Home    News Archive    Translate Traducen
News july 20004
31 july 2004

New Trojans:
FTP Center 1.3

Harvester 2003 (mail) 1.0

SC-KeyLog 2.24

PLog 1.1

Vulnerabilities & Exploits
xforce.iss.net:
Multiple Vulnerabilities in Microsoft Internet Explorer. Read more

www.securitytracker.com:
DansGuarding File Extension Filter Can Be Bypassed With Hex-Encoded URLs. Read more

www.securitytracker.com:
Jaws 'controlpanel.php' Input Validation Error Lets Remote Users Inject SQL Commands to Gain Administrative Access. Read more

www.securitytracker.com:
LinPHA Authentication Flaw Grants Administrative Access to Remote Users. Read more

www.securitytracker.com:
lostBook Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Citadel/UX Buffer Overflow in USER Command Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
MyServer Bugs in math_sum.mscgi May Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
BlackJumboDog Has Buffer Overflow in the FTP Service That Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
SoX Local Buffer Overflow Vulnerabilities (st_wavstartread). Read more

www.securiteam.com:
PowerPortal XSS vulnerability. Read more

www.securiteam.com:
Artmedic Kleinanzeigen Allows PHP Code Inclusion ( index.php ). Read more

News:
www.microsoft.com:
Microsoft Security Bulletin MS04-025. Read more

www.ctv.ca:
Microsoft finally issues browser security patch. Read more

www.theregister.co.uk:
IE patch 'imminent'. Read more

www.theregister.co.uk:
Sasser kid blamed for viral plague. Read more

www.eweek.com:
Worms Spur New Defenses. Read more

comment.silicon.com:
Leader: Google - don't change for hackers. Read more

www.crime-research.org:
German banks experience a sudden upsurge of computer crime. Read more

zdnet.com.com:
Hackers plan global game of 'capture the flag'. Read more

zdnet.com.com:
Is Real's iPod "hacking" legal? Read more

www.theregister.co.uk:
Microsoft makes up for 64-bit delays with OS upgrade plan. Read more

news.zdnet.co.uk:
Microsoft Money shuts out users. Read more

30 july 2004

New Trojans:
FKWP 2.0

A-311 Death 0.21.3 client

A-311 Death 0.98.5 client

Tools
www.rf-dump.org:
RFDump is a tool to detect RFID-Tags and show their meta information: Tag ID, Tag Type, manufacturer etc. The user data memory of a tag can be displayed and modified using either a Hex or an ASCII editor. In addition, the integrated cookie feature demonstrates how easy it is for a company to abuse RFID technology to spy on their customers. RFDump works with the ACG Multi-Tag Reader or similar card reader hardware. Read more

Guides, Papers, etc
www.atstake.com:
Secure Surfing: Understanding the Security Risks of Web Browser Deployments. (pdf) Read more

Vulnerabilities & Exploits
www.securitytracker.com:
AntiBoard Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PowerPortal Input Validation Hole in Private Message Title Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
SoX Buffer Overflow in st_wavstartread() Lets Remote Users Execute Arbitrary Code. Read more

News:
www.msnbc.msn.com:
Consumers still falling for phish
Fake e-mails fool users 28 percent of the time, study find. Read more

www.pcworld.idg.com.au:
Virus Writing on the Increase – Sasser Worm the Major Irritant of 2004, But Netsky Worms Dominate Reports. Read more

www.internetweek.com:
Microsoft To Patch IE Next Week. Read more

www.theregister.co.uk:
Russian extortion gang faces 15 years. Read more

zdnet.com.com:
Google a favorite among hackers too. Read more

www.crime-research.org:
Russian computer crime statistics. Read more

www.pcworld.com:
Hackers Trade Tool Tips. Read more

itvibe.com:
RFID hacking tools released. Read more

news.bbc.co.uk:
Storm over iPod 'hacker tactics'. Read more

29 july 2004

Request for backdoors, trojans & worms
Please help MegaSecurity by submitting files.
Mail files to masterrat666@yahoo.com and zip them with password "infected".
For large files or submission of collections you can mail me for FTP upload.
Thanks

New Trojans:
PA HAC Pirates NG

Tyran 0.5a

Incriminati

NetAmine 1.03.105

Tools
Xplizer 1.0 - WindowsXp Hardening Tool
Xplizer is a security configuration hardening tool. It is mostly based on registry keys modification. Xplizer is designed for use by any computer user, from newbie to professional it supplys quick and effective security configuration. Xplizer was designed to be the first software you run right after WindowsXp installation, Because it closes DCOM,445,139(Disables Netbios),5000,1900UDP. After Xplizer was used a remote port scan of the computer will show nothing! - a ghost.
Read more

Guides, Papers, etc
www.paulgraham.com:
Great Hackers. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Check Point Provider-1 IKE ASN.1 Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Check Point VPN-1 IKE ASN.1 Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
IBM WebSphere Can Be Crashed By Remote Users Sending Large HTTP Headers. Read more

www.securitytracker.com:
Mensajeitor Authentication Flaw Yields Administrative Privileges to Remote Users. Read more

www.securitytracker.com:
phpMyFAQ Lets Remote Users Access the Image Manager Without Authorization. Read more

www.securitytracker.com:
Pavuk Digest Authentication Challenge Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
RiSearch/Ri Search Pro Discloses Files to Remote Users and Can Be Used as an Open Proxy. Read more

www.securitytracker.com:
Phorum Input Validation Error in 'search.php' Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Dropbear SSH Server DSS Verification Memory Error May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
OpenDocMan Access Control Error in 'commitchange.php' Lets Remote Authenticated Users Make Unauthorized Changes. Read more

News:
news.zdnet.co.uk:
One virus writer 'responsible for 70 percent of infections'. Read more

www.theregister.co.uk:
DDoSers attack DoubleClick. Read more

www.eweek.com:
Cyber-Crime Hackers Extort Cash From DDoS Victims. Read more

australianit.news.com.au:
MyDoom.O attacks wane. Read more

www.pcworld.idg.com.au:
New threat from MyDoom. Read more

www.ictworld.co.za:
MyDoomM and MyDoomL open backdoor to W32.Zindos.A. Read more

www.theregister.co.uk:
Microsoft attack worm rides on the back of MyDoom. Read more

itvibe.com:
Zindos virus targets Microsoft using MyDoom. Read more

www.pcworld.com:
Zindows Worm Follows MyDoom's Path. Read more

news.xinhuanet.com:
Virus overwhelms Google, 3 other search engines. Read more

www.internetweek.com:
4,677 Viruses In First Six Months of 2004. Read more

www.crime-research.org:
Russian hacker blackmailed gambling companies. Read more

www.stuff.co.nz:
Russian hackers threaten British businesses. Read more

nwc.linuxpipeline.com:
Survey Finds Linux Hacks Rare. Read more

28 july 2004

New Trojans:
Nethief 5.8

tdongsdbot 1.01 beta

Blackhole 2004

Webdownloader

Guides, Papers, etc
www.securityfocus.com:
Wireless Attacks and Penetration Testing (part 3 of 3). Read more

Vulnerabilities & Exploits
ferruh.mavituna.com:
ASPRunner Multiple Vulnerabilities. Read more

www.securitytracker.com:
Opera Web Browser Javascript 'location.replace' Lets Remote Users Spoof Address Bar. Read more

www.securitytracker.com:
Subversion mod_authz_svn Lets Remote Authenticated Users View Restricted Sections. Read more

www.securitytracker.com:
Litecommerce Installation Script May Let Remote Users Gain Administrative Access. Read more

www.securitytracker.com:
ASPRunner Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
FTP GLIDE Discloses Passwords to Local Users. Read more

www.securitytracker.com:
Firefox State Error Lets Remote Server Spoof Arbitrary Secure Web Sites. Read more

www.securitytracker.com:
Apple 'Internet Connect.app' Uses and Unsafe Temporary File That Lets Local Users Gain Root Privileges. Read more

www.securiteam.com:
Lexmark Network Printers Built-in Web Server DoS. Read more

www.securiteam.com:
Mac OS X Panther Internet Connect Vulnerability. Read more

www.securiteam.com:
Internet Explorer Method Cache Location Variant Trust Leads to Script Execution. Read more

News:
www.theregister.co.uk:
America - a nation of corporate email snoops. Read more

www.theinquirer.net:
Worm slings at Redmond Giant. Read more

news.zdnet.co.uk:
MyDoom attack dies away after 12 hours. Read more

www.theregister.co.uk:
We're all MyDoomed. Read more

news.zdnet.co.uk:
Google downed by latest MyDoom. Read more

uk.news.yahoo.com:
Web worm seen abating. Read more

news.zdnet.co.uk:
2004: A dreadful half-year for malware. Read more

news.zdnet.co.uk:
Government tries to secure UK from electronic attack. Read more

www.theinquirer.net:
Hackers attack advertisers. Read more

news.zdnet.co.uk:
Australian code aims to curb spam. Read more

www.theregister.co.uk:
Spamming for Dummies. Read more

27 july 2004

New Trojans:
Institution 2004 0.2.8

Remote Connection 2.1 (a)

Ghost Radmin 2.1 (c)

MMCrackz

Guides, Papers, etc
www.defcon.org:
Defcon agenda: Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Firefox State Error Lets Remote Server Spoof Arbitrary Secure Web Sites. Read more

www.securitytracker.com:
Apple 'Internet Connect.app' Uses and Unsafe Temporary File That Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
THINTUNE Backdoor Grants Root Access to Remote Users. Read more

www.securitytracker.com:
EasyIns Stadtportal Include File Bug Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
EasyWeb FileManager Discloses Files to Remote User. Read more

www.securitytracker.com:
HP-UX Unspecified Flaw in Xfs and stmkfont May Grant Access to Remote Users. Read more

www.securitytracker.com:
Nessus Race Condition in 'nessus-adduser' May Let Local Users Gain Elevated Privileges. Read more

Sun Java System Portal Server Proxy Authentication Flaw Grants Calendar Data Access to Remote Authenticated Users. Read more

www.securitytracker.com:
PostNuke 'install.php' Discloses Administrator Password to Remote Users. Read more

www.securitytracker.com:
Samba Buffer Overflows in Web Administration Tool and in 'hash' Mangling Method May Let Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
Denial of Service in Microsoft SMS Client (Exploit). Read more

News:
www.theregister.co.uk:
Google goes gimpy from MyDoom infection. Read more

story.news.yahoo.com:
Virus Overwhelms Google, 3 Other Search Engines. Read more

itvibe.com:
New MyDoom worm slows down search engines. Read more

www.freep.com:
Latest virus slows Internet search engines. Read more

www.theregister.co.uk:
Vegas braces for DEFCON. Read more

www.chron.com:
New virus slows Web search engines. Read more

www.internetweek.com:
New MyDoom Worm Really Bad Apple. Read more

www.theregister.co.uk:
Schwarzenegger virus terminated. Read more

www.crime-research.org:
Al Qaeda in cyber space: threats of cyberterrorism. Read more

www.channelnewsasia.com:
Netsky-P computer worm threatens to cast nasty spell on Harry Potter fans. Read more

26 july 2004

New Trojans:
Hackerz Backdoor 3.6

Caserito 1.0

Backdoor.Delf.bo

Guides, Papers, etc
Papers and presentations are now being accepted for PakCon 1st, Pakistan's First Hacking convention. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
THINTUNE Backdoor Grants Root Access to Remote Users. Read more

www.securitytracker.com:
EasyIns Stadtportal Include File Bug Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
eSeSIX Thintune Thin Client Multiple Vulnerabilities. Read more

www.securiteam.com:
HP dced Remote Command Execution. Read more

www.securiteam.com:
Denial of Service in Microsoft SMS Client (Exploit). Read more

News:
english.chosun.com:
Global Hackers Test their Skills on Korean Computer Systems. Read more

www.sunnetwork.org:
Osama's suicide virus pops on Net. Read more

www.crime-research.org:
Waianae man sentenced to month in jail for Internet crime. Read more

www.timesofoman.com:
New wave of con artistes go ‘phishing’ for saps. Read more

25 july 2004

New Trojans:
Blue Eye 1.0b

ForcedControl Uploader 1.1

Remote Bomber 1.2

FKWP 1.5

Guides, Papers, etc
www.dhs.gov:
Progress and Challenges in Securing the Nation’s Cyberspace. (pdf) Read more

www.nestonline.com:
An experiment with Lepton's Crack. Read more

www.spywareinfo.com:
The CoolWebSearch Chronicles
This is an article which details the variants of the browser hijacker known as CoolWebSearch (CWS). Read more

Vulnerabilities & Exploits
www.ecqurity.com:
Memory Corruption Vulnerability. Read more

www.securitytracker.com:
EasyWeb FileManager Discloses Files to Remote User. Read more

www.securitytracker.com:
HP-UX Unspecified Flaw in Xfs and stmkfont May Grant Access to Remote Users. Read more

News:
zdnet.com.com:
Virus writer purports to show bin Laden's death. Read more

news.bbc.co.uk:
Bin Laden 'suicide' virus on net. Read more

news.com.com:
Report: Federal cybersecurity effort needs improvement. Read more

24 july 2004

New Trojans:
NetAmine 1.3.113

System33r Multi Webdownloader 1.4.3

Keyer 1.5

Vulnerabilities & Exploits
www.cirt.net:
EasyWeb FileManager Module for PostNuke is vulnerable to a directory traversal problem which allows retrieval of arbitrary files from the remote system. Read more

www.securitytracker.com:
Nessus Race Condition in 'nessus-adduser' May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Sun Java System Portal Server Proxy Authentication Flaw Grants Calendar Data Access to Remote Authenticated User. Read more

www.securitytracker.com:
PostNuke 'install.php' Discloses Administrator Password to Remote Users. Read more

www.securitytracker.com:
Samba Buffer Overflows in Web Administration Tool and in 'hash' Mangling Method May Let Remote Users Execute Arbitrary Code. Read more

News:
www.theregister.co.uk:
Trojan poses as bin Laden suicide pics. Read more

news.zdnet.co.uk:
'Suicidal Osama Bin Laden' recruits a zombie army. Read more

www.theregister.co.uk:
Judge hands paedophile 10-year Net ban. Read more

news.zdnet.co.uk:
Olympics arms against virus threat. Read more

www.eweek.com:
Man Charged With Hacking Database Company. Read more

www.antiphishing.org:
US Bank - 'Notification of US Bank Internet Banking'. Read more

news.zdnet.co.uk:
BitDefender sees Al-Qaeda link in new Atak worm. Read more

23 july 2004

New Trojans:
PA HAC 1.6.2

ForcedControl Uploader 1.0

Proxy Trojan 1.0

Guides, Papers, etc
www.securityfocus.com:
Mac OS X ? Unix? Secure? Read more

Vulnerabilities & Exploits
www.securitytracker.com:
VPOP3 Can Be Crashed By Remote Users With Specially Crafted 'msglistlen' Value. Read more

www.securitytracker.com:
Xitami Web Server Can Be Crashed By Remote Users Sending Invalid HTTP Headers. Read more

www.securitytracker.com:
Flash FTP Server Lets Remote Users Traverse the Directory With CWD Command. Read more

www.securitytracker.com:
Cisco ONS Control Cards Can Be Reset By Remote Users Sending Malformed IP, ICMP, SNMP, TCP, and UDP Packets. Read more

www.securitytracker.com:
Cisco ONS Password Authentication Bug Lets Remote Users Access Certain Accounts. Read more

www.secnap.com:
Comcast Webmail Manager allows arbitrary java and activex code execution. Read more

www.atstake.com:
HP dced Remote Command Execution. Read more

www.securiteam.com:
Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities. Read more

www.securiteam.com:
Medal of Honor Remote Buffer Overflow. Read more

www.securiteam.com:
Samba 3.x SWAT Preauthentication Buffer Overflow. Read more

www.securiteam.com:
phpBB HTTP Response Splitting and Cross Site Scripting Vulnerabilities. Read more

www.securiteam.com:
PHPNuke Multiple Vulnerabilities in Search Module (Comments Search). Read more

www.securiteam.com:
PHPNuke Multiple Vulnerabilities in Search Module. Read more

www.debian.org:
DSA-531-1 php4 -- several vulnerabilities. Read more

News:
www.netlawblog.com:
Trojan Horse User Nabbed. Read more

www.informationweek.com:
Accused Hacker Faces 144 Charges. Read more

www.pcworld.idg.com.au:
Flordia hacker indicted in big online theft case. Read more

www.theregister.co.uk:
Judge hands paedophile 10-year Net ban. Read more

news.com.com:
All eyes on virus protection at Athens Olympics. Read more

star-techcentral.com:
Self-defence system to rout viruses, hackers. Read more

www.sundaytimes.co.za:
Hacker indicted over online data theft. Read more

www.theregister.co.uk:
Spammer charged in huge Acxiom personal data theft. Read more

www.computerworld.com:
German software pirate gets prison term for Microsoft fraud. Read more

www.theregister.co.uk:
German dealer jailed for MS packaging fraud. Read more

www.computerworld.com:
Bagle, Mydoom variants roil Internet. Read more

www.cnn.com:
Identity theft case could be largest so far. Read more

22 july 2004

New Trojans:
YAW 0.1

Boss Watcher 1.0

Keyer 1.0

SKL 1.0

URCS 1.0.3 build2

Vulnerabilities & Exploits
www.securitytracker.com:
4D Portal Default Password May Let Remote Users Access the System. Read more

www.securitytracker.com:
BLOG:CMS Include File Error May Let Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
APC PowerChute Business Edition Console Access Can Be Denied By Remote Users. Read more

www.securitytracker.com:
Conceptronic ADSL Router Can Be Restarted By Remote Users. Read more

www.securitytracker.com:
Lexmark Printer Web Interface Can Be Crashed By Remote Users Sending Long HOST Header Values. Read more

www.securitytracker.com:
WWW File Share Pro Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
phpBB Input Validation Holes Permit Cross-Site Scripting and Response Splitting Attacks. Read more

www.securiteam.com:
Apache HTTPd Arbitrary Long HTTP Headers DoS (Exploit). Read more

www.securiteam.com:
Drcatd Multiple Buffer Overflows (Exploit). Read more

www.securiteam.com:
Microsoft Windows 2K/XP Task Scheduler Vulnerability (Exploit, MS04-022). Read more

www.securiteam.com:
Microsoft Windows POSIX Component Privilege Elevation (Exploit). Read more

www.securiteam.com:
Serena Software's TeamTrack Sensitive Content Disclosure. Read more

www.securiteam.com:
Internet Software Sciences's Web+Center SQL Injection. Read more

www.securiteam.com:
LBE Web HelpDesk SQL Injection. Read more

www.securiteam.com:
NetSupport DNA HelpDesk SQL Injection. Read more

www.securiteam.com:
Polar HelpDesk Inadequate Security Checks. Read more

www.securiteam.com:
HelpBox Multiple SQL Injection Vulnerabilties. Read more

www.securiteam.com:
Mensajeitor Inadequate Permissions Check. Read more

www.securiteam.com:
Atari800 Multiple Buffer Overflows (Exploit). Read more

www.cisco.com:
Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities. Read more

News:
www.sarawaktribune.com.my:
Experts warn about new wave of computer viruses. Read more

www.theregister.co.uk:
Bluesocket punts wireless security kit. Read more

www.winnetmag.com:
Stopping Malware That Travels Through SSL Connections. Read more

www.pcworld.idg.com.au:
Bagle and MyDoom worms gain new family members, Sophos comments. Read more

nwc.linuxpipeline.com:
Researchers Find 'Critical' PHP Security Flaws. Read more

www.crn.com:
Man Charged With Hacking Acxion Database Company. Read more

www.technewsworld.com:
IPv6 Offers Better Security, Wireless Features. Read more

www.financialexpress.com:
McAfee Sets Up Dedicated Anti-Virus Team. Read more

news.com.com:
Feeling secure? Not John Thompson. Read more

www.pcworld.com:
Rise in 'Phishing' Causes Alarm. Read more

www.financetech.com:
Phishing Attacks Linked To Organized Crime. Read more

www.securityfocus.com:
ATM keypads get a security boost. Read more

www.crn.com:
Symantec Nearly Doubles Revenue. Read more

21 july 2004

New Trojans:
Institution 2004 0.3.0

Tequila Bandita 1.2

ScreenGrab (2)

Guides, Papers, etc
www.totse.com:
How Mitnick Hacked Tsutomu Shimomura with an IP Sequence Attack. (Date: 25 Jan 1995) Read more

hackertrap.ivan.nu:
Hacker challenge.
The first person who (successfully) manages to hack into this computer will immediately be rewarded a cash payment with the total amount of 1000 SEK and no charges will be pressed. Read more

www.redmondraid.com:
Anti Microsoft Flash Game to promote their lawsuit or something against Microsoft. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
artmedic kleinanzeigen Include File Error Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Whisper FTP Surfer Long File Name Buffer Overflow May Let Remote Servers Execute Arbitrary Code. Read more

www.securitytracker.com:
PlaySMS Lets Remote Users Inject SQL and Execute Arbitrary PHP Code. Read more

www.securitytracker.com:
Sysinternals PsTools Fails to Disconnect Share Access Allowing Local Users to Gain Administrative Access on Remote Systems. Read more

www.securitytracker.com:
Sun Solaris Volume Manager Input Validation Error Lets Local Users Panic the Kernel. Read more

www.securiteam.com:
Utility Manager Exploit Code (MS04-019). Read more

www.securiteam.com:
OllyDbg Format String Bug. Read more

News:
www.thecouriermail.news.com.au:
New wave of worms: expert. Read more

www.informationweek.com:
New Bagle Spreads Fast By Shutting Down Defenses. Read more

www.theregister.co.uk:
$242m 419 scam trial collapses. Read more

www.theregister.co.uk:
Hacking, downloading and bad Web design. Read more

www.smh.com.au:
Melbourne firm warns of new worm risk. Read more

www.cellular-news.com:
First virus for Windows smartphones. Read more

www.winnetmag.com:
It Had to Happen Sooner or Later. Read more

www.internetweek.com:
Dell Launches Site To Fight Spyware, Viruses. Read more

20 july 2004

New Trojans:
Troy 1.0

Evil Net Logger Fantasy

Backdoor.Delf.bk

Guides, Papers, etc
www.securityfocus.com:
Packet Crafting for Firewall & IDS Audits (Part 2 of 2). Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Outblaze E-mail Javascript Filtering Error Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Error in Search Module 'categ' Variable Permits SQL Injection. Read more

www.securitytracker.com:
PostNuke Input Validation Hole in Reviews Module 'title' Field Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
CuteNews Input Validation Flaw in 'addcomment' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.zapthedingbat.com:
Has MasterCard gone on a phishing trip, leaving the back door wide open? Read more

News:
www.stuff.co.nz:
Beagle worm threat rises. Read more

www.theregister.co.uk:
Hacker charged with US gov attack. Read more

www.reuters.com:
Philippines Busts Foreign Phone-Hacking Syndicate. Read more

www.yonhapnews.co.kr:
South Korea's State PR Agency Hacked, Possibly by Brazilian. Read more

www.computerweekly.com:
Beware hackers' deals, say experts. Read more

www.eweek.com:
New Phishing Technique Works on Multiple Browsers. Read more

www.pcworld.idg.com.au:
Study: MasterCard, others unwittingly help 'phishers'. Read more

www.zapthedingbat.com:
Has MasterCard gone on a phishing trip, leaving the back door wide open? Read more

19 july 2004

New Trojans:
Backdoor.Delf.au

MIKSOFT Remote Control 1.0

SlimFTP 3.15

Packet Rat

1308FTP 1.1

Tools
ServTerm is a winsock tool which can assist you in debugging client/server communications. You can make it act as a server (eg, a web server or mail server) to examine the data that clients transmit. ServTerm itself transmits data line-by-line to mimic server behaviour. You can also use ServTerm in client mode, in which case it acts like a telnet program except that you can scroll back to see previous output and transmit data line-by-line. Read more

SocksCap™ automatically enables Windows-based TCP and UDP networking client applications to traverse a SOCKS server. SocksCap intercepts the networking calls from WinSock applications and redirects them through the SOCKS server without modification to the orginal applications or to the operating system software or drivers. Read more

Guides, Papers, etc
Wolves In Sheep's Clothing: Malicious DLLs Injected Into Trusted Host Applications. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
OllyDbg Format String Flaw in OutputDebugString() Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
eXtropia WebStore Input Validation Bug Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Hotmail HTML Comment Condition IF Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
EA Games Medal of Honor Has Buffer Overflow in 'connect' Packet That Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
I-Cafe Access Restrictions Can By Bypassed By Local Users. Read more

www.securitytracker.com:
OverByte ICS FTP Server Can Be Crashed By Remote Users. Read more

www.securiteam.com:
Unchecked Buffer in mstask.dll. Read more

www.k-otik.com:
Microsoft Windows 2K/XP Task Scheduler .job Exploit (MS04-022). Read more

www.darkbicho.iberhosting.net:
injection html CuteNews. Read more

News:
www.airscanner.com:
Introducing the First Virus for Windows Mobile Pocket PC. Read more

www.theinquirer.net:
Re-invigorated Bagle virus springs to life again. Read more

www.crn.com:
New Bagle Worm Slams, Then Slows. Read more

story.news.yahoo.com:
Security Holes Sinking IE. Read more

www.extremetech.com:
First Windows CE Virus Surfaces. Read more

www.pcworld.idg.com.au:
Viruses for Windows Mobile a Reality. Read more

www.theinquirer.net:
Hackers and establishment to mingle at DEFCON. Read more

www.defcon.org:
DEFCON 12 will be held July 30-August 1, 2004 at the Alexis Park, Las Vegas. Read more

www.wired.com:
Bracing for the Microsoft Update. Read more

www.news-journalonline.com:
Improving security in Windows upgrade isn't so simple. Read more

www.stltoday.com:
More-secure Windows poses compatibility problems. Read more

www.freep.com:
Microsoft offers security update for Windows XP. Read more

www.theinquirer.net:
Symantec braced for Microsoft SP2 Hell. Read more

18 july 2004

New Trojans:
Backdoor.Delf.ad

Manslut Uploader 1.1

FWebDownloader

Vulnerabilities & Exploits
www.securitytracker.com:
PHP-Nuke Input Validation Hole in 'instory' in Search Module Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
phpBB Input Validation Holes in 'index.php' and 'lang_faq.php' Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
mod_ssl Format String Error in 'ssl_engine_ext' May Let Remote Users Execute Arbitrary Code. Read more

www.debian.org:
DSA-528-1 ethereal -- denial of service. Read more

www.debian.org:
DSA-530-1 l2tpd -- buffer overflow. Read more

www.debian.org:
DSA-529-1 netkit-telnet-ssl -- format string. Read more

www.k-otik.com:
Windows NT/2000 POSIX Subsystem Privilege Escalation Exploit (MS04-020). Read more

News:
www.eweek.com:
First Windows CE Virus Surfaces. Read more

www.neowin.net:
First Pocket PC (Windows CE) Virus Discovered. Read more

english.chosun.com:
Hacking Attempts from China, Taiwan and Hong Kong Increasing Rapidly. Read more

www.globetechnology.com:
Latest Bagle succeeds by sheer numbers. Read more

zdnet.com.com:
New sleeper worm has political link. Read more

www.computerworld.com:
Hacker source code shop closes its doors. Read more

www.omaha.com:
'Phishing' uses e-mail to commit identity theft. Read more

17 july 2004

New Trojans:
Mafia Downloader 1.1

PA HAC 1.4

Ares invader 1.3

Guides, Papers, etc
www.securityfocus.com:
Metasploit Framework (Part Two) The Prometheus Of Exploitation. Read more

www.internetnews.com:
Philip Zimmermann, PGP Creator. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Mozilla Certificate Management Bug Lets Remote Users Cause Invalid Root CA Certificates to Be Silently Imported. Read more

www.securitytracker.com:
Microsoft Systems Management Server (SMS) Client Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Board Power Input Validation Hole in 'icq.cgi' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

News:
www.theregister.co.uk:
Bagle copycat builds Zombie attack network. Read more

news.zdnet.co.uk:
New Bagle opens another spam backdoor. Read more

news.zdnet.co.uk:
New Bagle released but Netsky tops the malware charts. Read more

www.sundaytimes.co.za:
Beagle worm variant getting worse. Read more

news.zdnet.co.uk:
BitDefender sees Al-Qaeda link in new Atak worm. Read more

www.theregister.co.uk:
MS wins $4m from spammer scammmer. Read more

www.geekzone.co.nz:
Company claims to have found the first virus for Pocket PC. Read more

www.theregister.co.uk:
Oxford Uni hacks-to-hackers land in hot water. Read more

news.zdnet.co.uk:
UK companies in 'blissful ignorance' over spyware threat. Read more

uk.news.yahoo.com:
U.S. government websites hacker charged. Read more

news.zdnet.co.uk:
Hackers put 'stolen' source code online. Read more

www.techweb.com:
Brazen Hackers Amp Up The Hubris. Read more

itmanagement.earthweb.com:
Online Phishing Scams Exploding. Read more

www.theregister.co.uk:
Charges against Amsterdam '419ers' dismissed. Read more

www.theregister.co.uk:
IEEE groups fight for control of key standards. Read more

16 july 2004

New Trojans:
Evil Net Fantasy

GWGhost 3.54a

Backdoor.Bregol

Guides, Papers, etc
feldman.org:
SMTP Penetration Risks Paper Available. Read more

www.cs.biu.ac.il:
Protecting (even) Naïve Web Users,
or: Preventing Spoofing and Establishing Credentials of Web Sites. Read more

www.garykessler.net:
An Overview of Steganography for the Computer Forensics Examiner. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Gattaca Server Multiple Input Validation Bugs Let Remote Users Deny Service, Determine System Information, and Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Novell BorderManager 'IKE.NLM' VPN Module Can Be Crashed By Remote Users. Read more

News:
www.theregister.co.uk:
Bush to sign anti-phishing bill. Read more

zdnet.com.com:
Latest Bagle succeeds by sheer numbers. Read more

www.financialcryptography.com:
New Attack on Secure Browsing. Read more

news.ninemsn.com.au:
S Korea asks China to track hackers. Read more

www.computerworld.com:
Sidebar: Hacking for profit. Read more

www.canada.com:
Hackers breached Defence Department computers: report on security lapses. Read more

www.crime-research.org:
Problems of Combating Computer Crimes and Cyber Terrorism. Read more

www.sacarny.com:
Mozilla Vulnerability Timeline. Read more

www.theregister.co.uk:
Forensic computing uncloaks industrial espionage. Read more

15 july 2004

New Trojans:
Taladrator 2003 3.0 public

Backdoor.EEYE.b

Backdoor.T543

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft Windows Task Scheduler '.job' Stack Overflow. Read more

www.securitytracker.com:
PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon. Read more

www.securitytracker.com:
Linux Kernel 'eql.c' Device Driver Error Lets Local Users Crash the System. Read more

www.securitytracker.com:
PHP strip_tags() Can Be Bypassed By Remote Users With Tags Containing '\0'. Read more

www.securitytracker.com:
PHP 'memory_limit' Abort Feature Error May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Moodle Input Validation Bug in 'help.php' File Parameter Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
4D WebSTAR Grants Access to Remote Users and Elevated Privileges to Local Users. Read more

www.securiteam.com:
HtmlHelp CHM File Heap Overflow. Read more

News:
humorix.org:
Microsoft Blames DOJ For Internet Explorer Security Holes. Read more

www.theregister.co.uk:
Stealth virus is stealthiest of all. Read more

slashdot.org:
'Stealth' Worm Hinders Sandbox Analysis. Read more

www.pcadvisor.co.uk:
New Trojan horse travels by spam. Read more

www.computerweekly.com:
Mass Trojan on the loose. Read more

news.zdnet.co.uk:
Hackers put 'stolen' source code online. Read more

news.com.com:
Pssst--wanna buy some source code? Read more

news.zdnet.co.uk:
Important' Windows flaw could turn critical. Read more

www.informationweek.com:
Microsoft Puts Out Trojan Killer. Read more

comment.zdnet.co.uk:
Service Pack 2: Patching the unpatchable. Read more

www.crime-research.org:
Fighting cyberterrorism: expert's opinion. Read more

www.detnews.com:
Hackers turn Arkansas government servers into al-Qaida video hub. Read more

australianit.news.com.au:
Online nasties haunt managers. Read more

m2.com:
Chinese viruses infect South Korean government PCs. Read more

www.computerworld.com:
Worm Wars. Read more

www.betanews.com:
Hotmail Gets Antivirus Protection. Read more

14 july 2004

New Trojans:
SubSeven 2.2 Chinese edition

GWGhost 3.51

CmjSpy 1.0

Guides, Papers, etc
www.phrack.org:
Phrack #62 has been released. Read more

www.security-assessment.com:
The affects of the `Poison NULL byte` have not been widely explored in ASP, but as with other languages the NULL byte can cause problems when ASP passes data to objects.This problem arises when data is compared and validated in ASP script but passed to the FileSystemObject without checking for NULL bytes. This document will discuss how ASP upload scripts can be affected by the Poison NULL byte attack. (pdf) Read more

www.microsoft.com:
What You Should Know About Mass Mailer Worms Like Bagle. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft IE Lets Remote Users Spoof Filenames Using CLSIDs. Read more

www.securitytracker.com:
Microsoft Internet Explorer 'shell:' Protocol Lets Remote Users Execute Arbitrary Scripting Code in the Local Zone. Read more

www.securitytracker.com:
Microsoft IIS 4.0 Buffer Overflow in Redirect Function Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft HTML Help Input Validation Error Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Windows Task Scheduler Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Windows 2000/NT POSIX Subsystem Buffer Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Microsoft Utility Manager Permits Local Applications to Run With Elevated Privileges. Read more

www.securitytracker.com:
Microsoft Internet Explorer Same Name Javascript Bug Lets Remote Users Execute Arbitrary Javascript in the Domain of an Arbitrary Site. Read more

www.securitytracker.com:
Microsoft Internet Explorer Access Control Flaw in popup.show() Lets Remote Users Execute Mouse-Click Actions. Read more

www.idefense.com:
Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability. Read more

www.atstake.com:
WebSTAR 5.3.2 Multiple Vulnerabilities. Read more

www.securitytracker.com:
Shorewall Uses Unsafe Temporary Files That May Allow a Local User to Gain Elevated Privileges. Read more

www.securitytracker.com:
HP OpenVMS DCE Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Bugzilla Has Several Bugs, Permitting Privilege Escalation, SQL Injection, and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
INweb Mail Lets Remote Users Deny Service By Multiple Connections in Rapid Succession. Read more

www.securitytracker.com:
Half-Life Game Server and Client Can Be Crashed With Specially Crafted Packet Spliting Data. Read more

www.securitytracker.com:
Ada ImgSvr Discloses Files to Remote Users and May Execute Arbitrary Code. Read more

www.securiteam.com:
Linksys Wireless Internet Camera File Disclosure (main.cgi). Read more

www.securiteam.com:
Windows Expand-Down Data Segment Local Privilege Escalation (Exploit). Read more

www.securiteam.com:
Foxmail FROM Field Buffer Overflow. Read more

www.securiteam.com:
IBM AIX Inventory Scout Log File Vulnerability (invscoutd). Read more

News:
Microsoft Security Bulletin MS04-018
Cumulative Security Update for Outlook Express (823353). Read more

Microsoft Security Bulletin MS04-019
Vulnerability in Utility Manager Could Allow Code Execution (842526). Read more

Microsoft Security Bulletin MS04-020
Vulnerability in POSIX Could Allow Code Execution (841872). Read more

Microsoft Security Bulletin MS04-021
Security Update for IIS 4.0 (841373). Read more

Microsoft Security Bulletin MS04-022
Vulnerability in Task Scheduler Could Allow Code Execution (841873). Read more

Microsoft Security Bulletin MS04-023
Vulnerability in HTML Help Could Allow Code Execution (840315). Read more

Microsoft Security Bulletin MS04-024
Vulnerability in Windows Shell Could Allow Remote Code Execution (839645). Read more

www.infoworld.com:
Companies warn of mass Trojan distribution. Read more

zdnet.com.com:
Worm sleeps to avoid detection. Read more

www.mozillazine.org:
Malware Authors Target Mozilla, Developers Respond with Enhanced Safeguards. Read more

www.theregister.co.uk:
Companies adapt to a zero day world. Read more

www.catb.org:
The Final Virus: A Science-Fiction Story. Read more

www.globetechnology.com:
Hackers crack Defence Department. Read more

www.crime-research.org:
Computer crimes in Ukraine. Read more

www.internetnews.com:
Microsoft Hits, Misses on Security Releases. Read more

www.theregister.co.uk:
DNS changes to take minutes (instead of hours). Read more

australianit.news.com.au:
Virus removal tool released. Read more

www.theinquirer.net:
Ballmer whispers loudly about security. Read more

13 july 2004

New Trojans:
Blackhole ttitan

ZXShell

Backdoor.Sicirc

Vulnerabilities & Exploits
www.securityfocus.com:
Brand New Hole: Internet Explorer: HijackClick 3. Read more

slashdot.org:
MSN, Word Vulnerable To Shell: URI Exploit. Read more

www.securitytracker.com:
Apache Can Be Crashed By PHP Code Invoking Nested Remote Sockets. Read more

www.securitytracker.com:
Microsoft Internet Explorer Can Be Crashed By Remote Users With Large Text Files. Read more

www.securitytracker.com:
Ability Mail Server Lets Remote Users Deny Service and Conduct Cross-Site Scripting Attacks. Read more

www.securiteam.com:
MySQL Authentication Bypass Client Patch Proof Of Concept Exploit. Read more

www.securiteam.com:
Sun JVM Insecure Temporary File Creation Allows Remote Code Execution. Read more

www.securiteam.com:
Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability. Read more

www.securiteam.com:
csFAQ Path Disclosure. Read more

News:
www.theregister.co.uk:
Windows XP SP2 slips into Fall. Read more

www.theregister.co.uk:
MSN search guru 'stole AltaVista code'. Read more

www.theregister.co.uk:
Mozilla takes bite out of IE. Read more

www.newsfactor.com:
Internet Explorer Slips, Loses Market Share. Read more

www.computerweekly.com:
Firms urged to look at rivals to 'hackers' target' Internet Explorer. Read more

itmanagement.earthweb.com:
Run, Don't Walk, from Internet Explorer. Read more

www.yonhapnews.co.kr:
(LEAD) 10 Gov't Bodies, Including National Assembly, Hacked in June. Read more

www.theinquirer.net:
Symantec buys anti-spammer. Read more

www.theregister.co.uk:
Pssst, wanna spam mobile phones? Read more

12 july 2004

New Trojans:
System33r Tiny Webdownloader fwb 0.2 fix

Backdoor.Afcore.c

Iroffer 1.3b02 (1303.j)

Guides, Papers, etc
www.securityfocus.com:
Service Pack Deux? Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Norton Anti-Virus Lets Remote Users Consume CPU Resources When Repairing Nested Subdirectories. Read more

www.securitytracker.com:
wvWare Library Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
Mozilla shell: Scheme Allows Code Execution. Read more

www.securiteam.com:
Opera Address Bar Spoofing Condition. Read more

www.securiteam.com:
MySQL Authentication Bypass Client Patch Proof Of Concept Exploit. Read more

www.securiteam.com:
Multiples Vulnerabilities In JAWS. Read more

www.securiteam.com:
SSLTelnet Daemon Remote Format String Vulnerability. Read more

News:
news.zdnet.co.uk:
Microsoft to distribute XP SP2 on one million CDs. Read more

www.stltoday.com:
Microsoft security flaws highlight need to change Web browsers. Read more

www.yonhapnews.co.kr:
Computer Viruses in South Korea More Than Triple in First-Half. Read more

www.techweb.com:
Survey: Enterprises Expect Virus Problem To Grow. Read more

www.informationweek.com:
Business Technology: The Security Revolution: Coming Soon To A Vendor Near You. Read more

11 july 2004

New Trojans:
Institution 2004 0.2.6

Netsys 3.9

The Lamer 0.1 client

Guides, Papers, etc
Monitoring and Early Warning for Internet Worms (pdf). Read more

Trends in Viruses and Worms(pdf). Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Norton Anti-Virus Lets Remote Users Consume CPU Resources When Repairing Nested Subdirectories. Read more

www.securitytracker.com:
wvWare Library Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Mozilla Lets Remote Users Launch Local Windows Applications Via the 'shell:' Protocol. Read more

www.securitytracker.com:
Firefox Lets Remote Users Launch Local Windows Applications Via the 'shell:' Protocol. Read more

www.securitytracker.com:
Thunderbird Lets Remote Users Launch Local Windows Applications Via the 'shell:' Protocol. Read more

www.securitytracker.com:
EasyDisk May Let Local Users Access Protected Files Without Entering a Passid. Read more

www.securitytracker.com:
SSLtelnet Format String Error May Let Remote Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
Linux IA64 Floating Point Register Access Control Error May Disclose Information to Local Users. Read more

News:
observer.guardian.co.uk:
Police swoop on Nigerian email fraud ringleaders. Read more

www.eweek.com:
Isn't Now the Time to Try a Linux Desktop? Read more

www.eweek.com:
Mozilla Flaw Lets Links Run Arbitrary Programs. Read more

www.eweek.com:
IE Exploit Attacks Another Piece of ActiveX. Read more

spam.weblogsinc.com:
The lovegate reopens…and the love is a’flowin. Read more

times.hankooki.com:
Varient Viruses Nag Internet Users. Read more

www.itweb.co.za:
Web spam can be beaten in two years, say regulators. Read more

10 july 2004

New Trojans:
DFGbot 8.1.3

DLX Webdownloader 1.01

Litmus (c) server

Vulnerabilities & Exploits
www.securitytracker.com:
Mozilla Lets Remote Users Launch Local Windows Applications Via the 'shell:' Protocol. Read more

www.securitytracker.com:
Firefox Lets Remote Users Launch Local Windows Applications Via the 'shell:' Protocol. Read more

www.securitytracker.com:
Thunderbird Lets Remote Users Launch Local Windows Applications Via the 'shell:' Protocol. Read more

www.securitytracker.com:
EasyDisk May Let Local Users Access Protected Files Without Entering a Passid. Read more

www.securitytracker.com:
SSLtelnet Format String Error May Let Remote Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
Linux IA64 Floating Point Register Access Control Error May Disclose Information to Local Users. Read more

www.securitytracker.com:
Comersus Cart Cross-Site Scripting Vulnerability. Read more

News:
mozilla.org:
What Mozilla users should know about the shell: protocol security issue. Read more

www.theregister.co.uk:
Mozilla bug rears its head. Read more

news.zdnet.co.uk:
Security flaw found in Mozilla browser. Read more

news.zdnet.co.uk:
2004: Internet Explorer's year of shame. Read more

www.mytelus.com:
Alleged hacker is now employed by software giant Microsoft Corp. Read more

news.zdnet.co.uk:
Old-school worm loves Windows applications. Read more

www.theregister.co.uk:
Vodafone defends buggy content filter. Read more

koaa.mdlproductions.com:
Email scam targets Wells Fargo customers. Read more

www.ebusinessforum.com:
Global: Fraudsters all gone phishing. Read more

09 july 2004

New Trojans:
System33r Socks4 0.0.1 TEST

Caznova Mail Notify

chti Webdownloader 2.0

Guides, Papers, etc
www.cs.wisc.edu:
Testing Malware Detectors. Read more

www.maths.usyd.edu.au:
Secure your PC. Read more

Vulnerabilities & Exploits
secunia.com:
Mozilla Fails to Restrict Access to "shell:". Read more

www.securitytracker.com:
DiamondCS Process Guard Can Be Disabled By Local Users. Read more

www.securitytracker.com:
Nokia 3560 Phone Can Be Crashed By Remote Users Via Text Message. Read more

www.securitytracker.com:
Comersus Cart Lets Remote Users Modify Prices When Ordering. Read more

www.securitytracker.com:
NPDS Input Validation Error in Message Replies and Topics Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Comersus Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Backdoor Menu on Conexant Chipset Dsl Router (Zoom X3). Read more

www.securiteam.com:
Comersus Cart Cross-Site Scripting Vulnerability. Read more

www.idefense.com:
SSLTelnet Remote Format String Vulnerability. Read more

News:
news.zdnet.co.uk:
Security flaw found in Mozilla browser. Read more

www.mozilla.org:
What Mozilla users should know about the shell: protocol security issue. Read more

www.smh.com.au:
New versions of Lovegate worm wreak havoc. Read more

www.infoworld.com:
Microsoft to pitch security as 'competitive advantage'. Read more

www.informationweek.com:
Disclosure: Security Pros Want Flaw Information Sooner. Read more

08 july 2004

New Trojans:
Msn Trojan 5.1

NeoTurk Reloaded 1.5 (a)

Backdoor.NB

Guides, Papers, etc
www.insecure.org:
Nmap 3.55 Released. Read more

arnold.mcdonald.free.fr:
NETSKY.D MUSICAL PAYLOAD: SOUNDS FROM OUTER SPACE. Read more

arnold.mcdonald.free.fr:
MYDOOM KLINGONIC ROT13 ENCRYPTION.Read more

arnold.mcdonald.free.fr:
LET'S HAVE FUN WITH EICAR TEST FILE. Read more

www.microsoft.com:
Windows XP Service Pack 2 Release Candidate 2 Preview. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Zoon X3 ADSL Modem Grants Access to Remote Users By Default. Read more

www.securitytracker.com:
Ethereal Bugs in the iSNS, SMB, and SNMP Dissectors Let Remote Users Crash Ethereal or Possibly Execute Arbitrary Code. Read more

www.securitytracker.com:
FreeBSD Jail Utilities (jailutils) May Disclose Environment Information to Local Users. Read more

www.securiteam.com:
WebSphere Edge Server DoS Through JunctionRewrite Directive. Read more

www.securiteam.com:
MySQL Authentication Bypass Exploit. Read more

www.securiteam.com:
SCI Photo Chat Server Cross Site Scripting. Read more

www.securiteam.com:
Bypassing UnrealIRCd IP Cloaking. Read more

www.securiteam.com:
Content-Type XSS Vulnerability in Multiple Webmail Programs. Read more

www.securiteam.com:
DiamondCS Process Guard Can Be Disabled by Direct Service Table Restoration. Read more

News:
www.theregister.co.uk:
Together we can defeat spam in two years. Read more

news.com.com:
Old-school worm loves Windows applications. Read more

www.theregister.co.uk:
VoIP hackers gut Caller ID. Read more

www.channelnewsasia.com:
Fujitsu develops encryption tech that takes 20 million years to break. Read more

www.newsfactor.com:
New Internet Explorer Exploit Posted on Web. Read more

linuxtoday.com:
The Inquirer: Open Source Worm Wriggles Above Ground. Read more

www.eweek.com:
IE Exploit Attacks Another Piece of ActiveX. Read more

07 july 2004

New Trojans:
Dark Moon 1.0

Tindler 1.0

Nethief 5.7

Guides, Papers, etc
arnold.mcdonald.free.fr:
Bagle.N conceals a representative picture of the "ASCII art" scene. But it's never shown and you need to debug or disassemble the worm to see it. Read more

www.securityfocus.com:
Multi-Layer Intrusion Detection Systems. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Jaws Errors Let Remote Users View Files and Gain Administrative Access. Read more

www.securitytracker.com:
Google GMail 'CheckAvailability' Script May Disclose User Information to Remote Users. Read more

www.securitytracker.com:
UnrealIRCd Weak IP Cloaking Mechanism Discloses IP Addresses to Remote Users. Read more

www.securitytracker.com:
MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication. Read more

www.securitytracker.com:
12Planet Chat Server Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

News:
www.theinquirer.net:
Open Source Worm wriggles above ground. Read more

www.informationweek.com:
New Bagle Worm Is Spreading Its Source Code. Read more

www.securityfocus.com:
VoIP hacks gut Caller I.D. Read more

www.theregister.co.uk:
Bagle source code unleashed. Read more

software.silicon.com:
Fear of viruses and poor AV protection growing. Read more

news.com.com:
The attack of the $2 million worm. Read more

www.newsfactor.com:
International Anti-Spam Offensive Launched. Read more

www.theregister.co.uk:
So why does Vodafone filter block Sky News? Read more

www.theregister.co.uk:
Close the email wiretap loophole. Read more

06 july 2004

New Trojans:
Remote Aim Control 1.0

Insaim 2.0 updated

Evil Net Logger

Vulnerabilities & Exploits
www.ngssoftware.com:
MySQL Authentication Bypass / Buffer Overflow. (pdf) Read more

www.securitytracker.com:
Linux VServer procfs Permission Flaw Lets Local Users Change Permissions. Read more

www.securitytracker.com:
Fastream NETFile Server 'mkdir' Command Lets Remote Users Upload Files to Arbitrary Locations. Read more

www.securiteam.com:
Cross-Site Scripting (XSS) Vulnerability in Netegrity IdentityMinder. Read more

www.securiteam.com:
Domino Server DoS Vulnerability Via Crafted Email. Read more

www.securiteam.com:
12Planet Chat Server one2planet.infolet.InfoServlet XSS. Read more

www.securiteam.com:
Internet Explorer Memory Corruption Bug. Read more

www.securiteam.com:
Pavuk Proxy Redirect Buffer Overflow. Read more

www.securiteam.com:
Linux Virtual Server/Secure Context Procfs Shared Permissions Flaw. Read more

www.securiteam.com:
Sbus PROM Driver Multiple Integer Overflows. Read more

www.securiteam.com:
Remote DoS Vulnerability in Netfilter's Subsystem (tcp-option). Read more

News:
www.theregister.co.uk:
IE workaround a non-starter. Read more

www.theregister.co.uk:
China adopts mystery Internet Protocol. Read more

www.smh.com.au:
'Evaman virus not a major threat'. Read more

www.theregister.co.uk:
Spanish Zombie PC virus (author of Cabronator)  jailed. Read more

www.microscope.co.uk:
Hackers face longer jail sentences under plans to update the Computer Misuse Act. Read more

www.theregister.co.uk:
Sender authentication is coming. Read more

www.theregister.co.uk:
Vodafone's adult filter is go. Read more

www.theregister.co.uk:
Cableco 'inside job' aided Dutch 419ers. Read more

05 july 2004

New Trojans:
System33r Multi Webdownloader 1.4.2

Backdoor.EEYE.a

Iroffer 1.3b02 (1303.h)

Vulnerabilities & Exploits
www.securitytracker.com:
Enterasys XSR-1800 Security Router Can Be Crashed By Remote Users With IP Record Route Option. Read more

www.securitytracker.com:
IBM WebSphere Edge Server Component Caching Proxy JunctionRewrite Directive Lets Remote Users Deny Service. Read more

www.securitytracker.com:
IBM Informix I-Spy 'runbin' Lets Local Users Grab Root Privileges. Read more

www.securitytracker.com:
Easy Chat Server Can Be Crashed With Long 'username' Or Multiple Fake Users. Read more

www.securitytracker.com:
SCI Photo Chat Server Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
(Vendor Disputes Most Claims) Centre Authentication Error Grants Administrative Access to Remote Users. Read more

www.securitytracker.com:
IdentityMinder Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
WinGate Input Validation Error Discloses System Files to Remote Users, Read more

www.securitytracker.com:
Enceladus Server Suite Input Validation Error in Web Service Discloses Files and Directory Listings to Remote Users. Read more

www.securitytracker.com:
Easy Chat Server '../' Input Validation Hole Discloses Files to Remote Users. Read more

www.securitytracker.com:
MPlayer Buffer Overflow and String Handling Flaws May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
IBM Lotus Domino IMAP Service Lets Remote Authenticated Users Change Their IMAP Storage Quota. Read more

www.haxorcitos.com:
Fastream NETFile FTP/Web Server Input validation Errors. Read more

www.debian.org:
DSA-527-1 apache -- buffer overflow. Read more

www.debian.org:
DSA-526-1 webmin -- several vulnerabilities. Read more

www.gentoo.org:
Linux Kernel: Multiple vulnerabilities. Read more

ircnet.de:
Linux Virtual Server/Secure Context procfs shared permissions flaw. Read more

News:
www.theinquirer.net:
Evaman worm doom predicted. Read more

www.timesofoman.com:
Microsoft Internet Explorer fix helps protection, doesn’t end virus vulnerability. Read more

www.smh.com.au:
Hackers grab bank details with fake ad. Read more

www.crime-research.org:
Spanish police: beware of lottery scam. Read more

04 july 2004

New Trojans:
DFGbot 7.0.6

NeoArk 3.0 client

Vulnerabilities & Exploits
www.eeye.com:
'Zero-Day' Internet Explorer Flaw Detected. Read more

www.securitytracker.com:
IBM WebSphere Edge Server Component Caching Proxy JunctionRewrite Directive Lets Remote Users Deny Service. Read more

www.securitytracker.com:
IBM Informix I-Spy 'runbin' Lets Local Users Grab Root Privileges. Read more

www.securitytracker.com:
Easy Chat Server Can Be Crashed With Long 'username' Or Multiple Fake Users. Read more

www.securitytracker.com:
SCI Photo Chat Server Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.debian.org:
DSA-527-1 apache -- buffer overflow. Read more

www.debian.org:
DSA-526-1 webmin -- several vulnerabilities. Read more

News:
www.theregister.co.uk:
Microsoft half fixes serious IE vuln. Read more

www.detnews.com:
Microsoft security flaws renew calls for alternative Web browsers. Read more

03 july 2004

New Trojans:
Backdoor.Hackarmy.q

Remote View 3.0

Backdoor.Gargamel.a

Vulnerabilities & Exploits
How secure is IE after patching? Try at your own risk

www.winnetmag.com:
Cross Site Scripting Vulnerability in McMurtrey/Whitaker & Associates' Cart32. Read more

www.securitytracker.com:
Centre Authentication Error Grants Administrative Access to Remote Users. Read more

www.securitytracker.com:
IdentityMinder Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
WinGate Input Validation Error Discloses System Files to Remote Users. Read more

www.securitytracker.com:
Enceladus Server Suite Input Validation Error in Web Service Discloses Files and Directory Listings to Remote Users. Read more

www.securitytracker.com:
Easy Chat Server '../' Input Validation Hole Discloses Files to Remote Users. Read more

www.securitytracker.com:
MPlayer Buffer Overflow and String Handling Flaws May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
IBM Lotus Domino IMAP Service Lets Remote Authenticated Users Change Their IMAP Storage Quota. Read more

www.cybsec.com:
Denial of Service in WebSphere Edge Server. (pdf) Read more

News:
www.microsoft.com:
Critical Update for Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer (KB870669). Read more

www.theregister.co.uk:
Microsoft half fixes serious IE vuln. Read more

www.computerworld.com:
McAfee: New Lovegate worm spreading. Read more

www.hindustantimes.com:
Microsoft releases security update to block new virus transmitters. Read more

zdnet.com.com:
Microsoft posts work-around for IE flaw. Read more

slate.msn.com:
Are the Browser Wars Back? Read more

www.neowin.net:
Microsoft owned website recommends Firefox. Read more

www.theregister.co.uk:
HP issues apocalyptic Netscape HP-UX warning. Read more

www.computerweekly.com:
HP urges users to erase Netscape to avoid security problems. Read more

itmanagement.earthweb.com:
Netsky-P and Zafi-B Worms Slug it Out for Top Threat. Read more

www.computerweekly.com:
Experts debate security through diversity. Read more

www.eweek.com:
Crackers Unleash Spyware Tactics on IE Holes. Read more

www.infoworld.com:
The worm that wasn’t quite. Read more

techupdate.zdnet.com:
Password Problems, Policies, Practices, and Planning. Read more

www.southcoasttoday.com:
Dark side of the Web -- E-mail vulnerable to identity theft scams. Read more

02 july 2004

New Trojans:
DYP Backdoor 1.2

Cab of Filth 1.2f English

Backdoor.Alofin

Guides, Papers, etc
www.maxpatrol.com:
Testing Data for Network Scanners in Various Operating Systems. Read more

passcracking.com:
MD5 Online Cracking. Read more

Vulnerabilities & Exploits
www.securiteam.com:
JS.Scob.Trojan Source Code Released. Read more

www.securiteam.com:
Setterm Local Stack Overflow Vulnerability. Read more

www.securiteam.com:
POPclient DoS Due To An Off-By-One Overflow Condition. Read more

www.securiteam.com:
phpMyAdmin PHP Code Injection (left.php). Read more

www.securiteam.com:
MPlayer DoS (Long ID3 Information). Read more

www.securiteam.com:
Apache HTTPd Arbitrary Long HTTP Headers DoS. Read more

www.securitytracker.com:
FreeBSD Linux Compatability Memory Error May Let Local Users Gain Elevated Privileges or Panic the System. Read more

www.securitytracker.com:
Linux Netfilter tcp_find_option Infinite Loop Lets Remote Users Deny Service. Read more

www.securitytracker.com:
RSBAC JAIL CREATE Function Lets Local Users Create setuid/setgid Files. Read more

www.securitytracker.com:
NetScreen 5GT Input Validation Bug in Anti-Virus Engine Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Cisco Collaboration Server ServletExec Lets Remote Users Upload Files and Obtain Administrative Privileges. Read more

News:
www.adn.com:
Microsoft security flaws renew calls for alternative Web browsers. Read more

techupdate.zdnet.com:
Keystroke loggers must send Microsoft back to firewall drawing board. Read more

www.theregister.co.uk:
Junk mail host nations named and shamed. Read more

www.scoop.co.nz:
MasterCard Targets "Phishing" Sites & Crooks. Read more

news.zdnet.co.uk:
Web criminals hit Betfair with DDOS attack. Read more

www.msnbc.msn.com:
FTC mulls bounty system to combat spammers. Read more

australianit.news.com.au:
NAB fights phishing with SMS. Read more

www.computerworld.com:
Another big Apache hole found. Read more

www.globetechnology.com:
Fishing for 'phishers'. Read more

01 july 2004

New Trojans:
Institution 2004 by Aphex, our crew member
The currently most complete and advanced Remote Admin Tool available. Some people may disagree but the aim of this project is to be small and stable.
The features you will find include all the necessary basics and also some advanced and never before seen features.

Caznova IRC Spy 1.1.1

Ccobra 1.1

Vulnerabilities & Exploits
www.kb.cert.org:
Microsoft Internet Explorer does not properly validate source of redirected frame. (update)Read more

www.cisco.com:
Cisco Security Advisory: Cisco Collaboration Server Vulnerability. Read more

www.securitytracker.com:
Linux Kernel SBus PROM Driver Integer Overflows Let Local Users Crash the System. Read more

www.securitytracker.com:
popclient Off-By-One Overflow Lets Remote Users Crash the Application. Read more

www.securitytracker.com:
phpMyAdmin Input Validation Errors in 'left.php' May Let Remote Users Execute Arbitrary PHP Code. Read more

www.securitytracker.com:
Pavuk Buffer Overflow in Processing HTTP Location Headers Lets Remote Web Servers Execute Arbitrary Code on the Target System. Read more

www.securitytracker.com:
Juniper JUNOS Packet Forwarding Engine Can Be Crashed By IPv6 Packets. Read more

www.securitytracker.com:
Microsoft IIS Web Server May Disclose Private IP Addresses in Certain Cases. Read more

www.securitytracker.com:
I-Mall Input Validation Hole Lets Remote Users Execute Arbitrary Commands. Read more

News:
www.theregister.co.uk:
Malware attacks IE users via pop-ups. Read more

news.com.com:
Microsoft haunted by old IE security flaw. Read more

www.theregister.co.uk:
Hungarian virus writer avoids jail. Read more

www.smh.com.au:
Magold-A worm author sentenced. Read more

news.zdnet.co.uk:
Instant-messaging virus costs a man his job. Read more

www.terra.net.lb:
New hacker threat aims at capturing banking data via Web browser. Read more

www.theregister.co.uk:
There is no anti-spyware silver bullet. Read more

news.zdnet.co.uk:
Malware records banking passwords. Read more

www.theregister.co.uk:
Learn computer forensics at Bradford University. Read more

www.theregister.co.uk:
German dialler scammers hijack signatures. Read more


Copyright© MegaSecurity.org