Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!
News Archive    Translate Traducen    Home
News May 20002
31 May 2002

New trojans:
EasyServ 1.1

Aphex's WebDownloader 0.2.0

Silent Spy 2.0

News:
www.dataspy.net:
Packing and Encryption. Read more

www.securiteam.com:
SQL Injection Walkthrough. Read more

online.securityfocus.com:
Macromedia JRun Host Header Field Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Caldera OpenServer SCOAdmin Symbolic Link Vulnerability. Read more

online.securityfocus.com:
FreeBSD Accept Filter Denial of Service Vulnerability. Read more

online.securityfocus.com:
phpTest Test Result Disclosure Vulnerability. Read more

online.securityfocus.com:
Image Display System Directory Existence Disclosure Vulnerability. Read more

online.securityfocus.com:
Charities.Cron Insecure Temporary File Creation Vulnerability. Read more

www.securitytracker.com:
'Autorun' Utility for Xandros Desktop Linux Beta Discloses a Portion of Any File to Local Users. Read more

www.securitytracker.com:
Image Display System (IDS) CGI Script Discloses Information About Existing Directories to Remote Users. Read more

www.securitytracker.com:
Meteor FTP Server Command Processing Bug Lets Remote Authenticated Users Crash the Server. Read more

www.securitytracker.com:
DataWizard FtpQX Server Buffer Overflow Lets Remote Authenticated Users Crash the Service. Read more

www.securitytracker.com:
OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System. Read more

www.securitytracker.com:
WoltLab Burning Board Forum Lets Remote Users Hijack Newly Assigned User Accounts. Read more

www.securitytracker.com:
Tomcat Multiple Directory Listing and Webroot Location Vulnerabilities. Read more

www.computeruser.com:
Carnivore responsible for terrorist e-mail mishaps - FBI. Read more

www.atnewyork.com:
'Critical' Exploit Detected in Exchange 2000. Read more

koreaherald.co.kr:
Panel to set up information center to prevent hacking, cyber terrorism. Read more

europe.cnn.com:
Japan space hackers nabbed for spying. Read more

www.ecommercetimes.com:
Intrusion Detection: Running a Hacker Simulation. Read more

www.newsfactor.com:
Hackers V. Colleges: Security Bolstered for University Computer Systems. Read more

www.computeruser.com:
News sites tackle e-mail 'subversion' security holes. Read more

30 May 2002

New trojans:
Aphex's Remote Packet Sniffer 0.1.2

AntiLamer Backdoor 1.4

Net Advance 3.1.0

News:
Microsoft Security Bulletin MS02-025
Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources (Q320436). Read more

NGSSoftware Insight Security Research Advisory
Macromedia JRun 3.1 Remote System Buffer Overrun. Read more

ProCheckUp Security Bulletin PR02-12
Gafware's CFXImage showtemp program file reading vulnerability. Read more

www.ethereal.com:
Potential issues with Ethereal 0.9.3. Read more

online.securityfocus.com:
FileZilla FTP Server Directory Traversal Vulnerability. Read more

online.securityfocus.com:
Virtual Programming VP-ASP SQL Injection Vulnerability. Read more

online.securityfocus.com:
Virtual Programming VP-ASP Test Page Information Disclosure Vulnerability. Read more

online.securityfocus.com:
Oracle Application Server PL/SQL Module Format String Vulnerability. Read more

online.securityfocus.com:
Oracle TNSListener Remote Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft Active Data Objects Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft SQL Server 2000 Multiple Vulnerabilities. Read more

online.securityfocus.com:
Microsoft IIS 5.0 Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Microsoft Windows 2000 Remote Access Service Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Microsoft IIS HTR ISAPI Extension Heap Overflow Vulnerability. Read more

www.securitytracker.com:
Yahoo! Messenger Buffer Overflows and Scripting Flaws Let Remote Users Execute Arbitrary Code on Another User's Messenger Client. Read more

www.securitytracker.com:
3Com OfficeConnect DSL Router Address Translation Hole Lets Remote UsersGain Unauthorized Access to Ports on Hosts Behind the Router. Read more

www.securitytracker.com:
Opera Web Browser Allows Malicious Servers to Silently Retrive Files from the Victim's System. Read more

www.securitytracker.com:
NetScreen Firewall Can Be Made to Reboot By Remote Users That Send Long Usernames to the Device's Login Screen. Read more

www.securitytracker.com:
Virtual Programming's VP-ASP Shopping Cart Default Configuration May Disclose Internal Database (Including Credit Card Data) to Remote Users. Read more

www.securitytracker.com:
BlueFace's Falcon Web Server Lets Remote Users Access Password-Protected Files. Read more

www.securiteam.com:
Remote Exploit for UW-IMAPd Capability (IMAP4). Read more

www.securiteam.com:
Gafware's CFXImage Showtemp Program File Reading Vulnerability. Read more

www.securiteam.com:
Malformed Mail Attribute Causes Exchange 2000 to Exhaust CPU Resources. Read more

www.securiteam.com:
Macromedia JRUN Buffer Overflow Vulnerability (ISAPI DLL). Read more

www.smh.com.au:
FBI's Carnivore system disrupted anti-terror investigation. Read more

www.newsfactor.com:
Newest IT Job Title: Chief Hacking Officer. Read more

www.cnet.com:
Hacker breaks into electronics site. Read more

www.zdnet.com:
Instant messaging: The next hacker target. Read more

news.com.com:
Microsoft Exchange hole "critical". Read more

www.newsday.com:
Glitch Exposes Fidelity Accounts. Read more

www.newsbytes.com:
Klez Infection Persists - Anti-Virus Companies. Read more

zdnet.com.com:
Hacker attacks TheNerds.net. Read more

29 May 2002

New trojans:
DS Web Downloader 3.0

AutoSpY 1.3

NetGrisch

News:
online.securityfocus.com:
BlueFace Falcon Web Server File Disclosure Vulnerability. Read more

online.securityfocus.com:
Opera Arbitrary File Disclosure Vulnerability. Read more

online.securityfocus.com:
AMANDA amindexd Remote Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Yahoo! Messenger Call Center Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Yahoo! Instant Messenger Script Injection Vulnerability. Read more

www.securiteam.com:
YoungZSoft CMailServer Buffer Overflow. Read more

www.securiteam.com:
WFTPD Directory Traversal Vulnerability (CWD). Read more

www.securiteam.com:
Meteor FTP Denial of Service (MKD, STOR). Read more

www.securiteam.com:
TransSoft's Broker FTP Server DoS (CWD). Read more

www.securiteam.com:
FtpXQ MKD Buffer Overflow. Read more

www.securiteam.com:
phpBB Cross Site Scripting Vulnerability. Read more

www.securiteam.com:
WBBoard New User Registration Vulnerability. Read more

www.computing.vnunet.com:
Yahoo bug on the rampage. Read more

www.computing.vnunet.com:
Klez variant crowned virus king. Read more

arstechnica.infopop.net:
Worm.Klez, and false senders. Read more

www.nzherald.co.nz:
Klez.H 'spoofing worm' infects one in 170 emails. Read more

www.idg.net:
Worms Crawl Toward Instant Messaging. Read more

www.techfocus.org:
XML hole takes advantage of Excel, opens door to crackers. Read more

www.eweek.com:
Assessment Is Charney's Job One. Read more

www.computing.vnunet.com:
Kimble 'hacker' fined �100,000. Read more

www.bayinsider.com:
Terror Issues Raise Surveillance Concerns. Read more

www.newscientist.com:
Anti-snooping operating system close to launch. Read more

www.sfgate.com:
Wired and worried. Read more

28 May 2002

New trojans:
SpySender 0.88i client

Ricta 1.0

DTR 1.3

News:
GreyMagic Security Advisory GM#001-OP
Reading ANY local file in Opera. Read more

online.securityfocus.com:
CVS Daemon RCS Off By One Local Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
IRSSI Trojaned Configure File Arbitrary Access Vulnerability. Read more

online.securityfocus.com:
Trend Micro Interscan Viruswall SMTP Header Removal Vulnerability. Read more

www.securitytracker.com:
Mailman E-mail Discussion List Software Allows Remote Users to Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Concurrent Versions System (CVS) Off-by-one Buffer Overflow May Let Local Users Execute Arbitrary Code to Gain Elevated Privileges. Read more

www.securitytracker.com:
PGP Public Key Server Buffer Overflow Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
IRSSI IRC Client for UNIX May Contain a Backdoor in a Certain Version of the Source Code Distribution. Read more

www.securiteam.com:
NetScreen 25 Unauthorized User Reboot (DoS). Read more

www.securiteam.com:
Yahoo Messenger - Multiple Vulnerabilities. Read more

www.securiteam.com:
VP-ASP Multiple Security Vulnerabilities. Read more

www.securiteam.com:
Vulnerability in 3Com OfficeConnect Remote 812 ADSL Router (PAT). Read more

www.securiteam.com:
AMANDA Security Issues. Read more

www.securiteam.com:
COWS Contains Multiple Security Vulnerabilities. Read more

online.securityfocus.com:
Klez-H is the worst virus ever - official. Read more

news.zdnet.co.uk:
Excel hole opens PCs to hackers. Read more

www.japantimes.co.jp:
Hacker hits Kommy customer files. Read more

www.lendingintelligence.com:
Experian, Ford Still Unsure How Hacker Stole 13,000 Credit Reports. Read more

www.timesonline.co.uk:
Internet security breaches threaten e-trade potential. Read more

www.businessweek.com:
An Education in Hacking. Read more

www.businesstoday.com:
Hackers go wireless with greatest of ease. Read more

www.nationalpost.com:
Tracking Mafiaboy. Read more

27 May 2002

New trojans:
Avone 2

Osiris v2

Aphex WebDownloader 0.1.2

News:
www.securityoffice.net:
Falcon Web Server Unauthorized File Disclosure Vulnerability. Read more

www.sendmail.org:
File Locking Local Denial of Service Impact on sendmail. Read more

www.cgisecurity.net:
Header Based Exploitation: Web Statistical Software Threats. Read more

www.securiteam.com:
ATA-186 Password Disclosure Vulnerability. Read more

www.securiteam.com:
CBOS - Improving Resilience to Denial-of-Service Attacks. Read more

www.securiteam.com:
TrendMicro Interscan VirusWall Insecurity "Feature". Read more

www.securiteam.com:
Microsoft Active Directory Security Vulnerability (Zero Length). Read more

www.securiteam.com:
LocalWeb2000 Web Server Protected File Access Vulnerability. Read more

www.securiteam.com:
Irssi IRC Found to Contain a Backdoor. Read more

www.securiteam.com:
Local Off By One Overflow in CVSd. Read more

www.securiteam.com:
Gridscan.com Security-risk. Read more

www.securiteam.com:
PGP Public Key Server DoS and Remote Code Execution. Read more

www.securitytracker.com:
TightVNC Virtual Network Computing Software May Disclose Passwords to Local Users and May Allow Remote Users to Crash the Server. Read more

www.securitytracker.com:
Microsoft Excel Spreadsheet XML Stylesheet ActiveX Object Flaw Lets Remote Users Create Malicious Excel Spreadsheets That May Execute Arbitrary Code When Opened With the XML Stylesheet Option. Read more

www.securitytracker.com:
Cisco Intrusion Detection System (IDS) Device Manager Bug in Web Access Feature Lets Remote Users View Files on the Sensors. Read more

www.securitytracker.com:
Microsoft Active Directory May Have Bug That Allows Remote Users to Crash the Directory. Read more

www.securitytracker.com:
Sendmail Default File Permissions and Configuration Allows Local Users to Deny Service to Sendmail. Read more

www.securitytracker.com:
Debian 'netstd' Utility Package Has Several Components With Buffer Overflows That Allow Remote Users to Execute Arbitrary Code on the System. Read more

www.securitytracker.com:
LocalWEB2000 Web Server Discloses Password-Protected Files to Remote Users. Read more

www.securitytracker.com:
Pharao Web Portal Software Has Multiple Flaws That Allow Remote Users to Access the System as Any User and to Read Files on the Server. Read more

techupdate.zdnet.co.uk:
Grey WLANs and web services top security risks. Read more

www.it-director.com:
World Cup viruses poised to strike. Read more

26 May 2002

New trojans:
HellzAddiction 1.15 server

Deves

Enculator 0.1

Enculator 1.0 server. Enculator 1.0 is now also complete.

Tool: qb0x.net:
boegADT is a UNIX based library for make easy to write buffer overflow exploits. The intention of this library is to make possible that anyone can write an exploit without knowledge of the techniques. Read more

News:
www.hert.org:
The Frame Pointer Overwrite. Read more

online.securityfocus.com:
Debian GNU/Linux netstd Multiple Buffer Overflow Vulnerabilities. Read more

online.securityfocus.com:
ViewCVS Cross-Site Scripting Vulnerability. Read more

online.securityfocus.com:
IBM DB2 db2ckpw Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
LocalWEB2000 File Disclosure Vulnerability. Read more

online.securityfocus.com:
Microsoft Excel 2002 XML Stylesheet Arbitrary Code Execution Vulnerability. Read more

online.securityfocus.com:
Ethereal Server Message Block Dissector Malformed Packet Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Cisco CBOS Telnet Denial of Service Vulnerability. Read more

online.securityfocus.com:
Cisco Broadband Operating System TCP/IP Stack Denial of Service Vulnerability. Read more

online.securityfocus.com:
Cisco CBOS Oversized Packet DHCP Denial Of Service Vulnerability. Read more

www.securitytracker.com:
Cisco Broadband Operating System (CBOS) for Cisco 600 Series DSL Routers Lets Remote Users Crash the Routers. Read more

www.securitytracker.com:
User-Mode Linux (UML) Environment System Call Breakpoint Bug Lets Local Users Execute System Calls on the Host (Outside of the UML Environment). Read more

www.securitytracker.com:
Microsoft Date Engine (MSDE) Default Configuration Leaves Blank Password for System Administrator Account. Read more

www.nandotimes.com:
Hackers obtain California employee data. Read more

www.sfgate.com:
Hackers gain entry to key state database. Personnel files were breached last month for 265,000 workers. Read more

computerworld.com:
Secret Service warns of Afghanistan e-mail scam. Read more

25 May 2002

New trojans:
Arcanum 0.1.1

AutoSpY 1.2

Fearless Webdownloader 1.1

News:
Georgi Guninski security advisory #55, 2002
Excel XP xml stylesheet problems. Read more

online.securityfocus.com:
OpenBSD sshd BSD Authentication Implementation Error Vulnerability. Read more

online.securityfocus.com:
Microsoft Active Directory Zero Page Length Query Vulnerability. Read more

online.securityfocus.com:
NewAtlanta ServletExec/ISAPI JSPServlet Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Cisco VoIP Phone Web Interface System Memory Contents Information Leakage Vulnerability. Read more

online.securityfocus.com:
Cisco VoIP Phone Default Administrative Password Vulnerability. Read more

www.securitytracker.com:
Opty-Way Enterprise Glassworks Management Application Installs Microsoft Data Engine Insecurely, Allowing Remote Users to Execute Commands on the System. Read more

www.securitytracker.com:
Compaq Integrated Administrator for Compaq ProLiant Server Blade Enclosure May Allow Authenticated Remote Users to Gain Full Access to the Enclosure Operating System. Read more

www.securitytracker.com:
Microsoft Windows Debugging Facility for Windows NT4 and 2000 Has Authentication Hole That Lets Local Users Execute Arbitrary Code with SYSTEM Privileges. Read more

www.securitytracker.com:
Cisco IP Phones Allow Remote Users to Cause the Phone to Crash and Restart and Allow Physically Local Users to Modify the Telephone's Configuration. Read more

www.securitytracker.com:
MatuSoft's MatuFtpServer Buffer Overflow Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code on the Server. Read more

www.securitytracker.com:
New Atlanta Communications ServletExec/ISAPI Java Server Can Be Crashed By Remote Users and Discloses the Directory Path and Files in the Web Root Directory to Remote Users. Read more

www.computing.vnunet.com:
Make way for the uber worm. Read more

www.esecurityplanet.com:
Microsoft Battles Debugger Flaw, SQL Worm. Read more

www.internetnews.com:
World Gets Caught In Wormy Situation. Read more

www.net4nowt.com:
Beware Of World Cup Viruses, Say Experts. Read more

www.varbusiness.com:
So You've Been Hacked... Now What? Read more

www.nandotimes.com:
Hackers access information on California state employees. Read more

www.computing.vnunet.com:
Chinese crackers prepare for cyber war. Read more

24 May 2002

New trojans:
AntiLamer Backdoor 1.3

TruvaAti 1.2b

YAI

News:
www.cisco.com:
Cisco Security Advisory: ATA-186 Password Disclosure Vulnerability. Read more

www.ngsec.com:
Solaris in.talkd, remote root compromise. Read more

online.securityfocus.com:
Sun Solaris In.Rarpd Multiple Vulnerabilities. Read more

online.securityfocus.com:
Matu FTP Server Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Multiple Vulnerabilities in CISCO VoIP Phones (Additional details). Read more

www.securiteam.com:
Opty-Way Enterprise Includes MSDE with Blank 'sa' Account. Read more

www.securiteam.com:
Authentication Flaw in Windows Debugger can lead to Elevated Privileges. Read more

www.securiteam.com:
Multiple Vulnerabilities in Solaris in.rarpd. Read more

www.securitytracker.com:
YoungZSoft CMail Server Buffer Overflow Allows Remote Users to Execute Arbitrary Code to Gain Shell Access on the System. Read more

www.securitytracker.com:
IBM DB2 Database Buffer Overflow in 'db2ckpw' Lets Local Users Gain Root Access on the System. Read more

www.securitytracker.com:
Sun Solaris 'in.rarpd' Reverse ARP Protocol Daemon May Let Local and Remote Users Gain Root Access on the System. Read more

www.securitytracker.com:
Deerfield WebSite Pro Windows-based Web Server May Disclose CGI Source Code to Remote Users in Certain Cases. Read more

www.securitytracker.com:
Ethereal Network Sniffer Has Multiple Bugs That May Allow Remote Users to Send Packets to Execute Arbitrary Code or Cause the Sniffer to Hang or Crash. Read more

www.securitytracker.com:
Fetchmail Client Buffer Overflow May Allow a Remote Mail Server to Execute Arbitrary Code on the Client System. Read more

www.securitytracker.com:
Cisco IOS Can Be Crashed By Remote Users Sending ICMP Redirect Messages. Read more

www.securitytracker.com:
SSH May Allow Authorized Remote Users to Bypass Server Authentication Configuration Settings and Login Using Passwords When the Server is Configured to Prohibit the Use of Passwords. Read more

www.securitytracker.com:
Talkd Format String Hole Lets Remote Users Execute Arbitrary Code on the System. Read more

www.vnunet.com:
Klez worm hits US State Department. Read more

www.vnunet.com:
SQL server hacks send out more attacks. Read more

www.vnunet.com:
IT crime still going unreported. Read more

www.astalavista.com:
Virus Prediction Text. Read more

news.com.com:
Microsoft warns of new debugger flaw. Read more

online.securityfocus.com:
Navy Domain Hijacked By German Pornography Site. Read more

www.vnunet.com:
Bug Watch: No such thing as absolute security. Read more

23 May 2002

New trojans:
ILL-Eagle 1.0

DS Web Downloader 2.0

Peeper 1.2

News:
Microsoft Security Bulletin MS02-024
Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206). Read more

online.securityfocus.com:
Sun AnswerBook2 Gettransbitmap Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Stronghold Secure Server Path Information Disclosure Vulnerability. Read more

online.securityfocus.com:
Ipswitch IMail Server LDAP Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
bzip2 Archive Inherited Symbolic Link Permissions Vulnerability. Read more

online.securityfocus.com:
bzip2 Insecure Decompressed File Permissions Vulnerability. Read more

online.securityfocus.com:
bzip2 Decompression File Overwrite Vulnerability. Read more

online.securityfocus.com:
FreeBSD k5su Wheel Group Membership Validation Vulnerability. Read more

online.securityfocus.com:
Nullsoft Winamp Plaintext Authentication Credentials Vulnerability. Read more

www.securiteam.com:
Multiple Vulnerabilities in Cisco IP Telephones. Read more

www.securiteam.com:
Cisco IOS ICMP Redirect DoS. Read more

www.securiteam.com:
Multiple vulnerabilities in New Atlanta ServletExec ISAPI. Read more

www.securiteam.com:
MatuFtpServer Remote Buffer Overflow and DoS. Read more

www.securiteam.com:
WebSite Pro Vulnerable to Source Code Disclosure (8.3 Name Format). Read more

www.securitytracker.com:
mcNews Forum Software Has Several Bugs That Disclose Files to Remote Users and Allow Remote Users to Conduct Cross-Site Scripting Attacks Against mcNews Users. Read more

www.securitytracker.com:
Red Hat Stronghold Secure Web Server Sample Script ('swish') Discloses Installation Path to Remote Users. Reading more

www.securitytracker.com:
Xitami Web Server Flaw in Processing Errors May Allow Remote Users to View CGI Source Code. Read more

www.securitytracker.com:
Winamp Media Player May Disclose Certain User Passwords to Local Users. Read more

www.securitytracker.com:
BannerWheel CGI-based Banner Display Management Software Buffer Overflows May Let Remote Users Execute Arbitrary Code Via the Management Interface. Read more

www.securitytracker.com:
Sun AnswerBook2 'gettransbitmap' Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Ipswitch's IMail Server Buffer Overflow in LDAP Service Lets Remote Users Execute Arbitrary Code with SYSTEM Level Privileges. Read more

www.securitytracker.com:
'bzip2' File Compression Utility May Allow Local Users to Be Able to Read the Contents of Privileged Files. Read more

www.securitytracker.com:
K5su Kerberos-based Set Userid ('su') Utility for FreeBSD Fails to Limit Access to Only 'wheel' Group Users. Read more

www.wired.com:
The Beauty and Grace of a Worm. Read more

online.securityfocus.com:
The Viral Mind: Understanding the Motives of Malicious Coders. Read more

www.newsfactor.com:
SQL Server Worm: Just the Beginning. Read more

zdnet.com.com:
MS SQL server worm: Gone fishing? Read more

news.bbc.co.uk:
Waging war on computer viruses. Read more

quote.bloomberg.com:
Security Hole Found in PCs From Sony, Others, Mainichi Says. Read more

www.thestar.com:
Online privacy firm offers `bug bounty'. Read more

www.bergen.com:
Two face charges of cyber extortion. Read more

zdnet.com.com:
Microsoft digs own grave of mistrust. Read more

22 May 2002

New trojans:
HoaVeLu

Wollf 1.4

9_119

Tool:
sourceforge.net:
New version (1.2.3) of NMapWin released. Read more

News:
www.idefense.com:
Evolution of Cross-Site Scripting Attacks. Read more

archives.neohapsis.com:
OpenBSD local DoS and root exploit. Read more

www.iss.net:
Microsoft SQL Spida Worm Propagation. Read more

online.securityfocus.com:
MacOS X Sliplogin Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Plain Text Password Vulnerability in Winamp. Read more

www.securiteam.com:
Buffer Overflow in Ipswitch IMail (LDAP). Read more

www.securiteam.com:
Sun AnswerBook2 Gettransbitmap Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Stronghold Secure Webserver Sample Script Path Disclosure Vulnerability. Read more

www.securitytracker.com:
ViewCVS Web-based CVS Interface Allows Cross-Site Scripting Attacks Against ViewCVS Users. Read more

www.msnbc.com:
Computer Lessons for Terrorists. Read more

www.computeruser.com:
'SQLsnake' worm blamed for spike in port 1433 scans. Read more

www.newsbytes.com:
Its Creator Says Kazaa Benjamin Worm Means Well. Read more

www.smh.com.au:
New worm spreads via Microsoft SQL Servers. Read more

cryptome.org:
Meet Bruce McIndoe, lead architect for Echelon II, the 'most productive intelligence program' in history. Read more

digitalmass.boston.com:
Hundreds of law enforcement, media outlets receive computer virus from forged State Department e-mail address. Read more

www.ddj.com:
Security In Web Services: An Evolving Threat Model. Read more

www.linuxsecurity.com:
PortSentry for Attack Detection, Part One. Read more

www.nandotimes.com:
Computer virus attacks law enforcement, media. Read more

www.business.scotsman.com:
The price of security is less than the cost of its absence. Read more

21 May 2002

New trojans:
Nerte 7.8.1

CANCER 1.0

AutoSpY 1.1

News:
www.cgisecurity.com Frequently asked questions in relation to Cross Site Scripting Attacks. Read more

www.securityoffice.net:
Stronghold Secure Webserver Path Disclosure Vulnerability. Read more

online.securityfocus.com:
MacOS X Sliplogin Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
FreeBSD Process Concealment Bypass Vulnerability. Read more

online.securityfocus.com:
Cisco IDS Device Manager Arbitrary File Read Access Vulnerability. Read more

online.securityfocus.com:
GRSecurity Linux Kernel Memory Protection Weakness. Read more

online.securityfocus.com:
Xerox DocuTech Scanner Insecure Default Configuration Vulnerability. Read more

online.securityfocus.com:
SonicWall SOHO3 Content Blocking Script Injection Vulnerability. Read more

online.securityfocus.com:
Hosting Controller DSNManager Directory Traversal Vulnerability. Read more

online.securityfocus.com:
CGIScript.net Information Disclosure Vulnerability. Read more

online.securityfocus.com:
Hosting Controller Import Root Directory Command Execution Vulnerability. Read more

online.securityfocus.com:
Cybercenter fills security niche. Read more

www.computeruser.com:
Worm infiltrates Kazaa file-swapping network. Read more

www.idg.net:
Worm Targets Kazaa Users. Read more

news.com.au:
Hacker losses rocket. Read more

news.zdnet.co.uk:
Hackers siphon Ford credit records. Read more

atimes.com:
Alert issued for China's next cyber attack. Read more

www.businessweek.com:
A Hacker Whodunit at Vivendi. Read more

20 May 2002

New trojans:
QwErTos RAT 0.2

Sneak Server

ZSpyII 0.99beta

News:
online.securityfocus.com:
SonicWall SOHO3 Content Blocking Script Injection Vulnerability. Read more

online.securityfocus.com:
Hosting Controller DSNManager Directory Traversal Vulnerability. Read more

online.securityfocus.com:
CGIScript.net Information Disclosure Vulnerability. Read more

online.securityfocus.com:
Hosting Controller Import Root Directory Command Execution Vulnerability. Read more

online.securityfocus.com:
Xerox DocuTech Printer Weak Default Configuration Vulnerability. Read more

www.securiteam.com:
Xitami CGI Processing Failure Vulnerability. Read more

www.securiteam.com:
More than Fourteen CGIscript.net Scripts Have Path Disclosure Vulnerability. Read more

www.securiteam.com:
ViewCVS's Cross-site Scripting Bug. Read more

www.securitytracker.com:
Xerox DocuTech Publishing System Has Insecure Default Configuration for the System Controllers, Letting Remote Users Take Full Control of the System. Read more

www.securitytracker.com:
Multiple CGI Scripts From CGIScript.net Disclose the Installation Path to Remote Users. Read more

www.securitytracker.com:
Phorum Bulletin Board Software Has PHP Include Bug in 'plugin.php' Lets Remote Users Execute Arbitrary PHP Code and Shell Commands on the Server. Read more

www.securitytracker.com:
Quake II Game Server May Disclose Sensitive Information, Including Passwords, to Remote Users. Read more

www.securitytracker.com:
Swatch Log File Monitor Has Bug in the Throttling Code That May Cause Some Events to Be Missed. Read more

www.securitytracker.com:
SonicWALL SOHO Firewall Device Log File Filtering Hole Lets Remote Users on the Local Network Inject Scripting into Log Files for Denial of Service or Potential Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Hosting Controller Software for Web Hosting Companies Has Input Validation Errors in 'dsnmanager.asp' and 'imp_rootdir.asp' Scripts That Allow Remote Users to View Files on the System and Upload and Copy Files With Administrator Privileges. Read more

www.securitytracker.com:
XMB Group Magic Lantern Forum Software Discloses Log Files and Server Installation Path Information to Remote Users. Read more

www.neowin.net:
FastTrack network(Kazaa) share virus too. Read more

www.internetnews.com:
FBI Probes Hacks on Ford, Experian. Read more

www.guardian.co.uk:
Have the hackers got your number? Read more

www.msnbc.com:
Please keep your big e-mail shut. Read more

19 May 2002

New trojans:
KiKbak

Troyano-Argentino 2.0

M2 Trojan 1.6

Tool:
www.inphiltration.com:
Remote Control Packet Sniffer. Read more

News:
online.securityfocus.com:
SuSE AAA_Base_Clean_Core Script RM Race Condition Vulnerability. Read more

online.securityfocus.com:
SuSE Shadow File Truncation Vulnerability. Read more

online.securityfocus.com:
Cisco Content Service Switch XML Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Cisco Cache Engine Default Configuration Arbitrary User Proxy Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer Content-Disposition Handling File Execution Vulnerability. Read more

online.securityfocus.com:
Cisco Content Service Switch HTTPS Post Denial Of Service Vulnerability. Read more

online.securityfocus.com:
Swatch Throttled Event Reporting Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer Zone Spoofing Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer Cookie Content Disclosure Vulnerability. Read more

www.securitytracker.com:
'sliplogin' Serial Line IP Utility Buffer Overflow May Possibly Allow Local Users to Gain Elevated Privileges. Read more

www.securitytracker.com:
Parallel URL Fetcher ('puf') Format String Error May Let Remote Users Cause Arbitrary Commands to Be Executed. Read more

www.securitytracker.com:
'mpg321' Audio Player Buffer Overflow May Let Remote Users Cause the Player to Execute Arbitrary Code. Read more

www.securitytracker.com:
Lukemftp FTP Client Buffer Overflow in Processing Server-Supplied PASV Commands May Allow Remote FTP Servers To Cause Arbitrary Code to Be Executed on the FTP Client. Read more

www.securitytracker.com:
SuSE Linux 'shadow' Password Management Utility May Let Local Users Obtain Elevated Group Privileges. Read more

www.securitytracker.com:
SonicWALL SOHO Content Blocking Script Injection and Logfile DoS. Read more

www.securitytracker.com:
Content Service Switch Web Management HTTP Processing Vulnerabilities. Read more

www.securitytracker.com:
Transparent Cache Engine and Content Engine TCP Relay Vulnerability. Read more

www.securitytracker.com:
Opera JavaScript Protocol Vulnerability. Read more

www.securitytracker.com:
15 May 2002 Cumulative Patch for Internet Explorer. Read more

www.securitytracker.com:
Microsoft Internet Explorer Still Download and Execute any Program Automatically. Read more

www.securitytracker.com:
OpenBSD File Descriptor Vulnerability (Additional Details). Read more

www.securitytracker.com:
Phorum Remote Command Execution Vulnerability (PHORUM[settings_dir]). Read more

www.securitytracker.com:
Grsecurity Allows Modifying of "read-only kernel". Read more

www.securitytracker.com:
GNU rm fileutils Race Condition Problems on SuSE. Read more

www.spacer.com:
New Class Of Attacks On Computer Security Systemss. Read more

www.content-wire.com:
INTERNET SECURITY: Germany Under Attack? Read more

www.nzherald.co.nz:
Net-Fraud Bill Wiped But Victim Hacked Off. Read more

18 May 2002

New trojans:
Kcom Downloader

Optix PRO 1.1

ShadowPhyre server (b)

News:
www.securitytracker.com:
Sharutils Package Uudecode Component Fails to Check for Symlinks When Decoding to a Temporary File, Allowing Local Users to Potentially Gain Elevated Privileges. Read more

www.securitytracker.com:
Microsoft Internet Explorer (IE) New Content-Disposition Bugs May Let Remote Users Execute Arbitrary Code on the Victim's Computer. Read more

www.securitytracker.com:
Microsoft Internet Explorer (IE) Zone Spoofing Hole Lets Remote Users Create HTML That, When Loaded, May Run in a Less-Secure IE Security Zone. Read more

www.securitytracker.com:
WolfMail Perl-based CGI E-mailer Lets Remote Users Send Mail (SPAM) Using Arbitrary 'From' Addresses. Read more

www.securitytracker.com:
Cisco ACNS Content Software (Running on Cache Engines and Content Engines) May Let Remote Users Open Unauthorized Connections to Arbitrary Ports and Addresses. Read more

www.securitytracker.com:
Cisco Content Service Switch (CSS) 11000 Can Be Reset By Remote Users. Read more

www.securitytracker.com:
Opera Browser Frame Location Bug Lets Remote Users Cause Arbitrary Javascript to Be Executed in the Incorrect Security Domain to Access Cookies and Other Sensitive Information. Read more

www.securitytracker.com:
Sun Microsystems SunATM 'atmsnmpd' Daemon Allows Remote Users to Crash the Daemon. Read more

www.securitytracker.com:
Microsoft Internet Explorer Bugs in 'BGSOUND' and 'IFRAME' Tags Let Remote Users Create HTML That Will Cause Denial of Service Conditions or Will Access Special DOS Devices. Read more

www.theregister.co.uk:
MS releases grand daughter of all IE security patches. Read more

www.theregister.co.uk:
MS IE patch misses the mark. Read more

zdnet.com.com:
Sneaky Klez worm won't go away. Read more

www.pcworld.com:
Stop Those Sneaky E-Mail Viruses in Their Tracks. Read more

www.newsfactor.com:
Fanatics with Laptops: The Coming Cyber War. Read more

www.theregister.co.uk:
Outlook worm markets porn site via your sig. Read more

www.newsbytes.com:
Windows Media Player Exposes IE Users To Attack. Read more

www.extremetech.com:
MSN Chat May Open Door for Hackers. Read more

www.computerworld.com:
Defense agency found using unsecure WLAN security cameras. Read more

www.newsfactor.com:
Hackers Expose Consumer Info from Ford, Experian. Read more

www.nzherald.co.nz:
Net-fraud bill wiped but victim hacked off. Read more

zdnet.com.com:
Spammers could face fines. Read more

17 May 2002

New trojans:
AcidHead 1.0

Hobbit

Katux Latinus 1.1

Tools: Remote Nmap (Rnmap) is a pair of client and server programs which allow for various authorized clients to run their port scans from a centralized server. Version 0.7 released. Read more

pedram.redhive.com:
dnshijacker is a libnet/libpcap based packet sniffer & spoofer. a versatile tool, dnshijacker supports tcpdump style filters that allow you to specifically target victims. Read more

News:
GreyMagic Security Advisory Appendix GM#001-AX
Topic: Appendix to "IE allows universal Cross Site Scripting". Read more

online.securityfocus.com:
id Software Quake II Server Remote Information Disclosure Vulnerability. Read more

www.securitytracker.com:
NetPad Text Editing CGI Script Input Validation Flaws Let Remote Users View Files and Execute Shell Commands. Read more

www.securitytracker.com:
NOCC PHP-based Webmail Client Software Displays Message Text as HTML Without Filtering, Allowing a Remote User to Access the Victim's Mailbox Using a Cross-Site Scripting Attack. Read more

www.eweek.com:
Microsoft Patch for IE Flaws Is 'Incomplete'. Read more

www.computeruser.com:
'Fortnight' worm changes browser start-up page to porn site. Read more

www.techfocus.org:
Lusers spread virus hoax, annoy IT people everywhere. Read more

www.online.ie:
Irish companies targeted by hackers. Read more

www.nzherald.co.nz:
Net-fraud bill wiped but victim hacked off. Read more

www.informationweek.com:
Deceptive Duo Reportedly Raided. Read more

16 May 2002

New trojans:
AcidShiver (e)

Net Trash Xs 1b

Kcom FTP

News:
Microsoft Security Bulletin MS02-023
15 May 2002 Cumulative Patch for Internet Explorer (Q321232). Read more

Cisco Security Advisory:
Transparent Cache Engine and Content Engine TCP Relay Vulnerability. Read more

Cisco Security Advisory:
Content Service Switch HTTP Processing Vulnerabilities. Read more

www.security.nnov.ru:
special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook. Read more

online.securityfocus.com:
Bannermatic World Readable Data Files Information Disclosure Vulnerability. Read more

online.securityfocus.com:
NOCC Webmail Script Injection Vulnerability. Read more

online.securityfocus.com:
LevCGI NetPad Unauthorized File Access Vulnerability. Read more

online.securityfocus.com:
kv Poll Cookie Security Bypass Vulnerability. Read more

online.securityfocus.com:
Gaim Sensitive World Readable Temporary File Vulnerability. Read more

online.securityfocus.com:
tinyproxy HTTP Proxy Memory Corruption Vulnerability. Read more

www.securiteam.com:
WolfMail Allows Relaying of SPAM. Read more

www.securitytracker.com:
nCipher MSCAPI CSP Install Wizard Bug May Result in Generated Keys That Are Not Protected By Smart Cards Even if the User Requests This Protection. Read more

www.securitytracker.com:
NetWin DNews News Server Has Unspecified 'Security Fault' That May Allow Remote Users to Access the Management Interface. Read more

www.securitytracker.com:
Gaim Instant Messaging Client Lets Local Users Access the Hotmail Accounts of Other Active Gaim Users. Read more

www.computing.vnunet.com:
Hackers target Israel. Read more

www.timesonline.co.uk:
Control phreaks. Read more

zdnet.com.com:
Can we really stop script kiddies? Read more

www.computing.vnunet.com:
Hackers turn on open source. Read more

www.washingtonpost.com:
FBI Tightens Net Around 'Deceptive Duo'. Read more

www.nzherald.co.nz:
Protection against hackers not good enough, say police. Read more

www.computing.vnunet.com:
Flash flaw turns PCs into zombies. Read more

www.theregister.co.uk:
Hoax virus alert could cripple Windows Java. Read more

itmanagement.earthweb.com:
Security Sieves: Misused Technology Leaving Networks Vulnerable. Read more

15 May 2002

New trojans:
Muska52 1.6

Boiling client. Boiling is now complete.

AutoSpY 1.0

News:
online.securityfocus.com:
Seminole Webserver Invalid Request Heap Corruption Vulnerability. Read more

www.securiteam.com:
NOCC Cross-Site Scripting Bug. Read more

www.securiteam.com:
Word Mail Merge Variant Vulnerability. Read more

www.securiteam.com:
Hacking Sybase/MS-SQL for the NT Administrator. Read more

www.securiteam.com:
Wu-IMAP Buffer Overflow Condition (PARTIAL). Read more

www.securiteam.com:
Levcgi.com's NetPad Multiple Vulnerabilities. Read more

www.securiteam.com:
Gaim Arbitrary Email Access. Read more

www.newsbytes.com:
Most Home Computers Virus Targets - Survey. Read more

news.zdnet.co.uk:
UK fights back against cybercrime. Read more

techupdate.zdnet.co.uk:
Keeping hackers out of your Web services. Read more

news.com.com:
How hackers avoid getting caught. Read more

14 May 2002

New trojans:
Tcc 0.91

Acid Reign 2.0

Wolff 1.3

News:
online.securityfocus.com:
Novell BorderManager Connection Table Denial of Service Vulnerability. Read more

online.securityfocus.com:
XMB Forum 1.6 Magic Lantern Cross Site Scripting Vulnerabilities. Read more

online.securityfocus.com:
MyBB DevBB 1.0 install.php Reconfiguration Vulnerability. Read more

online.securityfocus.com:
mnoGoSearch 3.1.19 Search Query Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Seminole Webserver Empty Request Denial of Service Vulnerability. Read more

online.securityfocus.com:
XMB Forum 1.6 Magic Lantern Log File Vulnerabilities. Read more

online.securityfocus.com:
Critical Path InJoin Directory Server File Disclosure Vulnerability. Read more

online.securityfocus.com:
Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Multiple Vendor Firewall Port 53 Communication Vulnerability. Read more

online.securityfocus.com:
Macromedia Dreamweaver InterDev SQL Injection Vulnerability. Read more

online.securityfocus.com:
Critical Path InJoin Directory Server Cross-Site Scripting Vulnerability. Read more

online.securityfocus.com:
Gisle Aas Digest-MD5 UTF-8 Incorrect Digest Calculation Threat. Read more

online.securityfocus.com:
ACD Systems ACDSee Photo Album File Description Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
OpenBSD exec C Library Standard I/O File Descriptor Race Condition Vulnerability. Read more

www.securitytracker.com:
mnoGoSearch SQL-based Search Engine Software Has Heap Overflow That Lets Remote Users Execute Arbitrary Code with the Privileges of the Web Server. Read more

www.securiteam.com:
MSCAPI CSP Install Wizard Incorrect Behavior Pose a Security Threat. Read more

www.securiteam.com:
Cibleclick.com Stores Passwords in Clear Text inside Cookies. Read more

www3.gartner.com Microsoft Sends Mixed Signals About Software Security. Read more

www.yomiuri.co.jp:
Learning from poor network security products. Read more

networknews.vnunet.com:
Virus writers get behind Gigabyte. Read more

www.eweek.com:
Hackers Attack Public, Private Sectors. Read more

www.internetnews.com:
Navy Brass Latest Hacking Victim. Read more

www.eweek.com:
ISP Protects Its IP Backbone From DDoS Attacks. Read more

www.iscentral.org:
How To UnCap Motorola Surfboard Cable Modems. Read more

www.theinquirer.net:
Cable modems under mega-hacking threat. Read more

www.infosecuritymag.com:
A six-part Information Security Special Report on the growing virus problem--and what to do about it. Read more

www.iht.com:
Online trade for stolen credit cards flourishes. Read more

www.nationalpost.com:
Cyber-spies needed for Ottawa jobs. Read more

www.primezone.com:
Discover What It Takes to Beat Even the Most Sophisticated Cyber Invader. Read more

13 May 2002

New trojans:
I am looking some time for the older trojan "Sivka-Burka". Who can help me out?

Little Witch 5.3

DKangel 2.0

Rebate Server

News:
www.securiteam.com:
Cisco ATA-186 Admin Password Can be Trivially Circumvented. Read more

www.securitytracker.com:
AOL Instant Messenger (AIM) Bug in 'aim:AddBuddy' Link Processing May Let Remote Users Cause the AIM Client to Crash. Read more

www.securitytracker.com:
Cisco ATA 186 Analog Telephone Adaptor Discloses Device Password to Remote Users and May Also Let Remote Users Modify the Configuration Without Having the Password. Read more

www.securitytracker.com:
Perl-Digest-MD5 Utility May Result in Incorrect MD5 Checksums When Processing UTF-8 Encoded Characters. Read more

www.securitytracker.com:
BEA Systems WebLogic Server and Express May Disclose an Administrative Password to Local Users. Read more

www.securitytracker.com:
BEA Systems WebLogic Server Default Management Servlet Discloses the Contents of Files in Certain Subdirectories to Remote Users. Read more

www.securitytracker.com:
Critical Path inJoin Directory Server 'iCon' Management Interface Allows Cross-Site Scripting Attacks Against Administrators. Read more

www.securitytracker.com:
Critical Path inJoin Directory Server 'iCon' Web Administration Interface Discloses Files on the System to Authenticated Remote Users. Read more

www.securitytracker.com:
University of Washington IMAP Toolkit ('uw-imap') Has Buffer Overflow That May Let Remote Users Execute Arbitrary Code with User-Level Privileges on the System. Read more

www.securiteam.com:
Linux NetFilter NAT/ICMP Code Information Leak. Read more

www.securiteam.com:
Critical Path inJoin Directory Server Cross Site Scripting Issue. Read more

www.securiteam.com:
Critical Path inJoin Directory Server Web Traversal Issue. Read more

www.securiteam.com:
Unfortunate Interaction Between EZMLM and MessageLabs Virus Scanning. Read more

www.computeruser.com:
Army layers security blankets to guard networks. Read more

www.computeruser.com:
Judge says Russian firm to be charged in e-book case. Read more

www.gulf-news.com:
Firms ignoring IT security threat. Read more

allafrica.com:
Creation of Cyber Inspectors Challenged. Read more

12 May 2002

New trojans:
NetBUIE

Lula

C.H.C.B. beta1

Glacier 6.0
The Glacier 6.0 that was already in the archive, turned out to be Glacier 6.0-J and is renamed to 6.0-J.

News:
www.newsbytes.com:
Xbox 'Emulator' Front For Online Money-Making Scam. Read more

www.egoclan.barrysworld.net:
Microsoft Net Messenger Service Local Heap Overflow via SEND. Read more

online.securityfocus.com:
Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Cisco ATA-186 HTTP Device Configuration Disclosure Vulnerability. Read more

online.securityfocus.com:
AOL Instant Messenger AddBuddy Hyperlink Vulnerability. Read more

online.securityfocus.com:
Cisco ATA-186 Web Administration Authentication Bypass Vulnerability. Read more

www.securitytracker.com:
Yahoo! Messenger Client Discloses Buddy List Contents to Local Users. Read more

www.securiteam.com:
mnoGoSearch Found To Be Vulnerable to a Heap Overflow. Read more

www.securiteam.com:
DOS Reserved Filenames Cause ColdFusion To Reveal Physical Web Root. Read more

www.securiteam.com:
SafeWeb Vulnerability, Fingerprinting Websites Using Traffic Analysis. Read more

www.securiteam.com:
KStat, Kernel Memory Accessing Tool. Read more

www.securiteam.com:
SQLSmack, a UNIX Based Remote Command Execution for MSSQL. Read more

www.reuters.com:
Top Argentine Court Wants Law Against Hackers. Read more

www.infowarrior.org:
Who Needs Hackers? We've Got Microsoft! Read more

www.eweek.com:
Error in MS Protocol Could Compromise Security. Read more

www.theregister.co.uk:
Kill the MSN Messenger. Read more

www.theregister.co.uk:
Europe's MS sanctions to be wide-ranging, long-taking. Read more

www.theregister.co.uk:
Sklyarov/ElcomSoft case sent to trial. Read more

www.securitynewsportal.com:
Unknown hackers give hotel hosting CanSecWest Security Conference a few whacks. Read more

11 May 2002

New trojans:
Fearless Webdownloader 1.0

Guangwai Girl 1.53b

HellzAddiction 1.20E

DKangel 1.0

News:
Extension Identification Bug and IE Registry Manipulation by Doc~. Read more

CERT� Advisory CA-2002-13
Buffer Overflow in Microsoft's MSN Chat ActiveX Control. Read more

www.nmrc.org:
Critical Path inJoin V4.0 Directory Server. Read more

www.securiteam.com:
CRLF Injection. Read more

online.securityfocus.com:
OpenBSD exec C Library Standard I/O File Descriptor Race Condition Vulnerability. Read more

online.securityfocus.com:
Webmin / Usermin Authentication Bypass Vulnerability. Read more

www.securitytracker.com:
Cisco BTS 10200 Softswitch Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code. Read more

www.securitytracker.com:
Cisco IP Manager Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code. Read more

www.securitytracker.com:
Cisco Media Gateway Controller (MGC) Product Line Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device. Read more

www.securitytracker.com:
NetWare FTP Server Errors in Handling Unexpected Input Let Remote Users Cause the Server to Consume All Available CPU Resources. Read more

www.securitytracker.com:
Usermin Session ID Spoofing Hole May Allow Remote Users to Gain Root Access to the System. Read more

www.securitytracker.com:
Webmin Session ID Spoofing Hole May Allow Remote Users to Gain Root Access to the System. Read more

www.securitytracker.com:
Network Associates PGP 'Wipe Deleted Files' Option Fails to Wipe Clear Text Temporary Files Used by the Windows 2000 Encrypted File System Feature. Read more

www.securitytracker.com:
SGI 'fsr_xfs' XFS Filesystem Reorganizer May Let Local Users Obtain Root Access. Read more

www.securitytracker.com:
Ecometry's SGDynamo Web Application Engine Allows Remote Users to Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft Exchange Instant Messenger ActiveX Control Has 'ResDLL' Parameter Buffer Overflow That Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft MSN Messenger Includes an ActiveX Control That Has 'ResDLL' Parameter Buffer Overflow That Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft MSN Chat Control ActiveX Control Has 'ResDLL' Parameter Buffer Overflow That Lets Remote Users Execute Arbitrary Code. Read more

www.salon.com:
Microsoft says penalty will let hackers run wild. Read more

www.cnet.com:
Security trips up instant messaging. Read more

www.commweb.com:
Security Hole Found In MSN Messenger. Read more

news.com.com:
States grill Microsoft's computer expert. Read more

techupdate.zdnet.co.uk:
Hackers: Allies in the network security war? Read more

news.zdnet.co.uk:
Chat 'bots' may be hacker tool. Read more

10 May 2002

New trojans:
Alicia version k

Anal FTP 0.1

Remote-Anything 3.5.8

News:
online.securityfocus.com:
HP Virtualvault Unauthorized Administrative Access Vulnerability. Read more

www.securitytracker.com:
L.Y.S.I.A.S. Lidik Web Server for Microsoft Windows Systems Lets Remote Users View Files Located Anywhere on the Partition. Read more

www.securitytracker.com:
Intel BIOS Bug Lets Physically Local Users Boot From Alternate Boot Media Even When The Supervisor Password is Set. Read more

www.securitytracker.com:
MDaemon Mail Server WorldClient Buffer Overflow Lets Authenticated Remote Users Execute Arbitrary Code on the Server with SYSTEM Privileges. Read more

www.securitytracker.com:
'netstat' Utility for SGI IRIX UNIX Operating System May Let Local Users Detect the Presence of Files Regardless of File Permissions. Read more

www.securitytracker.com:
Pointsec for Palm OS Discloses the User's PIN Code to Physically Local Users. Read more

www.securitytracker.com:
Microsoft Office 'Word Mail Merge' Feature Allows Remote Users to Cause Arbitrary Programs to Be Executed on the Target User's Computer. Read more

www.securitytracker.com:
HP-UX 'ndd' Network Tuning Utility Has Unspecified Problem That May Let Local Users Cause Denial of Service Conditions. Read more

www.securiteam.com:
NTFS and PGP Interact to Expose EFS Encrypted Data. Read more

www.securiteam.com:
MSN Messenger OCX Buffer Overflow. Read more

www.securiteam.com:
Webmin/Usermin Cross-site Scripting Vulnerability. Read more

www.securiteam.com:
ISC DHCPDv3 Remote Root Compromise. Read more

www.computing.vnunet.com:
US approves tougher cybercrime penalties. Read more

news.bbc.co.uk:
Stopping the cyber-criminals. Read more

www.zdnet.com:
Don't trust MS? Make IE and Outlook more secure. Read more

www.computing.vnunet.com:
Microsoft admits to 'critical' security hole. Read more

www.fcw.com:
Team tackles Windows security. Read more

www.reuters.com:
Microsoft Warns of 'Critical' Chat Security Flaw. Read more

zdnet.com.com:
Argentine hackers go scot-free. Read more

www.osopinion.com:
Understanding Security Threats: You Are a Target! Read more

www.computing.vnunet.com:
Bug watch: The boy who cried worm. Read more

www.spokesmanreview.com:
Hackers defile Spokane County Web site. Read more

www.theregister.co.uk:
Attack of the clones. Read more

09 May 2002

New trojans:
Lanbyte 0.01

Ducktoy 1.0.1

DarkSky 2.3

News:
Microsoft Security Bulletin MS02-022
Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661). Read more

CERT� Advisory CA-2002-12
Format String Vulnerability in ISC DHCPD. Read more

www.eeye.com:
MSN Messenger OCX Buffer Overflow. Read more

www.securiteam.com:
Unchecked Buffer in MSN Chat Control Can Lead to Code Execution. Read more

www.securiteam.com:
Multiple Vulnerabilities in MDaemon and WorldClient. Read more

www.securiteam.com:
Lysias Lidik Web Server Suffers from a Directory Traversal Vulnerability. Read more

www.securiteam.com:
Cisco Found To Contain a NTP Related Vulnerability. Read more

www.securiteam.com:
Novell SDMR DoS. Read more

www.securiteam.com:
Novell Netware Client Unchecked Buffers. Read more

www.securiteam.com:
The Netware FTP Server Contains a DoS vulnerability. Read more

www.securiteam.com:
Novell Border Manager Multiple Vulnerabilities. Read more

www.securitytracker.com:
Microsoft MSN Messenger Instant Messaging Client Malformed Header Processing Flaw Lets Remote Users Crash the Client. Read more

www.securitytracker.com:
'pam_ldap' LDAP-based Authentication Module Format String Bug Lets Local Users Obtain Root Level Access. Read more

www.securitytracker.com:
Logitech iTouch Keyboard and Keyboard Software Can Bypass Computer Locking Protections and Execute Certain iTouch-assigned Programs When Locked. Read more

www.securitytracker.com:
Another AOL Instant Messenger (AIM) TLV Buffer Overflow Lets Remote Users Execute Arbitrary Code on Another User's AIM Client. Read more

www.summercon.org:
Announce for Summercon 2002 May 31, June 1-2. Read more

www.nandotimes.com:
Some MSN Messenger versions vulnerable to hackers. Read more

www.ananova.com:
MSN Messenger users vulnerable to hackers. Read more

online.securityfocus.com:
Cable Modem Hacking Goes Mainstream. Read more

www.cnn.com:
Hackers say holes exposed retail data. Read more

www.online.ie:
Allchin quizzed on 'secret' MS protocols and APIs. Read more

www.wired.com:
MS: Remedies a Bonus for Crackers. Read more

08 May 2002

New trojans:
Nethero 1.0 (b)

Neat 2.0

NeuroticKat 1.3

News:
www.newsbytes.com:
'Cute' Trojan Could Take Over Your PC - Anti-Virus Companies. Read more

www.it-checkpoint.net:
Lysias Lidik Webserver suffers from a Directory Traversal Vulnerability. Read more

online.securityfocus.com:
B2Config.PHP Remote Command Execution Vulnerability. Read more

online.securityfocus.com:
Solaris cachefsd Heap Overflow Vulnerability. Read more

www.securiteam.com:
Mis-formated Message Header Causes MSN Messenger to Crash. Read more

www.securiteam.com:
Pointsec for PalmOS PIN Disclosure. Read more

online.securityfocus.com:
Flame war after Klez worms onto Richer Sounds mailing list. Read more

www.newsbytes.com:
Virus Hoax Making The Rounds - 'JDBGMGR.EXE'. Read more

www.forbes.com:
UPDATE 1-Microsoft sees security threat in states' ideas. Read more

digitalmass.boston.com:
Microsoft says disclosures could help hackers; judge allows new witness for states. Read more

www.washingtonpost.com:
Microsoft Witness Raises Windows Security Issues. Read more

www.newsbytes.com:
Band's Sites Deluged After Mailbox-Bomb Suspect ID'd. Read more

digitalmass.boston.com:
Top Argentine Court Wants Law Against Hackers. Read more

www.newsbytes.com:
Army Layers Security Blankets To Guard Networks. Read more

news.com.com:
Working in a network war zone. Read more

thisisleeds.co.uk:
Hackers make the most of lax security. Read more

www.wired.com:
A Challenge to Dissect Some Code. Read more

itmanagement.earthweb.com:
The Feds' Top Hacker Speaks. Read more

www.newsbytes.com:
`Evil Angelica' Parodies Government Site Hacking Duo. Read more

itmanagement.earthweb.com:
Social Engineering: The Human Side Of Hacking. Read more

07 May 2002

New trojans:
Under 7.43

BirdSpy 3.0

Last 2000 version b

News:
CERT� Advisory CA-2002-11
Heap Overflow in Cachefs Daemon (cachefsd). Read more

www.guninski.com:
Digitally signing buggy ActiveX components (version 2.0) by Georgi Guninski. Read more

www.owasp.org:
Cross Site Scripting. Read more

www.w00w00.org:
AOL Instant Messenger Overflow #2. Read more

www.securiteam.com:
cURL Remote Exploit Code Released. Read more

www.securiteam.com:
Windows 2000 Server IIS 5.0 .ASP Overflow Exploit. Read more

www.securiteam.com:
Bruteforcing support for PPPD (Patch). Read more

www.securiteam.com:
LabVIEW Web Server DoS Vulnerability Exploit Code Released. Read more

www.securiteam.com:
3CDaemon DoS Exploit. Read more

online.securityfocus.com:
askSam Web Publisher Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
NewsPro 1.01 Unauthenticated Administrator Vulnerability. Read more

online.securityfocus.com:
PHPImageView Cross Site Scripting Vulnerability. Read more

online.securityfocus.com:
PhotoDB 1.4 Administrator Access Vulnerability. Read more

www.securiteam.com:
New AOL Instant Messenger Buffer Overflow. Read more

www.securiteam.com:
RealityScape MyLogin 2000 Professional SQL Injection. Read more

www.securiteam.com:
ASP Client Check SQL Injection Vulnerability. Read more

www.securiteam.com:
Digitally Signed Vulnerability Components Pose a Viable Threat. Read more

www.securiteam.com:
B2 PHP Remote Command Execution. Read more

zdnet.com.com:
Chernobyl virus hitches a ride. Read more

www.osopinion.com:
The Computer Virus of the Future. Read more

www.pcworld.com:
Aging Worms Still Crawl, Threaten Net. Read more

www.pcworld.com:
Hackers Say They Hack for Our Sake. Read more

news.zdnet.co.uk:
Online banking: Anatomy of a hacking. Read more

www.pcworld.com:
Kazaa Sneakware Stirs Inside PCs. Read more

australianit.news.com.au:
Security myths costing firms. Read more

www.idg.net:
Security Flaw Found in AOL Instant Messenger. Read more

www.usatoday.com:
Cyberspace full of terror targets. Read more

06 May 2002

New trojans:
TCC 0.90

Remote HAVOC 2.0.7

Intruzzo 2002 version b

News:
www.cultdeadcow.com:
The Tao of Windows Buffer Overflow by DilDog. Read more

www.enseirb.fr:
A Buffer Overflow Study. Attacks & Defenses. Read more

www.securiteam.com:
Solaris cachefsd Remote Buffer Overflow Vulnerability (Cache Name). Read more

www.theinquirer.net:
Best Buy hit by WLAN snooping. Read more

www.newscientist.com:
Competition to "reverse engineer" mystery program. Read more

www.computeruser.com:
DrinkOrDie software pirate goes to prison. Read more

www.it-director.com:
Hacker says .Net is pretty good. Read more

www.usatoday.com:
Cyberspace full of terror targets. Read more

www.computeruser.com:
Macromedia flash bug could open Windows PCs to hackers. Read more

www.zdnet.com:
.Net's security just OK... Best Buy hacked?... Flash hole patched...Read more

allafrica.com:
Cyber Crime Crisis Looms in Zim. Read more

hoovnews.hoovers.com:
WIRED SOCIETY: Fast action needed on cybercrime law. Read more

www.cleveland.com:
FBI ex-chief sees law, rights challenged. Read more

www.msnbc.com:
Web Attack in the Workplace. Read more

seattletimes.nwsource.com:
Highline hacking brings suspensions; 19 high-schoolers accused of grade-tampering. Read more

05 May 2002

New trojans:
iD_2001 version 1.0

Mantice 1.0

Haan

News:
www.securitytracker.com:
Macromedia Flash OCX Activex Object for Internet Explorer Contains Buffer Overflow That Allows Malicious HTML to Execute Arbitrary Code on the Victim's Computer. Read more

www.securitytracker.com:
Nautilus GNOME Shell and File Manager Symlink Hole May Let Local Users Cause Other Users' to Overwrite Files on the System. Read more

www.securitytracker.com:
4D Web Server Buffer Overflow in Processing Basic HTTP Authentication Lets Remote Users Crash the Server and May Allow Arbitrary Code to Be Executed. Read more

www.securitytracker.com:
Apache 'mod_python' Python Language Interpreter Bug in Publisher Handler May Allow Remote Users to Modify Files on the System. Read more

www.securitytracker.com:
alterMIME Null Byte Overflow May Allow a Remote User to Cause the Application to Crash. Read more

www.securitytracker.com:
SnapGear LITE+ Firewall Device Can Be Crashed By Remote Users Sending Certain Malformed Packets or Consuming Connections on Management Ports. Read more

www.securiteam.com:
PHPImageView XSS Vulnerability and Information Disclosure. Read more

www.securiteam.com:
Nautilus Symlink Vulnerability. Read more

www.securiteam.com:
askSam Cross Site Scripting and Path Disclosure Vulnerabilities. Read more

www.securiteam.com:
The 4D Web Server has a Buffer Overflow Condition. Read more

seattletimes.nwsource.com:
Q & A: Worm-infested e-mail plagues computer user. Read more

www.theregister.co.uk:
Solaris wall shows cracks. Read more

www.nwfusion.com:
Gartner: Attacks exploit user security indifference. Read more

www.fcw.com:
Security poses primary wireless challenge. Read more

news.com.com:
Shades of gray at security conference. Read more

www.theregister.co.uk:
MS seeks senior spook to score Federal security $$$s. Read more

04 May 2002

New trojans:
AIMVision

Spadeace

Fade 1.0

News:
www.iss.net:
Increased Hacking Activity Associated with Underground File-Sharing Networks. Read more

www.securiteam.com:
How to Remotely and Automatically Exploit a Format Bug. Read more

online.securityfocus.com:
Snapgear Lite+ Firewall HTTP Denial of Service Vulnerability. Read more

online.securityfocus.com:
Snapgear Lite+ Firewall PPTP Denial of Service Vulnerability. Read more

online.securityfocus.com:
Snapgear Lite+ Firewall IPSEC Denial of Service Vulnerability. Read more

online.securityfocus.com:
Snapgear Lite+ Firewall IP-OPTIONS Denial of Service Vulnerability. Read more

online.securityfocus.com:
HP MPE/iX FTPSRVR Arbitrary Shell Command Execution Vulnerability. Read more

online.securityfocus.com:
Microsoft Internet Explorer/Outlook Express XBM Handling DoS Vulnerability. Read more

online.securityfocus.com:
RedHat DocBook Tools Default Stylesheet Arbitrary File Write Vulnerability. Read more

online.securityfocus.com:
SGI Irix nsd Symbolic Link Vulnerability. Read more

www.securiteam.com:
Classic Cross-Site Scripting: Gibson Research Corporation. Read more

www.securiteam.com:
Macromedia Flash ActiveX Buffer Overflow. Read more

www.securitytracker.com:
(SGI Issues Fix) XFree Xlib Buffer Overflow May Let Local Users Exploit Linked Programs to Gain Elevated Privileges. Read more

www.securitytracker.com:
SGI IRIX Unified Name Service Daemon (nsd) Symlink Bug May Let Local Users Obtain Root Privileges on the System. Read more

www.securitytracker.com:
Caldera OpenServer System Activity Reporter (sar) Command Line Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Red Hat DocBook Document Conversion Tool May Allow Remote Users to Cause Arbitrary File Names to be Used for Storing a Convered HTML Document. Read more

www.securitytracker.com:
HP FTPSRVR FTP Server for MPE/iX Operating System May Allow Remote Users to Gain Access to the System. Read more

www.securitytracker.com:
Sun Solaris 'admintool' Installation Path Buffer Overflow Lets Local Users Execute Arbitrary Code with Root Privileges. Read more

www.securitytracker.com:
Sun Solaris 'lbxproxy' Display Name Buffer Overflow Lets Local Users Obtain Root Group Privileges. Read more

www.securitytracker.com:
Sun Solaris 'cachefsd' Mount Buffer Overflow Lets Local Users Gain Root Privileges. Read more

www.securitytracker.com:
ISS RealSecure Network Sensor DHCP Processing Bug Lets Remote Users Crash the Sensor. Read more

www.securiteam.com:
Snapgear Lite+ Firewall Denial of Service. Read more

www.securiteam.com:
IE and OE Cannot Handle Malformed XBM Files. Read more

www.securiteam.com:
Spooky Login SQL Injection Vulnerability. Read more

www.informationweek.com:
A New Degree Of Security. Read more

www.computeruser.com:
Texas University plans cybercrime institute. Read more

timesofindia.indiatimes.com:
Macromedia fixes Flash security bug. Read more

www.newsbytes.com:
Klez Offers Ride To CIH Virus. Read more

zdnet.com.com:
ActiveX flaw exposes Flash users to hacks. Read more

www.infoworld.com:
Kournikova virus writer appeals sentence. Read more

zdnet.com.com:
Forum: The fate of wireless security. Read more

www.computeruser.com:
Laws, Net filters not enough to protect kids online - report. Read more

03 May 2002

New trojans:
XPosure

Glacier 3.3

PC Xplorer 1.2

Tools:
piorio.supereva.it:
BackStealth is an innovative Security Utility which allows to bypass the outbound protection of a Personal Firewall in order to establish a remote connection. Read more

News:
www.defcon.org:
Announcing DEF CON 10. Read more

project.honeynet.org:
The Reverse Challenge
Your challenge is to analyze a binary captured in the wild. Read more

Reverse Engineering Malware by Lenny Zeltser. Read more

An Environment for Controlled Worm Replication and Analysis. Read more

www.eeye.com:
Macromedia Flash Activex Buffer overflow. Read more

www.cqure.net:
The 4D webserver has a buffer overflow condition. Read more

www.msnbc.com:
Best Buy closes wireless registers. Read more

www.theinquirer.net:
Best Buy hit by WLAN snooping. Read more

www.securitytracker.com:
SGI IRIX Performance Metrics Collector Daemon (pcmd) Can Be Made to Consume Available Memory on the Host By Remote Users. Read more

www.securitytracker.com:
Microsoft Internet Explorer Can Be Crashed By Incorrectly Sized XBM Graphics Files. Read more

www.securitytracker.com:
3Com's 3CDaemon FTP Server Buffer Overflow Lets Remote Users Crash the FTP Service. Read more

www.securitytracker.com:
SGI IRIX Operating System 'ipfilterd' Configuration Error Lets Local Users Disrupt Network Traffic. Read more

www.securitytracker.com:
Levcgi.com's myGuestbook Input Filtering Flaw Allows Remote Users to Conduct Cross-Site Scripting Attacks Against myGuestbook Users. Read more

www.securitytracker.com:
SGI IRIX '/usr/sbin/cpr' State Saving Facility Has Buffer Overflow That May Let Local Users Get Root Access. Read more

www.securitytracker.com:
Netscape Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer. Read more

www.securitytracker.com:
Mozilla Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer. Read more

www.securitytracker.com:
CIDER Project's SHADOW Intrusion Detection Software Allows Remote Users to Execute Arbitrary Code on the Server with Web Server Privileges. Read more

www.securitytracker.com:
BEA Weblogic URL Parsing Flaw Lets Remote Users View .JSP Source Code or the Physical Installation Path and Cause Denial of Service Conditions. Read more

www.securitytracker.com:
Sun Solaris 'rpc.walld' Format String Bug May Let Remote Users Execute Arbitrary Code with Root Privileges. Read more

zdnet.com.com:
Hacking in the shadow of 9/11. Read more

zdnet.com.com:
Contest: Crack this hacking tool. Read more

www.computing.vnunet.com:
Chaos as 'Klez cocktails' begin to strike. Read more

www.smh.com.au:
Security watchdog reveals spy groups' eavesdropping. Read more

zdnet.com.com:
Ashcroft renews fight on child porn online. Read more

investor.cnet.com:
Hacking spree hits Defense Department. Read more

news.com.com:
Hacker finds fault in .Net security. Read more

www.computeruser.com:
USB port devices pose security threat. Read more

www.computing.vnunet.com:
Hacker duo continues cyber assault. Read more

news.com.com:
University systems a haven for hackers. Read more

www.smh.com.au:
Virus proves painful for creator. Read more

www.computing.vnunet.com:
The threat is out there. Read more

www.komotv.com:
Two Dozen Highline H.S. Students In Hot Water For Falsifying Grades. Read more

02 May 2002

New trojans:
China 1.0

Controlo do Virus Client

Bigshot 1.0 Client

News:
online.securityfocus.com:
3Com 3CDaemon Buffer Overflow Vulnerability. Read more

online.securityfocus.com:
Mozilla / Netscape 6 XMLHttpRequest File Disclosure Vulnerability. Read more

online.securityfocus.com:
Sun Solaris RWall Daemon Syslog Format String Vulnerability. Read more

online.securityfocus.com:
AutoLog IP Spoofing Vulnerability. Read more

online.securityfocus.com:
CIDER Shadow Analyzer Remote Command Execution Vulnerability. Read more

www.securitytracker.com:
Sun Solaris 'admintool' Buffer Overflows Let Local Users Execute Arbitrary Code to Gain Root Privileges. Read more

www.securitytracker.com:
SAP R/3 Default Installation Allows Remote Users to Access the Database Port and View, Write, and Modify Any SAP Data on the Server. Read more

www.securitytracker.com:
Reading Local Files in Netscape 6 and Mozilla. Read more

www.securitytracker.com:
SAP R/3 with Oracle Default Installation Vulnerability. Read more

www.securitytracker.com:
Remote Denial of Service Vulnerability in RealSecure Network Sensor. Read more

www.securitytracker.com:
Sun Solaris cachefsd Mount File Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
QPopper Buffer Overflow Vulnerability (BULLDIR). Read more

www.securitytracker.com:
Levcgi.com's MyGuestbook JavaScript Injection Vulnerability. Read more

www.securitytracker.com:
SunShop Shopping Cart Security Vulnerability. Read more

www.securitytracker.com:
DNSTools Authentication Bypass Vulnerability. Read more

www.lasvegassun.com:
Melissa Virus Maker Gets 20 Months. Read more

www.guardian.co.uk:
Melissa virus creator jailed. Read more

www.wired.com:
Klez: Don't Believe 'From' Line. Read more

www.usatoday.com:
PC viruses: Never open your door to strangers. Read more

www.cnet.com:
Livewire: Prevention is better than cure for any virus. Read more

www.newsbytes.com:
Hacker Pleads Guilty To Accessing NASA System. Read more

www.zdnet.com:
Stay one step ahead of hackers. Here's how. Read more

news.com.com:
Anatomy of a hacking. Read more

www.uniontrib.com:
Hackers spur shutdown of computer server for Navy. Read more

hoovnews.hoovers.com:
USB Port Devices Pose Security Threat. Read more

01 May 2002

New trojan(s):
NetDevil 1.4

Little Witch 5.2

Avanzado Server

News:
GreyMagic Security Advisory GM#001-NS
Reading local files in Netscape 6 and Mozilla. Read more

www.eSecurityOnline.com:
Microsoft Internet Information Server denial of service vulnerabilities. Read more

online.securityfocus.com:
ATGuard Personal Firewall Outgoing Connection Restriction Bypass Vulnerability. Read more

online.securityfocus.com:
DNSTools Authentication Bypass Vulnerability. Read more

online.securityfocus.com:
Blahz-DNS Direct Script Call Authentication Bypass Vulnerability. Read more

online.securityfocus.com:
Qualcomm QPopper Bulletin Name Buffer Overflow Vulnerability. Read more

www.securitytracker.com:
DNSTools Authentication Flaw Lets Remote Users Access the Application to Make DNS Changes Without Authenticating. Read more

www.securitytracker.com:
Blahz DNS Authentication Design Weakness Lets Remote Users Access the Application. Read more

www.securiteam.com:
CIDER SHADOW CGI Arbitrary Command Execution Vulnerabilities. Read more

www.securiteam.com:
Lotus Domino Bindsock PATH Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Lotus Domino Bindsock Arbitrary File Creation Vulnerability. Read more

www.securiteam.com:
Lotus Domino Bindsock Notes_ExecDirectory Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Method Found to Bypass ATGuard's Firewall. Read more

www.securiteam.com:
Bea WebLogic Incorrect URL Parsing Issues. Read more

www.securiteam.com:
Sun Solaris admintool -d and PRODVERS Buffer Overflow Vulnerabilities. Read more

www.securiteam.com:
Sun Solaris admintool Media Installation Path Buffer Overflow Vulnerability. Read more

www.securiteam.com:
CDE dtprintinfo Help Search Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Sun Solaris lbxproxy Display Name Buffer Overflow Vulnerability. Read more

www.securiteam.com:
Sun Solaris Cachefsd Denial of Service Vulnerability. Read more

www.newsbytes.com:
New Stealth Attack Found Against Personal Firewalls. Read more

www.theregister.co.uk:
Netscape blows off new vuln warning. Read more

online.securityfocus.com:
WinAmp's 'malicious MP3' vuln. Read more

zdnet.com.com:
WinAmp bug opens door to MP3 viruses. Read more

www.computeruser.com:
NY Times readers can't digest klez worm. Read more

www.computeruser.com:
Security firm's site preview marred by Nimda worm. Read more

www.computeruser.com:
Does your modem have loose lips? Read more

online.securityfocus.com:
Hackers Continue 'Early Warning' Attacks On U.S. Web Sites. Read more

www.internetnews.com:
AIM Today Gets Hacked. Read more

www.internetnews.com:
Beware! Your PC Could Be Bugged. Read more

www.informationweek.com:
U.S. military cadets compete in the second-annual Cyber Defense Exercise. Read more


Copyright� MegaSecurity.org