Home    News Archive    Translate Traducen
News August 20004
31 August 2004

New Trojans:
Nuclear RAT 1.0 6.0

Skull 1.0

Remote Time Bomb 1.0

 

Guides, Papers, etc
www.crime-research.org:
International Scientific and Practical Cyber Crime Conference 2005. Read more

www.detnews.com:
4 steps to protect Wi-Fi networks from computer hackers. Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-542-1 qt -- unsanitised input. Read more

www.securiteam.com:
Citadel/UX Remote Buffer Overflow Exploit. Read more

www.securiteam.com:
Keene Digital Media Server Directory Traversal. Read more

www.securiteam.com:
Outlook Express BCC Exposure. Read more

www.securiteam.com:
Ground Control II Broadcast Forced Exit (DoS). Read more

www.securiteam.com:
iChain Multiple Vulnerabilities. Read more

www.securiteam.com:
Cisco Secure Access Control Server (ACS) Multiple DoS and Authentication Vulnerabilities. Read more

www.securiteam.com:
Netscape NSS Library Remote Compromise. Read more

www.securiteam.com:
Top Layer Attack Mitigator IPS 5500 DoS. Read more

www.securitytracker.com:
Scout Tracker User Group and Password Changing Flaws Have Unspecified Impact. Read more

www.securitytracker.com:
mntd Lack of Input Validation in Reading Configuration File May Let Local Users Execute Commands. Read more

www.securitytracker.com:
Zlib Error Handling Bug in inflate() and inflateBack() Lets Remote Users Deny Service. Read more

 

News:
www.theinquirer.net:
Microsoft security chief uses Firefox. Read more

www.newsfactor.com:
Windows XP SP2 Incompatible with Security Programs. Read more

www.usatoday.com:
Hackers hijack federal computers. Read more

www.newsfactor.com:
New Virus Makes Spyware Sleazier. Read more

www.yonhapnews.co.kr:
Overseas Hacker Attacks Increase for 3rd Straight Month: Ministry. Read more

30 August 2004

New Trojans:
Iniquity RAT 1.2

SpyMasterSnake FTP Trojan

Reversable 1.2

 

Guides, Papers, etc
www.securityfocus.com:
Deploying Network Access Quarantine Control, Part 2. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Smart Guest Book Discloses Database and Administrative Password to Remote Users. Read more

 

News:
www.vnunet.com:
Microsoft plays down SP2 security glitches. Read more

www.net4nowt.com:
Wanadoo web site hacked. Read more

www.vnunet.com:
Hackers continue to experiment with 64-bit viruses. Read more

www.herald-review.com:
E-mail con artists using trickier methods to "phish" for victims. Read more

www.finextra.com:
Operation Web Snare targets online crime. Read more

www.detnews.com:
Online fund scams can fool investors. Read more

www.dw-world.de:
Hackers go Phishing for Online Bankers. Read more

29 August 2004

New Trojans:
ProRat 1.9

Messiah 2.0

ZXShell 2.0

 

Vulnerabilities & Exploits
www.securitytracker.com:
Gaim Buffer Overflows in Groupware Messages, URLs, Hostname Lookups, and RTF Messages May Permit Remote Code Execution. Read more

www.securitytracker.com:
Gaim Smiley Theme Filename Input Validation Error Permits Arbitrary Code Execution. Read more

www.securitytracker.com:
PowerQuest DeployCenter May Disclose Passwords to Local Users. Read more

www.securitytracker.com:
Chat Anywhere Can Be Crashed By Remote Users With Specially Crafted Username. Read more

www.securiteam.com:
Cisco Telnet DoS Vulnerability. Read more

www.securiteam.com:
Painkiller DoS and Limited Code Execution. Read more

www.securiteam.com:
Easy File Sharing Web Server File Access and DoS. Read more

www.securiteam.com:
Qt BMP Heap Overflow. Read more

www.securiteam.com:
a2ps Executing Shell Commands From File Name. Read more

 

News:
www.theregister.co.uk:
Filipino mobe users scammed over virus scare. Read more

www.dw-world.de:
Hackers go Phishing for Online Bankers. Read more

www.post-gazette.com:
On the Money: Watch out for rotten phish. Read more

www.computerworld.com:
Phishy e-mails and Web sites: What's your responsibility? Read more

28 August 2004

New Trojans:
Backdoor.VB.uj

BrainBot 1.5

Reversable 1.1

 

Guides, Papers, etc
www.ccc.de:
21st Chaos Communication Congress
December 27th to 29th, 2004
Berliner Congress Center, Berlin, Germany. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Cisco IOS Telnet and Reverse Telnet TCP Bug Lets Remote Users Deny Subsequent Management Terminal Connections. Read more

www.securitytracker.com:
Linux Kernel USB Driver Uninitialized Structures May Disclose Kernel Memory to Local Users. Read more

www.securitytracker.com:
Cute PHP Library (cphplib) May Incorrectly Validate Parameters. Read more

www.securitytracker.com:
Ground Control II Can Be Crashed By Remote Users Sending a Large Packet. Read more

 

News:
www.securityfocus.com:
Website offers Caller I.D. falsification service. Read more

www.theregister.co.uk:
Feds bust DDoS 'Mafia'. Read more

www.neowin.net:
Microsoft Responds to SP2 Security Center Issue. Read more

www.stltoday.com:
Microsoft denies flaw in XP upgrade. Read more

www.theregister.co.uk:
Filipino mobe users scammed over virus scare. Read more

news.zdnet.co.uk:
Phishing lures first German victims. Read more

news.zdnet.co.uk:
One hundred suspects netted in cybercrime raids. Read more

news.zdnet.co.uk:
Winamp attackers hide under 'skins'. Read more

www.extremeipod.com:
Hacker releases iTunes sharing tool. Read more

27 August 2004

New Trojans:
Tequila Bandita 1.2b2

Hacking Tool

Snow 4.0

 

Tools
www.insecure.org:
Fyodor has released Nmap 3.55-SP2, which works around most of the bone-headed raw sockets restrictions that Microsoft added to Windows XP Service Pack 2. Read more

 

Vulnerabilities & Exploits
xforce.iss.net:
Entrust LibKmp Library Buffer Overflow. Read more

www.securitytracker.com:
Novell iChain Has Multiple Bugs That Let Remote Users Bypass ACLs, Deny Service, and Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Dynix WebPAC Input Validation Holes Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
RealVNC VNC Server Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Winamp Skin Files Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Keene Digital Media Server Encoded URL Directory Traversal Flaw Discloses Files to Remote Users. Read more

www.securitytracker.com:
OpenBSD Bridging Error Lets Remote Users Crash the System When in a Certain Configuration. Read more

www.securitytracker.com:
Top Layer Attack Mitigator IPS Error Condition Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Microsoft Outlook Express May Disclose 'bcc:' Recipeint Addresses. Read more

www.securitytracker.com:
Network Everywhere Router Lets Remote Users Inject Scripts Via DHCP Messages. Read more

www.securiteam.com:
Winamp Skin File (.wsz) Remote Code Execution Exploit. Read more

www.securiteam.com:
Yahoo! E-Mail Service Inadequate ActiveX Blocking. Read more

www.securiteam.com:
Music Daemon DoS and File Disclosure Vulnerabilities. Read more

www.securiteam.com:
CDE LibDtHelp LOGNAME Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Ipswitch WhatsUp Gold Remote Buffer Overflow Vulnerability. Read more

 

News:
www.securityfocus.com:
A Polluted Internet. Read more

www.theregister.co.uk:
Windows XP SP2 features security crater - report. Read more

www.content-wire.com:
INTERNET SECURITY: $290 of malware damage per Windows PC worldwide in 2004. Read more

www.securityfocus.com:
FBI busts alleged DDoS Mafia. Read more

www.theregister.co.uk:
Chinese finger 'exam cheat' virus. Read more

www.theregister.co.uk:
'Electronic Jihad' fails to materialise. Read more

www.computerworld.com:
Hackers target French ISP's site. Read more

26 August 2004

New Trojans:
TaSK-ER 1.0

Backdoor.Delf.kd

Unknown Backdoor in Delphi

 

Guides, Papers, etc
www.securityfocus.com:
Using Libwhisker. Read more

 

Vulnerabilities & Exploits
www.cisco.com:
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server. Read more

www.ngsec.com:
NtRegmon, local system denial of service. Read more

www.securitytracker.com:
Cisco Secure Access Control Server Lets Remote Users Access the Administrative Interface or Deny Service. Read more

www.securitytracker.com:
Ipswitch WhatsUp Gold Buffer Overflow in '_maincfgret.cgi' Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Symantec VelociRaptor iskampd Bug Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Symantec Enterprise Firewall iskampd Bug Lets Remote Users Deny Service, Read more

www.securitytracker.com:
Symantec Gateway Security iskampd Bug Lets Remote Users Deny Service. Read more

www.securitytracker.com:
IBM DB2 Assigns World-Writeable Permissions to Database Managed Space (DMS) Directories. Read more

www.securitytracker.com:
Gyach Enhanced Has Multiple Security Flaws With Unspecified Impact. Read more

www.securitytracker.com:
PHP Code Snippet Library Input Validation Error Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Axis Network Cameras Let Remote Users View and Edit Files on the Device. Read more

www.securitytracker.com:
RQ Buffer Overflow Lets Remote Systems Crash the Client. Read more

www.securitytracker.com:
Hastymail May Execute Scripting Code in E-Mail Content When 'Download' is Selected. Read more

www.securitytracker.com:
WebAPP Input Validation Flaw Lets Remote Users View Arbitrary Files. Read more

www.securitytracker.com:
Webroot Window Washer Does Not Properly Overwrite Erased Files. Read more

www.securitytracker.com:
Mantis Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PvPGN statsreq Packet Flaw Lets Remote Users Access Arbitrary Accounts. Read more

www.securitytracker.com:
imwheel Predictable Temporary File May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Webmatic Security Flaw Has Unspecified Impact. Read more

www.securitytracker.com:
icecast Input Validation Error in HTTP UserAgent Field Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Easy File Sharing Web Server Discloses All Files on the Disk to Remote Users. Read more

www.securitytracker.com:
Painkiller Game Buffer Overflow Lets Remote Users Corrupt Memory on the Target System. Read more

www.securitytracker.com:
Microsoft Internet Explorer Local File IFRAME Error Response Lets Remote Users Determine if Files or Directories Exist. Read more

www.securitytracker.com:
Plesk 7 Reloaded Input Validation Flaw in 'login_up.php3' Permits Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Bird Chat DoS. Read more

www.securiteam.com:
BadBlue Web Server DoS. Read more

www.securiteam.com:
XV Multiple Buffer Overflows. Read more

www.securiteam.com:
SARAd Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Lukemftpd (Tnftpd) Multiple Vulnerabilities May Lead To Remote Code Execution. Read more

www.k-otik.com:
SSH Remote Root password Brute Force Cracker Utility. Read more

www.heise.de:
Flaws in the security features of SP2. Read more

 

News:
www.mosnews.com:
Russian Computer Expert Predicts Internet Terrorist Attack. Read more

www.theregister.co.uk:
US cracks down on spam mountain. Read more

www.guardian.co.uk:
Virus worms way into webcams. Read more

www.telecomasia.net:
Hackers claim Optus voicemail system vulnerable. Read more

www.crime-research.org:
Viruses as tools of data theft. Read more

25 August 2004

New Trojans:
NeoControlRed 4.0.0

Backdoor.Cult.b

Iroffer 1.3b09

Guides, Papers, etc
www.moskalyuk.com:
Wi-Foo authors on wireless security problems. Read more

www.microsoft.com:
Changes to Functionality in Microsoft Windows XP Service Pack 2. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
dtmail Format String Bug Lets Local Users Gain Elevated Group Privileges. Read more

www.securitytracker.com:
sredird LogMsg() Format String Bug and HandleCPCCommand() Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Gadu-Gadu File Downloading Dialog Lets Remote Authenticated Users Spoof the File Extension. Read more

www.securitytracker.com:
LiveWorld Products Allow Remote Users to Conduct Cross-Site Scripting Attacks. Read more

www.kde.org:
KDE Security Advisory: Konqueror Cross-Domain Cookie Injection. Read more

www.debian.org:
DSA-541-1 icecast-server -- missing escape. Read more

sunsolve.sun.com:
Buffer Overflow in the CDE Mailer dtmail(1X). Read more

 

News:
www.theregister.co.uk:
Police cuff 'international computer piracy gang'. Read more

news.xinhuanet.com:
Exam paper leaking virus detected. Read more

itmanagement.earthweb.com:
Worm Uses Webcams to Spy on Users. Read more

24 August 2004

New Trojans:
Qwerto's Prank Manager 0.1

Backdoor.Dengdoor

Backdoor.Delf.il

 

Guides, Papers, etc
www.informit.com:
The Internet Connection Firewall in Windows XP. Read more

user.cs.tu-berlin.de:
NXTEST. Data Execution Prevention (DEP) Test. Read more

www.security.nnov.ru:
Security aspects of time synchronization infrastructure. Read more

www.techny.com:
Pursuing a Career in Ethical Hacking. Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-541-1 icecast-server -- missing escape. Read more

www.securitytracker.com:
Hafiye Lack of Terminal Escape Sequence Filtering May Let Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Netscape Network Security Services (NSS) Library SSLv2 Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
GroupWare Multiple Input Validation Holes Permit Cross-Site Scripting. Read more

www.securitytracker.com:
Gaucho Buffer Overflow in Processing Mail Headers Via POP3 Lets Remote Servers Execute Arbitrary Code. Read more

www.securitytracker.com:
Ulog-php Input Validation Error in 'proto' Parameter Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Davenport Gateway Lets Remote Users Consume Excessive Resources in Processing XML Documents. Read more

www.securitytracker.com:
Bird Chat Clients Can Be Crashed By a Remote User. Read more

www.securitytracker.com:
Compulsive Media News Discloses Database to Remote Users. Read more

www.securitytracker.com:
PhotoADay Module Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
WWWguestbook Discloses Database to Remote Users. Read more

www.securitytracker.com:
Music daemon Discloses Arbitrary Files to Remote Users and Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Hitachi Job Management Partner FTP Service Can Be Stopped By Remote Users. Read more

www.securitytracker.com:
Hitachi Job Management Partner (JP1) Authentication Flaw Has Unspecified Impact. Read more

www.securitytracker.com:
FIDOGATE Lets Local Users Create or Append to Files. Read more

www.securitytracker.com:
JShop Input Validation Flaw in 'page.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

 

News:
www.theregister.co.uk:
Meet the Peeping Tom worm. Read more

news.zdnet.co.uk:
First virus hits 64-bit Windows. Read more

www.crime-research.org:
Real threats of the virtual world. Read more

23 August 2004

New Trojans:
Cruel Intentionz 1.23 PB1 (client v2)

Evil Net Alfa

Backdoor.Delf.cr

Vulnerabilities & Exploits
www.securitytracker.com:
KDE Konqueror Bug in Setting Cookies in Certain Domains May Let Remote Users Conduct Session Fixation Attacks. Read more

www.securitytracker.com:
Sympa Input Validation Hole Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Mantis 't_core_dir' Variable Include File Flaw Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
MyDMS Input Validation Holes Permit Remote SQL Injection and Disclose Files to Remote Authenticated Users. Read more

www.securitytracker.com:
Novell Web Manager Has Unspecified Vulnerability. Read more

www.securitytracker.com:
PostgreSQL on Debian Linux Discloses Log Files to Local Users. Read more

www.securiteam.com:
JShop page.php Cross Site Scripting. Read more

www.securiteam.com:
Mantis Bug Tracker Multiple Vulnerabilities. Read more

www.securiteam.com:
MyDMS SQL Injection and Directory Traversal Vulnerabilities. Read more

www.securiteam.com:
Sympa Mailing List System Cross Site Scripting. Read more

 

News:
www.vnunet.com:
Worms put on burst of speed. Read more

reviews-zdnet.com.com:
Do hackers have your hardware singing the blues? Read more

www.crime-research.org:
Ukraine: a scammer detained. Read more

www.iht.com:
Wiretapping on the Net: Who pays? Read more

22 August 2004

New Trojans:
Blind-d00r

Webdownloader 1.0

Dark Moon 1.0 version 2

Guides, Papers, etc
survey.mailfrontier.com:
The MailFrontier Phishing IQ Test. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Nihuo Web Log Analyzer Lack of Input Validation in User-Agent and Referer Fields Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
SARA Buffer Overflow in sarad Lets Remote Users Execute Arbitrary Code. Read more

 

News:
www.microsoft-watch.com:
What's Next on Microsoft's Security Agenda? Read more

www.newsfactor.com/:
Holes Reported in Windows XP SP2 Update. Read more

www.expresscomputeronline.com:
Phishing in a troubled Web. Read more

software.silicon.com:
Virus writers shouldn't get off so easy. Read more

21 August 2004

New Trojans:
RED 1.2D

Supervisor Plus 1.1.1

Real Spy 1.49

Guides, Papers, etc
www.computerworld.com:
Opinion: Cryptanalysis of MD5 and SHA: Time for a new standard. Read more

 

Vulnerabilities & Exploits
secunia.com:
Microsoft Internet Explorer Drag and Drop Vulnerability. Read more

www.securitytracker.com:
MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
BadBlue Web Server Service Can Be Denied With Multiple Connections from the Same Host. Read more

www.securitytracker.com:
Microsoft Windows XP SP2 Local Computer Scripting Restrictions Can Be Bypassed With a Specially Crafted MHT File. Read more

www.securitytracker.com:
Windows XP SP2 May Display the Wrong Icon in Zip Archives. Read more

www.securitytracker.com:
ZixForum Discloses 'ZixForum.mdb' Forum Database to Remote Users. Read more

www.securitytracker.com:
AWStats Input Validation Hole in 'logfile' Lets Remote Users View Files and Execute Commands. Read more

www.securitytracker.com:
Microsoft Internet Security and Acceleration Server Does Not Block FTP Bounce Attacks. Read more

 

News:
support.microsoft.com:
Programs that are known to experience a loss of functionality when they run on a Windows XP Service Pack 2-based computer. Read more

www.theregister.co.uk:
XP SP2 über patch already needs fixing. Read more

zdnet.com.com:
Drag-and-drop flaw mars Microsoft's latest update. Read more

www.technewsworld.com:
Windows XP Service Pack 2 Under Heavy Security Scrutiny. Read more

www.theregister.co.uk:
Download.Ject-style worm spreads via IM. Read more

itvibe.com:
New virus targets Brazilian banking customers. Read more

www.lacrossetribune.com:
Computer Experts Vie in Hacking Contest. Read more

www.infoworld.com:
The luck of the virus. Read more

20 August 2004

New Trojans:
BrainBot beta 1.4

Flux 1.0 updated

Backdoor.VB.nl

Guides, Papers, etc
www.sans.org:
Windows XP: Surviving the First Day. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
aGSM Buffer Overflow in Processing Half-Life Server Responses May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
GNU less Format String Flaw May Let Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Qt Image File Buffer Overflows May Let Remote Users Execute Arbitrary Code or Crash the System. Read more

www.securitytracker.com:
PlaySMS Cookie Input Validation Hole Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
PHP-Fusion Discloses Database Backup Files to Remote Users. Read more

www.securitytracker.com:
Courier-IMAP Format String Flaw in auth_debug() Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Cisco IOS Can Be Crashed With Malformed OSPF Packet. Read more

 

News:
www.securityfocus.com:
Infected In Twenty Minutes. Read more

www.theregister.co.uk:
DIY phishing kits hit the Net. Read more

zdnet.com.com:
So you want to be a cybercrook...Read more

www.tmcnet.com:
Download.Ject Worm is No Threat to PivX' Qwik-Fix Pro Customers; PivX Researchers Discover New Variant Spreading via Instant Messaging. Read more

www.securitytracker.com:
Cisco warns on router bug. Read more

www.theregister.co.uk:
South Pole 'cyberterrorist' hack wasn't the first. Read more

www.theregister.co.uk:
SPs gang up on spammer-run websites. Read more

www.revolutionmagazine.com:
Resident Evil text messages spread phone virus panic. Read more

www.newsfactor.com:
Microsoft Releases New 64-Bit Windows Preview. Read more

news.com.com:
Microsoft sends security update to home PCs. Read more

www.techweb.com:
Symantec Updates SOHO Gear To Battle Against Worms, Phishing. Read more

19 August 2004

New Trojans:
NetAmine 1.03.106

Backdoor.Delf.gp

Backdoor.Ubersor.b

Vulnerabilities & Exploits
www.heise.de:
Windows Explorer does not update zone information properly when files are overwritten. So it can be tricked to execute files from the internet without warning.
Flaws in SP2 security features. Read more

www.winnetmag.com:
Denial of Service in Sygate Secure Enterprise. Read more

www.securitytracker.com:
MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
gCards Setup File Lets Remote Users Gain Administrative Access. Read more

www.securitytracker.com:
Glibc LD_DEBUG Access Error May Disclose Information to Local Users. Read more

www.securitytracker.com:
Gallery Input Validation Error in 'save_photos.php' Lets Remote Users Upload and Execute Files. Read more

www.securitytracker.com:
YaPiG Input Validation Holes Let Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Merak Mail Server Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
NetBSD ftpd Multiple Flaws Let Remote Users Gain Root Access. Read more

www.securitytracker.com:
Opera Local File IFRAME Error Response Lets Remote Users Determine if Files or Directories Exist. Read more

www.securiteam.com:
IPD Local System Denial of Service. Read more

www.securiteam.com:
BlackIce Server Protect Unprivileged User Attack. Read more

www.securiteam.com:
Adobe Acrobat/Acrobat Reader ActiveX Control Buffer Overflow Vulnerability. Read more

www.securiteam.com:
YaPiG add_comment.php PHP Code Injection. Read more

www.securiteam.com:
Courier-IMAP Remote Format String Vulnerability. Read more

www.securiteam.com:
PlaySMS SQL Injection via Cookie. Read more

www.securiteam.com:
CVS Undocumented Flag Information Disclosure Vulnerability (history.c). Read more

www.securiteam.com:
mysqlhotcopy Insecure Temporary File (copy_index). Read more

www.cisco.com:
Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload. Read more

www.debian.org:
DSA-540-1 mysql -- insecure file creation. Read more

 

News:
www.theregister.co.uk:
Another day, another delay for XP SP2. Read more

zdnet.com.com:
Pros point to flaws in Windows security update. Read more

netsecurity.about.com:
Windows XP SP2 Firewall. Is It Sufficient To Replace 3rd-party Personal Firewalls? Read more

www.guardian.co.uk:
Safe and secure? Read more

www.technewsworld.com:
Convergence Quagmire: Viruses with Spam. Read more

www.crime-research.org:
SMS spoofing - Q&A with CCRC staff. Read more

www.theregister.co.uk:
Resident Evil viral marketing ploy backfires. Read more

www.techweb.com:
Cell Phones Plagued By Virus Hoax. Read more

18 August 2004

New Trojans:
PA HAC Wlam 1.1

Gold server 2

Windows Mite 2.5a

 

Tools
www.dfind.org:
DFind is the next of the popular SFind, command line scanner for WIN32 systems. Read more

 

Guides, Papers, etc
www.immunitysec.com:
Microsoft Windows: A lower Total Cost of 0wnership. Read more

 

Vulnerabilities & Exploits
support.microsoft.com:
Programs that connect to IP addresses that are in the loopback address range may not work as you expect in Windows XP Service Pack 2. Read more

www.greymagic.com:
Opera Local File/Directory Detection. Read more

www.debian.org:
DSA-540-1 mysql -- insecure file creation. Read more

www.securitytracker.com:
Integrity Protection Driver (IPD) Input Validation Errors Let Local Users Crash the System. Read more

www.securitytracker.com:
TikiWiki Individual Page Permissions Can Be Bypassed By Remote Users Read more

www.securitytracker.com:
Cacti Input Validation Bug in 'auth_login.php' Lets Remote Users Authenticate to the Application. Read more

www.securitytracker.com:
Microsoft Windows Explorer (in XP SP2) May Fail to Warn Users When Executing Untrusted Files. Read more

www.securitytracker.com:
CVS 'History' Command Discloses to Remote Authenticated Users Whether Files Exist or Not. Read more

www.securitytracker.com:
Microsoft Internet Explorer Unregistered Protocol State Error Lets Remote Users Spoof Location Bar. Read more

 

News:
www.theinquirer.net:
Phishing vulnerability found in IE. Read more

www.theinquirer.net:
Hackers join dark side. Read more

news.zdnet.co.uk:
Digital signatures 'could be forged'. Read more

www.vnunet.com:
New Mydoom virus is not a pretty picture. Read more

uk.news.yahoo.com:
E-mail viruses getting smarter. Read more

news.zdnet.co.uk:
Symantec arms against phishers. Read more

www.wired.com:
Hackers Take Aim at GOP. Read more

17 August 2004

New Trojans:
NeoControlRed 4.0.2

Binary Weaver

Remote Control System

 

Guides, Papers, etc
support.microsoft.com:
Release notes for Windows XP Service Pack 2. Read more

www.securityfocus.com:
Detecting Worms and Abnormal Activities with NetFlow, Part 1. Read more

www.securityfocus.com:
Examining a Public Exploit, Part 1. Read more

conference.hackinthebox.org:
HackInTheBox Security Conference 2004 Kuala Lumpur, Malaysia "Oct 04 - 07 2004". Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-538-1 rsync -- unsanitised input processing. Read more

www.heise.de:
Flaws in SP2 security features. Read more

www.securitytracker.com:
Ruby Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
QuiXplorer Input Validation Hole in 'item' Parameter Discloses Files to Remote Users. Read more

www.securiteam.com:
Konqueror Frame Injection Vulnerability. Read more

www.securiteam.com:
DCOPServer Temporary Filename Vulnerability. Read more

www.securiteam.com:
KDE Temporary Directory Vulnerability. Read more

www.securiteam.com:
QuiXplorer Directory Traversal. Read more

www.securiteam.com:
phpMyWebhosting SQL Injection Vulnerabilities. Read more

 

News:
www.theregister.co.uk:
Infected PCs spew MyDoom variant. Read more

www.computerweekly.com:
Users warned of new Bagle worm and phone virus. Read more

www.dmeurope.com:
Trojan virus forces Symbian-running handsets to send premium rate SMS. Read more

www.freep.com:
MIKE WENDLAND: Windows security: A bit late, shy of perfect. Read more

www.theregister.co.uk:
McAfee buys Foundstone for $86m. Read more

www.terra.net.lb:
Security expert warns computer hackers keeping up with technology. Read more

www.crime-research.org:
Stealing password? What could be easier? Read more

www.sundaytimes.co.za:
Apple tech hacked. Read more

www.siliconvalley.com:
Two accused of helping in hacking fraud plead not guilty. Read more

16 August 2004

New Trojans:
Evil Net Genesis

Flux 1.0 (c)

PSPV K-Stealth II

Evil Net POKET

 

Vulnerabilities & Exploits
www.debian.org:
DSA-537-1 ruby -- insecure file permissions. Read more

www.securiteam.com:
Serv-U Local Privilege Escalation Vulnerability. Read more

www.securitytracker.com:
QuiXplorer Input Validation Hole in 'item' Parameter Discloses Files to Remote Users. Read more

www.securiteam.com:
CVS error_prog_name Buffer Overflow Exploit. Read more

www.securiteam.com:
GV PostScript Viewer Remote Buffer Overflow Exploit. Read more

www.securiteam.com:
AppleFileServer Remote Command Execution Exploit. Read more

www.securiteam.com:
AIM aim:goaway URI Handler Buffer Overflow Exploit. Read more

www.securiteam.com:
Adobe Acrobat Reader (UNIX) Uudecode Filename Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Adobe Acrobat Reader (UNIX) Shell Metacharacter Code Execution Vulnerability. Read more

 

News:
www.technewsworld.com:
Gates: We'll Make Security Our Forte. Read more

www.businessweek.com:
Windows: Security Is Suddenly Job One. Read more

www.pcworld.idg.com.au:
Microsoft firewall could be security risk. Read more

nwc.securitypipeline.com:
Yahoo Posts Security Patch. Read more

www.theregister.co.uk:
UK police issue 'vicious' Trojan alert. Read more

english.chosun.com:
NCSC Issues Alert on New Hacking Virus. Read more

www.bizjournals.com:
Security of online credit card transactions better than ever. Read more

nwc.securitypipeline.com:
Hacker Cracks Apple's Streaming Technology. Read more

15 August 2004

New Trojans:
Backdoor.Delf.dv

Backdoor.Delf.db

Backdoor.Delf.cs

Guides, Papers, etc
www.axial.co.uk:
W32/Mydoom Worm Detection and Recovery Using NIKSUN Appliances (pdf). Read more

www.evergreenassurance.com:
Hackers Target Systems Infected By 'Mydoom' (pdf). Read more

www.utmb.edu:
Number Of Infections Detected Monthly Showing Viruses June 2004 (pdf). Read more

Vulnerabilities & Exploits
www.securitytracker.com:
MAILsweeper Fails to Detect and Analyze Some Attachment Formats. Read more

www.securitytracker.com:
Adobe Acrobat Buffer Overflow in 'pdf.ocx' Lets Remote Users Execute Arbitrary Code. Read more

News:
www.technewsworld.com:
New Era of Deadly Spyware Approaches. Read more

news.zdnet.co.uk:
Trojan' emails conceal theft tools. Read more

www.computerworld.com:
Hunt for XP SP2 flaws seen in full swing. Read more

14 August 2004

New Trojans:
Erazer 1.0

Reversable 1.0

Uploader

Guides, Papers, etc
www.immunitysec.com:
Microsoft Windows: A lower Total Cost of 0wnership (pdf). Read more

www.microsoft.com:
Protect Your PC. Read more

www.windows-help.net:
Slipstreaming Windows XP Service Pack 2 and Create Bootable CD. Read more

www.microsoft.com:
Changes to Functionality in Microsoft Windows XP Service Pack 2. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
vRating Discloses Sensitive Information and Grants Administrative Access to Remote Users. Read more

www.securitytracker.com:
Kerio MailServer Bugs in Embedded HTTP Server Have Unspecified Impact. Read more

www.securitytracker.com:
Geeklog Default Installation Lets Remote Users Access the Installation Script. Read more

www.securitytracker.com:
Adobe Acrobat Reader Uudecoding Errors Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Rsync Input Validation Error in sanitize_path() May Let Remote Users Read or Write Arbitrary Files. Read more

www.securitytracker.com:
MAILsweeper for SMTP Bug in Processing Corrupt PowerPoint Files Lets Remote Users Deny Service. Read more

www.securitytracker.com:
BlackICE Default Configuration File Permissions Let Local Users Disable the Firewall. Read more

www.securitytracker.com:
ScheduleWorld Permission Errors May Affect Security Dialogs. Read more

www.securitytracker.com:
Clearswift MIMEsweeper for Web Discloses Files to Remote Users. Read more

www.securitytracker.com:
KDE Temporary File Bugs Let Local Users Gain Elevated Privileges and Frame Injection Flaw Lets Remote Users Spoof Web Sites. Read more

www.securitytracker.com:
RealPlayer Unspecified Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
WIDCOMM Bluetooth Communications Software Buffer Overflows Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Shuttle FTP Suite Lets Remote Users Read or Write Files. Read more

www.securitytracker.com:
Keene Digital Media Server Discloses Files and Passwords to Remote Authenticated Users. Read more

News:
www.theregister.co.uk:
UK police issue 'vicious' Trojan alert. Read more

www.pcworld.com:
Is Microsoft's Firewall Secure? Read more

www.newsfactor.com:
Hackers Seek XP SP2 Weaknesses. Read more

www.betanews.com:
Yahoo! Patches Security Flaw in Messenger. Read more

13 August 2004

New Trojans:
The Sentry 1.1

Fear 2.0.0

BrainBot beta 0.9

PS Devil 2.0 Pro

Vulnerabilities & Exploits
www.idefense.com:
Adobe Acrobat Reader (Unix) 5.0 Uudecode Filename Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
BlackICE Default Configuration File Permissions Let Local Users Disable the Firewall. Read more

www.securitytracker.com:
ScheduleWorld Permission Errors May Affect Security Dialogs. Read more

www.securitytracker.com:
Clearswift MIMEsweeper for Web Discloses Files to Remote Users. Read more

www.securitytracker.com:
KDE Temporary File Bugs Let Local Users Gain Elevated Privileges and Frame Injection Flaw Lets Remote Users Spoof Web Sites. Read more

www.securitytracker.com:
RealPlayer Unspecified Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Shuttle FTP Suite Lets Remote Users Read or Write Files. Read more

www.securitytracker.com:
Keene Digital Media Server Discloses Files and Passwords to Remote Authenticated Users. Read more

www.securiteam.com:
libPNG Stack-Based Buffer Overflow and Other Code Concerns (Exploit). Read more

www.kde.org:
KDE Security Advisory: Temporary Directory Vulnerability. Read more

www.kde.org:
KDE Security Advisory: DCOPServer Temporary Filename Vulnerability. Read more

www.kde.org:
KDE Security Advisory: Konqueror Frame Injection Vulnerability. Read more

News:
www.theregister.co.uk:
Blaster teen pleads guilty. Read more

news.zdnet.co.uk:
Smartphone 'Trojan' found to be code flaw. Read more

www.broadbandreports.com:
Relying on SP2's Firewall. Can users trust the revamped version? Read more

www.globetechnology.com:
Microsoft pushes Sender ID. Read more

www.crn.com:
Windows XP Service Pack 2: Install With Care. Read more

news.zdnet.co.uk:
Norwegian hacker takes a bite out of Apple's iTunes. Read more

12 August 2004

New Trojans:
NeoControlRed 4.0.1

Make Server Mail Notify

Messiah

Explorer remoto (a)

Guides, Papers, etc
NT DSN Hijack using ODBC datasource tools. Read more

Vulnerabilities & Exploits
www.pentest.co.uk:
WIDCOMM Bluetooth Connectivity Software Buffer Overflows. Read more

www.securitytracker.com:
F5 3-DNS May Disclose UDP Port Status to Remote Users. Read more

www.securitytracker.com:
Sun Solaris X Display Manager Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
PHP-Nuke Input Validation Error in Search Box of Several Modules Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Sygate Enforcer Can Be Crashed By a Remote Users Sending a Malformed Payload. Read more

www.securitytracker.com:
Sygate Secure Enterprise Lack of Replay Protection Lets Remote Users Deny Service. Read more

www.securiteam.com:
Free Web Chat Multiple Vulnerabilities. Read more

www.securiteam.com:
Port80 Software ServerMask Inconsistencies. Read more

www.securiteam.com:
Ollydbg Format String Bug Exploit Code. Read more

www.securiteam.com:
Moodle Cross Site Scripting Vulnerability (post.php). Read more

www.securiteam.com:
Linux Kernel File Offset Pointer Handling. Read more

www.securiteam.com:
CVSTrac filediff Command Execution. Read more

secunia.com:
AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability. Read more

News:
www.theregister.co.uk:
Al-Qaeda computer geek nearly overthrew US. Read more

www.hindustantimes.com:
Minnesota teenager pleads guilty in Internet worm attack. Read more

www.reuters.com:
Teen Pleads Guilty to Releasing Blaster Worm Variant. Read more

www.theregister.co.uk:
Mosquitos smartphone 'Trojan' there by design. Read more

www.stuff.co.nz:
Russian hackers pose an increasing threat. Read more

www.pcworld.idg.com.au:
AOL, Yahoo rolling out sender authentication. Read more

www.theregister.co.uk:
London schoolkids drown in spam tsunami. Read more

www.theregister.co.uk:
WinXP Starter Edition - MS spins an ecosystem from crippleware. Read more

thewhir.com:
Phishing Impact Grows, MessageLabs Says. Read more

www.silicon.com:
Phishing scams: They're the new viruses. Read more

www.katu.com:
Cyber thieves are 'Phishing' for your money. Read more

11 August 2004

New Trojans:
Net-Devil 1.2 PL client

Iroffer 1.3b08

Backdoor.Delf.cu

Vulnerabilities & Exploits
www.securitytracker.com:
Symantec Clientless VPN Gateway 4400 Lets Remote Authentication Users Modify Other User Credentials. Read more

www.securitytracker.com:
Port80 Software ServerMask Does Not Fully Filter Identifying Header Lines. Read more

www.securitytracker.com:
Microsoft Outlook Web Access Input Validation Hole in Redirection Query Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Shorewall Temporary File Symlink Flaw Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
HP-UX Process Resource Manager Bug Lets Local Users Corrupt Files. Read more

www.securitytracker.com:
Cfengine Buffer Overflow in AuthenticationDialogue() Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Mac OS X TCP/IP Stack May Consume Excessive System Resources When Under IP Fragment Attacks. Read more

www.securitytracker.com:
Apple Safari May Disclose Web Form POST Data to Remote Servers Via GET Methods. Read more

www.securitytracker.com:
SpamAssassin Lets Remote Users Deny of Service By Sending Malformed Messages. Read more

www.securitytracker.com:
VentaFax Command Execution Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
AOL Instant Messenger 'aim://goaway?message' Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
NGSEC StackDefender 2.0 Invalid Pointer Dereference Vulnerability. Read more

News:
Microsoft Security Bulletin MS04-020
Vulnerability in POSIX Could Allow Code Execution (841872). Read more

www.esj.com:
Top 10 Security Modifications in Windows XP Service Pack 2. Read more

www.newsfactor.com:
New Bagle Variant Sweeps the Internet. Read more

www.theregister.co.uk:
Trojan dialler afflicts Symbian smartphones. Read more

www.theregister.co.uk:
Phishermen attack on a viral scale. Read more

www.technewsworld.com:
New Internet Security Forum Seeks To End Phishing. Read more

www.crime-research.org:
Computer crime hits taxes. Read more

www.esj.com:
Digital Certificates Secure Web Services, Mobile Communications. Read more

www.theinquirer.net:
Political rivals plant worm. Read more

10 August 2004

New Trojans:
Eraser

ControlTotal 0.11.3 server (l)

Blaster Worm remover

Vulnerabilities & Exploits
www.securiteam.com:
Thompson (Alcatel) SpeedTouch Home ADSL Modem Predictable TCP ISN Generation. Read more

www.securiteam.com:
Pavuk Digest Authentication Buffer Overflow Exploit. Read more

www.securiteam.com:
XINE VCD Input Source Identifier Remote and Local Stack Overflow. Read more

www.coresecurity.com:
Vulnerabilities in PuTTY and PSCP. read more

www.securitytracker.com:
xine Buffer Overflow in Processing 'vcd' Identifiers Lets Remote Users Execute Arbitrary Code. Read more

News:
computerworld.com:
Online data a gold mine for terrorists. Read more

www.theregister.co.uk:
A fright at the Opera. Read more

www.infoworld.com:
IBM tells employees not to install Windows XP update. Read more

www.infoworld.com:
AOL IM 'Away' message flaw deemed critical. Read more

www.technewsworld.com:
New Bagle Virus Making Rounds. Read more

www.terra.net.lb:
Hackers hit Hizbullah website. Read more

news.com.com:
The case of the mistaken worm. Read more

www.computerweekly.com:
Users take two months to patch internal IT. Read more

09 August 2004

New Trojans:
Optix PRO 1.33

Flux 1.0 (b)

System33r Socks 4 0.0.4

Vulnerabilities & Exploits
www.securitytracker.com:
PluggedOut Blog Input Validation Hole in 'blogid' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Moodle Input Validation Flaw in 'post.php' in reply Variable Permits Cross-Site Scripting Attacks. Read more

News:
nwc.securitypipeline.com:
Browsers May Be Vulnerable To Image Exploit. Read more

www.bizjournals.com:
Viruses and worms vex computer users; companies spend big bucks to protect networks, data. Read more

www.geekzone.co.nz:
Trojan program infects Symbian smartphone. Read more

www.pcworld.idg.com.au:
PDA virus found in the wild. Read more

www.enquirer.com:
Computer 'phishing' fraud worms way into Kentucky. Read more

08 August 2004

New Trojans:
MiniMO 0.7 Beta

Gadu Ghost 2.0

Harvester 2003 (mail) 1.1

Vulnerabilities & Exploits
www.securityfocus.com:
Microsoft Internet Explorer Malformed GIF Double Free Code Execution Vulnerability. Read more

www.securityfocus.com:
Microsoft Internet Explorer Bitmap Processing Integer Overflow Vulnerability. Read more

News:
www.neowin.net:
Firefox has more security holes than Internet Explorer? Read more

www.theregister.co.uk:
Six charged in $10m Ingram computer fraud. Read more

searchenterpriselinux.techtarget.com:
Red Hat tips: Beating Trojan horses and backup blues. Read more

www.netlawblog.com:
Phishing Dangers. Read more

news.netcraft.com:
Phishing Attacks Using Banner Ads to Spread Malware. Read more

www.jsonline.com:
Microsoft update plugs security holes in Windows XP. Read more

www.winnetmag.com:
Here Comes Windows XP SP2 ! Read more

07 August 2004

New Trojans:
Flux 1.0

PA HAC Wlam 1.0

Fear 1.1.0

Vulnerabilities & Exploits
www.securitytracker.com:
Thomson Speed Touch ADSL Router Uses Predictable TCP Sequence Numbers. Read more

www.securitytracker.com:
CVSTrac Input Validation Hole Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Opera 'location' Method Overwriting Lets Remote Users Access a Target User's File System. Read more

www.packetstormsecurity.com:
thttpd version 2.07 beta 0.4 Windows - Directory Traversal. Read more

www.packetstormsecurity.com:
oScript v2.0 remote command execution. Read more

www.packetstormsecurity.com:
BlackJumboDog FTP Server Buffer Overflow Vulnerability. Read more

www.packetstormsecurity.com:
Windows XP Task Scheduler (.job) universal exploit with portbind and connectback shellcode. Read more

News:
www.hindustantimes.com:
Microsoft releases broad security update for Windows XP. Read more

zdnet.com.com:
Worm calling--an inexact science. Read more

news.zdnet.co.uk:
What's in a worm's name? Read more

www.startribune.com:
New hearing is set for Hopkins 'worm' suspect. Read more

news.zdnet.co.uk:
Images open door to attackers. Read more

zdnet.com.com:
Image flaw pierces PC security. Read more

www.technewsworld.com:
Brador Trojan Targets Microsoft Pocket PC Handhelds. Read more

news.zdnet.co.uk:
Fraudsters search Google for credit-card numbers. Read more

www.usatoday.com:
Romanian man indicted in $10 million hacking fraud. Read more

www.theregister.co.uk:
Michigan wardrivers await sentencing. Read more

06 August 2004

New Trojans:
Phoenix

FeaR server

pcLog 5.30

Guides, Papers, etc
www.nmrc.org:
Microsoft Security Bulletin MS04-025
Ignorance is Indeed Bliss. A Rant By hellNbak. Read more

www.securityfocus.com:
Deploying Network Access Quarantine Control (part 1 of 2). Read more

www.securityfocus.com:
Data Driven Attacks Using HTTP Tunneling. Read more

Vulnerabilities & Exploits
www.greymagic.com:
GreyMagic Security Advisory GM#008-OP. Read more

www.securitytracker.com:
Gaim Buffer Overflows in Processing MSN Protocol May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
libpng Buffer Offset Calculation Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
GoScript Input Validation Hole Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
eNdonesia 'mod.php' Input Validation Vulnerability in Search 'query' Parameter Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Linux Kernel sys_chown() Bug May Let Remote NFS Users Modify Group Permissions on Files. Read more

www.securitytracker.com:
ripMIME Base64 Decoding May Terminate Prematurely When Decoding Virus Attachments. Read more

www.securitytracker.com:
libpng Buffer Overflows May Let Remote Users Crash the Application or Execute Arbitrary Code. Read more

www.securitytracker.com:
GNOME VFS Scripts May Let Users Execute Commands. Read more

News:
www.theregister.co.uk:
Trojan horse stalks PocketPC. Read more

www.psionplace.com:
Malicious Code Exploits Backdoor in PDA Security. Read more

www.sundaytimes.co.za:
Worm variants dominate in July. Read more

www.chron.com:
Windows closing a bit on hackers. Read more

www.theregister.co.uk:
Bosses finger workers for virus attacks. Read more

www.theregister.co.uk:
FBI publishes computer crime and security stats. Read more

www.crime-research.org:
Cyberterrorism: terrorism of the 21st century. Read more

05 August 2004

New Trojans:
Beast 2.07

CZesiA

NeoControlRed 3.1.1

cnRemoteControl 0.1.5

Vulnerabilities & Exploits
www.securitytracker.com:
Linux Kernel 64-bit to 32-bit File Offset Conversion Errors Disclose Kernel Memory to Local Users. Read more

www.securitytracker.com:
Free Web Chat Username Input Validation Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
thttpd Input Validation Error Discloses Files to Remote Users. Read more

www.securitytracker.com:
PuTTY Lets Remote Servers Execute Arbitrary Code on Connecting Clients. Read more

www.securitytracker.com:
ScreenOS Can Be Crashed By Remote Users Due to an SSHv1 Implementation Bug. Read more

www.securitytracker.com:
StackDefender Invalid Pointer Dereference May Let Local or Remote Users Crash the System. Read more

www.securitytracker.com:
Sun JRE Win32 Native Assertion Error Lets Malicious Applets Deny Service. Read more

www.securiteam.com:
gv Local Buffer Overflow( Exploit Code Included ). Read more

www.securiteam.com:
BlackJumboDog Remote Buffer Overflow Exploit Code. Read more

www.securiteam.com:
Linpha 0.9.4 Authentication Bypass. Read more

News:
www.theregister.co.uk:
Latest MyDoom hunts victims via Yahoo! Read more

www.nwfusion.com:
Security expert Q&A: The virus writers are winning. Read more

www.crime-research.org:
How Al Qaeda uses the Internet. Read more

searchsecurity.techtarget.com:
REPORTER'S NOTEBOOK: Impressions of DefCon 12. Read more

www6.tomshardware.com:
Defcon 12's Fear and Hacking in Vegas. Read more

afr.com:
US wants to wiretap internet calls. Read more

www.detnews.com:
Microsoft's Windows security update expected soon. Read more

www.crime-research.org:
Vostok Media was attacked by hackers. Read more

informationweek.com:
Spyware Continues To Proliferate. Read more

www.pcmag.com:
Is Microsoft to Blame? Read more

news.zdnet.co.uk:
Phishing attacks up 20 percent in June. Read more

politicalwire.com:
Phishers Target Political Donors. Read more

04 August 2004

New Trojans:
Institution 2004 VNC

PA HAC 1.3 2004 alfa

Yet Another Trojan 1.1.1 client

pcLog 5.20

Guides, Papers, etc
How to list open ports in NT/2K/XP/2K3 by Aphex
Haven't you always wondered how to find out which process was using which open port in Delphi? I planned on including this feature in the next I2K4 packet sniffer so I made a demostration application that can do just this. It uses some undocumented API but it works very nicely and is very small. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
SquirrelMail Input Validation Flaw in 'abook_database.php' May Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Mozilla Integer Overflow in SOAPParameter Object Constructor Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Netscape Integer Overflow in SOAPParameter Object Constructor Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
U.S. Robotics Wireless Router Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
GnuTLS X.509 Certificate Chain Validation Process Lets Remote Users Deny Service. Read more

www.securiteam.com:
SRobotics USR808054 Wireless Access Point Denial Of Service And Possible Code Execution Vulnerabilities. Read more

www.securiteam.com:
Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability. Read more

www.securiteam.com:
Check Point VPN-1 ASN.1 Decoding Remote Compromise. Read more

www.securiteam.com:
Benchmark Designs' WHM Autopilot Backdoor Allows Plaintext Credential Leakage. Read more

www.securiteam.com:
Webbsyte Chat DoS Vulnerability. Read more

www.securiteam.com:
Microsoft Windows XP Task Scheduler Universal Exploit (MS04-022). Read more

www.securiteam.com:
SoX Local Buffer Overflow Exploiter (Via Crafted WAV File). Read more

News:
www.channelnewsasia.com:
Flex your hacking muscles in HackAttack Challenge 2004. Read more

www.globetechnology.com:
Singapore hosts hackers. Read more

www.pcworld.com:
Feds Seek a Few Good Hackers. Read more

www.crn.com:
Update: MyDoom At Sixteen. Read more

informationweek.com:
Phishing Scams Just Keep Coming. Read more

www.crime-research.org:
Google is hackers' favourite. Read more

03 August 2004

New Trojans:
Vortex

Webserver

NCWrapper 1.0

MSN Raptor 1.01

Guides, Papers, etc
www.securityfocus.com:
Data Driven Attacks Using HTTP Tunneling. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
MailEnable Professional HTTPMail Bug Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Windows Remote Desktop May Let Remote Users Crash the System. Read more

www.securitytracker.com:
Webbsyte Chat Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
IBM Directory Server 'ldacgi' Discloses Files to Remote Users. Read more

www.securitytracker.com:
WHM AutoPilot Backdoor Discloses Authentication Credentials to Remote Users. Read more

www.securitytracker.com:
SonicWALL Pro Discloses VPN Shared Secret in the Tech Support Report. Read more

News:
www.theregister.co.uk:
Al-Qaeda cyber terrorist panics US. Read more

news.zdnet.co.uk:
US hackers plan three-day contest. Read more

news.zdnet.co.uk:
'Harmless' DNS data can mask attacks. Read more

www.pcworld.com:
Microsoft Tests Antivirus Product. Read more

www.pcworld.com:
School for Hackers. Read more

story.news.yahoo.com:
Spotting Phish and Phighting Back. Read more

www.crime-research.org:
Ukraine: Hackers arrested. Read more

news.zdnet.co.uk:
Linux keeps dodging hackers and viruses. Read more

02 August 2004

New Trojans:
NeoControlRed 3.1.4

NeoControlRed 3.1.5 client

NeoControlRed 3.1.6 client

PA HAC 1.6.3

Vulnerabilities & Exploits
www.securiteam.com:
BlackJumboDog FTP Server Buffer Overflow. Read more

www.securiteam.com:
SoX Local Buffer Overflow Exploit. Read more

www.securitytracker.com:
Fusion News Lets Remote Users Add User Accounts on the Application. Read more

www.securiteam.com:
lostBook Javascript Injection And Cross Site Scripting Vulnerabilities. Read more

www.securiteam.com:
DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability. Read more

www.securiteam.com:
Citadel/UX Remote Buffer Overflow Vulnerability. Read more

www.securiteam.com:
OpenFTPD Format String Vulnerability. Read more

www.securiteam.com:
AntiBoard SQL Injection and Cross Site Scripting Vulnerabilities. Read more

www.securitytracker.com:
Webcam Watchdog Input Validation Hole in 'sresult.exe' Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
OpenFTPD Format String Flaw Lets Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
DansGuarding File Extension Filter Can Be Bypassed With Hex-Encoded URLs. Read more

www.securitytracker.com:
Jaws 'controlpanel.php' Input Validation Error Lets Remote Users Inject SQL Commands to Gain Administrative Access. Read more

www.securitytracker.com:
Microsoft Internet Explorer Error in 'mshtml.dll' in Processing GIF Files Lets Remote Users Crash the Browser. Read more

News:
Phishing alert:
CitliBank fake mail  CitiBank phoney site
Paypal fake mail  Paypal phoney site

Microsoft Security Bulletin MS04-025, Originally posted: July 30, 2004 Updated: August 1, 2004
Cumulative Security Update for Internet Explorer (867801). Read more

scienceblog.com:
Gov't studies effect of viruses, DDoS on grid computers. Read more

www.crime-research.org:
Ukraine: losses from viruses surge. Read more

www.pcworld.idg.com.au:
PDA viruses could get nasty. Read more

www.thewmurchannel.com:
Dartmouth Computer Hackers. Read more

www.winnetmag.com:
Microsoft Finally Releases Comprehensive IE Security Fix, Updated MyDoom Tool. Read more

www.theregister.co.uk:
US cyberstalker pleads guilty. Read more

www.crime-research.org:
Hacker Philosopher. Read more

www.sunnetwork.org:
Indian BPOs open to virus attacks. Read more

01 August 2004

New Trojans:
Penis 1.0 inches

PS Devil 1.0

RED 1.1

Backdoor.Delf.br

Vulnerabilities & Exploits
www.securitytracker.com:
Fusion News Lets Remote Users Add User Accounts on the Application. Read more

www.securitytracker.com:
Webcam Watchdog Input Validation Hole in 'sresult.exe' Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
OpenFTPD Format String Flaw Lets Remote Authenticated Users Execute Arbitrary Code. Read more

News:
news.com.com:
DNS opens networks to data attacks. Read more

www.detnews.com:
Microsoft releases patch to fix month-old security problem. Read more


CopyrightŠ MegaSecurity.org