Bookmark or link to: kobayashi.cjb.net. All other url`s could change!
Home   News Archive    Translate Traducen
News September 2003
30 september 2003

New Trojans:
Back Attack 2.0

Danton 4.2.3

NetControl TakeOver 2.0 (a) server

Hacker defender 0.37

Blackhole 2002 (g & h)

Guides, Papers, etc.
www.securityfocus.com:
Exploiting Cisco Routers (Part One). Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Freesweep Buffer Overflows Let Local Users Obtain 'games' Group Privileges. Read more

www.securiteam.com:
MPlayer Buffer Overflow (asf_streaming). Read more

www.securiteam.com:
Marbles HOME Environment Overflow Exploit Code. Read more

www.securiteam.com:
ArGoSoft FTP Server XCMD Buffer Overflow. Read more

www.securiteam.com:
mIRC USERHOST Buffer Overflow. Read more

www.securiteam.com:
Multiple Vulnerabilities in 602Pro LAN SUITE 2003 (Incorrect File Permissions, File Reading). Read more

www.securiteam.com:
sbox Information Disclosure Vulnerability. Read more

www.securiteam.com:
mj-server Long Hostname Buffer Overflow (client). Read more

www.securiteam.com:
Cfengine Remotely Exploitable Buffer Overflow (net.c). Read more

www.debian.org:
DSA-392-1 webfs -- buffer overflows, file and directory exposure. Read more

www.debian.org:
DSA-391-1 freesweep -- buffer overflow. Read more

www.debian.org:
DSA-390-1 marbles -- buffer overflow. Read more

www.proftpd.org:
X-Force Research Discovers Remote Exploit. Read more

News:
www.townhall.com:
Spam E-mail Reveals Internet Security Threat, Experts Warn. Read more

news.com.com:
IE holes lead to AIM, dial-up attacks. Read more

www.internetweek.com:
Recent Internet Explorer Patch Failed To Fix Security Hole. Read more

http://www.securityfocus.com:
The Subpoenas are Coming! Read more

www.theregister.co.uk:
FBI bypasses First Amendment to nail a hacker. Read more

29 september 2003

New Trojans:
LANfiltrator 1.1 fixed

Fearless Keyspy 2.0

Taladrator 2003 3.1 public

Guides, Papers, etc.
www.softpanorama.org:
Integrity Checkers and Trojan detectors. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Geeklog Input Validation Flaws Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Invision Power Board Configuration File Permission Flaw Lets Local Users Inject Malicious Code. Read more

www.securitytracker.com:
A-CART Input Validation Flaw in 'signin.asp' Permits Remote Cross-Site Scripting Attacks. Read more

News:
joongangdaily.joins.com:
Computers here hit by new worm. Read more

www.computerweekly.com:
Thought for the day: Share the love, not the viruses. Read more

worldwatch.linuxgazette.com:
[US] Author of 'How MS Software Poses Security Risk' Report Fired. Read more

28 september 2003

New Trojans:
Jodeitor 1.0 beta

Jodeitor 1.1 beta

KCGame

Guides, Papers, etc.
P2P ENTRAPMENT - INCRIMINATING PEER TO PEER NETWORK USERS. (pdf) Read more

PhreakNIC is a convention held yearly in Nashville, TN, usually during the month of October. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Apache Web Server mod_cgi Error May Let Malicious CGI Scripts Crash the Web Service. Read more

www.securitytracker.com:
Marbles Game HOME Environment Variable Buffer Overflow Lets Local Users Gain Elevated Privileges. Read more

News:
www.theregister.co.uk:
Microsoft: a threat to global IT and job security? Read more

rss.com.com:
Microsoft critic dismissed by @Stake. Read more

www.gridtoday.com:
Top College Declares War on Hackers, Virus Authors. Read more

27 september 2003

New Trojans:
Fwb Dloader 1.0 Beta

NetScreen 2.0

MagicLink netPcSpy 1.0

Legend 3.97

Guides, Papers, etc.
CyberInsecurity: The cost of Monopoly (pdf)

Vulnerabilities & Exploits:
www.securitytracker.com:
Sambar Server Contains Multiple Unspecified Vulnerabilities. Read more

www.securitytracker.com:
sbox May Disclose Installation Path and User Account Paths to Remote Users. Read more

www.securitytracker.com:
Cfengine Buffer Overflow in 'cfservd' Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
myServer Input Validation Flaw Discloses Files on the System to Remote Users. Read more

News:
www.pcworld.com:
IM Worms Pose Growing Threat. Read more

times.hankooki.com:
New Computer Worm Spreading. Read more

zdnet.com.com:
Feds nab second suspect in worm attacks. Read more

www.internetweek.com:
How An Online Business Is Defending Itself Against A Denial-Of-Service Attack From The Swen Virus. Read more

www.azcentral.com:
Computer virus cripples visa-checking system. Read more

26 september 2003

New Trojans:
CrashCool 1.0

CrashCool 2.0

TBT Nightmare 1.0

XHX 1.73

Vulnerabilities & Exploits:
www.securitytracker.com:
602Pro LAN Suite Discloses Files on the System to Remote Authenticated Users. Read more

www.securitytracker.com:
Comment Board Message Field Input Validation Flaws Permit Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
GNOME Desktop on Solaris May Not Let Root Users Lock the Screen. Read more

www.securitytracker.com:
WebTool-userpass May Disclose SSH User Passphrases to Certain Local Users. Read more

www.securitytracker.com:
Re-Boot Design ASP Forum SQL Injection Flaw Yields Remote Access to Any User Account. Read more

www.securitytracker.com:
Thread-IT Message Field Input Validation Flaws Permit Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Null httpd Can Be Crashed By Remote Users Sending Incomplete HTTP POST Requests. Read more

www.securitytracker.com:
BRS WebWeaver May Fail to Properly Log Certain Requests With Long Host Field Contents. Read more

www.securitytracker.com:
Gauntlet Firewall 'sql-gw' Proxy Can Be Crashed By Remote Users Sending Invalid Data. Read more

www.securitytracker.com:
Savant Web Server Can Be Crashed By Remote Users Requesting '/%x' and Similar Strings. Read more

www.securitytracker.com:
TclHttpd 'dirlist.tcl' Discloses Directory Contents to Remote Users and Permits Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
MondoSearch 'MsmSetup.exe' Query String Flaw Lets Remote Users Execute Arbitrary Code. Read more

News:
www.securityfocus.com:
Car shoppers' credit details exposed in bulk. Read more

www.centredaily.com:
FBI steps up pursuit of cybercrime. Read more

insight.zdnet.co.uk:
Who writes viruses? Read more

www.theregister.co.uk:
Sobig linked to DDoS attacks on anti-spam sites. Read more

www.newsfactor.com:
Virus Attack Highlights Need for U.S. Patch-Management Policy. Read more

www.securityfocus.com:
AtStake fires executive over Microsoft criticism. Read more

25 september 2003

New Trojans:
Danton 4.1.4 beta

SuperBot Trojan 1.0

Snow 2.8

Guides, Papers, etc.
www.securityfocus.com:
Intrusion Detection Terminology (Part Two). Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
mpg123 Buffer Overflow In Reading Remote Strings Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
ProFTPD ASCII Mode File Upload Buffer Overflow Lets Certain Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
wzdftpd Login Exception Handling Flaw Lets Remote Users Crash the FTP Service. Read more

www.securitytracker.com:
Sanctum AppScan Audit Edition May Not Detect Certain Javascript URLs. Read more

www.securitytracker.com:
Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code. Read more

www.securitytracker.com:
Ingate Firewall May Let Remote Users Setup Sessions By Sending SYN+RST Packets. Read more

www.securitytracker.com:
NetUP UTM Input Validation Flaws Permit Remote Session Hijacking and Subsequent Command Execution. Read more

www.securiteam.com:
ColdFusion Cross-Site Scripting Security Vulnerability (Default Error Page). Read more

www.securiteam.com:
Microsoft BizTalk Server ISAPI HTTP Receive Function Buffer Overflow (biztalkhttpreceive.dll). Read more

www.securiteam.com:
SpeakFreely Spoofed DoS. Read more

www.securiteam.com:
Mpg123 Remote Client-Side Heap Corruption (Exploit, readstring()). Read more

www.securiteam.com:
ProFTPD ASCII File Remote Compromise Vulnerability. Read more

News:
www.securityfocus.com:
Police hunt down owner of fake banking Web site. Read more

www.ciol.com:
Microsoft ‘monoculture’ a threat to security. Read more

www.smh.com.au:
Reliance on Microsoft a threat to security: experts. Read more

www.internetweek.com:
Security Problems Could Destroy Microsoft (Wagner's Weblog). Read more

www.news.com.au:
Virus hits US State Department. Read more

www.azcentral.com:
Computer virus cripples visa-checking system. Read more

www.philly.com:
Personal Computing | Scourge of viruses reaches crisis stage. Read more

www.nbc4.tv:
DirecTV Hacker Is First Person Convicted Under Digital Millennium Copyright Act. Read more

24 september 2003

New Trojans:
TRKShell 0.1

Beast 1.91 & 1.92(b) server

Net Metropolitan 1.04

Guides, Papers, etc.
www.blackhat.com:
Black Hat Call for Papers. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Mac OS X arplookup() May Let Local Subnet Users Crash the System. Read more

www.securitytracker.com:
Speak Freely Can Be Crashed By Remote Users Sending Spoofed Packets or a Malformed GIF File. Read more

www.securitytracker.com:
wu-ftpd MAIL_ADMIN Option May Let Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Xitami Web Server Can Be Crashed By Remote Users Sending Large HTTP GET Request Headers. Read more

www.securiteam.com:
SpeakFreely Malformed GIF Vulnerability. Read more

xforce.iss.net:
ProFTPD ASCII File Remote Compromise Vulnerability. Read more

News:
www.theregister.co.uk:
MSN torches chatrooms. Read more

story.news.yahoo.com:
Security Report Puts Blame on Microsoft. Read more

www.eweek.com:
Unfriendly Updates. Read more

www.esj.com:
CERT: Best Practices for Beating Worms. Read more

www.securityfocus.com:
State Department's warns visa-checking system crippled by computer virus. Read more

www.theregister.co.uk:
Man beats Microsoft, becomes instant domain expert. Read more

news.zdnet.co.uk:
Intrusion detection team denies Trojan claim. Read more

news.bbc.co.uk:
'Relentless' pace of hack attacks. Read more

www.bayarea.com:
Hollywood hacks impress experts. Read more

www.theregister.co.uk:
Cable ISP kneecaps heavy users. Read more

www.theregister.co.uk:
VeriSign stands firm on Site Finder. Read more

www.theregister.co.uk:
Dutch spammer to appear in US court. Read more

23 september 2003

New Trojans:
Illusion 1.0

Stability 1.0

CyberJack 1.01 server 2

Guides, Papers, etc.
www.cert.org:
Viruses and Worms: What Can We Do About Them? Read more

Vulnerabilities & Exploits:
www.securiteam.com:
myPHPnuke SQL Injection ($aid). Read more

www.securiteam.com:
LSH Vulnerable to Remote Root Compromise (channel_commands, read_line). Read more

News:
www.theregister.co.uk:
Norton Antivirus product activation cracked. Read more

www.theregister.co.uk:
Microsoft ordered to pay Mass legal fees. Read more

www.usatoday.com:
Tech pros get to know their enemy. Read more

www.theregister.co.uk:
Credit checkers launch ID fraud watch services. Read more

22 september 2003

New Trojans:
A-311 Death 1.03 (g)

Der Spaeher 3.0 (b) client

Netget (a)

Guides, Papers, etc.
IAB Commentary: Architectural Concerns on the use of DNS Wildcards. Read more

Vulnerabilities & Exploits:
www.securiteam.com:
hztty Buffer Overflow Exploit Code (-I). Read more

www.securiteam.com:
Knox Arkeia Pro Remote Root Exploit. Read more

www.securiteam.com:
Solaris SADMIND Exploitation (Single UDP Packet, MetaSploit). Read more

www.securitytracker.com:
Lucent (Ascend) MAX TNT Universal Gateway May Grant Root Access to Dial-up User. Read more

www.securitytracker.com:
ipmasq Filtering Rules May Let Remote Users Pass Unauthorized Packets Through the Firewall. Read more

www.securiteam.com:
Denial of Service and JVM Crash via User Injectable XSL Template (toStdout). Read more

www.securiteam.com:
Denial of Service Vulnerability in DB2 Discovery Service. Read more

www.securiteam.com:
Yahoo! Webcam ActiveX Control Buffer Overflow. Read more

www.securiteam.com:
Microsoft BizTalk Server Documentation and Repository Sites Weak Permissions. Read more

www.securiteam.com:
Community Wizard Authentication Bypass Vulnerability (SQL Injection). Read more

www.securiteam.com:
Directory Traversal Vulnerability in Plug & Play Web Server. Read more

www.securiteam.com:
Denial of Service in Plug and Play's FTP Server. Read more

News:
www.zdnet.com:
Will Microsoft ever get secure? Read more

21 september 2003

New Trojans:
OICQsearch 1.4

ICMP-Cmd 1.0

Guides, Papers, etc.
The Analysis of RPC Long Filename Heap Overflow AND a Way to Write Universal Heap Overflow of Windows. Read more

Vulnerabilities & Exploits:
bug in NORTON ANTIVIRUS FOR WINXP. Read more

www.securitytracker.com:
Powerslave Portalmanager Discloses Database Information to Remote Users. Read more

www.securitytracker.com:
ColdFusion Default Error Handlers Permit Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Knox Arkei Pro Buffer Overflow Yields Root Privileges to Remote Users. Read more

www.securitytracker.com:
Midnight Commander Uninitialized Buffer May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
lsh Buffer Overflow Lets Remote Users Execute Arbitrary Code With Root Privileges. Read more

www.debian.org:
DSA-388-1 kdebase -- several vulnerabilities. Read more

20 september 2003

New Trojans:
Danton 4.2.1 beta

Winlogin

Red ZONE 6.3

Vulnerabilities & Exploits:
www.securitytracker.com:
hztty Buffer Overflows Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Half-Life 'rcon' Remote Console Sends Passwords in Clear Text. Read more

www.securitytracker.com:
Mambo Site Server Input Validation Flaw in '$id' Permits SQL Injection. Read more www.securitytracker.com:
IBM DB2 Discovery Service Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Microsoft BizTalk Server Default Directory Permissions May Let Remote Users Deny Service. Read more

News:
www.theregister.co.uk:
Nasty worm poses as MS security update. Read more

www.bizreport.com:
Screen Shots of Swen Worm. Read more

www.internetweek.com:
'Swen' Worm Posing As Microsoft E-Mail Spreads Fast. Read more

www.nzherald.co.nz:
New email worm targets hole in Internet Explorer. Read more

www.securityfocus.com:
Accused AOL phisher spammed the FBI. Read more

www.theregister.co.uk:
Software guru wants New Accounting. Read more

www.theregister.co.uk:
Verisign backlash gathers force. Read more

19 september 2003

New Trojans:
WebDownloader VBS (b)

BFGhost 1.0

Guangwai Girl 1.52b

Guides, Papers, etc.
www.securityfocus.com:
Wireless Network Policy Development (Part One). Read more

Vulnerabilities & Exploits:
www.debian.org:
DSA-387-1 gopher -- buffer overflows. Read more

www.debian.org:
DSA-386-1 libmailtools-perl -- input validation. Read more

www.debian.org:
DSA-385-1 hztty -- buffer overflows. Read more

www.debian.org:
DSA-384-1 sendmail -- buffer overflows. Read more

www.coresecurity.com:
Multiple IBM DB2 Stack Overflow Vulnerabilities. Read more

www.securitytracker.com:
IBM DB2 db2licm and db2dart Buffer Overflows Let Local Users Obtain Root Privileges. Read more

www.securitytracker.com:
Plug and Play Web Server Lets Remote Authenticated Users Crash the FTP Service Sending Long FTP Commands. Read more

www.securitytracker.com:
Sendmail Ruleset Buffer Overflow Has Unspecified Impact. Read more

News:
www.theinquirer.net:
Beware fake Microsoft "security" spam. Read more

www.ciol.com:
Internet Explorer abets new worm attack. Read more

www.nwfusion.com:
New Internet worm targets e-mail, P2P software. Read more

www.securityfocus.com:
Verisign's 'SiteFinder' finds privacy hullabaloo. Read more

www.eweek.com:
Solaris Flaw Leaves Machines Open to Attacks. Read more

www.computerworld.com:
Four questions to ask to stay secure in an anywhere, anytime world. Read more

www.theregister.co.uk:
Blaster trial set for November 17. Read more

www.theregister.co.uk:
Melissa author helped Feds track other virus writers. Read more

www.bayarea.com:
Hollywood hacks impress experts. Read more

18 september 2003

New Trojans:
Beast 2.02

Hacker defender 0.21

Skull-Burrow 5.0 server (i)

WinEggDrop Shell 1.50

Guides, Papers, etc.
www.securityfocus.com:
Dynamic Honeypots. Read more

Vulnerabilities & Exploits:
www.debian.org:
DSA-383-1 ssh-krb5 -- possible remote vulnerability. Read more

www.debian.org:
DSA-382-2 ssh -- possible remote vulnerability. Read more

www.securitytracker.com:
Sendmail Prescan Flaw May Let Remote Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
TM-POP3 Mail Server Discloses User Passwords to Local Users. Read more

www.securitytracker.com:
Yahoo! Webcam Viewer ActiveX Buffer Overflow Permits Remote Code Execution. Read more

www.securitytracker.com:
KDE Display Manager pam_setcred() Failure May Grant Root Access to Remote Authenticated Users. Read more

www.securitytracker.com:
OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Solaris sadmind Weak Authentication May Let Remote Users Execute Arbitrary Commands With Root Privileges. Read more

www.securiteam.com:
Yak! File Transfer Mechanism Exposes System To Compromise. Read more

www.securiteam.com:
Buffer Overflow in WideChapter Browser. Read more

www.securiteam.com:
Microsoft ASP.NET Request Validation Bypass Vulnerability. Read more

www.securiteam.com:
SCO Internet Manager Allows Local Users to Gain Root Level Privileges. Read more

www.securiteam.com:
KDM Vulnerabilities (pam_setcred, session cookie). Read more

www.securiteam.com:
OpenSSH Buffer Management Vulnerability. Read more

www.securiteam.com:
Exploit Code Released for Buffer Overflow in Liquidwar. Read more

www.securiteam.com:
RealOne Player 9 Privileges Escalation (cook.so.6.0). Read more

www.securiteam.com:
Remote rpc.mountd Exploit for xlog() Vulnerability. Read more

www.securiteam.com:
Windows RPC DCOM Long Filename Heap Overflow Exploit (MS03-039). Read more

News:
story.news.yahoo.com:
Worm Exploiting Latest Windows Flaw Expected 'Any Day'. Read more

www.securityfocus.com:
Melissa author helped FBI bust other virus writers. Read more

www.securityfocus.com:
Teen charged in Internet worm attack pleads innocent. Read more

www.theregister.co.uk:
New exploit heralds Blaster 2 attack. Read more

www.nzherald.co.nz:
Hacker put details on web in spite. Read more

www.securityfocus.com:
Does Microsoft Give a Damn? Read more

www.theregister.co.uk:
BIND developer blocks Verisign Net grab move. Read more

17 september 2003

New Trojans:
The Matrix Chat 0.7 Beta

Iroffer 1.2b20

WinEggDrop Shell 1.34

Mtexer 1.0

Tools
www.insecure.org:
Nmap 3.45: Version Scanning. Read more

Gspoof is a tool which make easier and accurate the building and sending of tcp-ip packets. It works from console (command line) and has an interface graphics written in GTK+ too. Read more

Vulnerabilities & Exploits:
www.securitytracker.com:
Liquid War HOME Environment Variable Overflow Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Nokia Electronic Documentation Default Configuration Permits Remote HTTP Proxy Services. Read more

www.securitytracker.com:
Easy File Sharing Web Server Discloses Files and Passwords to Remote Users. Read more

www.securitytracker.com:
WideChapter Browser Buffer Overflow Allows Arbitrary Code Execution. Read more

www.securitytracker.com:
phpBB Smiley Panel Input Validation Flaw Permits Remote Cross-Site Scripting. Read more

www.securitytracker.com:
Minihttp File Sharing for net Password Parsing Flaw Grants Admin Privileges to Remote Users. Read more

www.securitytracker.com:
Minihttp Forum Web Server Password Parsing Flaw Grants Admin Privileges to Remote Users. Read more

www.securitytracker.com:
ChatZilla Client Can Be Crashed By IRC Servers Sending Long Requests. Read more

www.securitytracker.com:
FTGate Pro 'ftgatedump' Discloses Mailboxes, Passwords, and Configuration Data to Remote Users. Read more

www.securitytracker.com:
MyPHPNuke 'auth.inc.php' $aid Input Validation Flaw Permits Remote SQL Injection. Read more

www.securitytracker.com:
SCO Internet Manager (mana) Environment Variable Validation Flaw Lets Local Users Grab Root Privileges. Read more

www.securiteam.com:
Remote Vulnerability in 4D WebSTAR Server (Long PASS, PCC Exploit). Read more

www.securiteam.com:
PINE Exploit Code Released (message/external-body type, e-mail headers). Read more

www.securiteam.com:
Gordano Messaging Suite - Multiple Vulnerabilities. Read more

www.securiteam.com:
Predictability and Vulnerability in the Canadian Firearms Centre's On-Line Services Web Site. Read more

www.securiteam.com:
Nokia Electronic Documentation - Multiple Vulnerabilities. Read more

www.securiteam.com:
Multiple Overflows in Spider. Read more

www.securiteam.com:
Remote Root Exploitation of Default Solaris sadmind Setting. Read more

www.securiteam.com:
Vulnerability in Bandsite Allows Gaining Admin Access. Read more

www.securiteam.com:
DSPAM Default Permissions Vulnerability. Read more

www.securiteam.com:
ChatZilla Remote Denial of Service Vulnerability (Long Buffer). Read more

www.securiteam.com:
Asterisk CallerID CDR SQL Injection. Read more

www.securiteam.com:
Buffer Overflow in Liquidwar. Read more

News:
www.sfgate.com:
Hackers distributing new software to break into Windows computers. Read more

www.theage.com.au:
Exploit code for Windows flaw available on the net. Read more

www.620ktar.com:
Hackers Pass Out New Software for Attacks. Read more

16 september 2003

New Trojans:
X2a 1.0

Danton 4.1.1 beta

System33r Downloader 0.4

WinCrash Server (b)

Vulnerabilities & Exploits:
www.securitytracker.com:
Spider Linux Game Buffer Overflows Let Local Users Gain 'games' Group Privileges. Read more

www.securitytracker.com:
Enceladus Server Suite FTP Command Buffer Overflows Let Remote Authenticated Users Crash the FTP Service. Read more

www.securitytracker.com:
DBabble Chat Server Input Validation Flaws Permit Remote Cross-Site Scripting Attacks. Read more

www.texonet.com:
SCO OpenServer / Internet Manager (mana). Read more

News:
www.smh.com.au:
Fears of new Windows exploit grow. Read more

www.news.com.au:
Microsoft 'humbled' on security. Read more

www.computerweekly.com:
Virus attacks: who is to blame? Read more

www.billingsgazette.com:
Only some Hollywood depictions of hackers get it right. Read more

www.computerweekly.com:
Groundswell: Have we been let off lightly by virus attacks? Read more

star-techcentral.com:
Ballmer talks tough on viruses. Read more

seattlepi.nwsource.com:
Should Microsoft be liable for bugs? Read more

www.wired.com:
Sex Sites Sick of Getting Screwed. Read more

15 september 2003

New Trojans:
Cruel Intentionz 1.21

Zdziubus 0.1 beta

Iroffer 1.2b19

Vulnerabilities & Exploits:
www.securitytracker.com:
vbPortal 'auth.inc.php' Input Validation Flaw Lets Remote Users Inject. Read more

www.securitytracker.com:
Yak! Chat Default Account Lets Remote Users Access the File System. Read more

www.securitytracker.com:
MyServer 'cgi-lib.dll' Buffer Overflow Permits Remote Code Execution. Read more

www.securitytracker.com:
VSNL POP E-mail Client Discloses Account Authentication Information Via the Referer Field. Read more

www.securiteam.com:
Rational Clearcase Exploit Code Released. Read more

www.securiteam.com:
Eudora Attachment Spoof (Exploit). Read more

www.securiteam.com:
Integer Overflow in OpenBSD Kernel (PoC). Read more

www.securiteam.com:
MyServer Buffer Overflow Vulnerability (math_sum.mscgi). Read more

www.securiteam.com:
RAR Fails to Determine Actual File Size (DoS). Read more

www.securiteam.com:
Multiple Heap Overflows in FTP Desktop. Read more

www.securiteam.com:
Apache::Gallery Local Privilege Escalation (Exploit). Read more

News:
www.theage.com.au:
Hacker goes over to the other side. Read more

www.smh.com.au:
Virus-crackers kept on their toes. Read more

www.net4nowt.com:
Windows’ flaws encourage Hackers. Read more

www.rockymountainnews.com:
Digital crime fighters. Read more

www.usatoday.com:
Virus writers difficult to find in cyberspace. Read more

www.guardian.co.uk:
Barclays calls in cyber-police. Read more

news.independent.co.uk:
Fraud hits online bankers. Read more

www.infoanarchy.org:
Don't link to that story! Read more

14 september 2003

New Trojans:
AHS 1.14

Snow 2.7

Let Me Rule 2.0 beta 8.1

Half Life Jacker 1.0

Vulnerabilities & Exploits:
www.securitytracker.com:
Bandsite Portal Software Authentication Flaw Lets Remote Users Add Administrators. Read more

www.securitytracker.com:
Microsoft Internet Explorer Media Sidebar Flaw Lets Remote Users Execute Arbitrary Code on the System. Read more

www.securitytracker.com:
Microsoft Internet Explorer Various Cross-Domain Flaws Permit Remote Scripting in Arbitrary Domains. Read more

www.securitytracker.com:
4D WebSTAR Password Command Buffer Overflow in FTP Service Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
'man' Buffer Overflow in MANPL Variable May Let Local Users Gain Elevated Group Privileges. Read more

www.securitytracker.com:
Asterisk PBX Input Validation Flaw Lets Remote Users Inject SQL Commands via CallerID. Read more

News:
www.mb.com.ph:
Experts warn vs PC zombies, ‘drive by’ hackers in the wild. Read more

13 september 2003

New Trojans:
Danton 4.2.2

Stealth Shutdown

PsyberMind 1.12

Remote HAVOC 1.0.2

Remote HAVOC 3.0.1

Vulnerabilities & Exploits:
www.debian.org:
DSA-380-1 xfree86 -- buffer overflows, denial of service. Read more

www.securitytracker.com:
myPHPNuke 'displayCategory.php' Include File Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
GtkHTML hts_fit_line() Null Pointer Dereference Lets Remote Users Crash the Application. Read more

www.securitytracker.com:
Gordano Messaging Suite (GMS) Can Be Crashed By Remote Users Sending Certain Invalid URLs. Read more

www.securitytracker.com:
MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code. Read more

www.securitytracker.com:
Pine E-mail Client Buffer Overflows in Parsing Message Attributes Permit Remote Code Execution. Read more

www.securitytracker.com:
OpenBSD Semaphore Integer Overflow Lets Local Root Users Bypass 'securelevel()' Access Controls. Read more

www.securitytracker.com:
Microsoft Windows Remote Procedure Call (RPC) DCOM Activation Buffer Overflows Let Remote Users Execute Arbitrary Code. Read more

News:
www.securitynewsportal.com:
Symantec wants to criminalize the sharing of security info and tools. Read more

www.theregister.co.uk:
E-mail fraudsters target Barclays. Read more

www.wired.com:
Just Say No to Viruses and Worms. Read more

linux.oreillynet.com:
The Hacker Behind "Hacking the XBox". Read more

www.mytelus.com:
Hacker accused of breaking into New York Times system free on bail. Read more

www.reuters.com:
U.S. computer hacker ordered to live with parents. Read more

www.theregister.co.uk:
Wi-Fi whistle blower faces criminal charges. Read more

www.theregister.co.uk:
Microsoft in reasonable Net action shocker! Read more

12 september 2003

New Trojans:
System33r Stealth Downloader 0.1

System33r Stealth Downloader 0.3

Iroffer 1.2b18

Tools
Microsoft Windows RPC DCOM II Unix based Scanner (MS03-039). Read more

TCP Toolkit. A C frontend to the TCP packet creation capabilities provided by Libnet. Allows complete control when creating TCP packets, including forging/spoofing source IP and MAC addresses, payload, TCP flags, etc. Read more

Guides, Papers, etc.
www.securityfocus.com:
Demonstrating ROI for Penetration Testing (Part Three). Read more

www.securityfocus.com:
Hardening the TCP/IP stack to SYN attacks. Read more

Vulnerabilities & Exploits:
www.debian.org:
DSA-379-1 sane-backends -- several vulnerabilities. Read more

www.securitytracker.com:
Escapade Input Filtering Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Buffer Overrun In RPCSS Service Could Allow Code Execution. Read more

News:
news.bbc.co.uk:
Windows faces fresh web worm woe. Read more

www.securiteam.com:
Lamo denies $300,000 database hack. Read more

www.freep.com:
Hacker's pranks started out small. Read more

news.com.com:
'Homeless hacker' free pending court date. Read more

news.com.com:
IE patent endgame detailed. Read more

11 september 2003

New Trojans:
trojan friend 1.0

NetCrack 1.3 alpha 3.0

ZeroHacker 1.0

Vulnerabilities & Exploits:
www.eeye.com:
Microsoft RPC Heap Corruption Vulnerability - Part II. Read more

xforce.iss.net:
Multiple Vulnerabilities in Microsoft RPC Service. Read more

www.idefense.com:
Two Exploitable Overflows in PINE. Read more

www.nsfocus.com:
Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability. Read more

www.securitytracker.com:
phpBB Input Filtering Flaw in BBCode '[URL]' Tag Permits Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Apache::Gallery Unsafe Temporary Files May Let Local Users Gain Apache Web Server Privileges. Read more

www.securitytracker.com:
WebX Server Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
RealOne Player for Linux File Permissions May Allow Local Users to Gain Elevated Privileges. Read more

www.securitytracker.com:
MyServer Can Be Crashed By Remote Users Requesting Long (512 Character) URLs. Read more

www.securitytracker.com:
Winamp Buffer Overflow in 'IN_MIDI.DLL' Lets Malicious MIDI Files Execute Arbitrary Code. Read more

www.securitytracker.com:
FTP Desktop Heap Overflow in Processing FTP Banners Lets Remote Users Execute Arbitrary Code. Read more

News:
Microsoft Security Bulletin MS03-039
Buffer Overrun In RPCSS Service Could Allow Code Execution (824146). Read more

www.chron.com:
Microsoft reveals yet another Blaster-like security flaw. Read more

www.smh.com.au:
30 unpatched holes in IE, says security researcher. Read more

www.theregister.co.uk:
Sobig-F is dead. Read more

www.computerworld.com:
Romanian man to be charged in Blaster release. Read more

www.theregister.co.uk:
NY Times hacker surrenders, is released. Read more

10 september 2003

New Trojans:
WebcamNow Jacker

RSC 1.0

RSC 1.1

SkullBurrow 3.0 server

Vulnerabilities & Exploits:
www.securiteam.com:
xMule AttachToAlreadyKnown Double Free Vulnerability Exploit Code. Read more

www.securiteam.com:
Exploit Code Released for WordPerfect Converter Vulnerability. Read more

www.securitytracker.com:
ICQ Web Front Input Validation Flaw in Guest Book Code Permits Remote Cross-Site Scripting Attacks.

www.securitytracker.com:
mah-jong Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
WS_FTP Server Can Be Crashed By Remote Users Sending QUOTE Commands. Read more

www.securitytracker.com:
RealSecure Server Sensor Unicode Flaw Lets Remote Users Crash the IIS Web Service. Read more

www.securitytracker.com:
Asterisk 'chan_sip.c' SIP Message Buffer Overflow Lets Remote Users Gain Access to the System. Read more

www.securitytracker.com:
FoxWeb Buffer Overflow in 'foxweb.dll' Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Visual Basic for Applications (VBA) in Multiple Microsoft Products Permits Remote Code Execution. Read more

www.securitytracker.com:
Microsoft Converter for WordPerfect Has Buffer Overflow That Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Word Document Validation Error Lets Macros Run Without Warning. Read more

www.securitytracker.com:
Microsoft Windows NetBIOS Name Service May Disclose Memory Contents to Remote Users. Read more

www.securitytracker.com:
Microsoft Access Snapshot Viewer ActiveX Control Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
ZoneAlarm Network Connectivity Can Be Blocked By Remote Users Sending Multiple UDP Packets. Read more

www.debian.org:
DSA-378-1 mah-jong -- buffer overflows, denial of service. Read more

www.debian.org:
DSA-377-1 wu-ftpd -- insecure program execution. Read more

News:
www.nwfusion.com:
Hackers jump through holes in Microsoft patch. Read more

DoD Cyber Crime Conference. Call For Papers. Read more

www.theregister.co.uk:
Police smash UK's biggest credit card fraud ring. Read more

www.theregister.co.uk:
NY Times hacker set to surrender. Read more

news.com.com:
'Homeless hacker' surrenders. Read more

www.theregister.co.uk:
Forgive me my trespasses. Read more

09 september 2003

New Trojans:
SubRoot 1.3

Red ZONE 6.5

Red ZONE 4.1

Red ZONE 4.0 (beta3)

URCS 1.07

superSpy 2.0 Beta (b)

Hacker defender 0.30

Hacker defender 0.33

QFZ 5.0

SD

Slime 1.2

Trojan Spirit 2001a Fixed Edition 1.2 Instalation [b]

Small (d)

Jack Trojan 2.0

Spybot 1.1

Spybot 1.2c

HTTP RAT 0.3 (k)

HTTP RAT 0.31 (l & m)

Ontarget 1.1

FreeGatez

Iroffer 1.2b15

Iroffer 1.2b16

Iroffer 1.2b17

WinEggDrop Shell 1.2

Optix PRO 1.32

WildThing 1.0

AIR 0.1

Minicom 3.6.5

Minicom 3.8.1

Cruel Intentionz 1.2

Blackcobra Downloader

Blackcobra LAN Downloader

Remote Revise 1.73

Remote Revise 1.72(updated)

A-311 Death Server(g)

Nuclear Scan 1.1

Zalivator 1.2 Pro (build 75) server

Back Attack 1.9

Snow 2.6

Guides, Papers, etc.
InlineEgg is a collection of python classes (a "library"), that will help you write small assembly programs, either to use as eggs/shellcode for your exploits or for anything else you may need small assembly programs for. Read more

Vulnerabilities & Exploits:
www.atstake.com:
Asterisk SIP Implementation Issue. Read more

www.securitytracker.com:
XFree86 Font Library Integer Overflows May Allow Remote Access And Local Privilege Elevation. Read more

www.securitytracker.com:
SAP Internet Transaction Server Bugs in 'wgate.dll' Disclose Files to Remote Users. Read more

securetarget.net:
Microsoft Outlook PST Exposure. Read more

www.securitytracker.com:
LinuxNode Format String and Overflow Flaws Yield Root Access to Remote Users. Read more

www.securitytracker.com:
eNdonesia Input Filtering Flaw in 'mod' Parameter Allows Remote Users to Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
miniPortail Filtering Flaw in 'lng' Parameter Permits Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
BEA WebLogic Integration Business Connect May Disclose Files to Remote Users. Read more

www.securitytracker.com:
'File Sharing for net' Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
Yahoo! Messenger Weak Encoding Algorithm Discloses Archived Messages to Local Users. Read more

www.securitytracker.com:
newsPHP Flaws in 'nphpd' Permit Remote Users to View and Execute Files and Execute Script Functions. Read more

www.securitytracker.com:
suidperl Discloses File Existence to Local Users. Read more

www.debian.org:
DSA-375-1 node -- buffer overflow, format string. Read more

News:
Microsoft Security Bulletin MS03-034
Flaw in NetBIOS Could Lead to Information Disclosure (824105). Read more

Microsoft Security Bulletin MS03-035
Flaw in Microsoft Word Could Enable Macros to Run Automatically (827653). Read more

Microsoft Security Bulletin MS03-036
Buffer Overrun in WordPerfect Converter Could Allow Code Execution. Read more

Microsoft Security Bulletin MS03-037
Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution (822715). Read more

Microsoft Security Bulletin MS03-038
Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution (827104). Read more

www.smh.com.au:
Up close and personal with the social hackers. Read more

www.sky.com:
COMPUTER VIRUS CHARGE. Read more

www.expressindia.com:
Teenager arrested in connection with 'Blaster' internet worm. Read more

www.terra.net.lb:
Teen charged in connection with "Blaster" Internet worm. Read more

www.securityfocus.com:
Hacking-by-subpoena ruled illegal. Read more

www.eweek.com:
SoBig.F Packs Few Design Surprises. Read more


Copyright© MegaSecurity.org