zkfingerd Unsafe Syslog Call in _finger_error() Function Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
BEA WebLogic Server and Express May Disclose 'Admin' Password to 'Operator' Users. Read more

www.securitytracker.com:
Rockliffe MailSite Express Discloses Attachments to Remote Users. Read more

www.securitytracker.com:
ezTrans Input Validation Flaw Discloses Files on the System to Remote Users. Read more

News:
www.lurhq.com:
Reverse-Proxy Spam Trojan - Migmaf. Read more

www.smh.com.au:
Trojan uses home computers as porn proxy. Read more

www.tracking-hackers.com:
Know Your Enemy: Automated Credit Card Fraud (pdf). Read more

silicon.com:
Ginseng Jim twist to spoof PayPal ID theft scam. Read more

www.iht.com:
A virtual Pandora's (X)box opened by hackers. Read more

www.zdnet.com.au:
ID theft battle threatens Aust privacy: Experts. Read more

news.zdnet.co.uk:
Fake PayPal site could lead to identity theft. Read more

www.examiner.ie:
Call centre hackers spark terror probe. Read more

www.guardian.co.uk:
Feds: SSA Vulnerable to Identity Theft. Read more

washingtontimes.com:
Most businesses are hurt by cybercrime. Read more

10 july 2003

New Trojans:
Password Devil 1.0

Trail Of Destruction 2.0

Tiny HTTP Server 1.1

Back Attack 1.6

Vulnerabilities & Exploits:
www.nextgenss.com:
Microsoft Utility Manager Local Privilege Escalation. Read more

www.securitytracker.com:
ICQ Pro Lets Local Users Login Without Passwords. Read more

www.securitytracker.com:
Canon GP300 Copier Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Microsoft Internet Explorer Can By Crashed By Loading 'C:\aux' URL. Read more

www.securitytracker.com:
BillingExplorer Lack of Authentication Lets Remote Users Modify Billing Data. Read more

www.securitytracker.com:
ColdFusion MX Server Default Configuration Gives Remote Users RDS Access. Read more

www.securitytracker.com:
1st Screen Lock Access Control Flaw Discloses Password to Local Users. Read more

www.securitytracker.com:
Trillian Can By Crashed By Remote Users Sending a Malformed 'TypingUser' Message. Read more

www.securitytracker.com:
x-face.el Temporary File Vulnerability May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
SEMI Temporary File Vulnerability May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
IglooFTP Client Buffer Overflows Let Remote FTP Servers Execute Arbitrary Code on the Client. Read more

www.securitytracker.com:
cPanel Log File Filtering Flaw Permits Remote Cross-Site Scripting Attacks Against Administrators. Read more

News:
Microsoft Security Bulletin MS03-023
Buffer Overrun In HTML Converter Could Allow Code Execution (823559). Read more

Microsoft Security Bulletin MS03-024
Buffer Overrun in Windows Could Lead to Data Corruption (817606). Read more

Microsoft Security Bulletin MS03-025
Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679). Read more

www.securityfocus.com:
IE Bugs Keep Coming. Read more

www.informationweek.com:
Brazilian Group Wins Hacker Contest. Read more

www.eweek.com:
Microsoft Warns of New Windows Flaws. Read more

www.theregister.co.uk:
Microsoft to face patent violation claims today. Read more

09 july 2003

New Trojans:
Nuclear Uploader 1.1b

RVC 0.91

EHKS 2.0

SuperMM 1.0 98 (b)

HTTP RAT 0.21 (k)

Vulnerabilities & Exploits:
www.securityfocus.com:
Microsoft Outlook Web Access HTML Attachment Script Execution Vulnerability. Read more

www.securityfocus.com:
Mirabilis ICQ Password Bypass Weakness. Read more

www.securitytracker.com:
ColdFusion MX Server Default Configuration Gives Remote Users RDS Access. Read more

www.securitytracker.com:
1st Screen Lock Access Control Flaw Discloses Password to Local Users. Read more

www.securitytracker.com:
1st Security Agent Access Control Flaw Discloses Password to Local Users. Read more

www.securitytracker.com:
Trillian Can By Crashed By Remote Users Sending a Malformed 'TypingUser' Message. Read more

www.securitytracker.com:
x-face.el Temporary File Vulnerability May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
SEMI Temporary File Vulnerability May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
IglooFTP Client Buffer Overflows Let Remote FTP Servers Execute Arbitrary Code on the Client. Read more

www.securitytracker.com:
cPanel Log File Filtering Flaw Permits Remote Cross-Site Scripting Attacks Against Administrators. Read more

www.securitytracker.com:
myServer CGI Script Input Validation Flaws Let Remote Users Crash the Web Server. Read more

www.securitytracker.com:
ProductCart Shopping Cart Default Configuration Lets Remote Users Download the Shopping Database. Read more

www.securiteam.com:
Yahoo Messenger Service Call Buffer Overflow Vulnerability Resurfaces. Read more

www.securiteam.com:
Exploit Code Release for Toppler Game Vulnerability. Read more

www.debian.org:
DSA-342-1 mozart -- unsafe mailcap configuration. Read more

www.debian.org:
DSA-341-1 liece -- insecure temporary file. Read more

www.debian.org:
DSA-339-1 semi -- insecure temporary file. Read more

News:
www.ajc.com:
'Spoof' e-mail scam spreads. Read more

reuters.com:
Experts Say Hacker Hype Is Threat on Its Own. Read more

www.dailytimes.com.pk:
Weird web data foxes experts. Read more

www.komotv.com:
Janitors Busted For Identity Theft. Read more

thestar.com.my:
Colombia blame it on hackers. Read more

sci.newsfactor.com:
Hacking Competition Gets Hacked. Read more

www.net4nowt.com:
Viruses reach record high. Read more

08 july 2003

New Trojans:
OICQsearch 1.7

Remote Control 1.5

Remote Revise 1.72

Little Witch 6.1 (p) client

StealthWatcher 1.5

Vulnerabilities & Exploits:
www.securitytracker.com:
ProductCart Shopping Cart Default Configuration Lets Remote Users Download the Shopping Database. Read more

www.securiteam.com:
gnuchess Buffer Overflow Vulnerability (Exploit, -s). Read more

www.securiteam.com:
gnuan Buffer Overflow Vulnerability (Exploit, -s). Read more

www.securiteam.com:
isdnrep Buffer Overflow Vulnerability (Exploit, -t). Read more

www.securiteam.com:
Serious Vulnerabilities Found in Rediffmail.com Web Mail Service (CSS). Read more

www.securiteam.com:
XBOX Dashboard Local Vulnerability. Read more

News:
www.securityfocus.com:
Antivirus Concerns in XP and .NET Environments. Read more

www.eweek.com:
Requiem for a Hacker. Read more

australianit.news.com.au:
Mixed views on 'hacker contest'. Read more

news.com.com:
Web vandals' contest leaves faint trace. Read more

www.asiamedia.ucla.edu:
Hackers crack 17 Korean Web sites. Read more

www.zdnet.com.au:
How hackers had Microsoft over a barrel. Read more

www.nzz.ch:
Swiss turn up the heat on cybercrime. Read more

07 july 2003

New Trojans:
SRNServ

Igloo 2.02.0

Beast 2.00 (d) (may 23, 2003)

Vulnerabilities & Exploits:
www.securitytracker.com:
Mac OS X Screensaver Flaw Lets Physically Local Users Access a Locked Desktop. Read more

www.securitytracker.com:
Novell iChain Discloses to Remote Users Whether Usernames Exist or Not. Read more

www.securiteam.com:
Essentia Web Server Exploit Code Released. Read more

www.securiteam.com:
cPanel Malicious HTML Tags Injection Vulnerability. Read more

www.securiteam.com:
AXIS 560x Web Interface Vulnerable to a DoS. Read more

www.securiteam.com:
NetMeeting Directory Traversal Vulnerability. Read more

www.securiteam.com:
Active Directory Stack Overflow. Read more

www.securiteam.com:
Trillian Remote DoS (Malformed TypingUser). Read more

News:
www.freep.com:
Vandalism contest by hackers is disrupted. Read more

www.internetweek.com:
Hacker Trackers Attacked During Hacker Contest. Read more

www.zdnet.com:
Work at home? Here's how to stay secure. Read more

www.theregister.co.uk:
Dutch mass spammer loses grip. Read more

06 july 2003

New Trojans:
Hatred-Fiend 1.3

Igloo 1.5 server (c)

Furier

Furier Trojan 1.1

Near Mohists 1.868

Vulnerabilities & Exploits:
www.securitytracker.com:
Rediffmail Password Changing Process Lets Remote Users Hijack Accounts. Read more

www.securitytracker.com:
VP-ASP Shopping Cart Input Validation Flaw Lets Remote Users Inject SQL Commands to Gain Administrative Access. Read more

www.securitytracker.com:
ProductCart Input Validation Flaw Lets Remote Users Inject SQL Commands to Gain Administrative Access. Read more

www.securitytracker.com:
Xbox Dashboard Font File Loader Integer Overflow Lets Local Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Greymatter Weblog Input Validation Flaw Lets Remote Users Execute PHP Commands on the Target Server. Read more

www.securitytracker.com:
Roger Wilco Buffer Overflow Lets Remote Users Execute Arbitrary Code on Unsuspecting Clients. Read more

www.securitytracker.com:
OpenBSD pf Packet Filter May Disclose Internal IP Address and Port Number to Remote Users. Read more

www.securitytracker.com:
CCBill Input Validation Flaw in 'whereami.cgi' Script Permits Remote Operating System Command Execution. Read more

www.securitytracker.com:
Microsoft Windows 2000 ShellExecute() Buffer Overflow May Let Users Execute Arbitrary Code. Read more

News:
www.theregister.co.uk:
Hacker group releases software-only Xbox mod details. Read more

www.theregister.co.uk:
Anyone ever managed to claim on PayPal's Money Back Guarantee? Read more

www.globetechnology.com:
Hackers compete in international battle Sunday. Read more

05 july 2003

New Trojans:
Falling Star 1.22

OICQsearch 1.62

Magic Link 2.3

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft Commerce Server Discloses SQL Server Password to Local Users. Read more

www.securitytracker.com:
HP NotStop Server Flaw Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
ezbounce Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
PHPGroupWare Input Validation Flaws Permit Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft NetMeeting Directory Traversal Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Active Directory Stack Overflow in 'Lsaas.exe' Lets Remote Users Crash the Windows 2000 Server. Read more

www.securiteam.com:
Verity K2 Toolkit Query Builder XSS Vulnerability. Read more

News:
A new "IIS Media Services ISAPI Buffer Overflow Tutorial" is out, including source code (pdf). Download

www.computerworld.com.au:
Hoax bank sites target ANZ, Westpac. Read more

net-security.org:
Virus Writers Strictly PC - Macs Largely Snubbed By Cyber Underworld. Read more

news.zdnet.co.uk:
Microsoft defends security track record. Read more

www.globetechnology.com:
File sharing and firewalls. Read more

www.zdnet.com.au:
Group releases Xbox exploit amid MS prosecution threats. Read more

04 july 2003

The VoyForum of MegaSecurity has been closed by the VoyForums Staff due to its illegal password sharing.

New Trojans:
URCS 1.0.2

Downloader 1.0

MiniCommand 2.0.2

Vulnerabilities & Exploits:
lists.netsys.com:
XBOX Dashboard local vulnerability. Read more

www.lac.co.jp:
Windows 2000 ShellExecute() API Let Applications to Cause Buffer Overflow. Read more

www.securitytracker.com:
CyberStrong eShop Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
VisNetic WebSite Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
Adobe Acrobat Reader Buffer Overflow in WWWLaunchNetscape() May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
InterSystems Cache Database File Permissions Let Local Users Modify Files to Gain Root Privileges. Read more

www.securiteam.com:
Statement on the Announced Defacement Challenge (Zone-H.org). Read more

www.securiteam.com:
Verity K2 Toolkit Query Builder XSS Vulnerability. Read more

www.securiteam.com:
URLMON.DLL Buffer Overflow - Technical Details (Exploit). Read more

www.securiteam.com:
Windows 2000 ShellExecute() API Lets Applications to Cause a Buffer Overflow. Read more

www.securiteam.com:
Remote Format String Vulnerabilities in eXtremail Server (MAIL FROM, Reappearing). Read more

News:
www.securityfocus.com:
Penetration Testing for Web Applications (Part Two). Read more

www.computerworld.com.au:
Hoax bank sites target ANZ, Westpac. Read more

www.crn.com:
Illinois Supercomputer Center To Head Military Cybersecurity Effort. Read more

www.securityfocus.com:
Study: Wi-Fi users still don't encrypt. Read more

business.boston.com:
Government warns of large hacking attack. Read more

www.news.com.au:
Hacker contest fears dowsed. Read more

www.zdnet.com.au:
Group releases Xbox exploit amid MS prosecution threats. Read more

03 july 2003

New Trojans:
Zalivator 1.4.1 Pro (build 91)

R-Desktop 1.1

Igloo 2.02.5

Vulnerabilities & Exploits:
www.idefense.com:
Caché Insecure Installation File and Directory Permissions. Read more

www.security-corporation.com:
Cross Site Scripting Vulnerability in Phpgroupware. Read more

www.coresecurity.com:
NetMeeting Directory Traversal Vulnerability. Read more

www.coresecurity.com:
Active Directory Stack Overflow. Read more

www.krusesecurity.dk:
VisNetic WebSite Path Disclosure Vulnerability. Read more

www.securitytracker.com:
Abyss Web Server Heap Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
SSH Secure Shell RSA Signature Verification Flaw May Let Remote Users Forge Valid Signatures. Read more

www.securiteam.com:
Broadcast Buffer Overflow and Server Freeze in RogerWilco. Read more

News:
www.theage.com.au:
US warns of mass hacker attacks. Read more

asia.cnet.com:
Hackers organize vandalism contest. Read more

www.jsonline.com:
Hackers plan 'contest' to deface Web sites. Read more

www.smh.com.au:
Computer crime centre launched. Read more

www.smh.com.au:
Hacker who threatened Bloomberg gets prison. Read more

news.bbc.co.uk:
Spam peddlers hijack computers. Read more

02 july 2003

New Trojans:
Spy System 2.3

Roach 1.0

Snow 1.3

Little Witch 6.1 (w) server

sBot 2.0

Vulnerabilities & Exploits:
www.securitytracker.com:
paBox Authentication Flaw Lets Remote Users Gain Administrative Access and Execute Arbitrary Commands. Read more

www.securitytracker.com:
CuteNews Input Validation Flaw Lets Remote Users Inject Control Panel Commands to Be Executed By an Administrator. Read more

www.securiteam.com:
Buffer Overflow Vulnerability in Adobe Acrobat Reader. Read more

www.securiteam.com:
Aprelium Abyss Webserver X1 Arbitrary Code Execution and Header Injection. Read more

www.securiteam.com:
Vulnerability Enables Passport Account Hijackings (No Secret Question). Read more

www.securiteam.com:
Information Disclosure Vulnerability in ShareMailPro. Read more

www.securiteam.com:
PinkNet Web Server Directory Traversal Issue. Read more

www.securiteam.com:
Linux 2.4.x execve() File Read Race Vulnerability. Read more

www.securiteam.com:
Admin Account Creation Vulnerability in CuteNews (CSS). Read more

www.securiteam.com:
Caché Insecure Installation File and Directory Permissions. Read more

www.securiteam.com:
VMware Workstation Privilege Escalation Via Symlink Manipulation. Read more

News:
www.smh.com.au:
Hacker who threatened Bloomberg gets prison. Read more

www.globeandmail.com:
Microsoft patches another Passport hole. Read more

www.smh.com.au:
Slammer worm beats the rest. Read more

www.extremetech.com:
ZoneLabs Won't Fix Hole In Free Firewall. Read more

www.iht.com:
U.S. cracks down on e-tailers it sees as lax on security. Read more

boston.com:
Compliance Challenges Seen for Calif. Hacking Law. Read more

www.forbes.com:
US oil platform watcher shuts net over Indian suit. Read more

01 july 2003

New Trojans:
Hatred-Fiend 1.0

Postal irc bot C|0.5

OICQsearch 1.5

Vulnerabilities & Exploits:
www.securitytracker.com:
XGalaga Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
PinkNet Web Server Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
ImageMagick Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Mantis on Debian Linux Discloses Database Password to Local Users. Read more

www.debian.org:
DSA-338-1 proftpd -- SQL injection. Read more

www.debian.org:
DSA-337-1 gtksee -- buffer overflow. Read more

www.debian.org:
DSA-336-1 linux-kernel-2.2.20 -- several. Read more

www.debian.org:
DSA-335-1 mantis -- incorrect permissions. Read more

www.debian.org:
DSA-334-1 xgalaga -- buffer overflows. Read more

News:
www.securityfocus.com:
PetCo Plugs Credit Card Leak. Read more

www.pcworld.com:
Another Passport Flaw Reported. Read more

www.theregister.co.uk:
Mindjail worms way through IRC. Read more

www.theregister.co.uk:
ZoneAlarm bells ring over freeware vuln. Read more

www.theregister.co.uk:
Virus writers boost output in 2003. Read more

www.securityfocus.com:
Can Microsoft End Spam? Read more

www.wnbc.com:
Nationwide Retailer Falls Prey To Hacker. Read more

www.clickondetroit.com:
Old E-Mail Scam Breeds New Life. Read more

australia.internet.com:
Nothing is Secret with Spyware Lurking in PCs. Read more

www.computerworld.com.au:
Corporation caught in the cross hairs. Read more

www.sundayherald.com:
Young cyber-terrorists hold top US firms to ransom in Transylvania. Read more

www.sltrib.com:
Hunting for Hot Spots. Read more

www.mi2n.com:
Hacking The Xbox: A Handbook For A New Generation Of Hackers. Read more


Copyright© MegaSecurity.org