Home    News Archive    Translate Traducen
News January 2005
31 January 2005

Guides, Papers, etc
www.maxpatrol.com:
Defeating Microsoft Windows XP SP2 Heap protection and DEP bypass. Read more

www.research.ibm.com:
An Environment for Controlled Worm Replication and Analysis. Read more

Time to deny users their rights
www.vnunet.com:
Microsoft undermines its security by giving every Windows user admin rights. Read more

 

Tools
securityresponse.symantec.com:
Tool to reset shell\open\command registry keys. Read more

www.splint.org:
Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. Read more

 

News:
nwc.securitypipeline.com:
Microsoft Anti-Piracy Plan Sacrifices Security. Read more

news.com.com:
Report: Major Windows security update foiled. Read more

www.pcauthority.com.au:
Hackers target online gamers. Read more

www.theregister.co.uk:
Germany gets tough with spammers. Read more

star-techcentral.com:
Some RFID chips vulnerable to hacking. Read more

www.mytelus.com:
U.S. researchers say they cracked security system used in millions of cars. Read more

www.terra.net.lb:
US teen sentenced to 18 months jail for creating 'Blaster' Internet worm. Read more

www.terra.net.lb:
New 'bot' virus suspected of infecting 2,500 computers in Japan. Read more

30 January 2005

Guides, Papers, etc
www.maxpatrol.com:
Defeating Microsoft Windows XP SP2 Heap protection and DEP bypass. Read more

 

Tools
www.invircible.com:
Toggle Mode utility. This utility allows the switching of any Win 32 platform from 'normal' startup mode, into a 'safe with command prompt' like mode, and back to normal. The ToggleMode utility is especially usefull for the handling of viruses and malware on Windows 32 platforms, as well as conducting Windows repair tasks. Read more

www.drugphish.ch:
The C Code Analyzer (CCA) is a static analysis tool for detecting potential security problems in C source code. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
Squid Proxy Cache WCCP Remote Buffer overflow Vulnerability. Read more

www.securitytracker.com:
WebAdmin useredit_account.wdm Permits Cross-Site Scripting Attacks and Lets Remote Authenticated Users Access Other Accounts. Read more

 

News:
seattletimes.nwsource.com:
Blaster hacker receives 18-month sentence. Read more

www.newsbug.net:
Teen Sentenced for MS Blaster Virus. Read more

economictimes.indiatimes.com:
New virus suspected of infecting 2,500 PCs in Japan. Read more

www.earthtimes.org:
'MySQL bot' database worm is halted. Read more

www.macworld.com:
MySQL warns users, contemplates changes after worm. Read more

www.theregister.co.uk:
Norwegian student fined for MP3 links. Read more

29 January 2005

Vulnerabilities & Exploits
securitytracker.com:
UW IMAP CRAM-MD5 Authentication Flaw Lets Remote Users Access Arbitrary IMAP Accounts. Read more

securitytracker.com:
WebWasher Classic Lets Remote Users Connect to Localhost Ports. Read more

securitytracker.com:
DokuWiki 'userewrite' Mode Discloses Restricted Pages to Remote Users. Read more

securitytracker.com:
XOOPS Incontent Module Discloses PHP File Contents to Remote Users. Read more

securitytracker.com:
Debian libpam-radius-auth Discloses Configuration File to Local Users. Read more

securitytracker.com:
HP-UX TGA Daemon Lets Remote Users Deny Service. Read more

securitytracker.com:
War FTP Daemon Can Be Crashed By Remote Users. Read more

securitytracker.com:
Ingate Firewall Fails to Disconnect PPTP Connections When a User is Disabled. Read more

securitytracker.com:
SmarterMail Lets Remote Users Upload Arbitrary Scripting Code and Execute Them. Read more

securitytracker.com:
Exponent CMS Discloses Path to Remote Users and Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Linux Kernel coda_pioctl Buffer Overflow Lets Local Users Execute Arbitrary Code. Read more

 

News:
www.computerworld.com:
MySQL installations targeted by Forbot worm variant. Read more

www.theregister.co.uk:
MySQL worm attacks Windows servers. Read more

www.vnunet.com:
Bot infects thousands of MySQL PCs. Read more

news.zdnet.co.uk:
Government concerned about MySpooler worm. Read more

news.zdnet.co.uk:
New varieties of Bagle should be toast. Read more

www.theregister.co.uk:
Unholy trio pose DDoS risk for Cisco kit. Read more

seattlepi.nwsource.com:
Judge takes pity on defendant in Internet worm case, blames parents. Read more

www.startribune.com:
Prosecutors seek 37-month term in Internet worm case. Read more

www.securitypipeline.com:
Directory Harvest Attacks: The "Silent Kill" Of E-Mail Systems. Read more

software.silicon.com:
First phishing conviction across the Channel. Read more

www.theregister.co.uk:
Mobile virus epidemics: don't panic. Read more

www.theregister.co.uk:
Cyber-stalker faces sentencing today. Read more

news.zdnet.co.uk:
Worm hijacks open source database. Read more

news.zdnet.co.uk:
Criminal IT: Should you trust the Internet? Read more

28 January 2005

Vulnerabilities & Exploits
www.k-otik.com:
Novell iChain Mutual Authentication Security Bypass Issue. Read more

www.k-otik.com:
War FTP Daemon Remote Denial of Service vulnerability. Read more

xforce.iss.net:
Multiple Vulnerabilities in Cisco IOS. Read more

www.k-otik.com:
HP-UX TGA daemon Remote Denial of Service Vulnerability. Read more

www.debian.org:
DSA-661-1 f2c -- insecure temporary files. Read more

securitytracker.com:
Magic Winmail Server Input Validation Holes in Webmail and IMAP Services Allow Directory Traversal Attacks. Read more

securitytracker.com:
Cisco IOS Can Be Reloaded By Remote Users Sending Multiple IPv6 Packets. Read more

securitytracker.com:
Cisco IOS MPLS Disabled Interfaces Let Remote Users Deny Service. Read more

securitytracker.com:
Openswan Pluto get_internal_addresses() Remote Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more

securitytracker.com:
Cisco IOS BGP log-neighbor-changes Processing Error Lets Remote Users Deny Service. Read more

 

News:
www.vnunet.com:
Latest Bagle mutant on the rampage. Read more

www.theregister.co.uk:
Spanish police arrest worm suspect. Read more

news.zdnet.co.uk:
Worm hijacks open source database. Read more

news.zdnet.co.uk:
Trojan masquerades as Windows patch. Read more

www.theregister.co.uk:
MS mulls charging for anti-spyware app. Read more

www.securityfocus.com:
Clear skies for Area 51 hacker. Read more

news.zdnet.co.uk:
Security firm probes reports of car viruses. Read more

www.boingboing.net:
Jailed for using a nonstandard browser. Read more

www.theregister.co.uk:
Crooked Microsoft worker masterminded $7m racket. Read more

www.theregister.co.uk:
Police launch site to tackle net pervs. Read more

27 January 2005

Guides, Papers, etc
www.securityfocus.com:
Blind Buffer Overflows In ISAPI Extensions. Read more

www.it-observer.com:
"Buffer Overflow Attacks: Detect, Exploit, Prevent" Shows How to Keep the Code You Write Today from Headlining Tomorrow. Read more

 

Vulnerabilities & Exploits
www.idefense.com:
Openswan XAUTH/PAM Buffer Overflow Vulnerability. Read more

www.k-otik.com:
MercuryBoard Cross Site Scripting and Path Disclosure Vulnerabilities. Read more

www.k-otik.com:
RealPlayer/RealOne RA File Handling Denial of Service Vulnerability. Read more

www.debian.org:
DSA-660-1 kdebase -- missing return value check. Read more

www.debian.org:
DSA-659-1 libpam-radius-auth -- information leak, integer underflow. Read more

securitytracker.com:
Cisco IOS BGP log-neighbor-changes Processing Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Comdev eCommerce Input Validation Flaws in index.php Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Novell iChain Mutual Authentication Configuration May Let Remote User Authenticate to the System. Read more

securitytracker.com:
Perl DBI::ProxyServer Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Mac OS X Mail Discloses Ethernet Address to Remote Users. Read more

securitytracker.com:
Mac OS X ColorSync Heap Overflow Lets Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple Mac OS X 'at' Commands Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
phpEventCalendar Input Validation Holes in Title and Event Text Lets Remote Users Cross-Site Scripting. Read more

securitytracker.com:
W32Dasm Buffer Overflow in Processing Function Names May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
BIND 8 Buffer Overflow in q_usedns Array Lets Remote Users Deny Service. Read more

 

News:
www.nytimes.com:
A Virus Writer Tests the Limits in Cellphones. Read more

www.pcauthority.com.au:
Mobile viruses just getting started. Read more

www.chinadaily.com.cn:
Computer viruses contacting handsets. Read more

www.thefeature.com:
The Not Really Viruses Are Spreading To Our Cars... Or Not. Read more

software.silicon.com:
Teen virus writer could pay Microsoft over $600,000. Read more

news.zdnet.com:
Flaw finders go their own way. Read more

seattletimes.nwsource.com:
Length of hacker's prison term debated as sentencing nears. Read more

www.theregister.co.uk:
Lawyers demand hard time for Blaster teen. Read more

www.webuser.co.uk:
Mirsa worm wants justice for dads. Read more

news.zdnet.com:
Trojan piggybacks on Microsoft patching. Read more

www.vnunet.com:
Flaw opens antivirus gate. Read more

os.newsforge.com:
Running Windows viruses with Wine. Read more

www.pcworld.idg.com.au:
Trojan Steals Usernames and Passwords for Fantasy Role-Playing Game, Sophos Report. Read more

www.theregister.co.uk:
MS updates: real Windows users only need apply. Read more

www.theregister.co.uk:
Fathers 4 Justice slams �support� virus. Read more

www.vnunet.com:
Bugwatch: Avoiding hotspot hacks. Read more

www.theregister.co.uk:
China bans The Sims. Read more

www.theregister.co.uk:
Earthlink wins cash from spammers. Read more

www.cellular-news.com:
Mobile phone viruses expose wireless handset software weaknesses. Read more

www.itweb.co.za:
Worm's game: Stealing passwords. Read more

www.vnunet.com:
Online ID fraud fears 'out of proportion'. Read more

26 January 2005

Guides, Papers, etc
www.astalavista.com:
Network Firewall Technologies. Read more

 

Vulnerabilities & Exploits
www.gecadnet.ro:
ActiveX Object HTML Help Control still exploitable after patch MS05-001. Read more

securitytracker.com:
BIND 9 Validator Assumption Error May Let Remote Users Deny Service. Read more

securitytracker.com:
Video Disk Recorder Lets Remote Users Overwrite Files. Read more

securitytracker.com:
Squid Error in Parsing HTTP Content-Length Headers May Let Remote Users Poison the Cache. Read more

securitytracker.com:
Apple 'quicktime.qts' Error in Parsing 'qtif' Images Lets Remote Users Deny Service. Read more

securitytracker.com:
Funduc Search and Replace Buffer Overflow Lets Local Users Execute Arbitrary Code. Read more

securitytracker.com:
Comersus Grants Administrative Access to Remote Users and Permits SQL Injection and Cross-Site Scripting Attacks. Read more

securitytracker.com:
SquirrelMail Input Validation Flaw in webmail.php May Let Remote Users Execute Arbitrary Commands or Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Sun Solaris DHCP Administration Utilities Let Local Users Gain Root Privileges. Read more

securitytracker.com:
Spectrum Cash Receipting System Discloses Passwords to Local Users. Read more

securitytracker.com:
CoolForum Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
MercuryBoard Discloses Path to Remote Users and Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Evolution Integer Overflow in camel-lock-helper May Let Local and Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
zhcon May Let Local Users Read Files with Elevated Privileges. Read more

securitytracker.com:
DataRescue IDA Pro PE Buffer Overflow in Import Library Name May Let Remote Users Execute Arbitrary Code. Read more

www.debian.org:
DSA-658-1 libdbi-perl -- insecure temporary file. Read more

www.debian.org:
DSA-657-1 xine-lib -- buffer overflow. Read more

www.debian.org:
DSA-656-1 vdr -- insecure file access. Read more

www.debian.org:
DSA-655-1 zhcon -- missing privilege release. Read more

 

News:
news.zdnet.com:
Expert: Flaw still dogs Windows patch. Read more

crn.com:
Windows Vulnerability Goes Unpatched. Read more

www.mobilemonday.net:
Gavno.a came from Eastern Europe. Read more

www.mobilemonday.net:
3G dream is becoming a security nightmare. Read more

www.theregister.co.uk:
Watch out for bogus health and safety invoices. Read more

news.zdnet.com:
Microsoft: Legit Windows or no updates. Read more

news.zdnet.co.uk:
Insecure online forms put PayPal users at risk. Read more

www.computerworld.com:
Defense Dept. using new tech tools to investigate child porn. Read more

news.zdnet.co.uk:
AV firms slam 'irresponsible' virus writer. Read more

news.com.com:
Computer viruses and chilling speech. Read more

www.detnews.com:
South Florida teen is co-creator of popular Firefox Web browser. Read more

www.theregister.co.uk:
FBI backs transatlantic anti-spam summit. Read more

itvibe.com:
New virus steals passwords for Lineage game. Read more

25 January 2005

Guides, Papers, etc
www1.cs.columbia.edu:
An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol. Read more

www.ida.liu.se:
The HoneyTank : a scalable approach to collect malicious Internet traffic. Read more

www.dimva.org:
FINAL CALL FOR PAPERS. GI SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment. Read more

 

Vulnerabilities & Exploits
www.idefense.com:
DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability. Read more

securitytracker.com:
iSync mRouter Buffer Overflow Yields Root Privileges to Local Users. Read more

securitytracker.com:
Golden FTP Server Buffer Overflow in RNTO Command Lets Remote Users Execute Arbitrary Code. Read more

 

News:
news.zdnet.co.uk:
Electronic eavesdropping rising. Read more

news.zdnet.co.uk:
Security organisation's Web site hacked. Read more

news.zdnet.co.uk:
'Confidential US security documents' flaunted online. Read more

www.pcauthority.com.au:
Worm poses as tsunami relief fund email. Read more

www.theregister.co.uk:
Hotspot paranoia: try to stay calm. Read more

news.zdnet.co.uk:
Thunderbird gets phishing detection. Read more

news.zdnet.co.uk:
Tsunami charity Web site escapes attack. Read more

www.theregister.co.uk:
German police bust porn invoice scammers. Read more

news.zdnet.co.uk:
Researchers uncover Office encryption flaw. Read more

news.zdnet.co.uk:
Crowt.A virus preys on news junkies. Read more

searchsecurity.techtarget.com:
Extroverts more likely to open virus laden e-mail attachments. Read more

news.zdnet.co.uk:
Spammers' goods go on sale on eBay. Read more

24 January 2005

Guides, Papers, etc
www.phrack.org:
PHRACK #63 CALL FOR PAPERS. Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
Microsoft Internet Explorer Install Engine Control Buffer Overflow (MS04-038). Read more

www.securiteam.com:
Microsoft NetDDE Service Unauthenticated Remote Buffer Overflow (MS04-031). Read more

www.securiteam.com:
Microsoft Internet Explorer .ANI Files Handling Exploit (MS05-002). Read more

www.securiteam.com:
RealPlayer Arbitrary File Deletion Vulnerability. Read more

www.securiteam.com:
RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability. Read more

www.securiteam.com:
RealPlayer Miscellaneous Vulnerabilities (RMP, RJS). Read more

www.securiteam.com:
MSN Heartbeat Control Buffer Overflow (MS04-038). Read more

www.securiteam.com:
Multiple Vulnerabilities in the AtHoc Toolbar for MSIE. Read more

www.securiteam.com:
DivX Player Skin Directory Traversal. Read vmore

www.securiteam.com:
Multiple Vulnerabilities in Comersus BackOffice Lite. Read more

www.securiteam.com:
Multiple Vulnerabilities in Konversation (Exploit). Read more

www.securiteam.com:
fkey Symblink Vulnerability. Read more

securitytracker.com:
KDE Konversation Bugs May Allow a Remote User to Cause Command Execution on a Target User's System. Read more

www.securityfocus.com:
Internet Explorer URL obfuscation. Read more

 

News:
www.mobilemonday.net:
Lasco worm�s author is a Nokia fan. Read more

www.mobilemonday.net:
New Symbian virus stops basic phone functions. Read more

news.com.com:
Virus writer tests limits in cell phones. Read more

www.computerweekly.com:
Latest worm targets MSN users. Read more

www.pcauthority.com.au:
Worm steals CNN headlines to stay timely. Read more

www.theinquirer.net:
Hackers tapping into phone calls, emails. Read more

www.cellular-news.com:
Most dangerous Symbian virus yet detected. Read more

icbirmingham.icnetwork.co.uk:
Man blamed net virus for child porn. Read more

23 January 2005

Guides, Papers, etc
chongqed.blogspot.com:
The 2005 Spam Conference
Here are some quick links all about this year's spam conference. Read more

www.techworld.com:
Worm dry run for something more serious. Read more

www.caida.org:
Is P2P dying or just hiding? Read more

antiphishing.org:
Phishing Activity Trends Report. Read more

 

Tools
www.ethereal.com:
Ethereal 0.10.9 released. Read more

 

Vulnerabilities & Exploits
www.milw0rm.com:
(MS05-002) Microsoft Internet Explorer .ANI Files Handling Exploit. Read more

www.milw0rm.com:
Golden FTP Server v2.02b and below Remote Buffer Overflow. Read more

www.k-otik.com:
Mac OS X 10.3 iSync "mRouter" Local Privilege Escalation Exploit. Read more

 

News:
technocrat.net:
Phishing with a News Aggregator Worm. Read more

www.geekzone.co.nz:
First Symbian trojan to disable ability to make call discovered. Read more

www.techworld.com:
New worm spreading via MSN Messenger. Read more

www.vnunet.com:
Virus masquerades as email from security firm. Read more

www.techworld.com:
Internet Explorer continues to lose market share. Read more

www.vnunet.com:
Experts warn of Wi-Fi 'evil twin' scam. Read more

www.theregister.co.uk:
London man cuffed over disaster relief site hack. Read more

www.boston.com:
Harvard fixing data security breaches. Read more

www.theregister.co.uk:
China nabs 600 in online gambling raids. Read more

www.rednova.com:
Mci Buys Tech Security Firm. Read more

www.techworld.com:
Novell and Red Hat launch new Linux servers. Read more

22 January 2005

Vulnerabilities & Exploits
securitytracker.com:
GNU Enscript EPSF and Filename Command Input Validation Errors May Let Remote Users Execute Arbitrary Code in Certain Cases. Read more

securitytracker.com:
Ethereal Bugs in COPS, DLSw, DNP, Gnutella, MIME, and X11 Protocol Dissectors Let Remote Users Crash Ethereal or Execute Arbitrary Code. Read more

securitytracker.com:
3Com OfficeConnect Wireless 11g Access Point Discloses Passwords and Keys to Remote Users. Read more

securitytracker.com:
Playmidi Buffer Overflow in Processing Filename May Let Local Users Obtain Elevated Privileges. Read more

securitytracker.com:
Sword Input Validation Holes in 'diatheke.pl' Let Remote Users Execute Arbitrary Commands. Read more

www.ngssoftware.com:
Microsoft NetDDE Service Unauthenticated Remote Buffer Overflow. Read more

www.debian.org:
DSA-654-1 enscript -- several vulnerabilities. Read more

www.debian.org:
DSA-653-1 ethereal -- buffer overflow. Read more

www.debian.org:
DSA-652-1 unarj -- several vulnerabilities. Read more

www.debian.org:
DSA-651-1 squid -- buffer overflow, integer overflow. Read more

 

News:
www.securityfocus.com:
Anti-Spyware as Anti-Piracy
Is Microsoft's anti-malware giveaway part of a master plan to flush out software pirates? Read more

www.securityfocus.com:
MS AntiSpyware bites BitDefender. Read more

story.news.yahoo.com:
Review: Microsoft Anti-Spyware Ineffective. Read more

www.newsfactor.com:
Virus Writers Co-opt CNN Headlines in Latest Ruse. Read more

news.zdnet.co.uk:
Crowt.A virus preys on news junkies. Read more

news.com.com:
Cisco finds security flaw in router software. Read more

www.techworld.com:
Worm dry run for something more serious. Read more

21 January 2005

Guides, Papers, etc
www.research.ibm.com:
Anatomy of a Commercial-Grade Immune System. Read more

 

Vulnerabilities & Exploits
www.securityfocus.com:
Microsoft Internet Explorer HTML Help Control Vulnerability Still Exploitable After Patch. Read more

securitytracker.com:
Playmidi Buffer Overflow in Processing Filename May Let Local Users Obtain Elevated Privileges. Read more

securitytracker.com:
Sword Input Validation Holes in 'diatheke.pl' Let Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
xtrlock Access Control Lets Local Users Bypass the Screen Lock. Read more

securitytracker.com:
Sun Java Plug-in Javascript Error Lets Remote Users Access Files and Applications. Read more

securitytracker.com:
Siteman Lets Remote Users Create Administrative Accounts. Read more

securitytracker.com:
GForge 'controller.php' and 'controlleroo.php' Disclose Directory Listings to Remote Users. Read more

securitytracker.com:
JSBoard 'session.php' Input Validation Flaw Discloses Files to Remote Users. Read more

securitytracker.com:
MaxDB sapdbwa_GetUserData() and HTTP Header Bugs Lets Remote Users Deny Service. Read more

 

News:
www.vnunet.com:
Security: What to watch in 2005. Read more

www.crn.com:
Hackers Snatch Data From Bogus Wireless Access Points. Read more

australianit.news.com.au:
Worm poses as CNN update. Read more

www.theregister.co.uk:
The aftermath of a domain name hijack. Read more

www.rednova.com:
Microsoft Scrubs Security Component for Exchange. Read more

www.vnunet.com:
Fraud victims facing cold shoulder. Read more

news.zdnet.com:
Phishers learn new tricks. Read more

news.zdnet.com:
Flaw found in Office encryption. Read more

news.zdnet.com:
Baba worm pretends to purge porn. Read more

www.theregister.co.uk:
Webcam Trojan suspect arrested in Spain. Read more

20 January 2005

Guides, Papers, etc
eprint.iacr.org:
The Misuse of RC4 in Microsoft Word and Excel. Read more

 

Tools
www.microsoft.com:
Scriptomatic 2.0. Utility that helps you write WMI scripts for system administration. Read more

www.astalavista.com:
32 bit asm code written in AT+T syntax for the x86 processor. It adds an user with root rights and no password from the command line. Read more

 

Vulnerabilities & Exploits
www.guninski.com:
Some vim problems, yet still vim much better than windows. Read more

www.securiteam.com:
The First VIM Worm. Read more

www.integrigy.com:
Oracle Reports Server APPS Password Disclosure. Read more

www.idefense.com:
MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities. Read more

www.ngssoftware.com:
RealPlayer Miscellaneous Vulnerabilities. Read more

www.ngssoftware.com:
RealPlayer Arbitrary File Deletion Vulnerability. Read more

www.ngssoftware.com:
RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability. Read more

www.ngssoftware.com:
Microsoft Internet Explorer Install Engine Control Buffer Overflow. Read more

www.ngssoftware.com:
MSN Heartbeat Control Buffer Overflow. Read more

www.ngssoftware.com:
Multiple Vulnerabilities in the AtHoc Toolbar For MSIE. Read more

www.cisco.com:
Cisco Security Advisory: Vulnerability in Cisco IOS Embedded Call Processing Solutions. Read more

securitytracker.com:
Cisco IOS Error in Processing SCCP Packets Lets Remote Users Deny Service. Read more

securitytracker.com:
Mac OS X Input Validation Flaw in parse_machfile() Lets Local Users Deny Service. Read more

securitytracker.com:
Vim 'tcltags' and 'vimspell.sh' Temporary Files May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Xpdf Buffer Overflow in makeFileKey2() Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Oracle Database Create Database Link Lets Remote Authenticated Users Crash the Database. Read more

securitytracker.com:
Oracle Database DIRECTORY Object Access Control Flaw May Let Certain Users Access Other Directories. Read more

securitytracker.com:
Oracle Database Server PL/SQL Injection Flaws Let Remote Authenticated Users Gain Database Administrator Privileges. Read more

www.debian.org:
DSA-648-1 xpdf -- buffer overflow. Read more

www.debian.org:
DSA-647-1 mysql -- insecure temporary files. Read more

www.debian.org:
DSA-646-1 imagemagick -- buffer overflow. Read more

 

News:
www.computerworld.com:
Spanish police nab suspected creator of webcam Trojan. Read more

www.theregister.co.uk:
Tsunami spam scammer cuffed. Read more

www.technologyreview.com:
Is Microsoft's AntiVirus Strategy Secure? Read more

info.sen.ca.gov:
p2p authors at risk. Read more

www.silicon.com:
Spammed man sued by alleged spammer wants cash. Read more

www.computerworld.com:
Internet phishing scams getting more devious. Read more

www.theregister.co.uk:
Panix.com hijack: Aussie firm shoulders blame. Read more

nwc.linuxpipeline.com:
Microsoft Responds To IE Security Concerns. Read more

www.infoworld.com:
Chinese companies join Cisco-led security program. Read more

news.zdnet.co.uk:
Police to give cybercrime-fighting courses. Read more

informationweek.com:
FBI Stops Using Carnivore Wiretap Software. Read more

19 January 2005

Guides, Papers, etc
www.astalavista.com:
An Economic Analysis of Market for Software Vulnerabilities. Read more

vidstrom.net:
Different ways to think about computer security. Read more

 

Tools
www.theglobeandmail.com:
GFI updates network security scanner. Read more

vidstrom.net:
UndeleteSMS can recover deleted SMS messages from a GSM SIM card.

www.solutix.ch:
The scrutinizer is an OpenSource Project aimed to protect web application from HTTP (D)DoS Attacks.
It's a toolkit consisting out of an analysis engine which analyses webserver access logfiles in almost real time, an Apache module which is able to block wrongdoers on the webserver, an extension to block offenders already on netfilter firewalls and a set of visualization tools. Read more

 

Vulnerabilities & Exploits
theinsider.deep-ice.com:
Kazaa: multiple vulnerabilities. Read more

www.debian.org:
DSA-645-1 cupsys -- buffer overflow. Read more

www.debian.org:
DSA-644-1 chbg -- buffer overflow. Read more

www.debian.org:
DSA-643-1 queue -- buffer overflows. Read more

www.idefense.com:
Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow. Read more

securitytracker.com:
GNU Queue Remote Buffer Overflows May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Novell GroupWise WebAccess Lets Remote Users Bypass Authentication to Gain Limited Access. Read more

securitytracker.com:
Netegrity SiteMinder 'smpwservicescgi.exe' Lets Remote Users Forward the Target User to an Arbitrary URL. Read more

securitytracker.com:
CMSimple Input Valdation Bug in Search and Guestbook Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
MediaWiki Input Validation Flaw in 'wgLanguageCode' and 'mUserLanguage' Parameters Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
'sig2dat' Integer Overflow May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
ImageMagick Photoshop Document Buffer Overlow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
NodeManager SNMP Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
NETGEAR FVS318 Lets Remote Users Bypass the URL Filter and Conduct Cross-Site Scripting Attacks Against Administrators. Read more

 

News:
www.theregister.co.uk:
Worm poses as porn-purging program. Read more

www.vnunet.com:
Hackers use porn worm to take over PCs. Read more

www.newsfactor.com:
Tsunami Virus Probably Hacker Gang Skirmish. Read more

news.zdnet.co.uk:
Tsunami worm hits new virus low. Read more

www.securitypronews.com:
Another Internet Explorer Hole Found? Read more

federaltimes.com:
Computer Security Experts On Alert for Jump in Viruses. Read more

www.vnunet.com:
You lose when you 'win'. Read more

www.vnunet.com:
Viruses plague half of UK Windows users. Read more

www.webuser.co.uk:
Microsoft urges PC users to get secure. Read more

news.zdnet.co.uk:
UK man charged with DDoS attack. Read more

www.eff.org:
Can the FBI Monitor Your Web Browsing Without a Warrant? Read more

17 January 2005

Guides, Papers, etc
www.scs.carleton.ca:
Computer Viruses as Artificial Life. Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-640-1 gatos -- buffer overflow. Read more

securitytracker.com:
SparkleBlog Grants Administrative Access and Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
AWStats Input Validation Flaws Let Users Execute Arbitrary Commands. Read more

securitytracker.com:
Siteman Input Validation Holes in 'news.php' and 'forum.php' Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges. Read more

securitytracker.com:
Midnight Commander Format String, Buffer Overflow, and Memory Allocation Errors May Let Remote Users Deny Service or Execute Arbitrary Code. Read more

www.securiteam.com:
ITA Forum SQL Injection. Read more

www.securiteam.com:
Apple iTunes Playlist Parsing Buffer Overflow (Exploit). Read more

www.securiteam.com:
Linux Kernel i386 SMP Page Fault Handler Privilege Escalation (Exploit). Read more

www.securiteam.com:
Exim dns_build_reverse() Exploit. Read more

www.milw0rm.com:
Peer2Mail Encrypted Password Dumper Exploit. Read more

 

News:
www.pcworld.idg.com.au:
Experts warn of trick to bypass IE security. Read more

www.bizjournals.com:
VoIP hackers can put spam in your ear. Read more

www.theinquirer.net:
Linux security patches released. Read more

15 January 2005

News:
www.computerworld.com:
Experts warn of trick to bypass IE download warnings. Read more

www.newsfactor.com:
Worm Turns on Symbian Cell Phones. Read more

news.bbc.co.uk:
Rings of steel combat net attacks. Read more

www.redherring.com:
Banking on one password proves risky...Read more

www.linuxinsider.com:
2004 Was Year of Firefox and Trojan Horses for Web Monkeys. Read more

news.com.com:
Securing data from the threat within. Read more

14 January 2005

Movie Trojan (a)

 

Guides, Papers, etc
www.securityfocus.com:
The Perils of Deep Packet Inspection. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft IE Windows XP SP2 File Download Security Can Be Bypassed With Dynamic IFRAME Tag. Read more

securitytracker.com:
MPM Guesbook Pro 'top.php' Discloses Files and Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Linux Kernel Overlapping VMAs May Let Local Users Obtain Root Privileges. Read more

securitytracker.com:
Zeroboard Discloses Files to Remote Users and Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Squid gopherToHTML() Buffer Overflow Has Unspecified Impact. Read more

securitytracker.com:
Squid Input Validation Error in Processing WCCP Messages Lets Remote Users Crash Squid. Read more

securitytracker.com:
Hitachi Directory Server LDAP Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Winamp Has Security Bugs in Several DLLs With Unspecified Impact. Read more

securitytracker.com:
SGallery Input Validation Holes Let Remote Users Inject SQL Commands and Potentially Execute Arbitrary Commands. Read more

securitytracker.com:
IlohaMail Unsafe Configuration File Access Controls May Let Remote Users Access the Files. Read more

securitytracker.com:
Squirrelmail Vacation Plugin Lets Local Users Execute Arbitrary Commands With Root Privileges. Read more

securitytracker.com:
OpenBSD httpd mod_include Local Buffer Overflow Has Unspecified Impact. Read more

securitytracker.com:
BiTBOARD Input Validation Hole in BBCODE Tags Permits Cross-Site Scripting Attacks. Read more

www.isec.pl:
Linux kernel i386 SMP page fault handler privilege escalation. Read more

dump.hbx.us:
GMail Messages are Vulnerable to Interception. Read more

www.cirt.dk:
Web application vulnerable to login replay attacks. (pdf) Read more

www.idefense.com:
Apple iTunes Playlist Parsing Buffer Overflow Vulnerability. Read more

www.idefense.com:
MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability. Read more

www.idefense.com:
SGI IRIX inpview Design Error Vulnerability. Read more

 

News:
news.zdnet.com:
Microsoft recruits patch testers. Read more

www.theregister.co.uk:
Trojans exploit Windows DRM loophole. Read more

news.zdnet.com:
Worm plays games with victims. Read more

news.zdnet.co.uk:
Script kiddies learn grown-up hacking techniques. Read more

www.theregister.co.uk:
A new tool In the spam war. Read more

www.internetweek.com:
Stopping Google Hacks Is Simple. Read more

news.zdnet.com:
Five years of Ballmer--the effect on Microsoft. Read more

www.whittierdailynews.com:
More and more scammers are 'phishing' for your identity. Read more

13 January 2005

Vulnerabilities & Exploits
www.debian.org:
DSA-637-1 exim-tls -- buffer overflow. Read more

www.debian.org:
DSA-636-1 glibc -- insecure temporary files. Read more

www.waraxe.us:
Critical Sql Injection in Sgallery module for PhpNuke. Read more

secway.org:
TFTPD32 Long FileName Remote Denial of Service. Read more

securitytracker.com:
Linux Kernel Multiprocessor Page Fault Handler Race Condition Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
OpenBSD TCP Timestamp Boundary Error Lets Remote Users Panic the System. Read more

securitytracker.com:
Solaris Management Console (SMC) May Create New Accounts With Blank Passwords in Certain Cases. Read more

securitytracker.com:
Dokeos Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Guestserver Input Validation Error Lets Remote Users Display Arbitrary Content. Read more

securitytracker.com:
TFTPD32 Can Be Crashed By Remote Users Requesting Long Filenames. Read more

securitytracker.com:
eMotion MediaPartner Web Server Discloses BHTML Source Code to Remote Users. Read more

securitytracker.com:
Bottomline WebSeries Discloses Information to Remote Authenticated Users and Lets Users Bypass Password Policy. Read more

securitytracker.com:
Network Assistant Can Be Crashed By Remote Users. Read more

securitytracker.com:
PHPWind Authentication Flaw Lets Remote Users Modify the Administrator's Password. Read more

securitytracker.com:
Helvis elvprsv Default Permissions Let Local Users Delete Arbitrary Files and Recover Some Files. Read more

securitytracker.com:
BMV Viewer Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
HylaFAX Validation Error Lets Remote Users Gain Access. Read more

securitytracker.com:
poppassd_pam Lets Remote Users Modify Arbitrary Passwords. Read more

 

News:
www.theregister.co.uk:
Double trouble from Symbian virus. Read more

www.internetnews.com:
Lasco.A Poses New Mobile Threat. Read more

news.zdnet.co.uk:
Cellery worm plays Tetris as it spreads. Read more

www.theregister.co.uk:
Hacker breaches T-Mobile systems, reads US Secret Service email. Read more

news.zdnet.co.uk:
Google hacking tool looks for security gaps. Read more

news.zdnet.co.uk:
Hackers hijack Microsoft DRM. Read more

edition.cnn.com:
Report: Water systems' security lapses. Read more

news.zdnet.co.uk:
Worm spreads Happy Nude Year greeting. Read more

www.smh.com.au:
Phishing scam leader gets detention. Read more

12 January 2005

Guides, Papers, etc
The makers of the (classic) compression package Stuffit have written a program that can compress JPGs by roughly 30%.
StuffIt� Image Compression White Paper. (pdf) Read more

www.kernelpanik.org:
Apache suEXEC Bypass. (pdf) Read more

www.benedelman.org:
Media Files that Spread Spyware. Read more

files.linuxexposed.com:
How Hackers Work and Practical Measures You Can Take to Protect Your Site. (pdf) Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft HTML Help Active Control Cross-Domain Error Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Microsoft Cursor and Icon Validation Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Windows Indexing Service Buffer Overflow in Processing Queries Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple iTunes m3u/pls Playlist Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
eMotion MediaPartner Input Validation Errors Disclose Files and Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Woltlab Burning Book Input Validation Bug in 'addentry.php' Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
Woltlab Burning Board Input Validation Hole in 'formmail.php' Permits Remote Cross-Site Scripting Attacks. Read more

securitytracker.com:
Invision Community Blog Input Validation Error in 'eid' Variable Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
Apache mod_auth_radius radcpy() Integer Overflow Lets Remote Users Deny Service in Certain Cases. Read more

securitytracker.com:
Virtual Hosting Control System (VHCS) 'sql.php' Include File Error Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Amphora Gate May Yield Administrative Access to Remote Users. Read more

www.debian.org:
DSA-635-1 exim -- buffer overflow. Read more

www.debian.org:
DSA-634-1 hylafax -- weak hostname and username validation. Read more

www.debian.org:
DSA-633-1 bmv -- insecure temporary file. Read more

 

News:
www.microsoft.com:
Microsoft Security Bulletin Summary for January, 2005. Read more

news.com.com:
'Critical' patches released for Windows, IE. Read more

news.com.com:
Researcher faces jail for finding bugs. Read more

news.com.com:
Vulnerability found in open-source audio player. Read more

www.securityfocus.com MS virus clean-up tool sparks controversy. Read more

news.com.com:
Bawdy holiday worm preys on prurience. Read more

www.securityfocus.com Hacker penetrates T-Mobile systems. Read more

www.betanews.com:
Don't Buy (Ad Space) from Spammers. Read more

news.com.com:
FTC sues to stop porn spammers. Read more

11 January 2005

Guides, Papers, etc
www.giac.org:
Vulnerabilities in Bluetooth specification 1.1 And the Sony Ericsson T610. (pdf) Read more

 

Tools
The first real virus for cellphones.
Two versions:
1) Windows infector - scans all hard disks and infects all .SIS files
2) Cell phone version - the same functionality
Both with full source code. Read more

 

Vulnerabilities & Exploits
www.mikx.de:
Firespoofing. Read more

www.gentoo.org:
mpg123: Buffer overflow. Read more

securitytracker.com:
Squid NTLM fakeauth_auth Helper Can Be Crashed By Remote Users. Read more

securitytracker.com:
NetWare Running CIFS.NLM Can Be Crashed By Remote Users. Read more

securitytracker.com:
PRADO 'phonebook.php' Include File Flaw Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Zeroboard 'zero_vote' Include File Bug Lets Remote Users Execute Ar bitarry Commands. Read more

www.appsecinc.com:
Microsoft Windows LPC heap overflow. Read more

www.appsecinc.com:
Microsoft Windows Improper Token Validation. Read more

www.debian.org:
DSA-632-1 linpopup -- buffer overflow. Read more

www.debian.org:
DSA-631-1 kdelibs -- unsanitised input. Read more

www.debian.org:
DSA-630-1 lintian -- insecure temporary directory. Read more

 

News:
news.zdnet.co.uk:
Mobile phone virus doubles the danger. Read more

www.theregister.co.uk:
The MS spyware experiment, moving calendars...Read more

www.theregister.co.uk:
Exploit code attacks unpatched IE bug. Read more

arstechnica.com:
More browser vulnerabilities - surfers advised to use Lynx. Read more

australianit.news.com.au:
Jail for software pirate. Read more

www.eweek.com:
Spammers' New Tactic Upends DNS. Read more

10 January 2005

Guides, Papers, etc
www.flexbeta.net:
MS AntiSpyware vs Ad-Aware vs SpyBot. Read more

www.techworld.com:
DoS Attacks - how your ISP can help. Read more

 

Vulnerabilities & Exploits
ferruh.mavituna.com:
Multiple Firewall Products Bypass Vulnerability. Read more

 

News:
www.computerworld.com:
Microsoft move sends shivers through antivirus market. Read more

www.informationweek.com:
Microsoft App Aims To Attack Spyware. Read more

www.bizjournals.com:
Microsoft seeks to stop 'phishing' expeditions. Read more

www.editorandpublisher.com:
Baseball Fan/Spam Artist Found Guilty in Attacks on Philly Papers. Read more

09 January 2005

Guides, Papers, etc
www.giac.org:
Mass-Mailing Worms: Prevention, Detection and Response (A Case Study). Read more

www.broadbandreports.com:
WMP Adware: A Case Study in Deception. Read more

 

Tools
Plash is a Unix shell which lets you run Unix programs with access only to the files and directories they need to run. Programs are given access to files which were passed as command line arguments.

 

Vulnerabilities & Exploits
www.idefense.com:
Exim auth_spa_server() Buffer Overflow Vulnerability. Read more

www.idefense.com:
Exim host_aton() Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
CUPS Logic Error in Processing '/..' Requests Lets Remote Users Deny Service. Read more

 

News:
www.securityfocus.com:
Microsoft Anti-Spyware? Read more

english.chosun.com:
Foreign Hackers Attack 430 Korean Websites Per Day. Read more

www.itweb.co.za:
Virus writers worked overtime at Xmas. Read more

australianit.news.com.au:
Net fraud gang recruits students. Read more

www.nuclearelephant.com:
OBEX Contest Unsuccessful. Read more

08 January 2005

Guides, Papers, etc
mvp.unixwiz.net:
Analysis of the Troj/Winser-A Malware. Read more

 

Vulnerabilities & Exploits
www.geocities.com:
Mozilla XBM Vulnerability. Read more

www.debian.org:
DSA-629-1 krb5 -- buffer overflow. Read more

securitytracker.com:
Linux Kernel uselib() Race Condition Lets Local Users Obtain Root Level Privileges. Read more

securitytracker.com:
Simple PHP Blog Discloses Files to Remote Users and Lets Remote Users Create Directories. Read more

securitytracker.com:
MyBB 'calendar.php' Input Validation Bug Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Jakarta Tomact Manager Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Symantec Norton-Anti Virus 'ccErrDsp' Lets Remote Users Crash the Application. Read more

securitytracker.com:
WinHKI Lets Malicious Archives Create Files in Alternate Locations or Deny Service. Read more

securitytracker.com:
b2evolution Input Validation Bug in 'title' Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
WinAce ZIP and GZIP Directory Traversal Flaw Lets Malicious Archives Create Files in Alternate Locations. Read more

securitytracker.com:
Jeuce Personal Web Server Discloses Files to and Can Be Crashed by Remote Users. Read more

isec.pl:
Linux kernel uselib() privilege elevation. Read more

 

News:
www.theregister.co.uk:
Mozilla and Firefox flaws exposed. Read more

news.zdnet.com:
IE flaw threat hits the roof. Read more

news.zdnet.com:
Critical Windows fix on the way. Read more

www.computerworld.com:
Microsoft releases antispyware, malware-removal tools. Read more

wireless.newsfactor.com:
Skulls Virus Re-emerges - Again. Read more

www.theregister.co.uk:
Tsunami relief donors under cyber-attack, says FBI. Read more

www.f-secure.com:
Samples of tsunami email scams. one , two & three

www.securityfocus.com:
Netizens eye Web-enabled surveillance cams. Read more

07 January 2005

Guides, Papers, etc
www.microsoft.com:
Beat Hackers At Their Own Game With A Hackerbasher Site. Read more

www.antiphishing.org:
Phishing Activity Trends Report November, 2004. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
WinAce ZIP and GZIP Directory Traversal Flaw Lets Malicious Archives Create Files in Alternate Locations. Read more

securitytracker.com:
Jeuce Personal Web Server Discloses Files to and Can Be Crashed by Remote Users. Read more

securitytracker.com:
tiffdump Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Vim modeline Options May Let Users Execute Arbitrary Commands. Read more

aluigi.altervista.org:
Socket unreacheable in Amp II engine. Read more

aluigi.altervista.org:
Socket termination, format string and XSS in Soldner Secret Wars 30830. Read more

www.lovebug.org:
AOL's Online Password Reset feature does not fully validate user information. Read more

www.debian.org:
DSA-628-1 imlib2 -- integer overflows. Read more

www.debian.org:
DSA-627-1 namazu2 -- unsanitised input. Read more

www.debian.org:
DSA-626-1 tiff -- unsanitised input. Read more

 

News:
www.microsoft.com:
Microsoft Announces Availability of New Solutions to Help Protect Customers Against Spyware and Viruses. Read more

www.computerworld.com:
Microsoft releases antispyware, malware-removal tools. Read more

www.computerworld.com:
Phishers migrating to Trojan horse attacks. Read more

www.theregister.co.uk:
Tsunami relief donors under cyber-attack, says FBI. Read more

www.theregister.co.uk:
eBay aims to thwart phishing. Read more

www.securityfocus.com:
Sims 2 hacks spread like viruses. Read more

itmanagement.earthweb.com:
Is a Job in Security the Cure for Job Insecurity? Read more

www.computerworld.com:
Attacks on Microsoft WINS hole raise alarms. Read more

english.yna.co.kr:
South Korea Sounds Alarm over Massive Web Defacement Attacks. Read more

06 January 2005

Guides, Papers, etc
www.securityfocus.com:
SSH Port Forwarding. Read more

www.cc.gatech.edu:
Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic. Read more

offlinehbpl.hbpl.co.uk:
Passive Information Gathering
The Analysis of Leaked Network Security Information. Read more

offlinehbpl.hbpl.co.uk:
How to 0wn the Internet in Your Spare Time. Read more

www.unixwiz.net:
SQL Injection Attacks by Example. Read more

 

Tools
www.thc.org:
THC-pptp-bruter: Brute force program against PPTP VPN Gateways (tcp port 1723). Fully standalone. Supports latest MSChapV2 authentication.
Tested against Windows and Cisco Systems. Exploits a weakness in Microsoft's anti brute-force implementation that makes it possible to try 300 passwords per second. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
mod_dosevasive Symlink Flaw Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
MyBB Input Validation Error Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
3Com 3CDaemon Format String Flaws and Buffer Overflows May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
QWikiWiki Directory Traversal Flaw Discloses Files to Remote Users. Read more

securitytracker.com:
Mozilla Firefox Download Dialog Source Can Be Spoofed By Remote Users. Read more

www.nextgenss.com:
IBM DB2 db2fmp buffer overflow. Read more

www.nextgenss.com:
IBM DB2 libdb2.so.1 buffer overflow. Read more

www.nextgenss.com:
IBM DB2 call buffer overflow. Read more

www.nextgenss.com:
IBM DB2 JDBC Applet Server buffer overflow. Read more

www.nextgenss.com:
IBM DB2 SATADMIN.SATENCRYPT buffer overflow. Read more

www.nextgenss.com:
IBM DB2 Windows Permission Problem. Read more

www.nextgenss.com:
IBM DB2 to_char and to_date Denial Of Service. Read more

www.nextgenss.com:
IBM DB2 XML functions overflows. Read more

www.nextgenss.com:
IBM DB2 XML functions file creation vulnerabilities. Read more

www.debian.org:
DSA-625-1 pcal -- buffer overflows. Read more

www.debian.org:
DSA-624-1 zip -- buffer overflow. Read more

www.debian.org:
DSA-623-1 nasm -- buffer overflow. Read more

 

News:
www.theregister.co.uk:
VXers creating 150 zombie programs a week. Read more

news.com.com:
Hackers step up search for unpatched servers. Read more

www.newsfactor.com:
Microsoft To Unveil Anti-Spyware Beta. Read more

news.com.com:
Gates taking a seat in your den. Read more

news.com.com:
Gates touts TiVo deal at CES. Read more

05 January 2005

Guides, Papers, etc
www.qgpop.net:
Real-Time Virus Detection System Using iNetmon Engine. Read more

www.intranetjournal.com:
It's Easy to Secure Windows 2000 Servers, Part 1. Read more

 

Vulnerabilities & Exploits
lists.debian.org:
New zip packages fix arbitrary code execution. Read more

securitytracker.com:
Mozilla Firefox Download Dialog Source Can Be Spoofed By Remote Users. Read more

securitytracker.com:
Mozilla Browser Download Dialog Source Can Be Spoofed By Remote Users. Read more

securitytracker.com:
PhotoPost Classifieds Input Validation Hole Lets Remote Users Upload Scripting Files. Read more

securitytracker.com:
ReviewPost Pro Input Validation Hole Lets Remote Users Upload Scripting Files. Read more

securitytracker.com:
HtmlHeadLine.sh Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
GFI MailEssentials MS HTML Parser Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
GNUBoard Case-Sensitive File Extension Validation Lets Remote Users Upload Scripting Files. Read more

securitytracker.com:
PhotoPost Pro 'showgallery.php' Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securiteam.com:
iWebNegar Configuration Nullification (DoS). Read more

www.securiteam.com:
Internet Explorer FTP Client Directory Traversal. Read more

www.securiteam.com:
Multiple Vulnerabilities in FlatNuke. Read more

 

News:
news.zdnet.co.uk:
Nigerian scammers 'exploit tsunami tragedy'. Read more

www.microscope.co.uk:
How to solve the patching puzzle. Read more

www.microsoft-watch.com:
Microsoft Readies 'A1' Security Subscription Service. Read more

www.internetweek.com:
The Difference Between Spyware And Viruses. Read more

virusthreatcenter.com:
Trojan horse threatens latest Windows XP. Read more

news.zdnet.co.uk:
eBay takes on phishers with email service. Read more

04 January 2005

Guides, Papers, etc
www.cs.ucsd.edu:
Automated Worm Fingerprinting. Read more

www.honeynet.org.es:
Building a GenII Honeynet Gateway. Read more

 

Tools
Tor: An anonymous Internet communication system.
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.
Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more.
Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

 

Vulnerabilities & Exploits
ferruh.mavituna.com:
Multiple Firewall Products Bypass Vulnerability. Read more

www.debian.org:
DSA-622-1 htmlheadline -- insecure temporary files. Read more

securitytracker.com:
GNUBoard Case-Sensitive File Extension Validation Lets Remote Users Upload Scripting Files. Read more

securitytracker.com:
MyCart Discloses Configuration File to Remote Users. Read more

www.securiteam.com:
Mozilla Browser NNTP Heap Overflow. Read more

www.securiteam.com:
GNUBoard Multiple Extensions Vulnerability. Read more

www.securiteam.com:
ArGoSoft FTP Server Reveals Valid Usernames and Allows Brute Forcing Attacks. Read more

www.securiteam.com:
HTTP Response Splitting and Cross Site Scripting in ViewCVS. Read more

www.securiteam.com:
SQL Injection Vulnerability in IBProArcade (Arcade.php). Read more

www.securiteam.com:
vBulletin init.php SQL Injection (specialtemplates). Read more

www.securiteam.com:
KorWeblog PHP Injection Vulnerability. Read more

 

News:
www.neowin.net:
Exclusive: Microsoft Anti-Spyware Beta Due 6th January. Read more

strategiy.com:
McAfee�s top 10 threats of 2004. Read more

www.miami.com:
Worms, viruses could worsen in 2005. Read more

www.newsday.com:
Phishing, Spyware, Others Plague Internet. Read more

www.thisismoney.co.uk:
Internet security fears for 2005. Read more

03 January 2005

Guides, Papers, etc
www.crhc.uiuc.edu:
2005 Symposium on Measurement, Modeling, and Simulation of Malware.
The emergence of malware such as worms and viruses has generated a widespread response from the research community in methodologies and tools for measuring, modeling, and simulating malware behavior, and proposed systems that detect, react, and prevent it. The 2005 Symposium on Measurement, Modeling and Simulation of Malware aims to bring together researchers in this important area, for the sharing of ideas and development of collaborative efforts. Read more

www.cbsnews.com:
Defining Google. Read more

www.kuro5hin.org:
Xanga, The Ghetto Botnet (Internet). Read more

www.everybodyiscrazy.com:
Why bandwidth should scare Microsoft. Read more

www.research.ibm.com:
Virus Bulletin 2010: A Retrospective. Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
NetDDE MS04-031 Exploit Code. Read more

www.securiteam.com:
WINS MS04-045 Exploit Code. Read more

www.securiteam.com:
SQL Injection Vulnerability in IBProArcade (Arcade.php). Read more

www.securiteam.com:
vBulletin init.php SQL Injection (specialtemplates). Read more

www.securiteam.com:
Mozilla Browser NNTP Heap Overflow. Read more

www.securiteam.com:
KorWeblog PHP Injection Vulnerability. Read more

securitytracker.com:
Xanga 'sitemessage.aspx' Input Validation Flaw in 'user' Parameter Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
ViewCVS Input Validation Holes in 'content-type' and 'content-length' Parameters Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Gmail 'forgot your password?' Feature Lets Remote Users Flood a User's Secondary E-mail Account. Read more

securitytracker.com:
Jack's FormMail.php 'ar_file' Parameter Lets Remote Users Obtain Files from the System. Read more

securitytracker.com:
Macallan Mail Solution Lets Remote Users Deny Service With a Long '?' URL. Read more

securitytracker.com:
KorWeblog 'install/index.php' Include File Flaw Lets Remote Users Execute Arbitrary Code. Read more

02 January 2005

Tools
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. Release 1.1.9 available.

 

Vulnerabilities & Exploits
securitytracker.com:
ArGoSoft FTP Server Discloses Username Status to Remote Users. Read more

 

News:
www.pcworld.com:
Protect Yourself From Audio Adware. Read more

www.washingtonpost.com:
Trouble Can Be Downloaded Along With Music. Read more

www.theregister.co.uk:
Trojan Horse Christmas. Read more

www.theregister.co.uk:
Firm gives P2P networks adware infection. Read more

www.earthtimes.org:
Santy worm meets its cousin. Read more

01 January 2005

A Happy and Safe New Year

Tools
trifinite.org:
Blooover is a tool that is intended to serve as an audit tool that people can use to check whether their phones and phones of friends and employees are vulnerable.

GetFree is a script to automatically download and install open source software on Windows.
At this time, GetFree will download and install the following softwares:
Mozilla Firebird 0.7
Mozilla Thunderbird 0.3
OpenOffice.org 1.1
Gaim 0.71

 

Guides, Papers, etc
trifinite.org:
Hacking Bluetooth enabled mobile phones and beyond. Read more

www.nokia.com:
Bluetooth and Security. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
Microsoft Windows NetDDE Remote Buffer Overflow Exploit (MS04-031). Read more

www.k-otik.com:
Microsoft WINS Remote Code Execution Exploit (MS04-045). Read more

www.milw0rm.com:
ZUCWins 0.1 - Wins 2000 remote root exploit. Read more

www.milw0rm.com:
(MS04-031) NetDDE buffer overflow vulnerability PoC. Read more

www.milw0rm.com:
GNU gcc 3.4.3 and below Unchecked Length Fields Local Root Exploit. Read more

www.debian.org:
DSA-621-1 cupsys -- buffer overflow. Read more

 

News:
www.zdnet.co.uk:
Anti-Santy worm spreads. Read more

www.eweek.com:
New Santy Mutant Offers 'Help'. Read more

p2pnet.net:
Overpeer's latest dirty trick. Read more

www.pcworld.com:
Risk Your PC's Health for a Song? Read more

www.webuser.co.uk:
Be alert for a virus-ridden 2005. Read more

www.internetweek.com:
Netsky Takes The Biggest Worm Of 2004 Award. Read more

informationweek.com:
Antivirus Vendor Ranks Downloader.GK Trojan As Worst Of 2000. Read more

news.zdnet.co.uk:
Netcraft plug-in aims to thwart phishers. Read more

www.techtree.com:
Ask IE For Help, Get a Trojan. Read more

www.shannonknowshpc.com:
HP Puts Worms and Viruses in Slow Lane. Read more

www.newsfactor.com:
2004: The Changing Face of Spam. Read more


Copyright� MegaSecurity.org