Bookmark or link to: kobayashi.cjb.net. All other url`s could change!
Home   News Archive    Translate Traducen
News August 2002
31 August 2002

New Trojans:
AntiLamer Light 1.1

AimJacker 1.0

Helios 1.6

Vulnerabilities & Exploits:
www.securiteam.com:
Caldera Xserver Exploit Code (xkbcomp). Read More

www.securiteam.com:
GDAM123 Exploit Code Released. Read More

www.securiteam.com:
Exploit Code Release for Apache Directory Traversal (non-UNIX). Read More

www.securiteam.com:
Windows SMB Nuker. Read More

www.securiteam.com:
Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates. Read More

www.securitytracker.com:
Microsoft Windows Operating System Certificate Enrollment ActiveX Control Allows Remote Users to Delete Certificates on a Target User's System. Read More

www.securitytracker.com:
Python Temporary File Bug May Let Local Users Obtain Elevated Privileges. Read More

www.securitytracker.com:
SWServer Java Web Server Input Validation Hole Lets Remote Users View Files on the System Located Outside of the Document Directory. Read More

www.securitytracker.com:
Linuxconf Administration Utility Buffer Overflow in Processing the 'LINUXCONF_LANG' Environment Variable Lets Local Users Obtain Root Privileges. Read More

www.securitytracker.com:
Mail.com Hosted E-mail Service Input Validation Flaw Lets Remote Users Modify Account Settings. Read More

News:
www.secadministrator.com:
How Not to Perform a Security Scan. Read More

www.theregus.com:
Spyware Trojan sends Hotmail to your boss. Read More

www.theregus.com:
MS in fresh digital cert flaw. Read More

www.newsfactor.com:
Microsoft Warns of Yet Another Denial of Service Danger. Read More

www.newsfactor.com:
Does Crime Pay More on the Internet? Read More

www.wired.com:
Hackers Being Jobbed Out of Work. Read More

news.com.com:
Catching wireless hackers in the act. Read More

www.betanews.com:
Beta Test Network Delivered Virus Software. Read More

www.2600.com:
RAISETHEFIST.COM ADMINISTRATOR INDICTED OVER WEBSITE CONTENT. Read More

news.com.com:
Anti-spam group blocks Yahoo stores. Read More

industryclick.com:
UPDATE 1-S.Korea police seek 5 arrests in online share fraud. Read More

www.nationalpost.com:
Ottawa mulls tracking Internet usage. Read More

news.com.com:
Microsoft sets XP update release date. Read More

www.internetwk.com:
Ex-Netscapers Make Security Splash. Read More

www.wired.com:
Hackers Rub MP3s in RIAA's Face. Read More

30 August 2002

New Trojans:
Vagr Nocker 4.0 by cyberpaky

Shadenfreude 0.1

Acid Trojan Horse 1.1 beta

Vulnerabilities & Exploits:
Debian Security Advisory
DSA-159-1 python -- insecure temporary files. Read More

Internet Security Systems Security Alert
Microsoft Windows SMB Denial of Service Vulnerability. Read More

www.phrack.com:
Haaaang on snoopy, snoopy hang on. (SSL for fun and profit) by stealth. Read More

www.securitytracker.com:
mIRC Chat Client Buffer Overflow in Scripting Function May Let Remote Users Execute Arbitrary Code on the System If a Vulnerable Script is Installed on the Target System. Read More

www.securitytracker.com:
Webmin Default Configuration for Webmin RPC Security May Allow Remote Authenticated Users Gain Elevated Privileges in Certain Situations. Read More

News:
www.kablenet.com:
Bush plans e-security centre. Read More

www.hindustantimes.com:
Microsoft announces another security flaw in Windows. Red More

www.theregister.co.uk:
Lobbying for insecurity. Read More

www.wired.com:
Website Security Flaw Costs ZD. Read More

www.theregister.co.uk:
Internet anonymity for Linux newbies. Read More

www.theregister.co.uk:
KaZaA poisoned with salted files? Read More

www.law.com:
Electronic Data Discovery Primer. Read More

arstechnica.com:
War Flying. Read More

www.denverpost.com:
Downloads may pose security risk. Read More

www.themoscowtimes.com:
U.S. Hacker Uses FSB's Defense. Read More

www.lasvegassun.com:
Glitch Menaces iVillage Customers. Read More

29 August 2002

New Trojans:
Institution FWB 1.2

Nautical

Zimenok 0.2

Vulnerabilities & Exploits:
www.atstake.com:
Microsoft Terminal Server Client Buffer Overrun. Read More

www.venkydude.com:
Yahoo Messenger Protocol (ver 9). Read More

online.securityfocus.com:
Gaim Manual Browser Command Arbitrary Command Execution Vulnerability. Read More

online.securityfocus.com:
Caldera X Server External Program Privileged Invocation Weakness. Read More

online.securityfocus.com:
Caldera X Server Unspecified Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
mIRC Scripting ASCTime Buffer Overflow Vulnerability. Read More

www.securitytracker.com:
Xinetd File Descriptor Leak May Allow a Remote User to Cause the Daemon to Crash. Read More

www.securitytracker.com:
Kerio Personal Firewall Allows Remote Users to Cause a Protected Host to Crash. Read More

www.securitytracker.com:
SAP R/3 Default Account Configuration Lets Remote Users Access Privileged Administrative Accounts. Read More

www.securitytracker.com:
Belkin Wireless Network Access Point Can Be Disabled By Remote Users. Read More

www.securiteam.com:
Novell SNMPv1 Trap and Request Handling Vulnerabilities. Read More

www.securiteam.com:
Microsoft Terminal Server Client Buffer Overrun. Read More

www.securiteam.com:
Linuxconf Locally Exploitable Buffer Overflow Vulnerability. Read More

News:
Microsoft Security Bulletin MS02-048
Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172). Read More

techupdate.zdnet.com:
Personal remote control: Security disaster. Read More

www.idg.net:
How Secure Is Instant Messaging? Read More

www.canada.com:
Cyber-terror fear growing. Read More

www.pcworld.com:
RIAA Site Hacked. Read More

www.sundaymirror.co.uk:
OUR RAID ON DOWNING ST. Read More

newsobserver.com:
Bogus e-mails traded on Amazon's name. Read More

www.online.ie:
Lamo bumped from NBC after hacking them. Read More

www.vnunet.com:
Hackers rally round Deceptive Duo. Read More

www.finextra.com:
DBS shifts blame for hacking to consumer PCs. Read More

28 August 2002

New Trojans:
Pest 3.1

ItAdEm 1.0

Anal FTP 0.1 modified

Vulnerabilities & Exploits:
www.uuuppz.com:
mIRC $asctime overflow. Read More

Debian Security Advisory:
DSA-158-1 gaim -- arbitrary program execution. Read More

online.securityfocus.com:
Belkin F5D6130 Wireless Network Access Point SNMP Request Denial Of Service Vulnerability. Read More

online.securityfocus.com:
Kerio Personal Firewall Multiple SYN Packet Denial Of Service Vulnerability. Read More

www.securitytracker.com:
OmniHTTPd Web Server Input Validation Holes in Sample Applications Let Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Ultimate PHP Board Counter Error in 'register.php' Lets a Remote User Register With an Account Named 'admin'. Read More

www.securiteam.com:
LG Electronics LG3100p Router Multiple Security Issues (DoS). Read More

www.securiteam.com:
Abyss Web Server Directory Traversal and Administration Bugs. Read More

www.securiteam.com:
Light Vulnerable to Remotely Exploitable Arbitrary Code Execution. Read More

www.securiteam.com:
mIRC $asctime Buffer Overflow. Read More

www.securiteam.com:
Security Side Effects of Word Fields. Read More

www.securiteam.com:
PHP Allows Bypassing of safe_mode And Injecting ASCII Control Chars With mail(). Read More

News:
news.com.com:
Microsoft discloses more Windows code. Read More

www.silicon.com:
'Here's how you rob banks using Microsoft software'. Read More

online.securityfocus.com:
Lamo Bumped from NBC After Hacking Them. Read More

www.tech-report.com:
Network Associates buys snooping software. Read More

online.securityfocus.com:
Virus writers 'obsessed with sex and computer games'. Read More

www.content-wire.com:
SECURITY: Sad, Sad Virus Writers. Read More

techupdate.zdnet.com:
PGP saved from extinction. Read More

www.silicon.com:
Online pollster reveals 13,000 private email addresses. Read More

news.com.com:
Cisco pitches new security hardware. Read More

27 August 2002

New Trojans:
B-S Spy 1.90

AIM Robber 2.0

PassWord Mailer 2.0

Vulnerabilities & Exploits:
GreyMagic Security Advisory GM#009-IE:
Accessing remote/local content in IE. Read More

online.securityfocus.com:
Blazix Password Protected Directory Information Disclosure Vulnerability. Read More

online.securityfocus.com:
Blazix Special Character Handling Server Side Script Information Disclosure Vulnerability. Read More

www.securitytracker.com:
Blazix Java Application Server Input Validation Hole Discloses JSP Source Code and Password-Protected Directory Listings to Remote Users. Read More

www.securitytracker.com:
UTStarcom BAS-1000 Broadband Subscriber Management System Has Backdoor Accounts With Known Passwords That Give Remote Users Control of the System. Read More

www.securitytracker.com:
AOL Instant Messenger (AIM) Heap Overflow May Let Remote Users Crash a Target User's AIM Client When the Target User Clicks on a URL. Read More

www.securiteam.com:
Denial of Service against MySQLd (Multiple Connections). Read More

www.securiteam.com:
Belkin F5D6130 Denial of Service Vulnerability (SNMP Request). Read More

www.securiteam.com:
SAP R/3 Default Password Vulnerability. Read More

www.securiteam.com:
Microsoft Internet Explorer Legacy Text Control Buffer Overflow. Read More

www.securiteam.com:
Multiple OmniHTTPd Issues (CSS). Read More

www.securiteam.com:
Kerio Personal Firewall Denial of Service Vulnerability. Read More

www.securiteam.com:
Webmin Vulnerability Leads to Remote Compromise (RPC CGI). Read More

News:
www.eweek.com:
Bush's Cyber-Security Plan Targets E-Mail. Read More

news.com.com:
Expert demonstrates Microsoft hack. Read More

www.hindustantimes.com:
Microsoft security easily breakable: Computer expert. Read More

www.linuxsecurity.com:
PHP Secure Installation. Read More

www.smh.com.au:
Use a firewall. Read More

www.theregister.co.uk:
When Feds attack. Read More

www.computeruser.com:
FBI responds to computer security firm's bid for exposure. Read More

news.bbc.co.uk:
South Korea probes online dealing fraud. Read More

www.theregister.co.uk:
Forty bucks buys total safety from hackers. Read More

www.fcw.com:
DOD may pull key net from the Internet. Read More

www.canoe.ca:
Chalking it up to hackers. Read More

news.com.com:
Japanese phones vulnerable to hackers? Read More

news.com.com:
Network Associates nabs "wiretap" tool. Read More

www.fcw.com:
New encryption standard will help. Read More

26 August 2002

New Trojans:
Over G Trojan 1.5

Helios 1.5

NetMail 1.0

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft Internet Explorer XML Script Element Redirect Bug Lets Remote Users View XML Files on the Target User's Computer. Read More

www.securiteam.com:
UTStarcom B-NAS 1000 and B-RAS 1000 Security Flaw. Read More

www.securiteam.com:
Blazix Java Server Multiple Security Vulnerabilities (Source View, Security Bypass). Read More

www.securiteam.com:
Unsafe Functions in Office Web Components. Read More

www.securiteam.com:
Accessing Remote and Local Content in IE. Read More

www.securiteam.com:
Vulnerability Report for Windows SMB DoS. Read More

www.securiteam.com:
Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution. Read More

www.securiteam.com:
Arbitrary Code Execution Problem in Achievo. Read More

www.securiteam.com:
Additional Vulnerabilities in Mantis Allow Private Bugs Access. Read More

www.securiteam.com:
Mantis Bugs Allow Private Projects to be Listed on 'View Bugs'. Read More

News:
www.siliconvalley.com:
Seattle lawyer to challenge FBI in Russian hacker sting. Read More

www.theregister.co.uk:
Minnow ISP aims counterstrike at RIAA 'legal hackers'. Read More

www.itweb.co.za:
Hacker has last laugh over lottery site. Read More

www.theregister.co.uk:
Those MS API disclosures - errors, incomplete, useless? Read More

news.com.com:
Spam crusaders slog it out in court. Read More

25 August 2002

New Trojans:
Senna Spy Trojan Generator 2002

Force 1.58

Little Witch Client 6.03

Vulnerabilities & Exploits:
Debian Security Advisory
DSA-157-1 irssi-text -- denial of service. Read More

www.securitytracker.com:
Microsoft Visual Studio .NET Web Projects May Disclose the Web Directory Structure to Remote Users. Read More

www.securitytracker.com:
Abyss Web Server Access Control Bug Lets Remote Users Gain Administrative Control of the Web Server Application. Read More

www.securitytracker.com:
Microsoft Internet Explorer Buffer Overflow in Unspecified Text Formatting ActiveX Control Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
Achievo Project Management Software Include File Error Lets Remote Users Execute Arbitrary Commands on the System. Read More

www.securitytracker.com:
Microsoft Terminal Services Advanced Client (TSAC) ActiveX Control Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
Microsoft Operating System SMB Protocol Implementation in the Network. Read More

www.securitytracker.com:
LG Electronics LR3100p SOHO Router IP Stack Flaw Lets Remote Users Reboot the Router. Read More

www.securitytracker.com:
Caldera (SCO) Buffer Overflow in 'ndcfg' Command on UnixWare/Open UNIX Lets Local Users Obtain Elevated Privileges. Read More

www.securitytracker.com:
Light IRC Script for EPIC4 May Execute Arbitrary Scripting Code When Joining an IRC Channel That Has a Malicious Channel Name. Read More

News:
europe.cnn.com:
Microsoft discloses 'critical' security flaws. Read More

www.neowin.net:
Microsoft Security Bulletin Update: MS02-044, MS02-045, MS02-046, MS02-047. Read More

www.vnunet.com:
More flaws found in Explorer. Read More

www.vnunet.com:
Reported DDoS attacks double. Read More

www.pcmag.com:
Second KaZaA Virus Found; Another Poses As AV Upgrade. Read More

www.theregister.co.uk:
Israeli firm unveils the 'copy-proof' CD. Read More

24 August 2002

New Trojans:
Reverse Trojan 2.0b1

Najort 1.4

Zimenok 0.1

Vulnerabilities & Exploits:
security.tombom.co.uk:
Shatter attacks - more techniques, more detail, more juicy goodness. Read More

www.securitytracker.com:
Microsoft Windows Media Player Allows Malicious Windows Media Download (.wmd) Files to Silently Create Files in a Known Location and Execute Them. Read More

www.securitytracker.com:
Aquonics File Manager Input Validation Hole Lets Remote Users View Files on the Server and Lets Some Remote Users Obtain Elevated Privileges. Read More

www.securitytracker.com:
Microsoft File Transfer Manager ActiveX Control Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
'scponly' Replacement Shell for 'scp' and 'sftp' Has Input Validation Hole That Lets Remote Authenticated Users Execute Commands on the System. Read More

www.securitytracker.com:
Bonsai CVS Tracking Tool Input Validation Bugs Let Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
(SGI Issues Fix) WorldView Buffer Overflow Lets Remote Users Gain Root Access. Read More

www.securitytracker.com:
Novell NetWare RconJ (RCONAG6.NLM) Authentication Bug May Grant Access to Remote Users. Read More

www.securitytracker.com:
LG Electronics GoldStream LR3100F Router Can Be Rebooted By Remote Users. Read More

www.securitytracker.com:
PHP Input Validation Errors in 'mail()' Function May Let Remote Users Relay Mail or Execute Arbitrary Scripts on the System. Read More

www.securiteam.com:
Unchecked Buffer in Network Share Provider Can Lead to Denial of Service. Read More

News:
online.securityfocus.com:
Microsoft in summer patch frenzy. Read More

www.extremetech.com:
Microsoft Admits Security Flaws. Read More

www.eweek.com:
Microsoft Warns of Flaws in ActiveX Control. Read More

www.nandotimes.com:
Microsoft discloses security flaws in Explorer, business software. Read More

www.eweek.com:
Microsoft Patches IE, Windows Holes. Read More

www.iht.com:
U.S. building strategy to resist cyberwars. Read More

news.bbc.co.uk:
Hackers catch World Cup fever. Read More

rtnews.globetechnology.com:
Hackers, crackers and ethics. Read More

biz.thestar.com.my:
Aussie computer systems open to hackers. Read More

www.idg.net:
The World's Worst Viruses. Read More

online.securityfocus.com:
An Open Letter to the CIO. Read More

news.com.com:
Setting a trap for laptop thieves. Read More

www.newsfactor.com:
The Seven Deadly Security Sins. Read More

23 August 2002

New Trojans:
Reverb 1.4

Kryptonic Ghost 1.5

Helios 1.4

Vulnerabilities & Exploits:
www.blackhat.com:
Attacking Networked Embedded Systems (pdf). Read More

Debian Security Advisory
DSA-156-1 epic4-script-light -- arbitrary script execution. Read More

www.nextgenss.com:
Arbitrary Command Execution on SQL Server 2000. Read More

Internet Security Systems Security Alert
Multiple Vulnerabilities in Microsoft Office Web Components. Read More

online.securityfocus.com:
Multiple VNC Products For Windows Win32 Messaging API Vulnerability. Read More

www.securitytracker.com:
Kerio MailServer Allows Remote Users to Deny Service and Also Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Tiny Personal Firewall Default Configuration Allows Remote Users to Crash the Protected Host's Operating System and May Also Allow Some Spoofed Packets to Pass Through the Firewall. Read More

www.securitytracker.com:
PHP-Affiliate Authentication Weakness in 'details.php' Lets Remote Users Login to Other User Accounts. Read More

www.securitytracker.com:
Ethereal Network Sniffer Buffer Overflow in Processing the ISIS Protocol May Let Remote Users Crash the Sniffer or Execute Arbitrary Code. Read More

www.securitytracker.com:
Novell NetWare Perl Handler Input Validation Bugs Let Remote Users Execute Arbitrary Code and View Files on the System. Read More

www.securitytracker.com:
W3C Jigsaw Server Input Validation Hole Lets Remote Users Conduct Cross-site Scripting Attacks. Read More

www.securitytracker.com:
WebEasyMail Possible Format String Hole Lets Remote Users Crash the SMTP Mail Service. Read More

www.securitytracker.com:
Novell NetBasic Scripting Server Input Validation Hole Discloses Files to Remote Users and Buffer Overflow Lets Remote Users Crash the Service. Read More

News:
Microsoft Security Bulletin MS02-045
Unchecked Buffer in Network Share Provider Can Lead to Denial of Service (Q326830). Read More

Microsoft Security Bulletin MS02-046
Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521). Read More

Microsoft Security Bulletin MS02-047
Cumulative Patch for Internet Explorer (Q323759). Read More

Trojan Horse Masquerades As Kaspersky Anti-Virus
Kaspersky Labs warns computer users of a massive mailing of the Trojan-style malicious program, TrojanDownloader.Win32.Apher. Presently there have already been several registered reports of infection. The Trojan is sent out by an anonymous evildoer using an anonymous e-mail address from a public access e-mail service. The messages themselves have a spoofed address showing the sender as info@microsoft.com.

online.securityfocus.com:
Worm spreads through KaZaA network, again. Read More

www.nandotimes.com:
Microsoft discloses security flaws in Explorer, business software. Read More

www.reuters.com:
Microsoft Warns of Security Risk in Office Software. Read More

www.theregister.co.uk:
Popular MS download has mysterious vuln. Read More

www.hindustantimes.com:
Microsoft warns of security risks in Office, IE. Read More

www.busrep.co.za:
IT hackers target the state daily - minister. Read More

www.shift.com:
''hacking for democracy'' - Hacktivismo in Shift. Read More

www.smh.com.au:
Hacking contest at Malaysian IT conference. Read More

www.toorcon.org:
ToorCon Computer Security Conference 2002 Announcement. Read More

www.nandotimes.com:
FBI responds to computer security firm's bid for exposure. Read More

www.idg.net:
What Should We Do with “Helpful” Hackers? Read More

www.gcn.com:
Data security hinges on money, not technology, feds say. Read More

22 August 2002

New Trojans:
iwAnywhere 1.2

CyberSpy 8.5

JustJoke 2.2

Vulnerabilities & Exploits:
www.securiteam.com:
Advanced Windows Shellcode. Read More

www.securiteam.com:
Buffer Overflow in MyWebServer (Exploit, GET). Read More

www.securiteam.com:
Cisco IOS Heap Exploit Proof of Concept. Read More

www.securiteam.com:
IMAP4rev1 Remote Exploit Code Released (LSUB). Read More

www.securiteam.com:
Remote Exploit Code for Solaris SPARC TelnetD. Read More

www.securiteam.com:
Cobalt Linux Local Root Exploit (authenticate). Read More

Debian Security Advisory
DSA-155-1 kdelibs -- privacy escalation with Konqueror. Read More

www.superw00t.com:
Apache Tomcat 4.1 Cross-Site Scripting Vulnerability. Read More

www.securitytracker.com:
PostgreSQL Database Buffer Overflow in 'cash_words' Function May Let Local Users Obtain Elevated Privileges on the System. Read More

www.securitytracker.com:
Microsoft Internet Information Server (IIS) Web Server Fails to Properly Validate Client-side Certificates, Allowing Remote Users to Impersonate Other Users or Certificate Issuers. Read More

www.securitytracker.com:
nCipher PKCS#11 Library Implementation Bug Always Validates Symmetric Signatures, Even When They are Not Valid. Read More

www.securitytracker.com:
SteelArrow Web Application Server Buffer Overflows Let Remote Users Execute Arbitrary Code With System Level Privileges. Read More

www.securitytracker.com:
Several FreeBSD System Calls May Disclose Kernel Memory to Local Users When Supplied With Negative Integers. Read More

www.securiteam.com:
C_Verify Validates Incorrect Symmetric Signatures. Read More

www.securiteam.com:
LG Electronics LG3001f Router Buffer Overflow. Read More

www.securiteam.com:
More Vulnerabilities with Pingtel Xpressa SIP-based IP Phones. Read More

www.securiteam.com:
Weak MySQL Default Configuration. Read More

www.securiteam.com:
WebEasyMail Multiple Security Vulnerabilities (User disclosure, DoS). Read More

www.securiteam.com:
Tiny Personal Firewall 3.0 Denial of Service Vulnerabilities. Read More

www.securiteam.com:
Kerio Mail Server Multiple DoS and Cross-Site Scripting Vulnerabilities. Read More

www.securiteam.com:
Aquonics File Manager Directory Traversal Vulnerability And Privilege Escalation. Read More

www.securiteam.com:
Buffer Overflow in PostgreSQL (cash_words). Read More

www.securiteam.com:
Ethereal ISIS Protocol Buffer Overflow. Read More

www.securiteam.com:
Manti's Bug Listings of Private Projects Can be Viewed Through Cookie Manipulation. Read More

www.securiteam.com:
SQL Poisoning Vulnerability in Mantis. Read More

www.securiteam.com:
Mantis's Limiting Output to Reporters Can be Bypassed. Read More

www.securiteam.com:
Another Buffer Overflow Found in PostgreSQL (repeat function). Read More

www.securiteam.com:
Vulnerabilities Found in Scponly. Read More

www.securiteam.com:
Multiple Buffer Overflows in PostgreSQL. Read More

News:
Microsoft Security Bulletin MS02-044
Unsafe Functions in Office Web Components (Q328130). Read More

www.idefense.com:
The iDEFENSE Vulnerability Contributor Program. Read More

www.eweek.com:
User-friendly Security Should be a Higher Priority. Read More

www.nwfusion.com:
Study: Admins slow in patching Apache-SSL servers. Read More

www.superw00t.com:
Ways of keeping war-driving kiddies off your Wireless Network. Read More

news.ft.com:
EU to crack down on cybercrime. Read More

www.thesun.co.uk:
EU phone snoop plot. Read More

allafrica.com:
Hackers Infiltrate RBZ Website. Read More

rtnews.globetechnology.com:
Alberta hackers gear up for International War Driving Day. Read More

www.busrep.co.za:
IT hackers target the state daily - minister. Read More

www.theaustralian.news.com.au:
Dogs hunt hackers. Read More

news.com.com:
Securing good security workers. Read More

www.msnbc.com:
Stolen data reveal undercover cops. Read More

21 August 2002

New Trojans:
Remote Controler 1.0 by Kalish_Man

Institution 1.1

H04x3r Telnet Server

Vulnerabilities & Exploits:
online.securityfocus.com:
FreeBSD System Call Signed Integer Buffer Overflow Vulnerability. Read More

www.securitytracker.com:
HP Secure OS for Linux 'ptrace' and 'ioctl' System Call Bugs May Let Local Users Access Process Data. Read More

www.securitytracker.com:
HP Secure OS for Linux 'tlcompadd' Access Control Flaw May Let Local Users Overwrite Certain Files. Read More

www.securitytracker.com:
Microsoft Internet Explorer XMLDSO Java Class Lets Remote HTML Code Access Local Files. Read More

www.securitytracker.com:
FUDforum Discloses Files to Remote Users and Lets Remote Authenticated Administrators Manipulate Files and Directories on the System. Read More

www.securiteam.com:
Arbitrary File Creation/Overwrite with SQL Agent Jobs. Read More

www.securiteam.com:
Multiple Remote Buffer Overruns Tomahawk' SteelArrow. Read More

www.securiteam.com:
Arbitrary Code Execution Vulnerability in Mantis. Read More

www.securiteam.com:
Bonsai XSS and Physical Path Revealing Vulnerabilities. Read More

News:
news.com.com:
Office XP vs. bugs, round two. Read More

news.com.com:
Security flaw in key Microsoft services. Read More

www.eweek.com:
SQL Server Springs Another Leak. Read More

zdnet.com.com:
Can Microsoft take the lead in security? Read More

zdnet.com.com:
New Apache flaw adds to Internet woes. Read More

online.securityfocus.com:
Sprint Security Faulted in Vegas Hacks. Read More

20 August 2002

New Trojans:
Institution FWB 1.1

Helios 1.3e

JustJoke Pro 2.0b4

Vulnerabilities & Exploits:
www.ngssoftware.com:
Creating Arbitrary Shellcode In Unicode Expanded Strings (pdf). Read More

www.nextgenss.com:
Multiple SteelArrow Buffer Overflows. Read More

www.nextgenss.com:
Microsoft SQL Jobs File Overwrite. Read More

online.securityfocus.com:
AOL Instant Messenger Link Special Character Remote Heap Overflow Vulnerability. Read More

online.securityfocus.com:
Microsoft Internet Explorer Java Logging Executable Code Vulnerability. Read More

online.securityfocus.com:
Microsoft Internet Explorer XML Datasource Applet File Disclosure Vulnerability. Read More

www.securiteam.com:
Oracle Listener Control Format Strings. Read More

www.securiteam.com:
Internet Explorer Can Read Local Files (XML Datasource). Read More

www.securiteam.com:
Microsoft SQL Server Agent Jobs Vulnerabilities. Read More

www.securiteam.com:
Microsoft SQL Server Extended Stored Procedure Privilege Escalation Vulnerabilities. Read More

www.securiteam.com:
WinAMP 3 Allows Execution of Arbitrary Code. Read More

www.securiteam.com:
FUDforum file access and SQL Injection. Read More

www.securiteam.com:
Lynx CRLF Injection. Read More

News:
www.smh.com.au:
Cracking the hackers' code. Read More

www.themoscowtimes.com:
Computer Experts Say 'Script Kiddies' a Relic. Read More

www.eweek.com:
Windows .Net Server Security Is Looking Up. Read More

news.bbc.co.uk:
Wireless hackers take to the air. Read More

www.newarchitectmag.com:
Wireless, Defenseless. Read More

online.securityfocus.com:
Sprint Security Faulted in Vegas Hacks. Read More

zdnet.com.com:
Linux looks to pass government standards. Read More

www.fcw.com:
NIPC seeks cyberalert support. Read More

www.eweek.com:
Security: The Feds Can Help. Read More

www.eweek.com:
PGP Is Here to Stay. Read More

www.wired.com:
Identity Theft Is Rife in Russia. Read More

zdnet.com.com:
Search sites under the regulator's gun. Read More

19 August 2002

New Trojans:
Reverse Trojan 1.0 b6

GROB 2.0

AntiLamer Backdoor 2.0

Vulnerabilities & Exploits:
www.securitytracker.com:
File Alteration Monitor (FAM) Primary Group Handling Flaw May Disclose the Root User's Monitored File Names to Local Users. Read More

www.securitytracker.com:
Microsoft DirectX Files Viewer ActiveX Control Has Buffer Overflow That Allows Remote Users to Execute Arbitrary Code. Read More

www.securitytracker.com:
Microsoft Internet Explorer (IE) Browser Error Message Processing Allows Remote Users to Execute Arbitrary Code on Certain Windows 98 Platforms. Read More

www.securitytracker.com:
HP-UX Flawed Reference in Kernel 'ptrace(2)' May Allow Local Users to Cause a Kernel Panic. Read More

www.securitytracker.com:
Microsoft NTFS Filesystem in Windows NT and Windows 2000 Has Auditing Hole That Lets Local Users Access Files Without the File Access Being Audited. Read More

www.securiteam.com:
Flaw in Network Connection Manager Could Enable Privilege Elevation. Read More

www.securiteam.com:
PHPNuke Private Messaging Module Allows Compromising of Administrator Accounts. Read More

online.securityfocus.com:
Gringotts Multiple Buffer Overflow Vulnerabiltiies. Read More

online.securityfocus.com:
Apache 2.0 Path Disclosure Vulnerability. Read More

online.securityfocus.com:
Apache 2.0 CGI Path Disclosure Vulnerability. Read More

News:
news.bbc.co.uk:
FBI warns about wireless craze. Read More

www.boston.com:
Cybersecurity should be kept in civilian hands. Read More

www.globeandmail.ca:
Canadians steering clear of on-line shopping. Read More

freshmeat.net:
The Linux Virus Writing HOWTO 2002-08-15. Read More

www.informationweek.com:
Next-Generation Access -- Anywhere. Read More

www.theregister.co.uk:
Media giants demand ISPs block Web sites. Read More

18 August 2002

New Trojans:
Force 1.55

iwAnywhere 1.1.2

PtakkS 2.1.7

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft Desktop Engine (MSDE) Extended Stored Procedures May Let Local Users Execute Commands With Database Administrator Privileges. Read More

www.securitytracker.com:
Microsoft SQL Server Extended Stored Procedures May Let Local Users Execute Commands With Database Administrator Privileges. Read More

www.securitytracker.com:
Microsoft Network Connection Manager Could Give a Local User System Level Privileges. Read More

www.securitytracker.com:
IceWarp Web Mail Software Input Validation Hole in Address Book Lets Remote Users Conduct Cross-site Scripting Attacks. Read More

www.securitytracker.com:
Microsoft Windows XP Help and Support Center Hole Lets Remote Users Create URLs That, When Loaded, Will Delete Arbitrary Files on Your System. Read More

News:
www.theregister.co.uk:
MS soft-pedals SSL hole. Read More

seifried.org:
Network Intrustion Detection Systems and Virus Scanners - Are They The Answer? Read More

www.blackhatbloc.org:
A PHC PRODUCTION: THE REAL SCRIPTKIDDIES. Read More

17 August 2002

New Trojans:
Y3K_Rat pro 0.1

Little Witch 6.0

H04x3r 1.0

Vulnerabilities & Exploits:
otn.oracle.com:
Hack Proofing Oracle. (pdf) Read More

Debian Security Advisory
DSA-154-1 fam -- privilege escalation. Read More

arch.ipsec.pl:
Practical demonstration of the MSIE6 certificate path vulnerability. Read More

www.atstake.com:
NTFS Hard Links Subvert Auditing. Read More

online.securityfocus.com:
PHP-Nuke Private Message HTML Injection Vulnerability. Read More

online.securityfocus.com:
Microsoft Windows XP HCP URI Handler Abuse Vulnerability. Read More

www.securitytracker.com:
Gateway GS-400 Storage Server Default Configuration Weakness May Give Root Access to Remote Users. Read More

www.securitytracker.com:
MyWebServer Has Buffer Overflow and Other Flaws That Can Be Exploited by Remote Users to Execute Arbitrary Code on the Server. Read More

www.securitytracker.com:
GoAhead Web Server Buffer Overflow Lets Remote Users Execute Arbitrary Code on the System. Read More

News:
www.eweek.com:
Microsoft Patches Windows 2000 Flaw. Read More

www.smh.com.au:
Shock! Maturity rules at hack fest. Read More

www.politechbot.com:
FBI releases advisory about 802.11-spotting "wardriving". Read More

www.msnbc.com:
FBI agent charged with hacking. Read More

www.tmcnet.com:
Security In Converged Networks. Read More

www.boston.com:
Hackers find government PCs easy prey. Read More

news.cnet.com:
Experts say U.S. military computers easily hacked. Read More

www.sptimesrussia.com:
FBI Accused by FSB Of Framing Hackers. Read More

www.theregister.co.uk:
Russians accuse FBI agent of hacking. Read More

www.vnunet.com:
Chinese teens go crackers over web porn. Read More

16 August 2002

New Trojans:
Ghost 2.4 by Lame_joker

Helios 1.2d by Helios

NetCrack 1.0

Vulnerabilities & Exploits:
NGSSoftware Insight Security Research Advisory
Extended Stored Procedure Privilege Upgrade. Read More

kuperus.xs4all.nl:
winamp exploits. Read More

kuperus.xs4all.nl:
ICQ exploits. Read More

Debian Security Advisory:
DSA-153-1 mantis -- cross site code execution. Read More

online.securityfocus.com:
HP Secure OS Software for Linux TLCompAdd Unauthorized File Access Vulnerability. Read More

online.securityfocus.com:
HP-UX VVOS TGAD Unspecified Stack Corruption Vulnerability. Read More

www.securitytracker.com:
Layer 2 Tunnelling Protocol Daemon (l2tpd) Predictable Randomization Source May Let Remote Users Crack the Challenge-Response Mechanism. Read More

www.securitytracker.com:
Oracle 9i Application Server Oracle Java Server Page (OJSP) Demos Have Input Validation Flaws That Enable Remote Users to Conduct Cross-site Scripting Attacks Against Application Server Users. Read More

www.securitytracker.com:
Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users. Read More

www.securitytracker.com:
HP-UX Virtual Vault Operating System (VVOS) Has Unspecified Security Defect in the 'passwd(1)' Command That May Result in an Unspecified Security Impact. Read More

www.securitytracker.com:
L-Forum Bulletin Board Input Validation Bug in 'search.php' Allows Remote Users to Inject SQL Commands. Read more

www.securitytracker.com:
b2 Weblog Has Multiple Holes That Let Remote Users Inject SQL Commands, Execute Commands on the System, and Conduct Cross-site Scripting Attacks. Read More

www.securitytracker.com:
L-Forum Bulletin Board Input Validation Holes Let Remote Users View Files on the System and Conduct Cross-Site Scripting Attacks Against L-Forum Users. Read More

www.securitytracker.com:
Oracle 9i Database Input Validation Bugs in the Oracle Net Listener Lets Remote Authenticated Users Crash the Listener, Denying Service to Database Users. Read More

www.securitytracker.com:
Oracle9i Debugging Flaw in SQL*NET Listener Lets Remote Users Crash the Database Listener and Deny Service to Database Users. Read More

www.securitytracker.com:
Red Hat Interchange Commerce Server Discloses Files on the System to Remote Users. Read More

www.securitytracker.com:
KDE Konqueror SSL Implementation Flaw in Following Certificate Chains Allows Remote Users to Conduct Man-in-the-Middle Attacks to Obtain Unencrypted Data from the Browser. Read More

www.securitytracker.com:
TinySSL Implementation Flaw in Following Certificate Chains Allows Remote Users to Conduct Man-in-the-Middle Attacks to Obtain Unencrypted Data. Read More

www.securitytracker.com:
Mantis PHP-based Bug Tracking System Include File Error Lets Remote Users Execute Arbitrary Commands on the Server. Read More

www.securiteam.com:
Multiple Vulnerabilities in CafeLog Weblog Package. Read More

www.securiteam.com:
Citrix and Terminal Server Multiple Exploits. Read More

News:
Microsoft Security Bulletin MS02-042
Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886). Read More

Microsoft Security Bulletin MS02-043
Cumulative Patch for SQL Server (Q316333). Read More

www.counterpane.com:
Microsoft Vulnerabilities, Publicity, and Virus-Based Fixes. Read More

www.nwfusion.com:
Microsoft: SSL flaw is in OS not IE. Read More

www.guardian.co.uk:
Microsoft investigates hacking fears. Read More

www.washingtonpost.com:
U.S. Aiding Asia-Pacific Anti-Cybercrime Efforts. Read More

www.sptimesrussia.com:
FBI Accused by FSB Of Framing Hackers. Read More

news.com.au:
Russia defends its hackers. Read More

hoovnews.hoovers.com:
Judge attacks civil servant's excuse for Web site attack. Read More

www.networknews.co.uk:
Viruses don't break the bank. Read More

www.newsfactor.com:
Is Now a Good Time To Be a Hacker? Read More

www.theage.com.au:
Like hackers to a honeypot. Read More

www.salon.com:
E-mail can be key criminal evidence. Read More

www.tech-report.com:
Automatic encryption for laptops. Read More

15 August 2002

New Trojans:
Lula

Xposure 4.1

Qroject WebDownloader 2.1

Vulnerabilities & Exploits:
www.vigilante.com:
What is a Vulnerability? Read More

online.securityfocus.com:
Microsoft Internet Explorer File Attachment Script Execution Vulnerability. Read More

Internet Security Systems Security Advisory
Remote Denial of Service Vulnerability in Oracle9i SQL*NET. Read More

www.murphy.101main.net:
CafeLog b2 Multiple Vulnerabilities. Read More

www.nextgenss.com:
Oracle Listener Control Format Strings. Read More

www.foundstone.com:
Information Leakage in Orinoco and Compaq Access Points. Read More

Debian Security Advisory
DSA-152-1 l2tpd -- missing random seed. Read More

Debian Security Advisory
DSA-151-1 xinetd -- pipe exposure. Read More

Debian Security Advisory
DSA-150-1 interchange -- illegal file exposition. Read More

Debian Security Advisory
DSA-149-1 glibc -- integer overflow. Read More

www.securitytracker.com:
CERN HTTP Proxy Server Input Validation Hole Lets Remote Users Conduct Cross-site Scripting Attacks. Read More

www.securitytracker.com:
SGI IRIX Operating System Bulk Data Services (BDS) Discloses Arbitrary Files to Remote Users. Read More

www.securitytracker.com:
CDE ToolTalk Database Server Buffer Overflow in _TT_CREATE_FILE Procedure May Let Remote Users Execute Arbitrary Code With Root Privileges. Read More

www.securitytracker.com:
Cisco VPN Client Software Buffer Overflows Let Remote Users Cause Denial of Service Conditions. Read More

www.securiteam.com:
GoAhead Buffer Overflows (Multiple Slashes, Exploit). Read More

www.securiteam.com:
Remote Denial of Service Vulnerability in Oracle9i SQL*NET. Read More

News:
online.securityfocus.com:
The Original Anti-Piracy Hack. Read More

www.theregister.co.uk:
Windows Apache security bug revealed. Read More

www.wired.com:
White-Hat Hate Crimes on the Rise. Read More

www.belfasttelegraph.co.uk:
Computer Security: Hack attack. Read More

www.pcworld.com:
Mapping Wireless Nets: Security Risk? Read More

www.newscientist.com:
Digital forgery attacks website security. Read More

www.idg.net:
Addressing Teleworker Network Security Risks. Read More

www.techweb.com:
Hackers Everywhere. Read More

seifried.org:
Predictions for information security in 2002 by Kurt Seifried. Read More

www.jsonline.com:
Wanted: A high-tech FBI. Read More

www.vigilante.com:
What is a Vulnerability? Read More

14 August 2002

New Trojans:
iwAnywhere 1.1.1

Lame WebDownloader 1.0

pseudoRAT 0.1b

Vulnerabilities & Exploits:
www.thoughtcrime.org:
IE Certificate Chain Exploit. Read More

www.securitytracker.com:
OpenBSD Kernel Buffer Overflow in select(2) System Call Lets Local Users Execute Arbitrary Code With Kernel-Level Privileges. Read More

www.securiteam.com:
Tool allows Hijacking Kernel Symbols and Functions to Hide Binary Files. Read More

www.securiteam.com:
SNMP Vulnerability in Avaya Cajun. Read More

www.securiteam.com:
Novell iManager DoS Attack (eMFrame). Read More

www.securiteam.com:
Winhlp32.exe Remote Buffer Overrun. Read More

www.securiteam.com:
CERN Proxy Server Cross-Site Scripting Vulnerability. Read More

News:
news.bbc.co.uk:
Microsoft looks into browser 'flaw'. Read More

www.pcworld.com:
Serious Security Flaw Found in Outlook, IE. Read More

www.ntsecurity.net:
Severe Vulnerability in Internet Explorer SSL. Read More

www.vnunet.com:
Hackers tool up for Unix attack. Read More

www.belfasttelegraph.co.uk:
Computer Security: Hack attack. Read More

www.newscientist.com:
Digital forgery attacks website security. Read More

straitstimes.asia1.com.sg:
Hacker sends Nasa into a spin after cracking files. Read More

www.cnn.com:
U.S. computer systems vulnerable to attack? Read More

www.vnunet.com:
University challenge attracts hackers. Read More

www.theage.com.au:
Sleeping with the enemy. Read More

www.silicon.com:
Why a slap on the wrists is no data protection deterrent. Read More

itmanagement.earthweb.com:
Email Migration Knocks Out Viruses and Spam. Read More

13 August 2002

New Trojans:
Pinochet 1.0

JustJoke 2.1

SharaQQ 4.1

Vulnerabilities & Exploits:
Cisco Security Advisory:
Cisco VPN Client Multiple Vulnerabilities. Read More

Debian Security Advisory
DSA-148-1 hylafax -- buffer overflows and format string vulnerabilities. Read More

online.securityfocus.com:
Citrix Metaframe Java ICA Environment Denial Of Service Vulnerability. Read More

www.securitytracker.com:
MidiCart Shopping Cart Software May Disclose Database (Including Credit Card Data) to Remote Users. Read More

News:
online.securityfocus.com:
The hacker's worst enemy? Another hacker. Read More

www.wired.com:
Bug Finders: Should They Be Paid? Read More

zdnet.com.com:
Flash flooded by security flaws. Read More

www.reuters.com:
Security Flaw Found in Microsoft Web Browser. Read More

zdnet.com.com:
Are Virus writers getting scared away? Read More

www.hindustantimes.com:
New security dilemma: Lack of viruses. Read More

www.linuxsecurity.com:
Best Practices guide for securing the Linux Workstation. Read More

www.linuxsecurity.com:
CodeCon: Call For Papers. Read More

www.osopinion.com:
'Sweeping' Up After Identity Theft. Read More

www.vnunet.com:
Bug Watch: A question of reputation. Read More

www.computerworld.com:
CERT: Flaw could allow root access in some Unix, Linux systems. Read More

www.vnunet.com:
Downing Street slams 'BBC hacking' claims. Read More

www.nzherald.co.nz:
British Government calls BBC hacking claims 'drivel'. Read More

news.independent.co.uk:
Inquiry urged into No 10 hacking claim. Read More

www.computerworld.com:
NASA Investigating Theft by Hacker. Read More

www.vnunet.com:
Hacker steals Nasa shuttle plans. Read More

www.cnn.com:
Flaw discovered in encryption software. Read More

www.computerworld.com:
Researchers probe PGP security flaw. Read More

12 August 2002

New Trojans:
Helios 1.2b

R0xr4t 1.1

Vulnerabilities & Exploits:
www.securitytracker.com:
ISDN4Linux Utils 'ipppd' Server Format String Bug May Let Local Users Gain Root Privileges. Read More

www.securitytracker.com:
Apache Web Server (2.0) Has Unspecified Flaw That Allows Remote Users to Obtain Sensitive Data and Cause Denial of Service Conditions. Read More

www.securitytracker.com:
Compaq WL310 Wireless Gateway Discloses SNMP Community String (Password) to Remote Users. Read More

www.securitytracker.com:
Agere ORiNOCO Wireless Access Point Device Discloses SNMP Community String (Password) to Remote Users. Read More

www.securiteam.com:
CSS Bug in Winamp. Read More

www.securiteam.com:
Internet Explorer SSL Vulnerability. Read More

www.securiteam.com:
WS_FTP SITE CPWD Buffer Overflow Vulnerability. Read More

www.securiteam.com:
Mozilla FTP View Cross-Site Scripting Vulnerability. Read More

www.securiteam.com:
Integer Overflow in XDR Library. Read More

www.securiteam.com:
iSCSI Default Configuration File Settings. Read more

News:
www.theregister.co.uk:
SSL defeated in IE and Konqueror. Read More

www.nzherald.co.nz:
British Government calls BBC hacking claims 'drivel'. Read More

news.independent.co.uk:
Inquiry urged into No 10 hacking claim. Read More

hoovnews.hoovers.com:
Antivirus programs: One is not enough (AnchorDesk ANCH). Read More

www2.swissinfo.org:
Stakes higher for hackers post September 11. Read More

www.wired.com:
How Al-Qaida Site Was Hijacked. Read More

digitalmass.boston.com:
PGP flaw could let unauthorized people decode sensitive e-mail. Read More

itmanagement.earthweb.com:
IM Users Being Duped into Security Laxes. Read More

www.bergen.com:
They'd rather not take a number. Read More

11 August 2002

New Trojans:
Institution 1.0

Katux Latinus 1.1 (a)

Vulnerabilities & Exploits:
www.securitytracker.com:
Falcon Web Server Input Validation Holes Let Remote Users Conduct Cross-site Scripting Attacks Against Web Server Users . Read More

www.securitytracker.com:
Sun iPlanet Web Server Buffer Overflow in Encoded Transfer Chunk Processing Allows Remote Users to Execute Arbitrary Code With Root Privileges. Read More

www.securitytracker.com:
Google Toolbar for Internet Explorer Has Many Holes That Allow Remote Users to Control the Toolbar and Execute Arbitrary Commands and Scripts on the Victim's Computer. Read More

www.securitytracker.com:
Ipswitch WS_FTP Server Buffer Overflow in SITE CPWD Command Processing Lets Remote Users Execute Arbitrary Code With System Level Privileges. Read More

www.securitytracker.com:
Citrix MetaFrame Running on Windows NT4 Terminal Server Can Be Crashed By a Remote User via the Java ICA Web Terminal Interface. Read More

www.securitytracker.com:
Linux-iSCSI Default Configuration Vulnerability May Disclose Passwords to Local Users. Read More

www.securitytracker.com:
Macromedia Flash Player ActionScript Domain Security Flaw Lets Remote Users Access Local Files By Modifying URLs. Read More

www.securitytracker.com:
Macromedia Flash Player Buffer Overflow in Processing SWF Headers May Allow Remote Users to Execute Arbitrary Code. Read More

www.securiteam.com:
Opera FTP View Cross-Site Scripting Vulnerability. Read More

www.securiteam.com:
Web Shop Manager Security Vulnerability. Read More

www.securiteam.com:
Apache 2.0 Vulnerability Affects non-UNIX Platforms. Read More

www.securiteam.com:
Information Leakage in Orinoco and Compaq Access Points. Read More

www.securiteam.com:
Winhlp32.exe Buffer Overflow Exploit Code. Read More

News:
digitalmass.boston.com:
Britain Denies Hacking Into BBC to Spy on Reporters. Read More

www.fcw.com:
Security overload. Read More

www.startribune.com:
Tech watch: Lessons from a hacker. Read More

www.theregister.co.uk:
MS 'Software Choice' scheme a clever fraud. Read More

10 August 2002

New Trojans:
Helios 2.1

Neoturk 1.3

R0xr4t 1.0 Beta 2

Vulnerabilities & Exploits:
Debian Security Advisory
DSA-147-1 mailman -- cross-site scripting. Read More

Debian Security Advisory
DSA-146-2 dietlibc -- integer overflow. Read More

online.securityfocus.com:
Google Toolbar Unauthorized JavaScript Configuration Modification Vulnerability. Read More

online.securityfocus.com:
Google Toolbar Keypress Monitoring Information Disclosure Vulnerability. Read More

online.securityfocus.com:
iSCSI Insecure Configuration File Permissions Information Disclosure Vulnerability. Read More

www.securitytracker.com:
Tinyproxy Double Freed Memory Bug May Let Remote Users Execute Arbitrary Code on the System. Read More

www.securitytracker.com:
Microsoft Content Management Server Buffer Overflow in Authentication Function May Allow Remote Users to Execute Arbitrary Code With System Level Privileges. Read More

www.securitytracker.com:
Cisco VPN 5000 Concentrator May Send Unencrypted Passwords Over the Network in a Certain Configuration. Read More

News:
straitstimes.asia1.com.sg:
Security flaw found in Windows system. Read More

www.idg.net:
Security Flaw Found in Shockwave Flash. Read More

www.infoworld.com:
Macromedia security hole affects Windows, Unix. Read More

www.idg.net:
HP, Bug-Hunters Declare Truce. Read More

www.infoworld.com:
'Network telescopes' spy on net attacks. Read More

www.silicon.com:
Hacker leaves Kiwi authorities red-faced over 'Fat' slur. Read More

online.securityfocus.com:
'Creative Attacks' Beat Crypto -- Expert. Read More

www.idg.net:
Sun Fixes Serious Web Server Flaw. Read More

www.extremetech.com:
ISS Upgrade Fixes Firewall Problem. Read More

www.theregister.co.uk:
Damn the Constitution: Europe must take back the Web. Read More

www.theregister.co.uk:
'Safe' web still wide open - Windows sleuth. Read More

www.business2.com:
Carte Blanche for Hackers. Read More

www.theregister.co.uk:
Web pornographer hacks bin Laden. Read More

09 August 2002

New Trojans:
G-Spot Bot 2.0

NetHack 1.4

Fast Internet Utility 1.666

Vulnerabilities & Exploits:
www.isg.rhul.ac.uk:
SECURITY VULNERABILITIES IN EVENT-DRIVEN SYSTEMS (pdf). Read More

www.isg.rhul.ac.uk:
A New Avenue of Attack: Event-driven System Vulnerabilities (pdf). Read More

security.tombom.co.uk:
Exploiting design flaws in the Win32 API for privilege escalation.
Or...
Shatter Attacks - How to break Windows. Read More

cve.mitre.org:
A Progress Report on the CVE Initiative. Read More

jscript.dk:
New language features in JScript and VBScript. Read More

www.eeye.com:
Macromedia Shockwave Flash Malformed Header Overflow. Read More

www.eeye.com:
Sun™ ONE / iPlanet Web Server 4.1 and 6.0 Remote Buffer Overflow. Read More

www.atstake.com:
WS_FTP SITE CPWD Buffer Overflow vulnerability. Read More

sec.greymagic.com:
Exploiting the Google toolbar. Read More

www.microsoft.com:
WM_TIMER tricks. Read More

online.securityfocus.com:
Cisco VPN 5000 Concentrator Plaintext Password. Read More

online.securityfocus.com:
Mozilla FTP View Cross-Site Scripting Vulnerability. Read More

online.securityfocus.com:
Microsoft Windows Window Message Subsystem Design Error Vulnerability. Read More

online.securityfocus.com:
Microsoft Exchange 2000 Multiple MSRPC Denial Of Service Vulnerabilities. Read More

online.securityfocus.com:
Microsoft Windows 2000 Insecure Default File Permissions Vulnerability. Read More

online.securityfocus.com:
Microsoft Internet Explorer Invalid SSL Certificate Chain Vulnerability. Read More

online.securityfocus.com:
Microsoft SQL Server Remote Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
Microsoft Exchange 2000 Post Authorization License Exhaustion Denial Of Service Vulnerability. Read More

www.securitytracker.com:
Microsoft Visual C++ Flaw in calloc() and Similar Functions May Result in Buffer Overflows in Applications That Use the Compiler or Runtime Library. Read More

www.securitytracker.com:
GNU libc Runtime C Library Flaw in calloc() and Similar Functions May Result in Buffer Overflows in Applications That Use the Library. Read More

www.securitytracker.com:
GNU C++ Compiler (GCC) Flaw in calloc() and Similar Functions May Result in Buffer Overflows in Applications That Use the Compiler. Read More

www.securitytracker.com:
GNU Ada Compiler (GNAT) Flaw in calloc() and Similar Functions May Result in Buffer Overflows in Applications That Use the Compiler. Read More

www.securitytracker.com:
dietlibc Runtime C Library Flaw in calloc() and Similar Functions May Result in Buffer Overflows in Applications That Use the Library. Read More

www.securitytracker.com:
QmailAdmin Buffer Overflow Lets Local Users Obtain Elevated Privileges on the System. Read More

www.securitytracker.com:
Gaim Instant Messaging Client Buffer Overflow in Jabber Module May Allow Remote Users to Execute Arbitrary Code. Read More

www.securitytracker.com:
Trillian Chat Client Buffer Overflow in Processing PING Messages Allows Remote Users to Execute Arbitrary Code. Read More

www.securitytracker.com:
LCC-Win32 'C' Language Compiler May Insert Portions of System Memory Contents into Compiled Code. Read More

www.securitytracker.com:
Trillian Chat Client Format String Flaw and DCC Message Buffer Overflow May Allow Remote Users to Execute Arbitrary Code. Read More

www.securitytracker.com:
Xitami Web Server Can Be Crashed By Remote Users Opening Multiple Concurrent Sessions. Read More

www.securitytracker.com:
Nullsoft SHOUTcast Media Server Discloses Administrative Password to Local Users. Read More

www.securitytracker.com:
Web Shop Manager Input Validation Bug Lets Remote Users Execute Commands on the System. Read More

www.securitytracker.com:
Microsoft Internet Explorer SSL Implementation Flaw in Following Certificate Chains Allows Remote Users to Conduct Man-in-the-Middle Attacks to Obtain Unencrypted Data from the Browser. Read More

www.securitytracker.com:
Winamp MP3 Player Input Validation Bug in Generating Playlists Lets Remote Users Conduct Cross-site Scripting Attacks. Read More

www.securiteam.com:
Eudora 5.x for Windows Buffer Overflow Vulnerability. Read More

News:
zdnet.com.com:
Windows API 'flaw' sparks security debate. Read More

www.ananova.com:
Microsoft's Passport service faces security checks. Read More

www.theregister.co.uk:
Trio of bugs bite MS Content Management Server. Read More

www.itoc.usma.edu:
Reinforcing Dialog-Based Security (pdf).
Proceedings of the 2001 IEEE Workshop on Information Assurance and Security United States Military Academy. Read More

www.theregister.co.uk:
Dangers of the Google tool bar exposed. Read More

itmanagement.earthweb.com:
Don't Get Googled by Hackers! Read More

zdnet.com.com:
.Net has Microsoft tongue tied. Read More

www.idg.net:
USENIX - Expert: Simplicity is key to keeping code secure. Read More

www.theregister.co.uk:
Attacking Nimda-infected attackers. Read More

www.internetwk.com:
Microsoft Patches Security Holes In Content Server. Read More

europe.cnn.com:
Pornographer says he hacked al Qaeda. Read More

www.idg.net:
NASA investigating hacker theft of sensitive documents. Read More

zdnet.com.com:
Black-market tool for Xbox mod squad. Read More

www.theregister.co.uk:
Porn spam on the rise. Read More

08 August 2002

New Trojans:
Cabronator 1.1

Neoturk 1.2

Wollf 1.0

Vulnerabilities & Exploits:
Debian Security Advisory
DSA-145-1 tinyproxy -- doubly freed memory. Read More

www.securitytracker.com:
Opera Web Browser Input Validation Flaw in FTP View Feature May Let Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Mozilla Web Browser Input Validation Flaw in FTP View Feature May Let Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
FreeBSD Kernel Fast File System (FFS) May Let Local Users Read and Write Arbitrary Data to the Filesystem. Read More

www.securitytracker.com:
Jana Web Server Buffer Overflow in Processing HTTP Commands May Let Remote Users Execute Arbitrary Code on the System. Read More

www.securitytracker.com:
FreeBSD Operating System Kqueue State Error Lets Local Users Panic the System. Read More

www.securitytracker.com:
602Pro LAN Suite Web Server and Telnet Proxy Bugs Let Remote Users Consume All Available Memory on the System. Read More

www.securitytracker.com:
Qualcomm Eudora E-mail Client Software Buffer Overflow in Processing MIME Boundaries Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
ArGoSoft Mail Server Lets Remote Authenticated Users Configure an Endless Loop to Cause Denial of Service Conditions. Read More

www.securitytracker.com:
Avaya Cajun Switch Undocumented SNMP Community String Lets Remote Users Administer the Device. Read More

www.securiteam.com:
Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability. Read More

www.securiteam.com:
Unchecked Buffer in Content Management Server Could Enable Server Compromise. Read More

www.securiteam.com:
Windows 2000 Weak Default Permission on System Partitions. Read More

www.securiteam.com:
Security Holes Allows Retrieving the SHOUTcast Admin Password (GET). Read More

News:
Microsoft Security Bulletin MS02-041
Unchecked Buffer in Content Management Server Could Enable Server Compromise (Q326075). Read More

www.theregister.co.uk:
Win32 API utterly and irredeemably broken. Read More

rtnews.globetechnology.com:
Hacker claims Windows flaw is 'unfixable'. Read More

www.pcw.co.uk:
Security expert breaks Windows. Read More

techupdate.zdnet.com:
Security flaw hits Windows, Mac, Linux. Read More

www.computerworld.com:
CERT: Security flaw in Sun library could affect Kerberos. Read More

www.electricnews.net:
Irish Honeynet attracts Trojan Horses. Read More

07 August 2002

New Trojans:
Invisible Hunter 1.1

Helios 1.8

AIM Evil Doer

Vulnerabilities & Exploits:
lists.netsys.com:
[Full-Disclosure] "Free Hacker Manifest". Read More

www.securitytracker.com:
Sun AnswerBook2 Format String Flaw and Administrative Script Access Bug Lets Remote Users Execute Arbitrary Code on the System. Read More

online.securityfocus.com:
Linux: buffer overflow in multiple DNS resolver libraries. Read More

online.securityfocus.com:
Updated gaim client fixes Jabber plug-in vulnerability (Powertools). Read More

News:
lists.netsys.com:
[Full-Disclosure] "Free Hacker Manifest". Read More

www.irssi.org:
irssi binary isn't backdoored, only the configure script that you might have run while installing irssi. Read More

online.securityfocus.com:
Post to Bugtraq -- Go to Jail. Read More

www.infoworld.com:
New flaw discovered in Symantec firewall. Read More

online.securityfocus.com:
FBI Alerts U.S. Sites To Widespread Hacker Attacks. Read More

www.theregister.co.uk:
Israeli teenagers charged with Goner virus outbreak. Read More

www.theregister.co.uk:
FBI plays cyber-fear card again. Read More

www.chron.com:
Internet attack fizzles after alert from FBI. Read More

www.infoworld.com:
NIPC warns of cyberattacks, but impact is slight. Read More

www.businesstoday.com:
Attack on Net goes unnoticed: Little action after FBI's hacker alert. Read More

abcnews.go.com:
U.S. Monitoring Internet Attacks. Read More

www.infoworld.com:
U.S. copyright law has hackers on the defensive. Read More

www.smh.com.au:
Record tampering at uni prompts security warning. Read More

www.japantimes.co.jp:
Defense Agency investigates data leak. Read More

www.asahi.com:
Defense network breach probed. Read More

www.newsfactor.com:
E-Mail Encryption: Why Isn't Everyone Doing It? Read More

www.theregister.co.uk:
Anonymizer preps Private Surfing 2.0. Read More

06 August 2002

New Trojans:
MoSucker 2.30

Assasin 1.1

Network Crack Wizard 1.1

Vulnerabilities & Exploits:
CERT® Advisory CA-2002-25
Integer Overflow In XDR Library. Read More

web.mit.edu:
Remote root vulnerability in MIT krb5 admin system. Read More

www.security.nnov.ru:
Windows 2000 system partition weak default permissions. Read More

RUS-CERT Advisory 2002-08:01
Incorrect integer overflow detection in C code. Read More

RUS-CERT Advisory 2002-08:02
Flaw in calloc and similar routines. Read More

www.securitytracker.com:
Ensim WEBpliance Server Management Software Lets Remote Authenticated Users Receive E-mail for Other Users on the Hosted Domain. Read More

www.securiteam.com:
Trillian IRC PING Buffer Overflow Vulnerability (Exploit). Read More

www.securiteam.com:
Raptor Firewall Weak ISN Vulnerability. Read More

www.securiteam.com:
Multiple Cyan Chat Vulnerabilites. Read More

www.securiteam.com:
Format String and Buffer Overflow in the IRC Client of Trillian. Read More

www.securiteam.com:
Xitami Connection Flood Causes a DoS. Read More

www.securiteam.com:
MSN Groups Makes Cross Site Scripting Easy. Read More

News:
www.pcworld.com:
Trojan Horse Technology Exploits IE Hole. Read More

www.europemedia.net:
NASA hackers arrested by police. Read More

www.hindustantimes.com:
Hackers get defensive on new law. Read More

news.com.com:
Putting fun back into hacking. Read More

www.infoworld.com:
Former priest calls hackers truthseekers. Read More

news.zdnet.co.uk:
Italian hackers: Business or leisure? Read More

zdnet.com.com:
Hacker school teaches the good guys. Read More

news.zdnet.co.uk:
Experts: Let's squash software bugs. Read More

www.fcw.com:
DOD focused on wireless security. Read More

www.fcw.com:
The era of wireless viruses. Read More

www.h2k2.net:
PICTURES FROM H2K2. Read More

www.reuters.com:
Japan Defense Data Leak Sparks Security Fears. Read More

news.zdnet.co.uk:
Old game machine turned into Linux hacker tool. Read More

news.com.com:
When brains meet computer brawn. Read More

05 August 2002

New Trojans:
IrcContact 2.0 by Impactus

AntiLamer Backdoor 1.2

Invisible Hunter 1.0

Vulnerabilities & Exploits:
online.securityfocus.com:
Sun Solaris GFXRES / PGXConfig Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
LCC-Win32 Compiled Binary Memory Disclosure Vulnerability. Read More

online.securityfocus.com:
Sun AnswerBook2 Unauthorized Administrative Script Access Vulnerability. Read More

www.securitytracker.com:
Symantec VelociRaptor Firewall Appliance Uses Weak TCP Sequence Numbers That May Allow Remote Users to Hijack Session. Read More

www.securitytracker.com:
Symantec Enterprise Firewall (Raptor Firewall) Uses Weak TCP Sequence Numbers That May Allow Remote Users to Hijack Sessions. Read More

News:
www.hindustantimes.com:
Pakistan steps up cyber attacks against India. Read More

news.com.com:
Feds: Security leaks must end. Read More

www.computeruser.com:
Hacker rings cracked in Italy. Read More

news.cnet.com:
Computer vigilantes target hackers. Read More

news.com.com:
Vigilante hacking touted as virus cure. Read More

www.networkmagazine.com:
Fortifying Your Firewalls. Read More

news.com.com:
Week in review: Message in a bottleneck. Read More

www.thejakartapost.com:
Internet banking, is it really safe and worth it? Read More

www.nzherald.co.nz:
$5m funding boost for anti-hacking company. Read More

04 August 2002

New Trojans:
Micro Bot 1.0

DKangel 2.0 (b)

Lame WebDownloader 0.2

Vulnerabilities & Exploits:
www.securiteam.com:
The Cross Site Scripting FAQ. Read More

www.securiteam.com:
Hacking the Invisible Network (Insecurities in 802.11x). Read More

www.securiteam.com:
Exploit Code Released for su Vulnerability (Tru64). Read More

online.securityfocus.com:
John G. Myers MUnpack Malformed MIME Encoded Message Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
Trillian IRC Module Format String Vulnerability. Read More

online.securityfocus.com:
Inso DynaWeb httpd Format String Vulnerability. Read More

online.securityfocus.com:
Sun AnswerBook2 Unauthorized Administrative Script Access Vulnerability. Read More

online.securityfocus.com:
Multiple Symantec Product Weak TCP Initial Sequence Number Vulnerability. Read More

www.securitytracker.com:
Mpack/Munpack File Decoding Utility Buffer Overflow May Let Remote Users Execute Arbitrary Code By Exploiting Applications That Use Mpack. Read More

www.securitytracker.com:
Microsoft Terminal Services Can Be Crashed By Remote Users Conducting a TCP SYN Scan in Certain Situations. Read More

News:
www.ananova.com:
'War chalking': New hacking threat to firms. Read More

cooltech.iafrica.com:
Hackers of the world unite in Vegas. Read More

www.wired.com:
Defcon: Va-Va-Va Voom, Las Vegas. Read More

www.sunspot.net:
Ivy hacking caper exposes a big-league security flaw. Read More

www.thisislondon.com:
Businesses warned of hacker danger. Read More

03 August 2002

New Trojans:
Vagr Nocker 3.0

LANfiltrator Beta 5 by Read101

Invisible Hunter 1.2

Vulnerabilities & Exploits:
online.securityfocus.com:
Bharat Mediratta Gallery Remote File Include Vulnerability. Read More

online.securityfocus.com:
Microsoft Windows Terminal Services Denial Of Service Vulnerability. Read More

www.securitytracker.com:
IBM U2 UniVerse Database May Allow Remote Users to Crash the Server By Making Invalid Queries. Read More

www.securitytracker.com:
'Gallery' Web-based Image Gallery Software Input Validation Flaw Lets Remote Users Execute Arbitrary Commands on the System. Read More

www.securitytracker.com:
Microsoft SQL Server MDAC Function Buffer Overflow May Let Remote Users Execute Arbitrary Code to Gain Full Control Over the Database. Read More

www.securitytracker.com:
'libpng' Portable Network Graphics Library Buffer Overflow Lets Remote Users Crash Affected Applications. Read More

www.securitytracker.com:
HP/Compaq Tru64 Operating System 'su' Utility Lets Local Users Gain Root Access. Read More

www.securitytracker.com:
ParaChat Server Bug May Let Remote Users Create Phantom Chat Users to Consume All Available Chat Room Slots. Read More

www.securitytracker.com:
RPC Buffer Overflow in 'xdr_array' Filter Lets Remote Users Execute Arbitrary Code with Root Privileges. Read More

linuxtoday.com:
Debian GNU/Linux Advisory: mpack. Read More

linuxtoday.com:
OpenSSH Advisory: FTP Server Trojaned. Read More

News:
news.com.com:
Italian police arrest 14 in hacker probe. Read More

www.idg.net:
Top 10 viruses of July 2002. Read More

www.cio.com:
CIO CYBERTHREAT RESPONSE & REPORTING GUIDELINES (pdf). Read More

linuxtoday.com:
Computerworld.NZ: Site 'Hypes' Linux Hacks. Read More

www.gcn.com:
Dangers in luring hackers with honey. Read More

www.extremetech.com:
Security Group Nailing Down Name, Goals. Read More

timesofindia.indiatimes.com:
Hacking becoming easier, say experts. Read More

books.slashdot.org:
Tracking Hackers. Read More

news.com.com:
Hacking their Image. Read More

www.technologyreview.com:
The Chinese Columbine. Read More

www.it-director.com:
Hacking is your duty. Read More

news.com.com:
Old game machine gets hack trick. Read More

02 August 2002

New Trojans:
LAN Sniffer 1.0 by Aphex

Fuck Lamers Backdoor 2.1

AntiLamer Backdoor 1.1

Vulnerabilities & Exploits:
www.nextgenss.com:
Exploiting Windows NT 4 Buffer Overruns. Read More

www.nextgenss.com:
Non-stack Based Exploitation of Buffer Overrun Vulnerabilities on Windows NT/2000/XP (pdf). Read More

online.securityfocus.com:
William Deich Super SysLog Format String Vulnerability. Read More

online.securityfocus.com:
HP JetDirect Embedded Web Server Password Handling Vulnerability. Read More

online.securityfocus.com:
Frederic Tyndiuk Eupload Plain Text Password Storage Vulnerability. Read More

www.securiteam.com:
Denial of Service Found in IBM U2 UniVerse. Read More

www.securiteam.com:
Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise. Read More

www.securiteam.com:
MS Terminal Services Vulnerable to SYN Scan. Read More

www.securiteam.com:
OpenSSH Trojaned (Version 3.4p1). Read More

www.securiteam.com:
Remote Buffer Overflow Vulnerability in Sun RPC. Read More

www.securitytracker.com:
'pppd' Race Condition in Chmod() Call May Allow Local Users to Obtain Root Privileges on the System. Read More

www.securitytracker.com:
IPswitch IMail Web Calendaring Service Can Be Crashed By Remote Users Sending a Malformed Request. Read More

www.securitytracker.com:
'Super' Setuid Command Wrapper Format String Hole Gives Local Users Root Access. Read More

www.securitytracker.com:
eUpload CGI Web-based File Upload Utility Access Control Flaw Discloses User Passwords to Remote Users. Read More

www.securitytracker.com:
Sendform.cgi Script Input Validation Flaw Discloses Files on the Server to Remote Users. Read More

www.securitytracker.com:
Sympoll Voting Script Input Validation Bug Discloses Files on the System to Remote Users. Read More

www.securitytracker.com:
'mm' Shared Memory Allocation Library Temporary File Race Condition May Allow Local Users to Gain Elevated Privileges. Read More

www.securitytracker.com:
ShoutBOX Web Comment System Lets Remote Users Cause Arbitrary Scripting Code to Be Executed By Site Visitors. Read More

www.securitytracker.com:
OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges. Read More

News:
media.guardian.co.uk:
The web's most wanted. Read More

www.idg.net:
Feds get tough with security vendors, researchers. Read More

techupdate.zdnet.com:
Who's ready for cyberterror? Read More

online.securityfocus.com:
OpenSSH trojaned! Read More

www.vnunet.com:
Puzzling Trojan affects OpenSSH. Read More

www.spacer.com:
New Class Of Attacks On Computer Security Systemss. Read More

www.idg.net:
Klez: The Virus That Won't Die. Read More

www.wired.com:
BN.com: Insecure About Security? Read More

www.manchesteronline.co.uk:
World gathering of top experts on IT security. Read More

www.idg.net:
Is Security a Man’s World? Read More

www.abc.net.au:
Italian police nab top secret website hackers. Read More

www.usatoday.com:
Italian police shut down hacker rings. Read More

www.vnunet.com:
Games console goes to info war. Read More

www.eff.org:
COMPLAINT FOR VIOLATION OF PROVISIONS GOVERNING CIRCUMVENTION OF COPYRIGHT PROTECTION SYSTEMS. Read More

01 August 2002

New Trojans:
CyberSpy 8.4

Aibolit 4.0

JustJoke 1.2

Tools:
www.insecure.org:
Nmap 3.00 Released. Read More

freshmeat.net:
Firewall by Jim 1.21Alpha (Development). Read More

Vulnerabilities & Exploits:
Malicious Mobile Code
Virus Protection for Windows. Read More

www.bol.ucla.edu:
Approved ActiveX Controls. Read More

Internet Security Systems Security Advisory
Remote Buffer Overflow Vulnerability in Sun RPC. Read More

online.securityfocus.com:
Multiple OpenSSL Remote Buffer Overflow Vulnerabilities. Read More

online.securityfocus.com:
Multiple Vendor Sun RPC xdr_array Buffer Overflow Vulnerability. Read More

www.securitytracker.com:
Microsoft Internet Explorer (IE) Web Browser JavaScript 'Same Origin Policy' Flaw Allows Remote Users to Create Malicious JavaScript to Retrieve Web Data from a Victim's Internal Network. Read More

www.securitytracker.com:
Mozilla Web Browser JavaScript 'Same Origin Policy' Flaw Allows Remote Users to Create Malicious JavaScript to Retrieve Web Data from a Victim's Internal Network. Read More

www.securitytracker.com:
dotMarketing's 'dotproject' Project Management Software Authentication Error Lets Remote Users Login as Administrators. Read More

www.securitytracker.com:
Util-linux Collection of Utilities Contains a File Sharing Flaw and Race Condition That Allows Local Users to Gain Root Privileges. Read More

www.securitytracker.com:
HylaFAX Buffer Overflows in Processing TSI String and in Processing Images Lets Remote Users Cause 'faxgetty' to Crash and May Allow for Remote Code Execution. Read More

www.securitytracker.com:
Aprelium's Abyss Web Server Discloses Directory Contents to Remote Users. Read More

www.securiteam.com:
Combining IE and .XLA leads to Security Vulnerabilities. Read More

www.securiteam.com:
TFTP Long Filename Vulnerability. Read More

www.securiteam.com:
Protected Adobe eBooks can be copied between Computers. Read More

www.securiteam.com:
W3Mail MIME Attachment Vulnerability. Read More

www.securiteam.com:
Directory Traversal vulnerability in sendform.cgi. Read More

www.securiteam.com:
Incomplete Patch for File Descriptor Vulnerability Allows Insertion of Arbitrary Content into Sensitive Files. Read More

www.securiteam.com:
Arbitrary File Disclosure Vulnerability in Sympoll. Read More

www.securiteam.com:
Security Vulnerability Found in EUpload. Read More

News:
Microsoft Security Bulletin MS02-040
Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573). Read More

www.chron.com:
Presidential adviser: We need hackers! Read More

www.siliconvalley.com:
Presidential advisor encourages computer hackers to break software. Read More

news.com.com:
Security warning draws DMCA threat. Read More

www.infoworld.com:
Cybersecurity czar urges better standards. Read More

www.fcw.com:
Feds look to secure wireless nets. Read More

news.com.com:
Why filtering laws just won't work. Read More

www.yomiuri.co.jp:
Fears over govt info system. Read More

www.billboard.com:
RIAA Hacked In Apparent Response To New Bill. Read More


Copyright© MegaSecurity.org