Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!
News Archive    Translate Traducen
News March 20002
31 March 2002

New trojan(s):
HellzAddiction 1.10 Beta

Alerter

Darksun

News:
www.intersectalliance.com:
Linux Security Configuration Document. Read more

online.securityfocus.com:
Microsoft Internet Explorer Cookie Based Script Execution Vulnerability. Read more

online.securityfocus.com:
LibNewt Library Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
SGI IRIX Operating System HOSTALIASES Environment Variable Flaw Lets Local Users Cause Privileged Processes to Dump Core. Read more

www.securitytracker.com:
Veridis OpenKeyServer Allows Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft Outlook Web Access With SecurID Authentication May Allow Remote Users to Avoid the SecurID Authentication in Certain Cases. Read more

www.securitytracker.com:
WWWIsis Search Engine CGI Allows Remote Users to Execute Commands and View Files on the System. Read more

www.securitytracker.com:
SGI IRIX Operating System RPC Bug Lets Remote Users Deny Service to Some RPC-based Services. Read more

www.securitytracker.com:
Oracle Database Server TNS Listener Can Be Crashed By Remote Users With a One Byte TCP Packet. Read more

www.securitytracker.com:
SquirrelMail Lets Remote Users Execute Arbitrary Commands By Appending Cookie-based Commands to the $THEME Variable. Read more

www.securitytracker.com:
PostNuke 'user.php' Flaw Lets Remote Users Specify a Remote Server Path for the $caselist Variable, Allowing Arbitrary Code to Be Executed on the PostNuke Server. Read more

www.securitytracker.com:
Microsoft Internet Explorer Browser Security Zone Flaw Lets Remote Users Cause Cookie-based Scripts to Be Executed on Another User's Browser in the Incorrect Security Domain. Read more

www.securitytracker.com:
ht://Dig Search Engine Bug Lets Remote Users Determine the Configuration File Directory Path. Read more

www.securitytracker.com:
Citrix NFuse Publishing Server Lets Remote Authenticated Users View Files Located Outside of the Web Root Directory. Read more

www.securitytracker.com:
Analog Web Log File Analysis Tool Allows Cross-Site Scripting Attacks. Read more

www.tech-report.com:
Serious security flaws in Windows, IE go public. Read more

www.theinquirer.net:
Microsoft updates security breach � part III. Read more

www.guardcentral.com:
User Alert: Three Notable Viruses Detected in the Space of a Week. Read more

zdnet.com.com:
Judge: FBI must cough up Carnivore info. Read more

www.vnunet.com:
Cryptome dishes the Dirt. Read more

30 March 2002

New trojan(s):
Die Hard Horse

Socia

NetBoy 1.0

News:
www.anticracking.sk:
DebPloit uses a hole in the NT/2000 debugging subsystem and allows ANY user with ANY privileges (even Guest and Restricted user) to execute processes in the security context of an administrator or a local system (SYSTEM) account. Read more

www.splint.org:
Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. Read more

online.securityfocus.com:
PostNuke caselist Arbitrary Module Include Vulnerability. Read more

online.securityfocus.com:
Citrix Nfuse boilerplate.asp Web Root Disclosure Vulnerability. Read more

online.securityfocus.com:
SquirrelMail Theme Remote Command Execution Vulnerability. Read more

www.securiteam.com:
Citrix NFuse Directory Traversal with boilerplate.asp. Read more

www.securiteam.com:
Root Compromise through LogWatch (Exploit code). Read more

www.securiteam.com:
Exploiting the Zlib Bug in OpenSSH. Read more

www.securiteam.com:
Solaris Login Remote Exploit (via telnetd). Read more

www.securiteam.com:
phpBB2 Remote Execution Command (db.php). Read more

www.securiteam.com:
SunSolve CD CGI Scripts Allows Remote Command Execution. Read more

www.securiteam.com:
XTux Arena Vulnerable To a Denial of Service. Read more

www.securiteam.com:
Citadel/UX Server Remote DoS Attack Vulnerability. Read more

www.securitytracker.com:
Microsoft Internet Explorer Discloses The Existence of and Details of Local Files to Remote Users. Read more

www.securitytracker.com:
Xchat '/dns' Command Bug May Let Remote Users Execute Arbitrary Commands on the Client Software. Read more

www.securitytracker.com:
Cisco CallManager Memory Leak Lets Remote Users Cause the Server to Crash and Reload. Read more

www.securitytracker.com:
LogWatch Temporary File Race Condtion Lets Local Users Gain Root Access. Read more

online.securityfocus.com:
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers. Read more

www.extremetech.com:
Norton Antivirus misses worms with unusually capitalized headers. Read more

www.computing.vnunet.com:
Bin Laden steps up holy war via email. Read more

zdnet.com.com:
A hacker's dreamland: wireless networks. Read more

www.eweek.com:
Experts Debate Risks to Crypto. Read more

www.informationweek.com:
Network Associates Renews Bid For McAfee.com. Read more

www.gcn.com:
Gilmore warns of threat to information systems. Read more

29 March 2002

New trojan(s):
Snape 1.0

RedShad 1.01

Dizer

Microsoft Security Bulletin MS02-015
28 March 2002 Cumulative Patch for Internet Explorer. Read more

www.insecure.org:
nmap-2.54BETA31 is released. Read more

Winfingerprint v0.4.2
Advanced remote windows OS detection. Runs on Windows NT and 2000. Read more

www.debian.org:
DSA-125-1 analog -- cross-site scripting. Read more

www.debian.org:
DSA-124-1 mtr -- buffer overflow. Read more

techupdate.zdnet.com:
MS vs. open source: Security's the same. Read more

packetstormsecurity.nl:
RealSecure Network Intrusion Detection (NIDS) Version 6.0. Read more

online.securityfocus.com:
Microsoft Internet Explorer DYNSRC File Information Disclosure Vulnerability. Read more

online.securityfocus.com:
Cisco CallManager CTI Memory Leak Denial of Service Vulnerability. Read more

online.securityfocus.com:
Citrix NFuse Cross-Site Scripting Vulnerability. Read more

online.securityfocus.com:
ht://Dig Configuration File Path Disclosure Vulnerability. Read more

online.securityfocus.com:
Linux Kernel d_path() Path Truncation Vulnerability. Read more

online.securityfocus.com:
Veridis OpenKeyServer Cross Site Scripting Vulnerability. Read more

www.securiteam.com:
LDAP Connection Leak in CTI when User Authentication Fails. Read more

www.securiteam.com:
Retrieving Information on Local Files Via Internet Explorer. Read more

www.securiteam.com:
NFuse Cross Site Scripting Vulnerability. Read more

www.securiteam.com:
XChat /dns Command Execution Vulnerability. Read more

www.securitytracker.com:
RCA Cable Modem Denial of Service Error Lets Remote Users Reset the Device. Read more

www.securitytracker.com:
Posadis DNS Server Format String Flaw May Let Remote Users Execute Arbitrary Code on the Server. Read more

www.securitytracker.com:
csSearch Perl-based Search Engine Software Lets Remote Users Execute Arbitrary Perl Scripts on the System. Read more

www.securitytracker.com:
Etnus TotalView Source Debugger File Permission Settings May Let Local Users Obtain Elevated Privileges on the System. Read more

www.securitytracker.com:
Squid Proxy Caching Server Heap Overflow in Processing Compressed DNS Responses Could Allow Remote DNS Servers to Crash the Service. Read more

www.securitytracker.com:
SouthWest Talker (Chat) Server Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
Instant Web Mail PHP-based Mail Client May Let Remote Users Cause Arbitrary POP Commands to Be Executed on Another User's Mail System. Read more

www.securitytracker.com:
Linux Kernel 'd_path' Truncation Flaw May Allow a Local User to Cause a Privileged Process to Operate on an Arbitrary Directory Path. Read more

www.vnunet.com:
Bug-beaters seek standards. Read more

www.infoworld.com:
Microsoft offers fix for two IE security holes. Read more

www.pcworld.com:
New Windows NT/2000 Security Flaw. Read more

www.bizjournals.com:
Cyber security: It's all about vigilance. Read more

zdnet.com.com:
eBay: An invitation to hackers? Read more

www.vnunet.com:
Exclusive: hackers make chop suey of wireless security. Read more

www.vnunet.com:
Web security guidelines say technology is not enough. Read more

www.mlive.com:
Phone hackers stick city for $15,000. Read more

28 March 2002

New trojan(s):
Akosch4

BackSocket 5.0

MOTD

News:
CERT.Uni-Stuttgart.DE:
The chsystem program can be used to change permissions of named objects to SYSTEM-only access, if a vendor neglected to set proper permissions. Read more

GreyMagic Security Advisory GM#003-IE
Retrieving information on local files in IE. Read more

Cisco Security Advisory:
LDAP Connection Leak in CTI when User Authentication Fails. Read more

www.it-checkpoint.net:
phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Squid Compressed DNS Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
SouthWest Talk Server Denial of Service Vulnerability. Read more

online.securityfocus.com:
Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability. Read more

www.securitytracker.com:
WebSight Directory System Allows Remote Users to Conduct Cross-Site Scripting Attacks Against Directory Users. Read more

www.securitytracker.com:
AlGuest Web-based Guestbook Lets Remote Users Access the Guestbook With Administrator Privileges. Read more

www.securitytracker.com:
Progress Database Buffer Overflow May Let Local Users Gain Root Privileges. Read more

www.securitytracker.com:
DCShop Shopping Cart Lets Remote Users Delete the Database Setup File Using a Null-byte Attack. Read more

star-techcentral.com:
Rampant attacks on home PCs. Read more

www.computing.vnunet.com:
Boffins fight hackers with the Therminator. Read more

www.eweek.com:
Experts Debate Risks to Crypto. Read more

www.wired.com:
Next Virus Exploit: Media Player? Read more

www.bizreport.com:
Virus Industry's Research Center Runs Out Of Money. Read more

www.theregister.co.uk:
Drive-by hacking linked to cyberterror. Read more

news.bbc.co.uk:
Wireless London is wide open. Read more

27 March 2002

New trojan(s):
HoneyPot 1.2

Ptsnoop

Ders

www.debian.org:
DSA-123-1 listar -- remote exploit. Read more

www.sans.org:
A report about a backdoor tool that was found on some of our RedHat 4.x Linux boxes. Read more

online.securityfocus.com:
WebSight Directory System Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Alguest Cookie Falsification Vulnerability. Read more

www.securiteam.com:
Keyservers Cross Site Scripting (When CSS Gets Dangerous). Read more

www.securiteam.com:
SouthWest Telnet Server Vulnerable to a DoS. Read more

www.securiteam.com:
d_path() Truncating Excessive Long Path Name Vulnerability. Read more

ww.securiteam.com:
Etnus TotalView Default Ownership Problems. Read more

www.securiteam.com:
Instant Web Mail Additional POP3 Commands and Mail Headers. Read more

www.securiteam.com:
WebSight Directory System Vulnerable to Cross Site Scripting Bug. Read more

www.securiteam.com:
Cookie Vulnerability in AlGuest Guestbook (Administrative rights). Read more

www.theregister.co.uk:
AV vendors sell 'blunt razor blades'. Read more

www.theregister.co.uk:
Virus WildList closed 'until further notice'. Read more

www.silicon.com:
Come on, own up: IT managers leave firewalls open for hackers. Read more

www.infoconomy.com:
Public encryption keys �are no longer secure�. Read more

www.computing.vnunet.com:
1024-bit encryption is 'compromised'. Read more

www.theregister.co.uk:
Microsoft .NET promo reveals personal info. Read more

www.theregister.co.uk:
Panel debates Samaritan-hack amnesty. Read more

www.msnbc.com:
Wireless worries in a 9/11 world, Read more

www.zdnet.com:
Go away! How to keep hackers out of your wireless network. Read more

www.silicon.com:
Melissa virus: have we learned anything? Read more

26 March 2002

New trojan(s):
Trojan for Pitbul 1.0

Tasmer version a

www.ppp-design.de:
websight directory system: cross-site-scripting bug in in WebSight Directory System. Read more

online.securityfocus.com:
Linux Directory Penguin NSLookup Perl Script Arbitrary File Reading Vulnerability. Read more

online.securityfocus.com:
PostNuke Cross Site Scripting Vulnerability. Read more

security-protocols.com:
Exploiting the Zlib Bug in OpenSSH. Read more

news.com.au:
File sharing will drive viruses. Read more

online.securityfocus.com:
Panel Debates Hacker Amnesty. Read more

zdnet.com.com:
Hackers attack eBay accounts. Read more

www.computing.co.uk:
BT publishes private network numbers. Read more

www.idgnet.co.nz:
Warriors to demo DDoS defence. Read more

25 March 2002

New trojan(s):
Joker

Zhang

www.securitytracker.com:
PCI NetSupport Manager Directory Traversal Flaw Lets Remote Users View Files Located Anywhere on the Managed Host. Read more

www.securitytracker.com:
News-tnk Input Validation Error Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Board-tnk Bulletin Board Forum Input Validation Bugs Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
PostNuke Multiple Input Validation Flaws Allow Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
WorkforceROI's Intellisol Xpede Expense Reporting Software Discloses Passwords to Remote and Local Users. Read more

www.securitytracker.com:
BG GUESTBOOK Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Gravity Software's Service Pack Manager 2000 Default Directory Permissions Let Local Users Modify Operating System Files and Gain Full Control of the System.. Read more

www.securitytracker.com:
Built-In Guestbook Stand-Alone Module (Big Sam) Lets Remote Users Consume CPU Resources or Determine the Web Root Installation Path. Read more

www.securitytracker.com:
Penguin Traceroute Perl Script Input Filtering Flaw Lets Remote Users Execute Commands on the System. Read more

www.securitytracker.com:
HP Webproxy for HP-UX VVOS Operating System May Forward Certain HTTP Requests to the Internal Network Without Fully Processing the Packet Against the Rule Set. Read more

ntbugtraq.ntadvice.com:
The 4th Annual NTBugtraq Retreat. Read more

www.idg.net:
Outlook Users Warned to Look Out. Read more

www.faz.com:
Protecting Against An Army of Hackers. Read more

techupdate.zdnet.com:
Hired hackers worth the cost. Read more

www.philly.com:
Drive-by hackers hunt free, easy Web access. Read more

zdnet.com.com:
Sax-playing Clinton worm stages attack. Read more

www.dawn.com:
Boy held in first e-mail spamming case. Read more

24 March 2002

New trojan(s):
Habiti

Daodan 1.24

online.securityfocus.com:
WorkforceROI Xpede Re-Authentication Plain Text Password Disclosure Vulnerability. Read more

online.securityfocus.com:
WorkforceROI Xpede Weak Password Encryption Vulnerability. Read more

online.securityfocus.com:
HP Praesidium Webproxy Unauthorized Access Vulnerability. Read more

online.securityfocus.com:
Qualcomm Eudora WebBrowser Control Embedded Media Player File Vulnerability. Read more

online.securityfocus.com:
Microsoft Outlook IFrame Embedded Media Player File Vulnerability. Read more

online.securityfocus.com:
Microsoft Outlook Disabled Cookies Setting Bypass Vulnerability. Read more

www.securiteam.com:
www.myownemail.com Vulnerable to Cross Site Scripting. Read more

www.securiteam.com:
Web Traversal Vulnerability in PCI NetSupport Manager. Read more

www.securiteam.com:
Vulnerability in Apache for Win32 Batch File Processing (Remote Command Execution). Read more

www.securiteam.com:
Norton Antivirus Content Filter and Virus Protection Can By Passed. Read more

www.securiteam.com:
Questionable Security Policies in Outlook 2002. Read more

www.securiteam.com:
VBA Workaround for Automatic Execution. Read more

www.securiteam.com:
How Outlook 2002 Can Still Execute JavaScript in an HTML Email Message. Read more

www.securiteam.com:
Automatically Opening Internet Explorer and Execution of Attachments (WebBrowser). Read more

www.securiteam.com:
Intellisol XPede Exposes Passwords. Read more

www.securiteam.com:
Gravity Storm Service Pack Manager 2000 Share Vulnerability. Read more

www.securiteam.com:
phpBB Still Suffers From a Cross Site Scripting Vulnerability (Edit). Read more

www.securiteam.com:
Bypassing Libsafe Format String Protection. Read more

www.securiteam.com:
Hosting Controller Directory Traversal Madness. Read more

www.securiteam.com:
Big Sam (Built-In Guestbook Standalone Module) Contains Multiple Vulnerabilities

www.securitytracker.com:
Apache Web Server for Windows Has Batch File Processing Hole That Lets Remote Users Execute Commands on the System. Read more

www.securitytracker.com:
Imlib Image Loader malloc() Argument Bug May Let Local Users Execute Arbitrary Code on the System. Read more

www.nandotimes.com:
Air Force base reports major hacking attempt. Read more

www.siliconvalley.com:
Foreign hackers tried to enter Air Force Base computer network, officials say. Read more

www.ananova.com:
Hackers attack US Air Force Base. Read more

www.cio.com:
The Truth About Cyberterrorism. Read more

www.theregister.co.uk:
Bill Clinton virus proves user security sucks. Read more

www.newsbytes.com:
'Bill Clinton' Worm Gets Around - Experts. Read more

www.windowsitsecurity.com:
Securing Your Wireless Networks. Read more

www.theregister.co.uk:
Vendors sharpen tools to thwart DoS attacks. Read more

www.msnbc.com:
Hackers attack sites in infancy. Read more

www.theregister.co.uk:
Scientologists gag Google. Read more

23 March 2002

New trojan(s):
NOSecure 1.2 by Khaos

David

www.laurentconstantin.com:
Lcrzoex, network testing toolbox. Read more

About D.I.R.T by Doc

GreyMagic Security Advisory GM#002-IE
Automatically opening IE + Executing attachments. Read more

www.planetpdf.com:
Web site editor illustrates how Mac OS X can circumvent PDF security. Read more

online.securityfocus.com:
ISS RealSecure for Nokia IDS Devices Default KeyAdministrator Entry Vulnerability. Read more

online.securityfocus.com:
PHP Nuke Error Message Web Root Disclosure Vulnerability. Read more

online.securityfocus.com:
Libsafe Format String Unimplemented Specifier Exploitation Vulnerability. Read more

online.securityfocus.com:
Libsafe Argument Number Format String Check Bypass Vulnerability. Read more

online.securityfocus.com:
Foundry Networks EdgeIron SNMP Community String Read-Write Vulnerability. Read more

online.securityfocus.com:
Webmin Insecure Directory Permissions Vulnerability. Read more

online.securityfocus.com:
Webmin Script Code Input Validation Vulnerability. Read more

www.securitytracker.com:
Microsoft .NET Unspecified Vulnerabilities May Allow a Remote User to Cause Arbitrary Code to Be Executed on Another User's System. Read more

www.securitytracker.com:
Foundry Networks EdgeIron Switches Let Remote Users Access SNMP With Any Community Name. Read more

www.securitytracker.com:
vBulletin Forum Software Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Ikonboard Bulletin Board IMG Tag Javascript Filtering Can Be Bypassed By Remote Users, Allowing Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Internet Security Systems RealSecure Intrusion Detection System for Nokia Appliances Inadvertently Includes a Built-in KeyManager Account That Could Allow a Remote User to Control the System. Read more

www.securitytracker.com:
Webmin System Management Tool Lets Local Users Determine the Root User's Webmin Session ID and Gain Webmin Access as the Root User. Read more

www.securitytracker.com:
Caldera/SCO Calendar Manager Service (rpc.cmsd) Buffer Overflow Lets Remote Users Execute Arbitrary Code on the System With Root Privileges. Read more

www.securitytracker.com:
Libsafe Libary Security Function Format String Protections Can Be Bypassed. Read more

www.securitytracker.com:
Macromedia Standalone Flash Player 'fscommand:save' Lets Malicious Flash Media Files Execute Arbitrary Code on the User's Host. Read more

www.securiteam.com:
Default SNMP Configuration Issue with Foundry Networks EdgeIron 4802F. Read more

www.securiteam.com:
KeyManager Issue in ISS RealSecure on Nokia Appliances. Read more

www.securiteam.com:
Local Privilege Escalation Issues with Webmin. Read more

www.securiteam.com:
Penguin TraceRoute Allows Remote Command Execution. Read more

www.pcworld.com:
File-Deleting Bill Clinton Virus Reported. Read more

rtnews.globetechnology.com:
New virus disguised as Clinton screensaver. Read more

www.crn.com:
Internet Worm Disguised As Clinton Cartoon Spreads. Read more

www.wired.com:
Just Don't Call It a Hacker Camp. Read more

www.vnunet.com:
Hackers 'could gain missile secrets'. Read more

www.vnunet.com:
Prepare for new SNMP-type threats. Read more

www.uniontrib.com:
Courtroom antics keep tech hacker behind bars. Read more

www.osopinion.com:
Image Password Potential Doubtful, Say Analysts. Read more

www.newsfactor.com:
FBI Weighs Fate of Cyber Security Arm. Read more

www.vnunet.com:
Employees hooked on cyber snooping. Read more

22 March 2002

New trojan(s):
Neoturk 1.1

Gibbon version a

shh.thathost.com:
Client Side Trojans.
How attackers may give their victims offers on behalf of a target web site and thereby tricking them into doing something they never intended to do. Read more

www.computerbytesman.com:
Serious privacy problems in Windows Media Player for Windows XP. Read more

www.computerbytesman.com:
The Cookie Leak Security Hole in HTML Email messages. Read more

www.computerbytesman.com:
Internet Explorer SuperCookies bypass P3P and cookie controls. Read more

online.securityfocus.com:
Macromedia Flash Undocumented Action File Access Vulnerability. Read more

online.securityfocus.com:
Multiple Vendor JavaScript Interpreter Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Microsoft MSN Messenger Message Spoofing Vulnerability. Read more

online.securityfocus.com:
VBulletin Cross-Site Scripting Vulnerability. Read more

www.securitytracker.com:
ARSC Really Simple Chat Server Discloses Web Root Directory Location to Remote Users. Read more

www.securitytracker.com:
Microsoft Internet Explorer Can Be Crashed By Malicious 'location.replace' Javascript. Read more

www.securitytracker.com:
PHP safe_mode Restrictions Can Be Bypassed By Remote Users Via the 'move_uploaded_file' Function. Read more

www.securitytracker.com:
Hosting Controller Web Hosting Software ASP Script Validation Bugs Let Remote Users Edit and Delete Any Files on the System, Giving the Remote Users Full Control of the System. Read more

www.securitytracker.com:
FreeBSD, NetBSD, and OpenBSD TCP Implementation Errors Fail to Reject TCP Broadcast Connection Requests from Remote Users. Read more

cryptome.org:
DIRT and South Africa. Read more

CERT� Incident Note IN-2002-03
Social Engineering Attacks via IRC and Instant Messaging. Read more

www.computeruser.com:
'Microsoft' e-mail Trojan harvests new victims. Read more

www.eweek.com:
Microsoft Warns of JVM Vulnerability. Read more

timesofindia.indiatimes.com:
Microsoft looks to images to enhance security. Read more

news.com.com:
Microsoft Outlook's so-so security. Read more

www.zdnet.com:
Stop hackers in their tracks with this personal firewall. Read more

news.com.com:
Spam flood forces companies to take desperate measures. Read more

21 March 2002

New trojan(s):
Remote Operations 2.0

Indexer version a

online.securityfocus.com:
Linux 2.4 UDP Constant IP Identification Field Fingerprinting Vulnerability. Read more

online.securityfocus.com:
Multiple Vendor Java Virtual Machine Bytecode Verifier Vulnerability. Read more

online.securityfocus.com:
Big Sam Web Root Disclosure Vulnerability. Read more

online.securityfocus.com:
PHPNetToolpack Remote Command Execution Vulnerability. Read more

online.securityfocus.com:
BSD TCP/IP Broadcast Connection Check Vulnerability. Read more

online.securityfocus.com:
Hosting Controller Weak Permissions Checking Vulnerability. Read more

online.securityfocus.com:
Multiple Vendor Java Web Start Unsigned Application Vulnerability. Read more

online.securityfocus.com:
BitVise WinSSHD Numerous Connections DoS Vulnerability. Read more

online.securityfocus.com:
PHP Nuke Account Compromise Vulnerability. Read more

online.securityfocus.com:
PHPNetToolpack Insecure Search Path Vulnerability. Read more

www.securitytracker.com:
Sun Java Runtime Environment (JRE) Bytecode Verifier Casting Bug Lets Arbitrary Code Execute Outside of the Java Security Sandbox. Read more

www.securitytracker.com:
Sun Java Web Start Bug in Java Networking Launching Protocol (JNLP) Lets Remote Users Create Unsigned Applets That Can Access Restricted Resources. Read more

www.securitytracker.com:
PHP Net Toolpack Input Filtering Hole Lets Remote Users Execute Commands on the System. Read more

www.securitytracker.com:
phpBB Relative Include Path Bug Lets Remote Users Execute Arbitrary PHP on the Server. Read more

www.securitytracker.com:
Bitvise WinSSHD Protocol State Error Allows Remote Users to Cause the Secure Shell Server to Stop Accepting Incoming Connections. Read more

zdnet.com.com:
CERT warning: Oldest IM tricks work best. Read more

www.newsfactor.com:
'Social Engineering' Spreads New Plague of Web Chat Viruses. Read more

www.bizplus.ie:
Irish Honeynet Launched To Track Hackers. Read more

hoovnews.hoovers.com:
SGI warns of Apache-IRIX vulnerability (ZDNet News ZDNN). Read more

www.newsbytes.com:
'Microsoft' E-Mail Trojan Harvests New Victims. Read more

www.silicon.com:
Microsoft admits to another Java security hole. Read more

abcnews.go.com:
Police Flat-Footed in Cyber Crimes. Read more

www.washtech.com:
Hackers Deface Thousands Of Domains Parked At Verisign. Read more

www.sfgate.com:
Hacker suspect sent to jail after hearing. Read more

news.zdnet.co.uk:
Hackers can come in through the front door. Read more

digitalmass.boston.com:
FBI considering changes to cyber-security unit. Read more

www.theregister.co.uk:
Instant message, cracker tricks. Read more

20 March 2002

New trojan(s):
NeoCity 1.0

Orig

cryptome.org:
* DIRT Release Feedback. Read more

www.finjan.com:
Java Virtual Machine Verifier Exploit. Read more

ENCODE Security Paper (ESP0202):
An empirical analysis of the RVP-based Instant Messaging (MSN Messenger Service v3.6)(pdf). Read more

DSA-121-1
xtell -- buffer overflow, symlink problem, ".." directory traversal, Read more

DSA-122-1
zlib -- malloc error (double free). Read more

www.security.nnov.ru:
Bypassing Content Filtering Software. Read more

www.securitytracker.com:
Microsoft Internet Explorer (IE) 6 Lets Remote Users Cause Files to Be Downloaded and Executed Without the Knowledge or Consent of the Victim. Read more

www.securitytracker.com:
Lotus Domino 'bindsock' PATH Buffer Overflow Lets Local Users Execute Arbitrary Code with Root Privileges on the System. Read more

www.securitytracker.com:
Lotus Domino Notes_ExecDirectory Buffer Overflow Lets Local Users Obtain Root Privileges on the System. Read more

www.securitytracker.com:
Lotus Domino 'bindsock' Symlink Flaw Lets Local Users Create Files on the System with Root Privileges. Read more

www.securiteam.com:
PhpBB2 Remote Command Execution. Read more

www.securiteam.com:
VBScript Handling in IE can Allow Web Pages to Read Local Files. Read more

www.securiteam.com:
BitVise WinSSH Denial of Service. Read more

www.securiteam.com:
PHP Nuke Path Disclosure Vulnerability through Modules.php. Read more

digitalmass.boston.com:
Microsoft Warns of Java Security Hole in Windows. Read more

www.zdnet.com:
Want to stop viruses? Let script kiddies play in the sandbox. Read more

www.computeruser.com:
Security bug disclosure standard dead in the water. Read more

www.newsbytes.com:
US, South Korea Launch Pads For Most Cyber-Attacks. Read more

19 March 2002

New trojan(s):
AlphaDog

Kenny

Microsoft Security Bulletin MS02-013 (Version 2.0). Read more

phpbb.sourceforge.net:
Potential security problem with all non-CVS versions. Read more

www.securiteam.com:
PhpBB2 Remote Command Execution. Read more

www.securiteam.com:
Vulnerability in URI parsing code of Foundry Networks ServerIron Allows to Bypass Rules. Read more

www.securiteam.com:
Another Buffer Overflow in Talentsoft's Web+. Read more

www.securiteam.com:
BitVise WinSSH Denial of Service. Read more

www.securiteam.com:
PHP Nuke Path Disclosure Vulnerability through Modules.php. Read more

www.securitytracker.com:
Lotus Domino 'bindsock' PATH Buffer Overflow Lets Local Users Execute Arbitrary Code with Root Privileges on the System. Read more

www.securitytracker.com:
Lotus Domino Notes_ExecDirectory Buffer Overflow Lets Local Users Obtain Root Privileges on the System. Read more

www.securitytracker.com:
Lotus Domino 'bindsock' Symlink Flaw Lets Local Users Create Files on the System with Root Privileges. Read more

www.securitytracker.com:
Qualcomm Qpopper E-mail Server Denial of Service Bug Lets Remote Users Crash the POP3 Server. Read more

www.securitytracker.com:
X Display Manager Control Protocol (XDMCP) Default Configuration Lets Remote Users Determine Valid User Names on the System and Gain Access to a Remote Console Login Screen. Read more

www.securitytracker.com:
Foundry Networks ServerIron Web Filtering Rules Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
PHProjekt Library Path Include Bug Lets Remote Users Execute Arbitrary PHP Scripts on the Server. Read more

www.securitytracker.com:
Black Tie Project Web Portal Software Discloses Web Document Directory Installation Path to Remote Users. Read more

www.securitytracker.com:
Sketch Vector Drawing Program May Execute Arbitrary System Commands When Previewing a Malicious Sketch File. Read more

www.securitytracker.com:
Microsoft Windows 2000 Automatic Log Off Policy Fails to Expire Sessions in Progress. Read more

online.securityfocus.com:
Heckenkamp Jailed at Court Appearance. Read more

online.securityfocus.com:
Building an Anti-Virus engine. Read more

news.com.com:
Security-flaw guidelines hit pothole. Read more

www.msnbc.com:
Hacking Grows With Internet Use. Read more

www.computeruser.com:
U.S. military scours Windows systems for hacker back doors. Read more

www.computerworld.com:
Hacker exposes financial information at Georgia Tech. Read more

www.computerworld.com:
Virus Alerts Run Amok. Read more

zdnet.com.com:
Study: Hackers take a trip through Asia. Read more

www.nikkeibp.asiabiztech.com:
Security Holes in Wireless LANs 'Everywhere'. Read more

www.vnunet.com:
Security flaws leave Oracle users exposed. Read more

www.newsbytes.com:
Computer Security Lacking At State DMVs � GAO Report. Read more

news.com.com:
States aim for tough Microsoft sanctions. Read more

18 March 2002

New trojan(s):
KillDientes 1.5

Expir

cryptome.org:
H.O.P.E.TM is a system to mass distribute D.I.R.T.TM technology via the internet through a variety of surreptitious means. Read more

www.securitytracker.com:
Qualcomm Qpopper E-mail Server Denial of Service Bug Lets Remote Users Crash the POP3 Server. Read more

www.securitytracker.com:
X Display Manager Control Protocol (XDMCP) Default Configuration Lets Remote Users Determine Valid User Names on the System and Gain Access to a Remote Console Login Screen. Read more

www.securiteam.com:
Command execution in phprojekt. Read more

www.securiteam.com:
PHP FirstPost System Information Path Disclosure Vulnerability. Read more

www.silicon.com:
Microsoft, security, blunder: Make your own headline. Read more

news.independent.co.uk:
Hackers could have exploited net's hidden flaw. Read more

www.msnbc.com:
�It�s Impossible To Build a Completely Secure Network�. Read more

www.computeruser.com:
U.S. military scours Windows systems for hacker back doors. Read more

it.mycareer.com.au:
The secret life of hackers. Read more

english.peopledaily.com.cn:
Chinese Hacker Sentenced to One-Year Imprisonment. Read more

www.sundaytimes.news.com.au:
Tightening the Net. Read more

17 March 2002

New trojan(s):
Armageddon

Delf verion u

www.digitux.net:
A buffer overflow in the ippRead function of CUPS before version 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. Read more

wildsau.idv.uni-linz.ac.at:
The Linux Virus Writing And Detection HOWTO. Read more

online.securityfocus.com:
Oracle 9iAS Apache PL/SQL Module Web Administration Access Vulnerability. Read more

online.securityfocus.com:
Oracle 9iAS PL/SQL OWA_UTIL Unauthorized Stored Procedure Access Vulnerability. Read more

online.securityfocus.com:
Oblix NetPoint Account Lock Bypass Vulnerability. Read more

online.securityfocus.com:
TalentSoft Web+ Web Markup Language Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Foundry Networks ServerIron Encoded URI Load Balancing Bypass Weakness. Read more

www.securitytracker.com:
Windows NT and 2000 Session Manager Debug Hole Lets Local Users Obtain Handles to Any Process or Thread to Obtain Elevated Privileges on the System. Read more

www.securitytracker.com:
Oblix NetPoint Web Access Control System Account Lockout Feature Fails to Lockout Repeated Incorrect Authentication Attempts. Read more

www.securitytracker.com:
X-news PHP News Management System Lets Remote Users Access the Administrator Menu. Read more

www.securitytracker.com:
X-stat Log File Analysis Tool Has Multiple Vulnerabilities That Allow Remote Users to Obtain Information About the System and Conduct Cross-Site Scripting Attacks Against x-stat Administrators. Read more

www.securiteam.com:
Microsoft SQL Server: Buffer Overflows in numerous extended stored procedures. Read more

www.securiteam.com:
Black Tie Project System Information and Path Disclosure Vulnerability. Read more

www.securiteam.com:
FreeBSD Mod_frontpage Port Contains Exploitable Buffer Overflow. Read more

www.securiteam.com:
THC-Hydra, a Parallel Login Hacker. Read more

www.securiteam.com:
mdmchk - detect modem drivers installed on NT systems. Read more

bob.firstcodings.com:
AuthentProtect is a small ISAPI filter that denies IIS authentication based on given usernames. Read more

www.computerworld.com:
New e-mail worm can select native language for recipients. Read more

www.neowin.net:
Australians too smart for new worm. Read more

www.computerworld.com:
IT security pros learn to beat hackers at their own game. Read more

www.computerworld.com:
Serious security flaw found in Linux file compression library. Read more

zdnet.com.com:
Japanese worm on Net rampage. Read more

www.vnunet.com:
Fbound virus nipped in the bud. Read more

www.vnunet.com:
Microsoft fear over zlib flaw. Read more

www.vnunet.com:
Bug Watch: The Engine Room. Read more

16 March 2002

New trojan(s):
NetEyes 1.0

CNK 1.0

www.securitytracker.com:
Foundry Networks ServerIron Web Filtering Rules Can Be Bypassed By Remote Users. Read more

www.securitytracker.com:
PHProjekt Library Path Include Bug Lets Remote Users Execute Arbitrary PHP Scripts on the Server. Read more

www.securitytracker.com:
Black Tie Project Web Portal Software Discloses Web Document Directory Installation Path to Remote Users. Read more

www.securitytracker.com:
Sketch Vector Drawing Program May Execute Arbitrary System Commands When Previewing a Malicious Sketch File. Read more

www.securitytracker.com:
Microsoft Windows 2000 Automatic Log Off Policy Fails to Expire Sessions in Progress. Read more

www.securitytracker.com:
TalentSoft Web+ Application Server Buffer Overflow Gives Remote Users SYSTEM Level Access to the Server. Read more

www.securitytracker.com:
SurfControl SuperScout E-mail Filter Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Pam-pgsql Pluggable Authentication Module (PAM) Input Validation Flaw Lets Remote Users Inject SQL Commands to Be Executed By the Underlying Database Server. Read more

www.securitytracker.com:
Ecartis (Listar) Mailing List Management Software Has Multiple Vulnerabilities That Allow Remote Users to Execute Arbitrary Code and Gain Root Privileges on the System. Read more

www.securiteam.com:
Trend Micro InterScan VirusWall HTTP Proxy Content Scanning Circumvention. Read more

www.securiteam.com:
Ecartis / Listar multiple vulnerabilities. Read more

www.securiteam.com:
GNU fileutils Recursive Directory Removal Race Condition. Read more

www.theregister.co.uk:
Back Orifice for Unix flaw emerges from obscurity. Read more

new.financialexpress.com:
Tracker Gets A Visit From Hacker! Read more

www.msnbc.com:
Hacking Grows With Internet Use. Read more

home.kyodo.co.jp:
Koizumi Web site made visitors' data vulnerable to hackers. Read more

www.theregister.co.uk:
Worm turns Japanese. Read more

15 March 2002

New trojan(s):
D.I.R.T. 2.2  Designed for US Law enforcement agencies, US Intelligence agencies and US Military agencies

Dobol

www.theregister.co.uk:
Law-enforcement DIRT Trojan released. Read more

Microsoft Security Bulletin MS02-006 (version 5.0)
Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run. Read more

CERT� Advisory CA-2002-08
Multiple vulnerabilities in Oracle Servers. Read more

www.it-checkpoint.net:
translation.lycos.com and infoplease.lycos.com allow Cross Site Scripting. Read more

www.secadministrator.com:
Session Authentication URL Exposed in Ipswitch IMail Server. Read more

www.appsecinc.com:
Microsoft SQL Server: Buffer Overflows in numerous extended stored procedures. Read more

online.securityfocus.com:
X-News Insecure User Database Permissions Vulnerability. Read more

online.securityfocus.com:
X-Stat Path Disclosure Vulnerability. Read more

online.securityfocus.com:
X-Stat PHPInfo Information Disclosure Vulnerability. Read more

online.securityfocus.com:
X-Stat Cross-Site Scripting Vulnerability. Read more

online.securityfocus.com:
TalentSoft Web+ Web Markup Language Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
PHP FirstPost Weblog Discloses Web Installation Directory to Remote Users. Read more

www.securitytracker.com:
ZyXEL ZyWALL Security Gateway ARP Processing Bug Lets Users on the Local Network Cause the Security Gateway's Interface to Go Down. Read more

www.securitytracker.com:
Sunsolve CD Cgi Scripts Have Input Validation Holes That Let Remote Users Execute Arbitrary Code on the Server. Read more

www.securitytracker.com:
Marcus S. Xenakis 'directory.php' Input Filtering Hole Lets Remote Users Execute Commands on the Server. Read more

www.securitytracker.com:
Citadel/UX Bulletin Board System SMTP Buffer Overflow Lets Remote Users Crash the Bulletin Board Service. Read more

www.securitytracker.com:
A Multitude of Microsoft SQL Server Extended Stored Procedures Have Buffer Overflows That Allow Remote Users to Crash the Database Server or Execute Arbitrary Code on the Server to Gain Full Control of the System. Read more

www.securitytracker.com:
GNU Fileutils Package Race Condition May Allow Local Users to Cause a Root User to Remove the Entire Filesystem. Read more

www.securitytracker.com:
Php ImgList Image Gallery Script Discloses Files on the System to Remote Users. Read more

www.newsbytes.com:
New Worm Is 'Turning Japanese' (When Needed). Read more

news.com.com:
Microsoft's borrowed code may pose risk. Read more

www.bday.co.za:
Hackers breeding deadlier viruses. Read more

new.financialexpress.com:
Tracker Gets A Visit From Hacker! Read more

online.securityfocus.com:
Cable Modem Hacking Tricks Uncapped Online. Read more

www.macworld.co.uk:
Anti-US hackers hit OS X site. Read more

it.mycareer.com.au:
Murdoch company accused of dirty dealings in a billion-dollar card game. Read more

home.kyodo.co.jp:
Koizumi Web site made visitors' data vulnerable to hackers. Read more

www.cnn.com:
UK study: Passwords often easy to crack. Read more

bermudasun.bm:
Cryptography: It�s not just about keeping things secret. Read more

www.guardian.co.uk:
Murdoch security chief linked to TV piracy site. Read more

14 March 2002

New trojan(s):
Singularity

Barbie

Stealth Tools 1.0 by Gobo

x42.com:
About calculator-in-the-URL. Read more

www.cgisecurity.com:
Anatomy of the Web Application Worm. Read more

d0tslash.def-con.org:
java equivilant of a local exploit using command line arguments. Read more

www.redhat.com:
Vulnerability in zlib library. Read more

www.gzip.org:
partial list of applications and libraries using zlib. Read more

cert.uni-stuttgart.de:
scan for zlib tables in compiled code. Read more

www.nextgenss.com:
NGSSoftware Insight Security Research Advisory. Read more

support.microsoft.com:
Description of Internet Explorer Security Zones Registry Entries. Read more

online.securityfocus.com:
Black Tie Project Path Disclosure Vulnerability. Read more

online.securityfocus.com:
PHP FirstPost Path Disclosure Vulnerability. Read more

online.securityfocus.com:
PHP ImgList Directory Traversal Vulnerability. Read more

online.securityfocus.com:
Zyxel Zywall10 Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Sun Sunsolve CD SSCD_SunCourier.pl CGI Script Arbitrary Command Execution Vulnerability. Read more

online.securityfocus.com:
CaupoShop User Information Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
Trend Micro InterScan VirusWall Content-Length Scan Bypass Vulnerability. Read more

online.securityfocus.com:
Ecartis/Listar Multiple Local Buffer Overflow Vulnerabilities. Read more

www.securitytracker.com:
Caldera OpenServer 'dlvr_audit' Buffer Overflow Lets Local Users Gain Root Level Privileges on the System. Read more

www.securitytracker.com:
XTux Game Server Denial of Service Bug Lets Remote Users Cause the Game Server to Stop Responding. Read more

www.securitytracker.com:
Linksys Cable/DSL VPN Router Uses Weak IPSec Encryption Keys. Read more

www.securitytracker.com:
CaupoShop Input Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks to Steal Customer Data (Including Credit Cards) and Manipulate the Items for Sale in the Store. Read more

www.securitytracker.com:
ALCATech's BPM Studio Pro Audio Mixer Discloses Files Located Anywhere on the System to Remote Users. Read more

www.securitytracker.com:
SMS Server Tools Format String Bugs Let Local Users Cause Commands to Be Executed By the 'smsd' Process. Read more

www.securitytracker.com:
Pi3Web Web Server Discloses Protected Files within the System Web Document Directory to Remote Users. Read more

www.securitytracker.com:
'zlib' Shared Compression Library Contains 'Double Free()' Buffer Overflow That Lets Remote Users Cause Programs Using zlib to Crash or Execute Arbitrary Code. Read more

CERT� Incident Note IN-2002-02
W32/Gibe Malicious Code. Read more

www.fcw.com:
Army securing wireless LAN. Read more

www.eweek.com:
New Attack Intercepts Wireless Net Messages. Read more

www.networknews.co.uk:
Jac virus targets Linux. Read more

www.networknews.co.uk:
Vendors losing the security war. Read more

www.networknews.co.uk:
Plug and pray with Windows XP. Read more

www.newsbytes.com:
Internet Explorer Exploit Gives Windows XP Users The Boot. Read more

www.computeruser.com:
Backdoor worm disguised as Microsoft security bulletin. Read more

www.guardian.co.uk:
How codebreakers cracked the secrets of the smart card. Read more

www.theregister.co.uk:
Murdoch company cracked our smartcard, claims Canal+. Read more

www.newsbytes.com:
Cable Modem Hacking Tricks Uncapped Online. Read more

www.networknews.co.uk:
Tighten up or hackers will go free. Read more

www.japantimes.co.jp:
Japan firms open to hackers: group. Read more

newsbytes.com:
Teen Hacker's Offer To Help Leads To Felony Charges. Read more

www.theregister.co.uk:
Factoring gains won't break strong crypto - Schneier. Read more

13 March 2002

New trojan(s):
Bigorna 1.0

F-Backdoor 1.3

www.appsecinc.com:
Microsoft SQL Server: Buffer Overflows in numerous extended stored procedures. Read more

razor.bindview.co:
IIS SMTP component allows mail relaying via Null Session. Read more

razor.bindview.co:
Strategies for Defeating Distributed Attacks. Read more

www.digitaloffense.net:
zlib Compression Library Corrupts malloc Data Structures via Double Free. Read more

www.sys-security.com:
Trace-Back. A Concept for Tracing and Profiling Malicious Computer Attackers. (pdf) Read more

online.securityfocus.com:
GNU Fileutils Directory Removal Race Condition Vulnerability. Read more

online.securityfocus.com:
GNU zlib Compression Library Heap Corruption Vulnerability. Read more

online.securityfocus.com:
John Roy Pi3Web Path Disclosure Vulnerability. Read more

online.securityfocus.com:
John Roy Pi3Web File Disclosure Vulnerability. Read more

www.securiteam.com:
Checkpoint FW1 SecuRemote/SecureClient "re-authentication" (client side hacks of users.C). Read more

www.securiteam.com:
mIRC DCC Server Security Flaw. Read more

www.securiteam.com:
Double Free Bug in zlib Compression Library. Read more

www.securiteam.com:
Various Vulnerabilities in Norton Anti-Virus 2002. Read more

www.securiteam.com:
Windows Shell Overflow (Additional Information). Read more

www.securitytracker.com:
PHP-Nuke Cross-site Scripting Flaw in Private Messages Lets Remote Users Steal PHP-Nuke User Cookies. Read more

www.securitytracker.com:
Cobalt XTR User Interface Access Control Issue and File Uploading Authentication Bug Let Local Users Write to Files with Root Privileges. Read more

www.securitytracker.com:
Ipswitch IMail Server Discloses Authentication Tokens to Remote Users Letting Remote Users Access Other User Accounts. Read more

www.theregister.co.uk:
*Nix security pandemic - major zlib/libz vuln. Read more

www.usatoday.com:
Air Force seeks better security from Microsoft. Read more

www.newsbytes.com:
Software Bug Could Threaten Security Of Linux Systems. Read more

news.com.au:
E-trade at risk with old keys. Read more

asia.cnet.com:
Grid computing boosts hacker network. Read more

www.belfasttelegraph.co.uk:
Cracking Computer crime. Read more

media.guardian.co.uk:
Murdoch company in $1bn TV piracy row. Read more

12 March 2002

New trojan(s):
Osiris

Insurector 2.0

Microsoft Security Bulletin MS02-006
Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run. Read more

www.ppp-design.de:
cross-site-scripting bug in CaupoShop (and probably in CaupoShopPro). Read more

isec.pl:
Race condition in various utilities from fileutils GNU package may cause root user to delete the whole filesystem. Read more

isec.pl:
Multiple buffer overflow vulnerabilities as well as improper privilege dropping in Ecartis/Listar may lead to root compromise. Read more

www.gzip.org:
zlib Compression Library Corrupts malloc Data Structures via Double Free. Read more

www.debian.org:
DSA-120-1 mod_ssl -- buffer overflow. Read more

www.debian.org:
DSA-119-1 ssh -- local root exploit, remote client exploit. Read more

online.securityfocus.com:
SurfControl Email Filter for SMTP HELO Denial of Service Vulnerability. Read more

online.securityfocus.com:
XTux Server Garbage Denial of Service Vulnerability. Read more

online.securityfocus.com:
Menasoft SPHEREserver .99 Denial of Service Vulnerability. Read more

online.securityfocus.com:
Linux kernel 2.4.18 iBCS IPC signal handling Vulnerability. Read more

www.securiteam.com:
Vulnerabilities in Multiple RADIUS Clients and Servers. Read more

www.securiteam.com:
Java HTTP Proxy Vulnerability (Additional Details). Read more

www.securiteam.com:
Unchecked Buffer in Windows Shell Could Lead to Code Execution. Read more

www.securiteam.com:
Pi3Web File-Disclosure/Path Disclosure. Read more

www.securiteam.com:
The Feasibility of Attacking Windows 2000 Kerberos Passwords. Read more

www.securiteam.com:
IPv4 Forwarding Doesn't Consult Inbound SPD in KAME-derived IPSec. Read more

www.securiteam.com:
Directory.php Allows Arbitrary Code Execution. Read more

www.securiteam.com:
Cobalt Raq XTR Combination Attack (Remote/Local). Read more

www.linuxsecurity.com:
Significant Vulnerability Afflicts Linux Systems. Read more

www.inside-security.de:
Trend Micro InterScan VirusWall HTTP proxy content scanning circumvention. Read more

mail.gnu.org:
rm - recursive directory removal race condition. Read more

isec.pl:
Developing StrongARM/Linux shellcode. Read more

www.philzimmermann.com:
Philip Zimmermann, Creator of PGP. Read more

www.computerworld.com:
SNMP Vulnerability Offers 3,200 Reasons to Worry. Read more

zdnet.com.com:
Flaw weakens Linux computers. Read more

www.idg.net:
Virus alerts lack standards. Read more

www.businessweek.com:
Hacking al Qaeda's Secrets. Read more

abcnews.go.com:
Hacker Or Security Crusader? Read more

www.theregister.co.uk:
ICQ hack theories flood into Vulture Central. Read more

www.fresnobee.com:
Feds step up cybercrime battle in Fresno. Read more

www.idg.net:
Study: Web Exposes Data on CIA Networks. Read more

www.newsbytes.com:
'Eddie Murphy' Hackers Demand Ransom From Rock Band. Read more

www.eweek.com:
Enron: Security Woes, Too? Read more

www.siliconvalley.com:
Hackers' next target? Cell phones. Read more

www.nandotimes.com:
Application service providers urged to ensure security. Read more

11 March 2002

New trojan(s):
Elf 1.0

Sean

eyeonsecurity.net:
IMail Account hijack through the Web Interface. Read more

sunsolve.sun.com:
SUN Security Bulletin: HttpURLConnection. Read more

online.securityfocus.com:
Improved mod_frontpage Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Linksys BEFVP41 Key Truncation Encryption Weakening Vulnerability. Read more

online.securityfocus.com:
Xerver Multiple Request Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Microsoft Windows 2000 Password Policy Bypass Vulnerability. Read more

online.securityfocus.com:
Cobalt RaQ XTR MultiFileUpload.php Authentication Bypass Vulnerability. Read more

online.securityfocus.com:
Check Point FW-1 SecuClient/SecuRemote Client Design Vulnerability. Read more

online.securityfocus.com:
Xerver Directory Traversal Vulnerability. Read more

online.securityfocus.com:
Symantec Norton AntiVirus Excluded Filetype Email Protection Bypass Vulnerability. Read more

online.securityfocus.com:
Symantec Norton AntiVirus NULL Characters Incoming Email Protection Bypass Vulnerability. Read more

online.securityfocus.com:
Microsoft Windows User Shell Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Buffer Overflows Found in SH39's MailServer. Read more

www.securitytracker.com:
Check Point FireWall-1 SecuRemote/SecureClient Authentication Timeout Restrictions Can Be Circumvented By Users. Read more

www.newsbytes.com:
Gator Branded A Trojan Horse Despite Security Fix. Read more

techupdate.zdnet.com:
The biggest flaw you never saw. Read more

www.bday.co.za:
New law brings certainty to cyberspace regulation. Read more

www.businessweek.com:
The Best Way to Make Software Secure: Liability. Read more

www.eweek.com:
Flaws Leave OpenSSH, Windows Vulnerable. Read more

www.canoe.ca:
Amateur hackers pose greater security threat than sophisticated ones. Read more

www.usatoday.com:
Official: U.S. studying Cuba's ability to disrupt Net. Read more

www.reuters.co.uk:
Beware spying computers, say experts. Read more

www.nandotimes.com:
No paying customers for encryption software. Read more

10 March 2002

New trojan(s):
WinRat 1.3

Dynod

www.att.com:
Local Area Detection of Incoming War Dial Activity (pdf). Read more

home.mminternet.com:
Wireless Security. Read more

www.newsforge.com:
Pringles: the latest wireless cracker tool. Read more

online.securityfocus.com:
OpenSSH Channel Code Off-By-One Vulnerability. Read more

online.securityfocus.com:
mIRC DCC Nick Disclosure Vulnerability. Read more

online.securityfocus.com:
Symantec Norton AntiVirus Conflicting MIME Header Vulnerability. Read more

online.securityfocus.com:
Symantec Norton AntiVirus Non-RFC Compliant Email Protection Bypass Vulnerability. Read more

www.securitytracker.com:
Xerver Web Server Input Validation Flaw Lets Remote Users View Files on the Server and Error Handling Bug Lets Remote Users Crash the Web Service. Read more

www.securitytracker.com:
'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges. Read more

www.securitytracker.com:
Microsoft Windows Operating System Shell URL Handler Bug Lets Remote Users Create HTML That Could Cause Arbitrary Code to Be Executed on Another User's System in Certain Situations. Read more

www.securitytracker.com:
mIRC Chat Client Discloses User Nickname and Other Information to Remote Users via Direct Client-to-Client Protocol. Read more

www.securitytracker.com:
OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges. Read more

www.securiteam.com:
PHP Remote Exploit Code Released (FILEUPLOAD, multipart/form-data). Read more

www.securiteam.com:
MTR Allows Local Users to Gain Root Privileges. Read more

www.securiteam.com:
AIM Remote Buffer Overflow. Read more

www.securiteam.com:
PureTLS Gets a Security Upgrade. Read more

www.securiteam.com:
Another SQL Server 7 Buffer Overflow (xp_dirtree). Read more

www.securiteam.com:
NT Users Can Bypass Password Changing Policy via IIS. Read more

online.securityfocus.com:
Heckenkamp Trial Delayed. Read more

online.securityfocus.com:
How we can save PGP -- Zimmermann. Read more

it.asia1.com.sg:
Microsoft to withdraw Windows XP if states win case. Read more

www.sfgate.com:
Next target for computer viruses: Cell phones. Read more

www.net4nowt.com:
Zone Labs Release New Feature Packed Firewall Software. Read more

09 March 2002

New trojan(s):
Iani

Kiss 0.99

www.phreedom.org:
onesixtyone: an efficient SNMP scanner. Read more

www.pointblanksecurity.com:
Subversion of Information Vulnerabilities on Major News Sites. Read more

www.digit-labs.org:
Combined (Remote/Local root) Cobalt XTR vulnerabilities. Read more

www.openpkg.org:
OpenPKG Security Advisory. Read more

www.digitaloffense.net:
Exploit for denial of service vulnerability in the Windows 2000 SMTP component. Read more

online.securityfocus.com:
Symantec Norton AntiVirus NULL Characters Incoming Email Protection Bypass Vulnerability. Read more

online.securityfocus.com:
Netscape Navigator Snoops On Web Searches. Read more

online.securityfocus.com:
OpenSSH Channel Code Off-By-One Vulnerability. Read more

www.securitytracker.com:
PureTLS Java-based SSL Implementation Has Diffie-Hellman Parameter Bug That May Compromise Security. Read more

www.securitytracker.com:
Microsoft Internet Information Server 4.0 .HTR Web Application Lets Users Change Their Passwords When the NT Security Policy is Configured to Prohibit Password Changing. Read more

www.securitytracker.com:
MTR Network Diagnostic Tool Buffer Overflow Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
Efingerd Buffer Overflow May Allow Remote Users to Execute Arbitrary Code on the System. Read more

www.securiteam.com:
Reverse WWW Tunnel Backdoor. Read more

www.securiteam.com:
Xerver 2.10 Directory Traversal and DoS . Read more

www.securiteam.com:
Java Applets Can be Used to Redirect Browser Traffic. Read more

www.securiteam.com:
MailMan File Disclosure Vulnerability. Read more

abcnews.go.com:
'Roughing' Up Hackers. New Software Technique for Spotting Computer Intruders. Read more

www.sfgate.com:
Bogus Microsoft security update e-mail is actually a virus. Read more

www.it-director.com:
Online virus generator will return. Read more

www.pcworld.com:
ZoneAlarm Evolves Into Full Security Tool. Read more

news.bbc.co.uk:
Hacking with a Pringles tube. Read more

www.bday.co.za:
New law brings certainty to cyberspace regulation. Read more

www.latimes.com:
U.S. to Curb Computer Access by Foreigners. Read more

08 March 2002

New trojan(s):
Winshell 4.0

Winamp Glich...Your now a Recording Artist by Doc~

Microsoft Security Bulletin MS02-014
Print Unchecked Buffer in Windows Shell Could Lead to Code Execution. Read more

www.kismetwireless.net:
Kismet is a 802.11b wireless network sniffer. Read more

phrack.org:
The Frame Pointer Overwrite. Read more

www.brd.ie:
Feasibility of attacking Windows 2000 Kerberos Passwords. Read more

www.linuxsecurity.com:
Local vulnerability in OpenSSH's channel code. Read more

www.pine.nl:
A bug exists in the channel code of OpenSSH versions 2.0 - 3.0.2. Read more

www.openbsd.org:
OpenSSH Security Advisory (adv.channelalloc). Read more

www.geocities.com:
TunnelShell, Tunneling Shell Access via TCP/UDP/Fraged/ICMP/RawIP Packets. Read more

online.securityfocus.com:
Microsoft Windows NT Security Policy Bypass Vulnerability. Read more

online.securityfocus.com:
Another Sql Server 7 Buffer Overflow. Read more

www.securitytracker.com:
SH39 MailServer Buffer Overflow Lets Remote Users Crash the SMTP Mail Service. Read more

www.securitytracker.com:
RealPlayer View Source Bug May Disclose Files to Other Users. Read more

www.securitytracker.com:
Endymion's Sake Mail Web Mail Java Servet Lets Remote Users View Files on the Server. Read more

www.securitytracker.com:
Endymion's MailMan Web Mail Server Lets Remote Users View Files on the Server. Read more

www.securitytracker.com:
Talentsoft Web+ Application Server Lets Remote Users Execute Arbitrary Code with System Level Privileges. Read more

www.securitytracker.com:
Microsoft SQL Server 'xp_dirtree' Buffer Overflow Lets Users Crash the Database Service. Read more

www.interhack.net:
PCFriendly Enables DVD Backchannels. Read more

www.newsbytes.com:
Virus Borrows Internet Pioneer's Server To Spread. Read more

www.secadministrator.com:
Additional Information About Microsoft Baseline Security Analyzer. Read more

www.reuters.com:
Al Qaeda Seen Using Web to Regroup, NY Times Says. Read more

webcenter.newssearch.netscape.com:
U.S. Reviewing Cuba, Cyberattacks. Read more

www.trustmatta.com:
Internet-based CounterIntelligence (pdf).
Yesterday the consultants of the Matta Attack & Penetration Team released a white paper documenting an entirely legal counterintelligence exercise undertaken over 2 days against the CIA's Internet points of presence, using open sources of information.Read more

www.computerworld.com:
Klez.e worm threat appears to be contained. Read more

www.computerworld.com:
New worm may be first written in C#. Read more

www.cw360.com:
Know the dangers of XML. Read more

www.newsbytes.com:
Gator Branded A Trojan Horse Despite Security Fix. Read more

www.computerbuyer.co.uk:
Hacks in the city: Pictures. Read more

www.philstar.com:
Network Security: the new challenge. Read more

news.24.com:
Cyber inspectors to patrol Web. Read more

www.silicon.com:
Pretty Good Privacy pretty much dead. Read more

www.idg.net:
PGP will go on, says its inventor. Read more

digitalmass.boston.com:
Network Associates discontinues encryption software. Read more

07 March 2002

New trojan(s):
wh-crew Spy 1.0

www.trustmatta.com:
An Introduction to Internet Attack & Penetration (PDF). Read more

www.xs4all.nl:
Java HTTP proxy vulnerability. Read more

www.securiteam.com:
IIS Internal IP Address Disclosure. Read more

www.securiteam.com:
Considerations for IIS Authentication. Read more

online.securityfocus.com:
Microsoft SQL Server xp_dirtree Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
MailServer by SH39 Denial of Service Vulnerability. Read more

online.securityfocus.com:
Kame-Derived Stack Non-ESP IPV4 Forwarded Packets Policy Bypassing Vulnerability. Read more

www.securitytracker.com:
Thttpd Web Server Filtering Flaw Lets Remote Users Steal Cookies Via Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Concurrent Versions System (CVS) Configuration Control Software Lets Local Users Crash the Server. Read more

www.securitytracker.com:
Openwall Linux Kernel Patch 'lcall()' Bug Lets Local Users Kill Processes Belonging to Other Users. Read more

www.securitytracker.com:
Zope Web Application Content Server Proxy Role Error May Let Users Access Unauthorized Objects. Read more

www.securitytracker.com:
Tomcat Java Server Lets Malicious Java Servlets or JSP Pages Access Any File on the Server. Read more

www.securitytracker.com:
Norton Anti-Virus Corporate Edition Default Configuration for Windows 2000 Lets 'Power Users' Obtain Elevated 'Administrator' Privileges. Read more

www.securitytracker.com:
KAME IPSec and IPSec Implementations in FreeBSD and NetBSD Fail to Apply the Security Policy Database to Inbound Forwarded Packets. Read more

www.securitytracker.com:
Draytek Vigor DSL Router Leaves Undocumented Management Port Open on the External (Internet-side) Interface. Read more

www.securitytracker.com:
ReBB Image Tag Cross-Site Scripting Hole Lets Remote Users Steal Cookies of ReBB Users. Read more.

www.securitytracker.com:
Netscape Web Broswer Java Environment Lets Remote Malicious Applets Redirect Web Proxy Connections. Read more

www.securitytracker.com:
Sun Java Runtime Environment (JRE) Lets Remote Malicious Applets Redirect Web Proxy Connections. Read more

www.securitytracker.com:
Microsoft Java Virtual Machine in Internet Explorer Lets Remote Malicious Applets Redirect Web Proxy Connections. Read more

www.securitytracker.com:
Ntop Network Usage Tool Format String Flaw May Let Remote Users Execute Arbitrary Commands on the System. Read more

www.reuters.com:
Klez Worm Fizzles; 2nd Virus Hits UBS PaineWebber. Read more

www.zdnet.com.au:
Gibe worm poses as a Microsoft update. Read more

www.zdnet.com.au:
Klez hasn�t wormed its way to Oz. Read more

news.com.com:
Worm set for file-eating binge. Read more

www.theregister.co.uk:
Klez-E worm triggers today. Read more

www.cnn.com:
Microsoft, Sun, Netscape warn of flaw in Java. Read more

www.theregister.co.uk:
Poison applet blights browsers. Read more

www.theregister.co.uk:
Oracle objects to Reg security coverage. Read more

www.wired.com:
He Hacks by Day, Squats by Night. Read more

www.silicon.com:
Top 10 tips to stop wireless hackers. Read more

www.zdnet.com.au:
Security: Convenience = Compromise? Read more

www.theregister.co.uk:
$100,000 prize in 'unbreakable' crypto challenge. Read more

www.reuters.com:
Computer Spy Methods Discovered in LED Lights. Read more

06 March 2002

New trojan:
Oracle

Binder:
MultiBinder 1.4.1

MultiBinder 1.1 Source

www.openwall.com:
Passive Analysis of SSH (Secure Shell) Traffic. Read more

www.ciac.org:
Understanding the SSH CRC32 Exploit. Read more

www.cgisecurity.net:
Fingerprinting Port80 Attacks. Read more

www.nextgenss.com:
Possible to discover internal IP addresses used by IIS Servers. Read more

www.debian.org:
xsane -- insecure temporary files. Read more

www.debian.org:
cvs -- improper variable initialization. Read more

www.nextgenss.com:
Non-Stack Overflows on Windows (pdf). Read more

www.nextgenss.com:
Assessing IIS Configuration Remotely (pdf). Read more

www.nextgenss.com:
Considerations for IIS Authentication. Read more

www.freefly.com:
Endymion sake-mail file-disclosure. Read more

www.freefly.com:
Endymion mailman file-disclosure. Read more

www.talentsoft.com:
Buffer Overrun in Talentsoft's Web. Read more

listmanager.unipi.it:
[Ntop-dev] ntop - format string bug in traceEvent. Read more

bob.firstcodings.com:
AuthentProtect is a small ISAPI filter that denies IIS authentication based on given usernames. It is mainly intended to block brute force attack against users for which NTFS permissions cannot be revoked (mainly administrators). Read more

online.securityfocus.com:
ReBB Image Tag Cross-Site Scripting Vulnerability. Read more

online.securityfocus.com:
Endymion MailMan Alternate Templates File Disclosure Vulnerability. Read more

online.securityfocus.com:
Endymion Sake Mail Null Character File Disclosure Vulnerability. Read more

online.securityfocus.com:
Real Networks RealPlayer Directory Traversal Vulnerability. Read more

www.securitytracker.com:
Apache-SSL for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users. Read more

www.securitytracker.com:
AeroMail Web Mail System Lets Remote Users Steal the Cookies of AeroMail Users and Lets Valid Remote Users Access Files on the AeroMail Server. Read more

www.theregister.co.uk:
New RADIUS vulns exposed. Read more

www.theregister.co.uk:
Poison applet blights browsers. Read more

www.techfocus.org:
Klez.e virus strikes on Wednesday. Read more

www.crn.com:
Klez-E Worm Programmed To Munch Files. Read more

news.com.com:
Seeking signs of Microsoft security push. Read more

zdnet.com.com:
Microsoft finds, patches Java VM flaw. Read more

www.zdnet.com:
Wireless networking: It's so easy! And so insecure! Read more

www.thetimes.co.uk:
Cybercrime and online fraud are showing no signs of slowing down. Read more

www.pcadvisor.co.uk:
Outlook on phones likely to boost viruses. Read more

www.canoe.ca:
Web site offers tips on fooling with telecom giants. Read more

05 March 2002

New trojan(s):
PtakkS XP

Microsoft Security Bulletin MS02-013
Java Applet Can Redirect Browser Traffic. Read more

CERT� Advisory CA-2002-06
Vulnerabilities in Various Implementations of the RADIUS Protocol. Read more

The Injustice Of Insecure Software
Software vendors often profess the importance of security. History, however, suggests otherwise: the software market has failed to produce secure software. This paper reviews the root cause of this market failure, risks this failure exacerbates, myths of today's solution, and @stake's solutions to remedy the crisis. (pdf) Read more

www.hackexpo.com:
Hack 2002. Read more

bob.firstcodings.com:
DropContentLengthGet is a small ISAPI filter that block the "Microsoft IIS/5 bogus Content-length" bug. Read more

www.securiteam.com:
Apache & PHP Proof of Concept Exploit. Read more

online.securityfocus.com:
CFS Multiple Buffer Overflow Vulnerabilities. Read more

online.securityfocus.com:
HP ProCurve Switch Denial of Service Vulnerability. Read more

www.securitytracker.com:
Phorum Bulletin Board Software Discloses the E-mail Addresses of the Ten Most Active Phorum Users to Remote Users. Read more

www.securitytracker.com:
Phorum Bulletin Board Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks and Assume the Identity of Other Phorum Users. Read more

www.securitytracker.com:
Demarc PureSecure Network Monitoring Software Uses Weak Encryption for Administrator Passwords, Facilitating Remote Brute-Force Password Guessing Attempts. Read more

www.securitytracker.com:
Cryptographic File System (CFS) Buffer Overflows Let Remote Users Crash the File System. Read more

www.securiteam.com:
Hotline Client Plaintext Password Vulnerability. Read more

www.securiteam.com:
Embedded URLs in Spoofed Multimedia Files. Read more

www.securiteam.com:
Details and Exploitation of a Buffer Overflow in mshtml.dll (SRC). Read more

www.securiteam.com:
BadBlue Directory Traversal Vulnerability (./ Removal). Read more

www.securiteam.com:
Remotely Exploitable Format String Vulnerability in Ntop (%s, Web Server). Read more

www.securiteam.com:
XTellD Multiple Vulnerabilities. Read more

www.newsbytes.com:
Microsoft Moves Fast To Stop Hacking Rumor. Read more

www.theregister.co.uk:
Removing IE would kill Win2k, WinXP, MS, says Redmond. Read more

www.theregister.co.uk:
IE, Outlook run malicious commands without scripting. Read more

zdnet.com.com:
Experts: Worms will breed in PHP hole. Read more

www.theregister.co.uk:
Malware by numbers: online virus creation tool spotted. Read more

zdnet.com.com:
Study: Biz still battling with viruses. Read more

www.newsbytes.com:
Computer Virus Infections Continue To Climb - Report. Read more

www.forbes.com:
UPDATE 1-Hacker claims Web worm meant to combat sexism. Read more

www.miami.com:
Honey pot set up on Web to attract hackers. Read more

news.bbc.co.uk:
Net monitoring scheme under fire. Read more

www.i-street.com:
New University of Illinois Center Focuses on Information Security. Read more

www.latimes.com:
Patching Holes in the Net. Read more

www.businessweek.com:
Stop Him Before He Hacks Again. Read more

news.zdnet.co.uk:
Wanted: Evidence of MS security push. Read more

www.theregister.co.uk:
Curious employees are biggest security risk. Read more

www.wired.com:
Adobe Copyright Case in Court. Read more

04 March 2002

New trojan(s):
Sphere 1.0

www.h07.org:
SphereServer Denial of Service Vulnerability. Read more

www.apache-ssl.org:
Apache-SSL buffer overflow condition (all versions prior to 1.3.22+1.46). Read more

www.cisco.com:
Fax Passthrough Limitations on ATA 186. Read more

www.cisco.com:
Cisco 10720 Fan Failure Goes Undetected. Read more

www.cisco.com:
Cisco 1750-2V and Cisco 1750-4V Were Incorrectly Shipped with PVDM-256K-4 or PVDM-256K-8. Read more

www.cisco.com:
Cisco VPN 5001 Concentrator End of Life Upgrade Program. Read more

www.ciac.org:
Microsoft XMLHTTP Control Vulnerability. Read more

www.ciac.org:
Microsoft Incorrect VBScript Handling in IE. Read more

www.ciac.org:
Data Leak with Cisco Express Forwarding. Read more

online.securityfocus.com:
AeroMail JavaScript Execution Vulnerability. Read more

www.securitytracker.com:
HP Procurve Switch Bug Allows Telnet Management Port to Be Temporarily Blocked for New Management Connections. Read more

www.securitytracker.com:
AOL Instant Messenger (AIM) Short Message Feature Buffer Overflow Lets Remote Users Crash the AIM Client Software. Read more

www.securiteam.com:
Cisco Express Forwarding Leaks Packet Information. Read more

www.securiteam.com:
Novell GroupWise Web Access Path Disclosure Vulnerability. Read more

www.securiteam.com:
Security Issue with GroupWise and LDAP Authentication in PostOffice (Anonymous bind). Read more

www.securiteam.com:
BadBlue XSS Vulnerabilities / Filesharing Server Worm. Read more

www.securiteam.com:
BPM Studio Pro Directory Traversal Vulnerability. Read more

www.securiteam.com:
Unreal IRCd Format String Vulnerability. Read more

www.securiteam.com:
Avenger's News System Command Execution Vulnerability. Read more

www.computeruser.com:
Girl power's point of virus written in Microsoft's C#. Read more

www.theregister.co.uk:
Britney Spears virus fails to chart. Read more

www.canada.com:
Police knew hero hacker for years. Read more

www.canada.com:
B.C. hacker a key figure in porn case against judge. Read more

www.theregister.co.uk:
WinXP SP1 to combine new goodies with the fixes. Read more

www.theregister.co.uk:
MS opponents may testify. Read more

www.computeruser.com:
Judge grants Microsoft rivals limited role in hearings. Read more

www.usatoday.com:
Congress demands copy protection solution. Read more

03 March 2002

New trojan(s):
Propel 1.0

www.debian.org:
cfs -- buffer overflow. Read more

www.debian.org:
php -- broken boundary check and more. Read more

online.securityfocus.com:
HP ProCurve Switch Denial of Service Vulnerability. Read more

www.securitytracker.com:
Tiny Personal Firewall Lets Physically Local Users Accept or Deny Connections When a Workstation is Locked. Read more

www.securitytracker.com:
Xtell Messaging Client Buffer Overflows Let Remote Users Execute Arbitrary Code on the System. Read more

www.securitytracker.com:
Cobalt RaQ4 System Management Software Lets Remote Users View Files on the System, Conduct Cross-Site Scripting Attacks, and Cause Denial of Service Conditions. Read more

www.securitytracker.com:
Hotline File Sharing Program Discloses User Password to Local Users. Read more

www.securitytracker.com:
Snitz Forums Input Filtering Bug Lets Remote Users Conduct Cross-Site Scripting Attacks Against Snitz Forums Users. Read more

www.securitytracker.com:
Network Associates Gauntlet Firewall Proxy Bug Lets Remote Users Bypass Some Access Controls and Connect to Arbitrary Ports on Internal/Protected Hosts. Read more

www.securitytracker.com:
KMail E-mail Client Bug Lets Remote Users Send Large Messages to Cause the Client to Crash. Read more

www.securiteam.com:
AOL/AIM Vulnerability. Read more

www.securiteam.com:
Zero One Tech (ZOT) P100s PrintServer and SNMP. Read more

www.securiteam.com:
Weak Password Storage in Demarc (Commercial Snort Front-end). Read more

www.securiteam.com:
Novell GroupWise Web Access Path Disclosure Vulnerability (HTMLVER). Read more

www.securiteam.com:
Pforum Cross-Site-Scripting Vulnerability. Read more

www.securiteam.com:
IRC Connection Tracking Helper Module (Patch Available). Read more

www.securiteam.com:
Cobalt RaQ Cross Site Scripting, Directory Traversal and DoS Vulnerabilities. Read more

www.securiteam.com:
Squid Buffer Overflow (FTP). Read more

www.nandotimes.com:
Computer worm named for Britney Spears seen as low risk. Read more

www.vnunet.com:
Copy-cat Britney virus fails to excite. Read more

www.theregister.co.uk:
All quiet on the malware front. Read more

www.windowsitsecurity.com:
IETF Receives Proposal: Responsible Vulnerability Disclosure Process. Read more

www.idg.net:
Internet software piracy group head pleads guilty. Read more

www.vnunet.com:
Top 10 security tips. Read more

02 March 2002

New trojan(s):
Kiss 0.9

online.securityfocus.com:
Linux Kernel IRC DCC Connection Tracking Module Arbitrary Port Access Vulnerability. Read more

online.securityfocus.com:
UnrealIRCD InBuf Format String Denial Of Service Vulnerability. Read more

online.securityfocus.com:
xtell Multiple Remote Buffer Overflow Vulnerabilities. Read more

online.securityfocus.com:
Multiple Vendor MacOS Browser Arbitrary Program Download Vulnerability. Read more

online.securityfocus.com:
Net-SNMP Trap And Request Handling Vulnerabilities. Read more

online.securityfocus.com:
Microsoft Windows SMTP Service Authorization Bypass Vulnerability. Read more

online.securityfocus.com:
Cisco IOS Cisco Express Forwarding Session Information Leakage Vulnerability. Read more

online.securityfocus.com:
Snitz Forums 2000 Image Tag Cross-Site Scripting Vulnerability. Read more

online.securityfocus.com:
xtell Trusted TTY Device Name Remote Vulnerability. Read more

online.securityfocus.com:
xtell Log File Symbolic Link Attack. Read more

online.securityfocus.com:
BPM Studio Pro HTTPD Directory Traversal Vulnerability. Read more

online.securityfocus.com:
Real Networks Realplayer 8 CPU Utilization Denial of Service Vulnerability. Read more

www.securitytracker.com:
Internet Explorer (IE) Web Browser 'innerHTML' Property Hole Lets Remote Users Execute Programs on the Browser's Host, Even With ActiveX and Active Scripting Disabled. Read more

www.securitytracker.com:
Microsoft Exchange Server 2000 Command Processing Bug Lets Remote Users Cause the SMTP Service to Crash. Read more

www.securitytracker.com:
Microsoft Windows 2000 and Windows XP SMTP Service Command Processing Bug Lets Remote Users Cause the SMTP Service to Crash. Read more

www.securitytracker.com:
Microsoft Windows 2000 SMTP Service Lets Remote Users Send or Relay Unauthorized Mail (including SPAM) Via the Server. Read more

www.securitytracker.com:
Microsoft Exchange Server Lets Remote Users Send or Relay Unauthorized Mail (including SPAM) Via the Server. Read more

www.securitytracker.com:
Novell GroupWise Server Discloses Web Installation Path to Remote Users. Read more

www.securitytracker.com:
ALCATech's BPM Studio Pro Audio Mixer Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Worldgroup Software (FTP and Web Server) Buffer Overflows Let Remote Users Crash the FTP and Web Services and May Allow for Remote Code Execution. Read more

www.securitytracker.com:
Linux Kernel 'Netfilter' Firewall Software Has an IRC DCC Protocol Connection Tracker Bug That May Let Remote Users Access Protected Hosts in Certain Situations. Read more

www.securitytracker.com:
The Bat! E-mail Client MS-DOS Device Access Flaw Lets Remote Users Send Special E-mail to Cause the Recipient's E-mail Client to Crash. Read more

www.securitytracker.com:
Cisco IOS-based Devices That Use Cisco Express Forwarding (CEF) May Leak Data from One Packet into Another Packet in Certain Situations. Read more

www.securitytracker.com:
PHP File Upload Bugs Let Remote Users Execute Arbitrary Code on a PHP-enabled Web Server. Read more

www.securitytracker.com:
Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users. Read more

ntbugtraq.ntadvice.com:
The 4th Annual NTBugtraq Retreat. Read more

www.informationweek.com:
Britney Virus May Drive You Crazy. Read more

news.com.com:
Sharpei virus hits C# note. Read more

zdnet.com.com:
Week in review: Diet of worms. Read more

europe.cnn.com:
Oops! It's the 'Britney' e-mail worm. Read more

www.newsbytes.com:
Court Decision Could Gag French Security Site Kitetoa. Read more

news.com.com:
Flaw weakens Linux security software. Read more

www.theregister.co.uk:
Staying on top of Oracle's holes. Read more

www.wired.com:
Have iPod, Will Secretly Bootleg. Read more

www.canoe.ca:
New technology enables forensic accounting investigators to probe deeper. Read more

www5.law.com:
Hackers Not Welcome in South Florida. Read more

zdnet.com.com:
Looping e-mails: Scourge of the Net? Read more

www.cw360.com:
Government forces Microsoft into new licence deal. Read more

01 March 2002

New trojan(s):
DataSpy Network X 0.3 beta

www.finjan.com:
Embedded URLs in Spoofed Multimedia Files. Read more

www.safehack.com:
Messages That Start with the Word "begin 666 filename.exe or filename.whatever" Are Received as Attachments. Read more

www.bursztein.net:
Using Environment for returning into Lib C. Read more

online.securityfocus.com:
Galacticomm Worldgroup Remote FTP Denial of Service Vulnerability. Read more

online.securityfocus.com:
Linux Kernel IRC DCC Connection Tracking Module Arbitrary Port Access Vulnerability. Read more

online.securityfocus.com:
Apache Mod_SSL Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Galacticomm Worldgroup Remote Web Server Denial of Service Vulnerability. Read more

online.securityfocus.com:
Rit Research Labs The Bat! MS DOS Device Name Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Symantec Ghost Corporate Edition 7.0 Plain Text Credentials Vulnerability. Read more

www.securitytracker.com:
Deerfield D2Gfx File Sharing System Lets Remote Users Traverse the Directory and View Files Located Anywhere on the System. Read more

www.securitytracker.com:
BadBlue Web Server Lets Remote Users Traverse the Directory and View Files Located Anywhere on the System. Read more

www.securitytracker.com:
Deerfield's D2Gfx File Sharing System Allows Remote Users to Conduct Cross Site Scripting Attacks and Run (and Propagate) Arbitrary Code on D2Gfx File Sharing Servers. Read more

www.securitytracker.com:
BadBlue Web Server Allows Remote Users to Conduct Cross Site Scripting Attacks and Run (and Propagate) Arbitrary Code on BadBlue File Sharing Servers. Read more

www.securiteam.com:
Executing Arbitrary Commands without Active Scripting or ActiveX. Read more

CERT� Advisory CA-2002-05
Multiple Vulnerabilities in PHP fileupload. Read more

www.securityoffice.net:
Novell GroupWise Web Access Path Disclosure Vulnerability. Read more

robertgraham.com:
TRONS is an independent IDS subsystem in BlackICE that reads in Snort-like signatures. Read more

www.securiteam.com:
Authentication Flaw Allows Unauthorized Users to Authenticate SMTP Service. Read more

www.securiteam.com:
Malformed Data Transfer Request Causes Windows SMTP Service to Fail. Read more

www.securiteam.com:
DoS Attack Against FreeRADIUS (Other RADIUS Servers Affected). Read more

www.securiteam.com:
Multiple Remote Vulnerabilities in PHP's Fileupload Code. Read more

grc.com:
Distributed Reflection Denial of Service
Description and analysis of a potent, increasingly prevalent, and worrisome Internet attack. Read more

www.ecommercetimes.com:
French Group Claims DoubleClick Hacked for Two Years. Read more

www.newsbytes.com:
Webmasters Urged To Plug PHP Security Hole. Read more

www.infoworld.com:
CERT warns of PHP security holes. Read more

zdnet.com.com:
Linux flaw opens door in firewalls. Read more

www.theregister.co.uk:
Anti-Virus's control fetish. Read more

techupdate.zdnet.com:
Don't squash bug disclosure. Read more

news.com.com:
Software "time bomber" goes to prison. Read more

www.cw360.com:
UK must lock down the law to stop the hackers. Read more

www.chron.com:
Hacker saw plenty in files of N.Y. Times. Read more

www.themercury.news.com.au:
F1 on hacker alert. Read more

www.vnunet.com:
US hackers could face life sentences. Read more

www.theregister.co.uk:
New York Times internal network hacked. Read more

www.heise.de:
Encryption in Company Networks Foiled. Read more


Copyright� MegaSecurity.org