Home
News Archive    Translate Traducen
News October 2002
31 october 2002

New Trojans:
NukeProtecter 1.0

CiGiCiGi 1.5

Dipti 5.0

Vulnerabilities & Exploits:
www.securitytracker.com:
phpBB Forum Bug in 'admin_ug_auth.php' Lets Remote Authenticated Users Gain Administrative Privileges on the Forum. Read More

www.securitytracker.com:
Mailread.com POP Mail Software Input Validation Bugs Let Remote Users Read Files and Execute Commands on the System. Read More

www.securitytracker.com:
Cisco Universal Gateway Can Be Crashed By Remote Users Conducting Port Scans. Read More

www.securitytracker.com:
Forum Du Dobermann Web Forum Include File Error Lets Remote Users Execute Arbitrary Commands. Read More

www.securitytracker.com:
Alt-N MDaemon POP Mail Server Lets Remote Authenticated Users Crash the Mail Services. Read More

News:
Microsoft Security Bulletin MS02-062
Cumulative Patch for Internet Information Service (Q327696). Read More

Microsoft Security Bulletin MS02-063
Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834).

Microsoft Security Bulletin MS02-064
Windows 2000 Default Permissions Could Allow Trojan Horse Program (Q327522). Read More

www.pcworld.com:
Do Bug-Hunting Security Firms Put Users at Risk? Read More

online.securityfocus.com:
The Day the Net Nearly Choked. Read More

www.canada.com:
Blow struck at Net's heart. Read More

www.hacktivismo.com:
No More Hacker Cease-Fire: Now Its War.... Again. Read More

www.vnunet.com:
CIA identifies cyber terror groups. Read More

www.hindustantimes.com:
Orissa cops to check cyber crime. Read More

www.2600.com:
E-MAIL AND WEB SITES ARE COMPUTER-BASED ATTACKS, SAYS GOV. Read More

techupdate.zdnet.com:
Smart security: network scanners. Read More

zdnet.com.com:
Can open source compete with Microsoft? Read More

www.vnunet.com:
Questions + Answers: Kevin Mitnick. Read More

news.bbc.co.uk:
State of the wireless nation. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 30, 2002. Read More

30 october 2002

New Trojans:
Computer Spy

Dripper 0.1

TheRipperz IP Mail Notifier

Vulnerabilities & Exploits:
Debian Security Advisory
DSA-183-1 krb5 -- buffer overflow. Read More

www.securitytracker.com:
Microsoft Outlook Express May Fail to Delete E-mail Messages from Local Storage. Read More

News:
www.forbes.com:
RPT-Pro-Islamic hackers gear up for cyber war-experts. Read More

www.itweb.co.za:
Fears of pro-Islamic cyber war escalate. Read More

news.com.com:
CIA warns of Net terror threat. Read More

www.islandpacket.com:
Pentagon computers getting tougher for hackers to crack. Read More

news.com.com:
Thumbs-up on security for Windows 2000. Read More

www.hindustantimes.com:
Windows 2000 passes security check: Microsoft. Read More

ItWeb:
Wireless LAN security: Time to take action. Read More

www.freep.com:
Firewall puts a barrier between trouble, your PC. Read More

www.theregister.co.uk:
Kournikova virus author loses appeal. Read More

www.gcn.com:
FIPS testing finds lots of mistakes in crypto IT. Read More

www.theregister.co.uk:
Trustix clinches China Secure Linux deal. Read More

www.idg.net:
Commerce Department unveils security guidelines for U.S. agencies. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 29, 2002. Read More

29 october 2002

New Trojans:
Plateau Trojan 0.1

Neverwinter Nights 0.1.0

Prado

Vulnerabilities & Exploits:
Debian Security Advisory
DSA-182-1 kdegraphics -- buffer overflow. Read More

www.securitytracker.com:
Apple LaserWriter 12/640 PS Printer Default Configuration Allows Remote Users to Access the Telnet Management Port. Read More

www.securiteam.com:
AN HTTPD Cross-Site Scripting Vulnerability. Read More

News:
slashdot.org:
Saddam's Inbox Hacked. Read More

www.theregister.co.uk:
Reuters hacks accused of hacking. Read More

www.itweb.co.za:
Hacker continues trail of malice. Read More

www.pcworld.com:
Virus Writer's Conviction Upheld. Read More

techupdate.zdnet.co.uk:
Is that a virus, or a malfunction? Read More

www.theregister.co.uk:
E-card slimeware delivers pr0n. Read More

www.theregister.co.uk:
Closing spyware loopholes. Read More

www.boston.com:
Talking security. Read More

www.theaustralian.news.com.au:
Terrorists hijacking websites. Read More

www.theregister.co.uk:
Of mad snipers and cyber- terrorists. Read More

www.theregister.co.uk:
Dawn raids target software pirates. Read More

www.theregister.co.uk:
'We are the worst security risk' - sys admins confess. Read More

www.theregister.co.uk:
Porn censorship at work shock. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 28, 2002. Read More

28 october 2002

New Trojans:
FloodNet

ICQ Password Sniffer

Evilsocks

Vulnerabilities & Exploits:
www.securitytracker.com:
Acuma Acusend Portal Access Control Bug Lets Remote Authenticated Users Obtain Reports of Other Users. Read More

www.securitytracker.com:
Ipswitch WS_FTP Server Allows Remote Users to Hijack Connections And Conduct Bounce Attacks Via the FTP Server. Read More

www.securitytracker.com:
IBM Infoprint Printer Can Be Crashed By Remote Users. Read More

www.securitytracker.com:
Linksys WET11 Wireless Ethernet Bridge Can Be Crashed By Remote Users. Read More

News:
www.theaustralian.news.com.au:
Terrorists hijacking websites. Read More

www.pcmag.com:
Keep Hackers Out: Part One, Personal Edition. Read More

www.pcmag.com:
Keep Hackers Out: Part Two, Professional Edition. Read More

Porn worm hides in e-card. Read More

27 october 2002

New Trojans:
LANfiltrator Beta 9

Silent Spy 2.09

Wollf 1.6

Vulnerabilities & Exploits:
online.securityfocus.com:
MyMarket Form_Header.PHP Cross-Site Scripting Vulnerability. Read More

online.securityfocus.com:
IBM Websphere Edge Server Cross Site Scripting Vulnerability. Read More

online.securityfocus.com:
IBM Websphere Caching Proxy Denial Of Service Vulnerability. Read More

online.securityfocus.com:
Bradford Barrett Webalizer Reverse DNS Buffer Overflow Vulnerability. Read More

www.securitytracker.com:
vpopmail-CGIApps Input Validation Flaws Let Remote Users Execute Arbitrary Commands on the Server. Read More

www.securitytracker.com:
SolarWind.net TFTP Server Input Validation Weakness Lets Remote Users Obtain Files. Read More

www.securitytracker.com:
Mojo Mail Input Validation Flaw in Sign-Up Form Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
BRS WebWeaver May Disclose Certain Password-Protected Files to Remote Users. Read More

www.securitytracker.com:
Perception's LiteServe Web Server May Disclose Password-Protected Files to Remote Users. Read More

www.securitytracker.com:
BadBlue Web Server May Disclose Password-Protected Files to Remote Users. Read More

www.securitytracker.com:
SolarWinds.net TFTP Server Can Be Crashed By Remote Users. Read More

www.securitytracker.com:
Norton Anti-Virus Corporate Edition Help Menu Allows Local Users to Execute Code With Local System Privileges. Read More

www.securiteam.com:
TCP/IP Printer Configuration Utility for Apple LaserWriter Security Issue. Read More

www.securiteam.com:
Symantec Firewall/VPN Appliance Internal LAN Sniffing Issue. Read More

www.securiteam.com:
AIM Remote File Execution Vulnerability. Read More

News:
Curious Yellow: The First Coordinated Worm Design. Read More

slashdot.org:
First Worm with a EULA? Read More

www.eweek.com:
Crack in OpenHack. Read More

techupdate.zdnet.com:
Passwords: poor excuse for security. Read More

zdnet.com.com:
A Net meltdown is inevitable. Read More

www.pcmag.com:
Kerberos Bug Compromises Networks Worldwide. Read More

www.idg.net:
PayPal users targeted by e-mail scam -- again. Read More

www.iol.co.za:
Internet bounty hunters close in on hacker. Read More

www.news24.com:
Hacker attacks .co.za. Read More

www.hacktivismo.com:
Cybercrime Fighters Soon Coming For You? Read More

quote.bloomberg.com:
Intentia Accuses Reuters of Hacking Computer System (Update1). Read More

26 october 2002

New Trojans:
Nuschekrischtoff 1.0

Cool Remote Control 1.1

Predator

Vulnerabilities & Exploits:
www.securitytracker.com:
MyMarket Shopping Cart Input Validation Error Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
IBM Web Traffic Express Caching Proxy Server Allows Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
IBM Web Traffic Express Caching Proxy Server Can Be Crashed By Remote Users. Read More

www.securitytracker.com:
WebServer 4 Everyone Bounds Checking Error Lets Remote Users Crash the Server With a Long Host Field. Read More

www.securiteam.com:
Possible Illegal File Access in Acuma's Acusend. Read More

www.securiteam.com:
Linksys WET11 DoS (MAC address). Read More

www.securiteam.com:
IBM Infoprint Remote Management DoS. Read More

www.securiteam.com:
IPSwitch WS_FTP Server PASV Session Hijacking and PASV Port Scan. Read More

www.securiteam.com:
Norton Antivirus Corporate Edition Privilege Escalation. Read More

www.securiteam.com:
Liteserve Web Server Authorization Bypass Vulnerability. Read More

www.securiteam.com:
BadBlue Web Server Protected File Access Vulnerability. Read More

www.securiteam.com:
BRS WebWeaver Web Server Protected File Access Vulnerability. Read More

www.securiteam.com:
XSS Vulnerability in Mojo Mail Sign-Up Form. Read More

www.securiteam.com:
vpopmail CGIApps Arbitrary Command Execution (vadddomain, vpasswd). Read More

News:
news.com.com:
Week in Review: Defending the Net. Read More

www.mytown.co.nz:
Hacker runs up $10,000 phone bill. Read More

news.com.com:
P2P hacking bill may be amended. Read More

news.com.com:
Blog site back up after hack attack. Read More

www.wirelessnewsfactor.com:
Why Hackers Don't Care About Wi-Fi. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 25, 2002. Read More

25 october 2002

New Trojans:
Apophis Spy 1.0

Anti-Denial

Stealth Proxy Kane

Vulnerabilities & Exploits:
online.securityfocus.com:
Radiobird Software WebServer 4 All Host Field Header Buffer Overflow Vulnerability. Read More

iDEFENSE Security Advisory
Directory Traversal in SolarWinds TFTP Server. Read More

www.securityoffice.net:
BRS WebWeaver Web Server v1.01 Protected File Access Vulnerability. Read More

www.securityoffice.net:
BadBlue Web Server v1.7 Protected File Access Vulnerability. Read More

www.securitytracker.com:
Virgil CGI Scanner Input Validation Error Lets Remote Users Execute Commands on the System. Read More

www.securitytracker.com:
FlashFXP May Disclose Passwords to Local Users. Read More

www.securitytracker.com:
Microsoft Internet Explorer Cached Object Flaw Lets Remote Users Execute Arbitrary Programs on the Target User's Computer. Read More

www.securitytracker.com:
Big Faceless PDF Library Bug in Processing Digital Signatures May Fail to Detect Document Modifications. Read More

www.securiteam.com:
TFTP Server 2002 Standard Edition DoS. Read More

News:
The Complete Windows Trojans Paper by Dancho Danchev (pdf).
The Complete Trojans Text is a paper about Windows Trojans, how they work, their variations and, of course, strategies to minimise the risk of infection. Links to special detection software are included as well as many other topics never discussed before. This paper is not only intended to be for the average Internet/Windows user who wants to know how to protect his/her machine from Trojan Horses or just want to know about their usage, variations, prevention and future, but will also be interesting for the advanced user, to read another point of view. Read More

online.securityfocus.com:
A Trojan horse program created by an Internet adult entertainment company routes surfers to racy sites. Read More

itmanagement.earthweb.com:
Viruses, Worms Up The Ante. Read More

www.phrack.com:
Defeating Forensic Analysis on Unix. Read More

www.nsa.gov:
The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments. Read More

www.internetwk.com:
Readers Rate Microsoft's Security Progress. Read More

www.idg.net:
'The Golden Age of Hacking rolls on'. Read More

www.mytown.co.nz:
Hacker runs up $10,000 phone bill. Read More

www.msnbc.com:
Hackers target wireless networks. Read More

news.com.com:
P2P hacking bill may be amended. Read More

www.washingtonpost.com:
More Than One Internet Attack Occurred Monday. Read More

news.com.com:
Net attack flops, but threat persists. Read More

www.smh.com.au:
More aggressive Net attacks feared. Read More

news.com.au:
FBI to trace internet attack. Read More

www.smh.com.au:
Hidden hackers' blitz paralyses internet. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 24, 2002. Read More

24 october 2002

New Trojans:
CmjSpy 1.1

Sigatarius_Spy 5.04

FileShareC

Vulnerabilities & Exploits:
online.securityfocus.com:
SCO UnixWare/OpenUnix Proc File System RCP Denial Of Service Vulnerability. Read More

online.securityfocus.com:
AOL Instant Messenger Local File Execution Vulnerability. Read More

online.securityfocus.com:
Multiple Microsoft Internet Explorer Cached Objects Zone Bypass Vulnerability. Read More

online.securityfocus.com:
Mod_SSL Wildcard DNS Cross Site Scripting Vulnerability. Read More

online.securityfocus.com:
Microsoft Windows 2000 SNMP Printer Query Denial of Service Vulnerability. Read More

www.rapid7.com:
IBM WebSphere Edge Server Caching Proxy Denial of Service. Read More

www.securityoffice.net:
Web Server 4 Everyone v1.28 Host Field Denial of Service Vulnerability. Read More

www.securitytracker.com:
kmMail Input Validation Weakness Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Caldera/SCO UnixWare/Open UNIX Drivers May Cause Denial of Service Conditions. Read More

www.securitytracker.com:
Heimdal Kerberos 'kadmind' Buffer Overflow Lets Remote Users Execute Arbitrary Code With Root Privileges. Read More

www.securitytracker.com:
paFileDB Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
AN HTTPD Buffer Overflow in Processing SOCKS4 Requests Allows Remote Code Execution. Read More

www.securiteam.com:
Multiple IPSEC Implementations Do Not Adequately Validate Authentication Data (DoS). Read More

www.securiteam.com:
Web Server 4 Everyone Denial of Service Vulnerability (Host Field). Read More

www.securiteam.com:
FlashFXP Local Password Disclosure Vulnerability. Read More

www.securiteam.com:
IBM WebSphere Edge Server Caching Proxy Denial of Service. Read More

www.securiteam.com:
IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Issues. Read More

www.securiteam.com:
Buffer Overflow in kadmind4. Read More

www.securiteam.com:
XSS Vulnerability in MyMarket. Read More

News:
news.com.au:
FBI to trace internet attack. Read More

online.securityfocus.com:
Reverse Engineering Hostile Code. Read More

www.smh.com.au:
More aggressive Net attacks feared. Read More

www.extremetech.com:
Security Alert: DNS Root Servers Survive Attack... Barely. Read More

www.newscientist.com:
Internet's foundations shaken by attack. Read More

www.washingtonpost.com:
More Than One Internet Attack Occurred Monday. Read Morte

www.smh.com.au:
Hidden hackers' blitz paralyses internet. Read More

www.washingtonpost.com:
Attack On Internet Called Largest Ever. Read More

www.theregister.co.uk:
IE hopelessly bug ridden. Read More

www.prnewswire.com:
Shavlik Presents Free Seminar on How to Prevent Hacker Attacks. Read More

www.bday.co.za:
Brazilian hacks into 20 SA websites. Read More

japantoday.com:
Hacker intrudes into DoCoMo's web site. Read More

www.extremetech.com:
TCP-IP Manipulations Leave Networks Vulnerable. Read More

articles.linuxguru.net:
WINE: A new place for KLEZ to play. Read More

www.theregister.co.uk:
Claranet drops virus outbreak blocker. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 23, 2002. Read More

23 october 2002

New Trojans:
Remote Server Trojan 1.0

SC-KeyLog 2.0

Kuang2 Web Updater 1.1

Vulnerabilities & Exploits:
GreyMagic Security Advisory GM#012-IE
Vulnerable cached objects in IE (9 advisories in 1). Read More

online.securityfocus.com:
AN HTTPD Malformed SOCKS4 Request Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
KMMail E-Mail HTML Injection Vulnerability. Read More

online.securityfocus.com:
D-Link DWL-900AP+ TFTP Server Arbitrary File Retrieval Vulnerability. Read More

online.securityfocus.com:
YPServ Remote Network Information Leakage Vulnerability. Read More

online.securityfocus.com:
Microsoft Internet Explorer Document.Write() Zone Bypass Vulnerability. Read More

www.secunia.com:
AOL Instant Messenger file execution. Read More

www.secunia.com:
Internet Explorer without latest Service Packs remotely exploitable. Read More

www.securiteam.com:
Windows RPC DoS Exploit Code (from SPIKE to C). Read More

www.securiteam.com:
Sendmail Local Exploit Code (GDB support). Read More

www.securiteam.com:
Microsoft Windows 2000 SNMP Memory Utilization DoS. Read More

www.securiteam.com:
Vulnerable Cached Objects in IE (9 advisories in 1). Read More

www.securiteam.com:
DBCC SHOWTABLEAFFINITY Buffer Overflow in Microsoft SQL Server Explained. Read More

www.securiteam.com:
Virgil CGI Scanner Vulnerability. Read More

News:
www.washingtonpost.com:
Attack On Internet Called Largest Ever. Read More

news.com.com:
IE holes open up Web booby traps. Read More

www.pcworld.com:
Could a Worm Take Over the Net in Minutes? Read More

www.blackhat.com:
Call For Papers Black Hat Windows Security 2003 Briefings. Read More

ntbugtraq.ntadvice.com:
The 5th Annual NTBugtraq Retreat. Read More

www.iso17799-web.com:
ISO 17799 News - Issue 4. Read More

www.eweek.com:
OpenHack 4: The Hacking Has Begun. Read More

www.billingsgazette.com:
Bugbear virus a really bugger. Read More

www.ctv.ca:
Powerful hacker knocks out key Internet servers. Read More

www.pcworld.com:
New Cybersecurity Efforts Considered. Read More

news.independent.co.uk:
Comeback of the hacker king. Read More

techupdate.zdnet.com:
Software security--a matter of trust. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 22, 2002. Read More

22 october 2002

New Trojans:
Hackerz Backdoor 2.0

SmallTrojan 0.1

Jannet Remote Keylogger 3.0

Tool:
www.securitystorm.net:
Pulse is a network stress tool which is capable of creating spoofed denial of service packets and sending them at a computer, router, or other network device to test for their reaction. Read More

Vulnerabilities & Exploits:
online.securityfocus.com:
IPFilter FTP Proxy Unauthorized Access Vulnerability. Read More

online.securityfocus.com:
Multiple Vendor IPSec Implementation Denial of Service Vulnerabilities. Read More

www.securiteam.com:
D-Link Access Point DWL-900AP+ TFTP Vulnerability. Read More

www.securiteam.com:
Ambiguities in TCP/IP May Allow Firewall Bypassing. Read More

www.securiteam.com:
Full Zone Information Disclosure on Top Level Domain Name Servers. Read More

www.securiteam.com:
MondoSearch Show Source of Arbitrary Files. Read More

www.securiteam.com:
SaveRef Breaks Internet Explorer's Security Architecture. Read More

www.securiteam.com:
AN HTTPD SOCKS4 Username Buffer Overflow Vulnerability. Read More

www.securiteam.com:
YaBB Security Vulnerabilities (CSS in Login, Insecure Password Handling). Read More

www.securiteam.com:
XSS Vulnerabilites in paFileDB. Read More

www.securiteam.com:
kmMail Cross Site Scripting. Read More

www.securiteam.com:
NOCC Contains Cross Site Scripting Vulnerabilities. Read More

News:
Researchers predict worm that eats the Internet in 15 minutes.
How to 0wn the Internet in Your Spare Time. Read More

Detecting Backdoors. Read More

www.internet-magazine.com:
E-greetings Trojan causes concern. Read More

www.nwfusion.com:
Researchers predict worm that eats the Internet in 15 minutes. Read More

www.vnunet.com:
You are the weakest link. Read More

news.independent.co.uk:
Comeback of the hacker king. Read More

www.time.com:
Beating the Snoops. Read More

www.linuxsecurity.com:
Fragrouter Trojaned, anzen.com Hacked. Read More

ItWeb:
SA sites hit by hacker. Read More

www.ecommercetimes.com:
Daily CyberCrime and Security Report for October 21, 2002. Read More

21 october 2002

New Trojans:
ShadowNet Remote Spy 2.0

DftpSERVER

Prior 1.0 server

Vulnerabilities & Exploits:
www.securitytracker.com:
vBulletin Forum Input Validation Bug in 'global.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Microsoft Windows Remote Procedure Call (RPC) Service Null Pointer Dereference Allows Remote Users to Crash the Service. Read More

www.securitytracker.com:
Microsoft Windows Media Player for Solaris Uses Unsafe Default Permissions. Read More

www.securitytracker.com:
Molly Internet Relay Chat (IRC) Bot Input Filtering Flaw Lets Remote Users Execute Arbitrary Shell Commands. Read More

www.securitytracker.com:
Madhatter 'perlbot.pl' Internet Relay Chat (IRC) Bot Input Filtering Bugs Allow Remote Commands to Be Executed. Read More

www.securitytracker.com:
Perlbot Internet Relay Chat (IRC) Bot Input Filtering Flaw Allows Remote Users to Execute Arbitrary Commands. Read More

News:
www.startribune.com:
Hackers, government join in fight for Internet freedom. Read More

www.vnunet.com:
Bug Watch: Redefining the antivirus landscape. Read More

www.wired.com:
Professor's Case: Unlock Crypto. Read More

www.silicon.com:
Dmitri case postponed in visa row. Read More

www.vnunet.com:
Microsoft at it again, say rivals. Read More

www.vnunet.com:
Computer scientist rubbishes e-voting. Read More

20 october 2002

New Trojans:
Optix Lite 5.0

QQCat 1.1

TightVNC 1.2.2

Tool:
www.securitybugware.org:
Packet Excalibur is a multi-platform graphical and scriptable network packet engine with extensible text based protocol descriptions. In short this is a network tool to built and receive custom packets. Read More

Vulnerabilities & Exploits:
online.securityfocus.com:
Multiple VBulletin Cross Site Scripting Vulnerabilities. Read More

online.securityfocus.com:
Perlbot Remote Command Execution Vulnerability. Read More

online.securityfocus.com:
Perlbot Email Sending Remote Command Execution Vulnerability. Read More

online.securityfocus.com:
Windows Media Player For Solaris Default World Writeable Permissions Vulnerability. Read More

www.securitytracker.com:
Several IPSec Implementations Can Be Crashed By Remote Users Sending Specially Crafted Packets. Read More

www.securitytracker.com:
Click2Learn's Ingenium Learning Management System Discloses the Administrator Password to Remote Users. Read More

www.securitytracker.com:
Linux Kernel 2.2 and 2.4 Bugs May Allow Local Users to Gain Root Privileges. Read More

www.securitytracker.com:
Pluggable Authentication Modules (PAM) Bug May Grant Remote Users Access to Accounts With Disabled Passwords. Read More

www.securitytracker.com:
HP OnLineJFS Management Software for Journaled File System Does Not Recognize File Permissions in Some Cases. Read More

www.securitytracker.com:
IP Filter Linux Firewall Software FTP Proxy Bug Lets Remote Users Bypass the Rule Set. Read More

www.securitytracker.com:
Avay Cajun Switches Feature Undocumented Maintenance Accounts That Allow Remote Users to Gain Privileged Access. Read More

www.securitytracker.com:
Sun Solaris NFS Bug Lets Remote Users Deny Service to NFS Clients By Killing the 'lockd' Daemon . Read More

www.securitytracker.com:
PlanetDNS Server Software Buffer Overflow Allows Remote Users to Execute Arbitrary Code. Read More

News:
www.idg.net:
Feds planning early-warning system for Internet. Read More

online.securityfocus.com:
New Internet marketing tool combines both leading annoyances. Read More

www.wired.com:
Can a Hacker Outfox Microsoft? Read More

www.idg.net:
Yahoo users hit with e-mail scam. Read More

19 october 2002

New Trojans:
Kavar 2.0

DKangel 2.3

Dripper 2.0

Vulnerabilities & Exploits:
www.securitytracker.com:
Microsoft Data Engine/Desktop Engine (MSDE) Bugs Let Remote Authenticated Users Create/Delete/Execute Web Tasks With SQL Server Agent Privileges. Read More

www.securitytracker.com:
Microsoft SQL Server Bugs Let Remote Authenticated Users Create/Delete/Execute Web Tasks With SQL Server Agent Privileges. Read More

Debian Security Advisory
DSA-179-1 gnome-gv -- buffer overflow. Read More

online.securityfocus.com:
Multiple Linux Kernel 2.4.18 Security Vulnerabilities. Read More

online.securityfocus.com:
Multiple Linux Kernel 2.2 Security Vulnerabilities. Read More

online.securityfocus.com:
Linux IXJ Telephony Card Driver 2.4 Kernel Privilege Elevation Vulnerability. Read More

online.securityfocus.com:
Solaris NFS lockd Remote Denial of Service Vulnerability. Read More

online.securityfocus.com:
Linux PCILynx FireWire Driver 2.4 Kernel Privilege Elevation Vulnerability. Read More

online.securityfocus.com:
Linux BTTV Video Capture Card Driver 2.4 Kernel Privilege Elevation Vulnerability. Read More

www.securitytracker.com:
myPHPNuke 'phptonuke.php' Script Access Control Bug Discloses Files to Remote Users. Read More

www.securitytracker.com:
SkyStream Networks Edge Media Router (EMR-5000) Lets Remote Users Crash the Device. Read More

www.securitytracker.com:
Mondosoft MondoSearch Software Discloses Script Source Code to Remote Users. Read More

www.securitytracker.com:
ZoneAlarm Pro Can Be Hung By Remote Users Sending TCP SYN Packets. Read More

www.securitytracker.com:
Cisco Catalyst CatOS Embedded Web Server Buffer Overflow Lets Remote Users Reset the Switch. Read More

www.securitytracker.com:
Sabre Desktop Reservation Client Can Be Crashed By Remote Users. Read More

www.securiteam.com:
Windows RPC Service DoS (SPIKE). Read More

www.securiteam.com:
Default Installation Insecurity in MS WMP for Sparc/Solaris. Read More

www.securiteam.com:
Molly IRC Bot Command Execution. Read More

www.securiteam.com:
Perlbot File Disclosure and Remote Command Execution Vulnerabilities. Read More

www.securiteam.com:
Madhater Perlbot Remote Command Execution. Read More

News:
digitalmass.boston.com:
Hackers break into Microsoft server hosting beta site. Read More

www.boston.com:
Cyber chief speaks on Data network security. Read More

www.vnunet.com:
Tif to take hackers to task. Read More

www.zdnet.com.au:
Windows XP, Office and SQL Server open to new attacks. Read More

www.theregister.co.uk:
MS patches insecurity trio. Read More

www.vnunet.com:
The end of passwords is nigh ...Read More

www.vnunet.com:
Comment: Hackers go with the overflow. Read More

www.cornellsun.com:
Student Remembers Hacking Experience. Read More

www.unstrung.com:
Backdoor LAN. Read More

www.law.com:
Small Firms Can Outwit Hackers. Read More

www.ecommercetimes.com:
Daily CyberCrime and Security Report for October 18, 2002. Read More

18 october 2002

New Trojans:
DTr 1.4.4

DuRPC 0.2

XLog 2.2

Vulnerabilities & Exploits:
sh0dan.org:
Hacking Citrix. Read More

online.securityfocus.com:
Sabre Desktop Reservation Software Client Denial Of Service Vulnerability. Read More

online.securityfocus.com:
Zone Labs ZoneAlarm Syn Flood Denial Of Service Vulnerability. Read More

online.securityfocus.com:
Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability. Read More

www.nextgenss.com:
Microsoft SQL Server Webtasks privilege elevation. Read More

Debian Security Advisory:
DSA-177-1 pam -- serious security violation. Read More

Debian Security Advisory:
DSA-178-1 heimdal -- remote command execution. Read More

www.securiteam.com:
GetAd, NetDDE Exploit Code (WM_COPYDATA). Read More

www.securitytracker.com:
Microsoft Internet Explorer Flaw in WebBrowser Control Document Property Lets Remote Users Run Code in the My Computer Security Zone. Read More

www.securitytracker.com:
Linux-HA Project Heartbeat Failover Software Format String Bug Lets Remote Users Execute Arbitrary Commands With Root Privileges. Read More

www.securitytracker.com:
teTex 'dvips' DVI-to-PostScript Translator Unsafe System() Call Lets Users Execute Arbitrary Commands. Read More

www.securitytracker.com:
BEA WebLogic URL Parsing Bug May Let Remote Users Gain Unauthorized Access to Web Applications and Content. Read More

www.securitytracker.com:
Web Server 4 Everyone Can Be Crashed By Remote Users Sending Long HTTP GET Requests. Read More

www.securitytracker.com:
Symantec Enterprise Firewall (Raptor Firewall) Secure Web Proxy Lets Remote Users Cause Denial of Service Conditions. Read More

www.securitytracker.com:
Polycom ViaVideo Conferencing System Buffer Overflow Permits Remote Denial of Service Attacks. Read More

www.securitytracker.com:
Symantec Enterprise Firewall (Raptor Firewall) May Disclose Internal IP Address Information to Remote Users. Read More

News:
www.zdnet.com.au:
Windows XP, Office and SQL Server open to new attacks. Read More

www.internetweek.com:
Security Vendor Reports Microsoft IE Hole. Read More

news.com.com:
Beta hack rattles Microsoft. Read More

www.theregus.com:
MS beta site cracked. Read More

online.securityfocus.com:
Polymorphic Macro Viruses, Part One. Read More

news.com.com:
Spammers slipping ads through Windows. Read More

www.wired.com:
Spam Masquerades as Admin Alerts. Read More

www.theregus.com:
If I tell you that I'll have to kill you: Red Hat fights the DMCA. Read More

www.theregus.com:
US Net users worried by lack of trust. Read More

Itweb:
Hacker denied US visa. Read More

www.ecommercetimes.com:
Daily CyberCrime and Security Report for October 17, 2002. Read More

17 october 2002

New Trojans:
Clogger 1.0

WormTrojan 1.0b

QQCat 1.0

Vulnerabilities & Exploits:
online.securityfocus.com:
Microsoft Internet Explorer Unauthorized Document Object Model Access Vulnerability. Read More

www.secunia.com:
Windows XP arbitrary file deletion. Read More

www.secunia.com:
Microsoft Word allows attackers to steal documents. Read More

www.idefense.com:
Denial of Service in Sabre Desktop Reservation Client for Windows. Read More

www.debian.org:
DSA-176-1 gv -- buffer overflow. Read More

online.securityfocus.com:
ghttpd Log() Function Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
TelCondex SimpleWebServer Denial Of Service Vulnerability. Read More

online.securityfocus.com:
Polycom ViaVideo Denial Of Service Vulnerability. Read More

online.securityfocus.com:
Polycom ViaVideo Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
Avaya Cajun Firmware Undocumented Default Accounts Vulnerability. Read More

www.securiteam.com:
SkyStream EMR5000 DVB Router DoS. Read More

www.securiteam.com:
Undocumented Account Vulnerability in Avaya P550/P550R/P580/P880/P882 Switches. Read More

www.securiteam.com:
Cisco CatOS Embedded HTTP Server Buffer Overflow. Read More

www.securiteam.com:
Elevation of Privilege in SQL Server Web Tasks. Read More

www.securiteam.com:
Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure. Read More

www.securiteam.com:
Flaw in Windows XP Help and Support Center Could Enable File Deletion. Read More

www.securiteam.com:
A Full Event Log Does Not Send Administrative Alerts. Read More

www.securiteam.com:
Windows Version of Pirch and RusPirch NICK AUX Attack (DoS). Read More

www.securiteam.com:
ZoneAlarm Pro Denial of Service Vulnerability. Read More

www.securiteam.com:
Denial of Service in Sabre Desktop Reservation Client for Windows. Read More

www.securiteam.com:
PHPNuke AddOn PHPToNuke Allows Remote File Retrieving. Read More

News:
Microsoft Security Bulletin MS02-059
Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008). Read More

Microsoft Security Bulletin MS02-060
Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940). Read More

Microsoft Security Bulletin MS02-061
Elevation of Privilege in SQL Server Web Tasks (Q316333). Read More

techupdate.zdnet.co.uk:
The truth about viruses, worms and trojans. Read More

www.net-security.org:
New worm pretends to be a BugBear antidote. Read More

www.cw360.com:
Prevention is the only cure for e-mail viruses. Read More

www.pcworld.com:
Security Hole Found in Symantec Firewalls. Read More

www.cnn.com:
World cybercrime experts see need for laws, ties. Read More

www.networknews.co.uk:
Freed hacker Mitnick debunks myths. Read More

www.networknews.co.uk:
Tif to take hackers to task. Read More

www.ecommercetimes.com:
Daily CyberCrime and Security Report for October 16, 2002. Read More

16 october 2002

New Trojans:
Teleaxxor 1.0

KeySave

DeskCam

Tools:
Packet Excalibur v1.0 (Vivienne release)
A multi-platform graphical and scriptable network packet engine with extensible text based protocol descriptions. Read More

freshmeat.net:
SOFFIC is a Linux kernel patch that provides file integrity control integrated into the normal system operation (on-the-fly). Read More

Vulnerabilities & Exploits:
GreyMagic Security Advisory GM#011-IE
Internet Explorer : The D-Day. Read More

Debian Security Advisory
DSA-175-1 syslog-ng -- buffer overflow. Read More

iDEFENSE Security Advisory 10.15.02
DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone. Read More

www.secunia.com:
Ingenium admin password public accessible. Read More

online.securityfocus.com:
Linux-HA Heartbeat Remote Buffer Overflow Vulnerability. Read More

www.counterpane.com:
Dangers of Port 80. Read More

www.securitytracker.com:
OpenOffice.org Office Suite Race Condition May Let Local Users Gain Elevated Privileges. Read More

www.securitytracker.com:
Apache Tomcat Java Servlet Engine Can Be Crashed Via Multiple Requests for DOS Device Names. Read More

www.securiteam.com:
DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone. Read More

News:
www.theregister.co.uk:
Stupid Bugbear tricks. Read More

www.nwc.com:
New Worm Targets Apache on Linux. Read More

www.bangkokpost.com:
The growing virus threat. Read More

www.net-security.org:
Security Online - Some basic IT hygiene tips. Read More

www.counterpane.com:
Cyberterrorism and Cyberhooliganism. Read More

www.counterpane.com:
Semantic Attacks: The Third Wave of Network Attacks. Read More

www.eetimes.com:
Embedding security into servers. Read More

star-techcentral.com:
Highlighting an 'ethical hacker'. Read More

www.computerworld.com:
Study: Amount of spam, virus-infected e-mails rising. Read More

www.smh.com.au:
The code makers get cracking. Read More

www.vnunet.com:
Chip plan angers civil liberties groups. Read More

media.guardian.co.uk:
Celebrity 'phone hacking' on the increase. Read More

www.phrack.org:
PHRACK MAGAZINE CALL FOR PAPERS. Read More

www.ecommercetimes.com:
Daily CyberCrime and Security Report for October 15, 2002. Read More

15 october 2002

New Trojans:
KPSULE Downloader 1.0

PC Acme 5.0.1

zGET 0.3

Tool:
razor.bindview.com:
Fenris is a multipurpose tracer, GUI debugger, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics - providing a structural program trace, interactive debugging capabilities, general information about internal constructions, execution path, memory operations, I/O, conditional expressions and much more. Read More

Vulnerabilities & Exploits:
online.securityfocus.com:
Microsoft TSAC ActiveX Control Cross Site Scripting Vulnerability. Read More

Debian Security Advisory
DSA-174-1 heartbeat -- buffer overflow. Read More

www.securiteam.com:
Mod_SSL Off-By-One Exploit Code (htaccess). Read More

www.securiteam.com:
Linux Traceroute Exploit Code Released (GDB). Read More

www.secunia.com:
Mini Server directory traversal bug. Read More

www.securiteam.com:
Oracle 8i/9i Listener SERVICE_CURLOAD Denial of Service. Read More

www.securiteam.com:
Symantec Enterprise Firewall Secure Webserver Information Leak. Read More

www.securiteam.com:
Multiple Symantec Firewall Secure Webserver Timeout DoS. Read More

www.securiteam.com:
Security Vulnerabilities in Polycom ViaVideo Web Component. Read More

www.securiteam.com:
Malformed HOST Header Causes IIS DoS. Read More

www.securiteam.com:
Long URL causes TelCondex SimpleWebServer to crash. Read More

www.securiteam.com:
Long URL Crashes My Web Server. Read More

www.securiteam.com:
Directory Traversal and Log Hogging in Daniel Arenz' Mini Server. Read More

www.securiteam.com:
GazTek HTTP Daemon Buffer Overflow. Read More

www.securiteam.com:
J2EE EJB Privacy Leak and DoS. Read More

www.securiteam.com:
Meunity Community System Script Injection Vulnerability. Read More

www.securiteam.com:
ATP HTTP Daemon Buffer Overflow. Read More

News:
www.theage.com.au:
Microsoft: 58th security advisory and counting. Read More

news.com.com:
A mortal Microsoft. Read More

seattletimes.nwsource.com:
Firewall in Windows XP may not be strong enough. Read More

www.boston.com:
Net security chief leaves too many questions unanswered. Read More

www.fcw.com:
NASA cyber program bears fruit. Read More

www.vnunet.com:
German IT security expert robs ATMs. Read More

www.thisislondon.com:
Hiring hacker backfires on Murdoch. Read More

news.com.com:
Former FBI chief takes on encryption. Read More

neasia.nikkeibp.com:
Female Internet Users Fear 'Information Leaks' and 'Viruses': Survey. Read More

www.cnn.com:
Cybercrime costs world billions. Read More

www.cw360.com:
Thought for the day: Hacked to death? Read More

www.stuff.co.nz:
Passwords a risky business. Read More

www.vnunet.com:
More licensing misery for Microsoft users. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 14, 2002. Read More

14 october 2002

New Trojans:
H2000

DarkSky 2.6

RemoteHome2000 1.2b

Vulnerabilities & Exploits:
www.techie.hopto.org:
PHP 4.2.3 Debugging Function Script Injection Vulnerability. Read More

News:
www.computeruser.com:
Cyber terror threat overrated. Read More

www.washingtonpost.com:
Hacktivists Against Censorship. Read More

www.washingtonpost.com:
A Security Nightmare. Read More

news.bbc.co.uk:
China bars under-16s from cybercafes. Read More

13 october 2002

New Trojans:
Remote Revise 1.6 Beta

Uprising 1.1b

Super Mail Trojan 1.0

Vulnerabilities & Exploits:
www.firstmonday.dk:
The TCP/IP protocol suite has a number of weaknesses that allow an attacker to leverage techniques in the form of covert channels to surreptitiously pass data in otherwise benign packets. This paper attempts to illustrate these weaknesses in both theoretical and practical examples. Read More

online.securityfocus.com:
SquirrelMail Options.PHP Web Root Path Disclosure Vulnerability. Read More

online.securityfocus.com:
OpenOffice Installation Insecure Temporary File Symbolic Link Vulnerability. Read More

www.securitytracker.com:
Microsoft Outlook Express Buffer Overflow in Parsing S/MIME Messages Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
Syslog-ng Buffer Overflow in Macro Expansion of Template Names May Let Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
PHP-Nuke Multiple Input Validation Flaws Let Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securiteam.com:
Multiple Vendor PC Firewall Remote Denial of Services Vulnerability. Read More

www.securiteam.com:
Syslog-NG Buffer Overflow. Read More

www.securiteam.com:
OpenOffice Race Condition during Installation. Read More

www.securiteam.com:
kpf Directory Traversal. Read More

www.securiteam.com:
KGhostView Arbitrary Code Execution. Read More

News:
zdnet.com.com:
Henpeck worm nags MSN Messenger. Read More

www.theregister.co.uk:
Messenger users get Henpecked. Read More

www.computeruser.com:
Microsoft outlines security strategy. Read More

zdnet.com.com:
Microsoft's singing in C#. Read More

seattletimes.nwsource.com:
Shop wisely on Internet to protect your credit. Read More

money.guardian.co.uk:
To catch a thief. Read More

zdnet.com.com:
Wi-Fi "wartrappers" nab drive-by hackers. Read More

www.computeruser.com:
Researchers say Internet encourages voyeurism. Read More

12 october 2002

New Trojans:
WAY 2002

RAD 1.2.3

IRC BDoor 1.0

Tool:
Stealth DLL Injection by Aphex. Read More

Vulnerabilities & Exploits:
online.securityfocus.com:
Syslog-ng Remote Buffer Overflow Vulnerability. Read More

online.securityfocus.com:
Nylon Proxy Receive Function Denial Of Service Vulnerability. Read More

www.securitytracker.com:
SurfControl SuperScout E-mail Filter Bugs Allow Remote Denial of Service and Cross-Site Scripting Attacks and Discloses Passwords to Remote Authenticated Users. Read More

www.securitytracker.com:
Authoria HR Suite Input Validation Flaw Allows Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
VBZooM Bulletin Board Lets Remote Users Upload and Execute Files. Read More

www.securitytracker.com:
phpBB Bulletin Board Avatars Disclose User IP Addresses to Remote Users. Read More

www.securitytracker.com:
IBM AIX Operating System Can Be Hung By Remote Users Sending a Flood of Malformed TCP Packets. Read More

www.securitytracker.com:
CooolSoft PowerFTP Server Can Be Shut Down By Remote Users. Read More

www.securitytracker.com:
Microsoft Content Management Server Input Validation Bug in 'ManualLogin.asp' Allows Cross-Site Scripting Attacks. Read More

www.securiteam.com:
TCP Flood and Authentication Cracking Causes NETGEAR FM114P to Hang. Read More

www.securiteam.com:
Plain Text DDNS Password in NETGEAR FM114P Backups. Read More

www.securiteam.com:
Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Patch). Read More

www.securiteam.com:
TSAC Web package/IIS 5.1 connect.asp Cross-site Scripting Vulnerability. Read More

News:
www.pcworld.com:
MSN Messenger Worm Steals Game Keys. Read More

www.computeruser.com:
Microsoft Warns on E-Mail Security. Read More

zdnet.com.com:
Outlook Express flaw speeds hacking. Read More

www.theregister.co.uk:
Introducing the latest hacker exploit: War Phoning. Read More

www.osopinion.com:
Is Linux Really More Secure Than Windows? Read More

www.spacedaily.com:
Detecting Cyberattacks By Profiling "Normal" Computer Habits. Read More

www.theregister.co.uk:
Sendmail Trojan looks familiar. Read More

www.internetwk.com:
Week In Review: Security's Upside; Microsoft In Focus. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 11, 2002. Read More

11 october 2002

New Trojans:
VP Remote control 3.0

Specrem 5.1

Lyb 1.1

Tool:
www.hping.org:
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn't only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols. Read More

www.securiteinfo.com:
WinDNSSpoof, A Windows Based DNS Spoofer. Read More (French language)

Vulnerabilities & Exploits:
www.securiteam.com:
Outlook Remote Code Execution in Preview Pane (S/MIME). Read More

www.sans.org:
The Top Twenty Internet Security Vulnerabilities for 2002. (pdf) Read More

www.kb.cert.org:
Vulnerability Note VU#538033
ypxfrd daemon fails to properly validate user supplied arguments in "getdbm" procedure. Read More

www.phenoelit.de:
A remote Cisco IOS exploit. Read More

online.securityfocus.com:
Microsoft Content Management Server 2001 Cross-Site Scripting Vulnerability. Read More

online.securityfocus.com:
Microsoft Windows 2000 NetDDE Privilege Escalation Vulnerability. Read More

online.securityfocus.com:
IBM AIX Remote Empty TCP Flag Flood Denial Of Service Vulnerability. Read More

www.securitytracker.com:
WatchGuard Firebox Vclass and SOHO Firewa Devices and Legacy RSSA Firewall Devices Let Remote Users Bypass the Rule Set. Read More

www.securitytracker.com:
Internet Security Systems BlackICE Firewall Lets Remote Users Cause the Firewall to Block Valid Packets. Read More

www.securitytracker.com:
Symantec's Norton Personal Firewall Lets Remote Users Cause the Firewall to Block Valid Packets. Read More

www.securitytracker.com:
HP 'ypserv' Daemon Flaw in Tru64 UNIX and HP-UX May Disclose Files to Remote Users. Read More

www.securitytracker.com:
VBZooM Bulletin Board Bug in 'register.php' Lets Remote Users Reset Other User Passwords. Read More

www.securitytracker.com:
SS Guest Book Input Validation Flaw in Image Tags Allows Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
TkMail Insecure File Handling May Let Local Users Gain Elevated Privileges. Read More

www.securitytracker.com:
HP Tru64 UNIX Operating System Flaw in 'routed' May Let Remote Users Access Files on the System. Read More

News:
Microsoft Security Bulletin MS02-058
Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676). Read More

www.phenoelit.de:
not listening remote UN*X shell (packet coded backdoor). Read More

cmn.listprojects.darklab.org:
SAdoor (Stealth Admin door) is a non listening remote execution server for UNIX systems. The idea is to set up a listener in non-promiscuos mode to look for TCP packets with the correct flag(s) arriving to a set of ports in a defined order. Read More

news.com.com:
Henpeck worm cons MSN chat crowd. Read More

asia.internet.com:
Nearly All Computers Infected by Viruses. Read More

online.securityfocus.com:
Clues, Vandalism, Litter Sendmail Trojan Trail. Read More

techupdate.zdnet.com:
Bugbear worm tries to steal credit cards and passwords. Read More

www.wired.com:
Report: Net Not Getting Any Safer. Read More

www.siliconvalley.com:
Microsoft discloses security flaw in e-mail program. Read More

news.zdnet.co.uk:
Spy software targets employee downloads. Read More

news.zdnet.co.uk:
Bluetooth may leave PDAs wide open. Read More

www.thisislondon.com:
Hiring hacker backfires on Murdoch. Read More

www.vnunet.com:
New threat forces cryptography rethink. Read More

www.businessweek.com:
Cybercrime Victims Hit Back -- Online. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 10, 2002. Read More

10 october 2002

New Trojans:
Streaming Audio Trojan 1.0

ComAnywhere 2.1

SuperMM 1.0 (a)

Vulnerabilities & Exploits:
online.securityfocus.com:
NetBSD talkd Buffer Overflow Vulnerability. Read More

www.securitytracker.com:
BIND Domain Name Resolver Libraries Have Another Buffer Overflow That May Cause Denial of Service Conditions. Read More

www.securitytracker.com:
Talkd Buffer Overflow May Let Remote Execute Arbitrary Code. Read More

www.securitytracker.com:
Microsoft MSN Hotmail/Passport Login Page May Permit Cookie Stealing Via Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Killer Protection PHP Script Discloses Usersnames and Passwords to Remote Users. Read More

www.securitytracker.com:
Oracle Net Services Has Unspecified Flaw That Lets Remote Users Deny Service. Read More

www.securitytracker.com:
Books Module for PostNuke Input Validation Bug Permits Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Unisys ClearPath Mainframe Servers Can Be Crashed By Remote Users Conducting Port Scans. Read More

www.securitytracker.com:
phpSecurePages Include Error In 'checklogin.php' Lets Remote Users Access The System. Read More

www.securitytracker.com:
Oracle 9i Application Server Web Cache Administration Interface Can Be Crashed By Remote Users. Read More

www.securitytracker.com:
Oracle E-Business Suite Unspecified Flaw in 'AolSecurityPrivate.class' Lets Remote Users Bypass the Authentication Process. Read More

www.securitytracker.com:
ArGoSoft Mail Server Web Interface Input Filtering Bug Lets Remote Users Steal E-mail Passwords. Read More

www.securitytracker.com:
Macromedia Flash Player Lets Remote Code from SMB Shares Access Local Files. Read More

www.securiteam.com:
CERT advisory: Trojan Horse Sendmail Distribution. Read More

ww.securiteam.com:
Multiple Firewalls Ruleset Bypass through FTP Revisited. Read More

News:
www.itworld.com:
MS eschews reports it will charge for added security. Read More

online.securityfocus.com:
Pentagon gives university $35.5 million to combat cyberterrorism. Read More

www.hindustantimes.com:
Viruses infect 80 percent of China's computers. Read More

www.computeruser.com:
Heavy criticism of IT security. Read More

www.net-security.org:
Wireless Security Threats. Read More

news.com.com:
Hackers send Sendmail a message. Read More

www.extremetech.com:
Security Alert: Sendmail Trojan Horse on the Loose. Read More

www.msnbc.com:
A hacker creates headaches for security-card company. Read More

www.kingsbayperiscope.com:
Trouble in your inbox
Attachments can cause severe damage. Read More

zdnet.com.com:
Wi-Fi "wartrappers" nab drive-by hackers. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 9, 2002. Read More

09 october 2002

New Trojans:
Matite 1.0

Xayo

Screen Control 1.0

Vulnerabilities & Exploits:
CERT� Advisory CA-2002-28
Trojan Horse Sendmail Distribution. Read More

Debian Security Advisory
DSA-172-1 tkmail -- insecure temporary files. Read More

Debian Security Advisory
DSA-171-1 fetchmail -- buffer overflows. Read More

online.securityfocus.com:
Zope Failed Login Information Disclosure Vulnerability. Read More

www.securitytracker.com:
phpRank Script Has Multiple Flaws That Allow Remote Users to Modify the Database and Also Conduct Cross-Site Scripting Attacks. Read More

online.securityfocus.com:
Macromedia Flash Player File Access Vulnerability. Read More

online.securityfocus.com:
Killer Protection Information Disclosure Vulnerability. Read More

online.securityfocus.com:
Oracle E-Business Suite Authentication Bypassing Vulnerability. Read More

News:
www.smh.com.au:
Trojan horse in Sendmail source code. Read More

www.vnunet.com:
Bugbear side effect hits printers. Read More

news.bbc.co.uk:
Fake bank website cons victims. Read More

www.net-security.org:
Microsoft CTO talks about security and open source. What security? Read More

news.zdnet.co.uk:
Microsoft: Users may have to pay for security. Read More

newsobserver.com:
University to study combating cyberterror. Read More

www.vnunet.com:
Heavy criticism of IT security. Read More

www.silicon.com:
Mitnick on Mitnick: Why I'm going legit. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 8, 2002. Read More

08 october 2002

New Trojans:
Zenmaster 1.02

KBL Uploader 1.0 beta1

Xena

Vulnerabilities & Exploits:
www.securitytracker.com:
phpLinkat Input Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
PowerFTP Server Buffer Overflow in Processing the USER Command Lets Remote Users Crash the System. Read More

www.securiteam.com:
Windows Help Buffer Overflow PoC. Read More

www.securiteam.com:
FreeBSD File Descriptors Bug (Iosmash2). Read More

News:
www.smh.com.au:
Another Linux worm surfaces. Read More

www.ciol.com:
Malaysia refutes origin of Bugbear virus. Read More

www.smh.com.au:
Email hoax gets fresh leash of life, thanks to Bugbear. Read More

www.siliconvalley.com:
Bugbear Internet worm slowing down, researcher says. Read More

news.bbc.co.uk:
Bugbear e-mail virus causing havoc. Read More

zdnet.com.com:
Russian hackers deface US government site. Read More

www.lasvegassun.com:
Feds Probe Digital TV Piracy Furor. Read More

www.infoworld.com:
National security needs more IT, defined powers. Read More

www.networkmagazine.com:
Hackers and Terrorists, or Presidents and CEOs? Read More

www.jsonline.com:
'Hacker' is too cutesy a word to describe what's really going on. Read More

www.nst.com.my:
Resolving dark side of the Internet. Read More

www.wired.com:
Codebusters Crack Encryption Key. Read More

www.fcw.com:
DOD's wireless safety net. Read More

www.guardian.co.uk:
New York man admits internet scam to defraud celebrities of $80m. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 7, 2002. Read More

07 october 2002

New Trojans:
Reverse Trojan 2.11

Retribution 2.6

Beast 1.7

Vulnerabilities & Exploits:
www.securitytracker.com:
Logsurfer Log File Analysis Tool Buffer Overflow May Let Remote Users Crash the Application. Read More

www.securitytracker.com:
BearShare File Sharing Input Validation Bug Lets Remote Users Access Files on the System. Read More

www.securitytracker.com:
Cisco Unity Default Configuration Allows Remote Users to Conduct Toll Fraud. Read More

www.securiteam.com:
phpRank Multiple Security Vulnerabilities. Read More

www.securiteam.com:
phpWebSite XSS Vulnerability. Read More

www.securiteam.com:
The Books Module for the PostNuke CMS XSS Vulnerability. Read More

www.securiteam.com:
phpMyNewsletter Include Security Vulnerability. Read More

News:
online.securityfocus.com:
E-mail worm Bugbear seen in dozens of countries. Read More

www.guardian.co.uk:
Dire warnings over email virus. Read More

www.computeruser.com:
ISS Ranks Worms as Biggest Net Threat. Read More

www.therecord.com:
Stealthy e-mail worm Bugbear is infecting computers worldwide. Read More

06 october 2002

New Trojans:
VB Troyen

GreenScreen 1.0

PC Remote 4.0 beta

Vulnerabilities & Exploits:
online.securityfocus.com:
Microsoft Windows XP System Restore Folder Permissions Weakness. Read More

www.securitytracker.com:
Xerox DocuShare May Disclose the Server's Internal IP Address to Remote Users. Read More

www.securitytracker.com:
Ximian Evolution Certificate Validation Flaw Allows Man-in-the-Middle Attacks. Read More

www.securitytracker.com:
CommonName Toolbar for Internet Explorer May Disclose Intranet Host Names to the Vendor. Read More

www.securitytracker.com:
Apache Web Server (1.3.x) Shared Memory Scoreboard Bug Lets Certain Local Users Issue Signals With Root Privileges. Read More

www.securitytracker.com:
IBM HTTP Server (IHS) Input Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
Bugzilla Bug Tracking Input Validation Errors Let Remote Users Execute SQL Commands on the System. Read More

www.securitytracker.com:
Jetty Java Server Bug in CGI Servlet Lets Remote Users Execute Specified Binaries. Read More

www.securitytracker.com:
Compaq Insight Manager Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securiteam.com:
Telnet/SSH Command Injection via PTrace. Read More

www.securiteam.com:
Cisco Secure Content Accelerator Vulnerable to SSL Worm. Read More

www.securiteam.com:
Predefined Restriction Tables Allow Calls to International Operator. Read More

www.securiteam.com:
FoxPro ODBC Driver Buffer Overflow via SQL OpenDataSource(). Read More

www.securiteam.com:
Unchecked Buffer in Windows Help Facility Could Enable Code Execution. Read More

www.securiteam.com:
SSL Certificate Validation Problems in Ximian Evolution. Read More

www.securiteam.com:
phpLinkat XSS Security Bug. Read More

www.securiteam.com:
Multiple Vulnerabilities in LogSurfer. Read More

www.dtmf.com.ar:
WindowsNT Buffer Overflow's From Start to Finish. Read More

News:
www.idg.net:
New worm, Opasoft, targets Windows systems. Read More

slashdot.org:
Bugbear Windows Virus Making the Rounds. Read More

www.extremetech.com:
Virus Update: Bugbear Worm Continues to Spread. Read More

www3.gartner.com:
Fixing the FBI's 'Top 20' Security Flaws Isn't Enough. Read More

www.theregister.co.uk:
Nigerian freight forwarding scam hits UK. Read More

www.theregister.co.uk:
Gosling: Microsoft's Java threat is financial, not technical. Read More

05 october 2002

New Trojans:
Remote Administrator 2.1

Net Control2 2.93

TelnetPro 2.0

Vulnerabilities & Exploits:
Debian Security Advisory
DSA-170-1 tomcat4 -- source code disclosure. Read More

online.securityfocus.com:
CommonName Toolbar Potential Information Leakage Weakness. Read More

www.securitytracker.com:
Microsoft Windows Help System Bug in Processing Compiled HTML Help Files Lets Remote Users Execute Arbitrary Commands in the Local Computer Security Zone. Read More

www.securitytracker.com:
Microsoft Services for Unix Interix SDK Bugs May Allow Denial of Service Conditions or May Execute Arbitrary Code. Read More

www.securitytracker.com:
Microsoft Data/Desktop Engine (MSDE) Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT. Read More

www.securitytracker.com:
Microsoft SQL Server Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
Microsoft Windows Operating System Compressed Folders Allow Arbitrary Files to Be Created. Read More

www.securitytracker.com:
Microsoft Windows Operating System Compressed Folders Allow Arbitrary Code to Be Executed. Read More

www.securitytracker.com:
Microsoft Windows Help System Buffer Overflow in 'hhctrl.ocx' Lets Remote Users Execute Arbitrary Code. Read More

www.securiteam.com:
Windows Help Buffer Overflow (Additional details). Read More

www.securitytracker.com:
SurfControl SuperScout Bug in Web Reports Server Lets Remote Users Gain Control of the Application. Read More

www.securitytracker.com:
OpenBSD Kernel Bug in 'setitimer' May Allow A Local User to Write to Kernel Memory. Read More

www.securitytracker.com:
Verity KeyView SDK Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
Lotus Notes Attachment Viewer Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
Net-snmp Null Pointer Dereferencing Flaw Lets Remote Users Crash the Daemon. Read More

www.securitytracker.com:
Aladdin StuffIt Archive Expander Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
Apache Web Server (2.x) SSI Server Signature Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securitytracker.com:
IBM SecureWay Firewall Can Be Hung By Remote Users Sending a Flood of Malformed TCP Packet. Read More

www.securiteam.com:
Another Cumulative Patch for SQL Server Released. Read More

News:
news.bbc.co.uk:
Bugbear e-mail virus causing havoc. Read More

zdnet.com.com:
Virus writers get Slapper happy. Read More

www.infoworld.com:
Worm, Opasoft, targets Windows systems. Read More

zdnet.com.com:
Malaysians see no trace of Bugbear author. Read More

www.newsfactor.com:
Microsoft Discloses Security Flaws. Read More

www.news.com.au:
US Government site hacked. Read More

www.ctnow.com:
Russian Hacker Sentenced to 3 Years. Read More

techupdate.zdnet.com:
Kevin Mitnick wants to help you stop hackers. Read More

www.fcw.com:
Security patch award due soon. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 4, 2002. Read More

04 october 2002

New Trojans:
Peeper 1.5

Pest Remote Keylogger

K.B.L. WebdownLoader 1.2

Vulnerabilities & Exploits:
Thor Larholm security advisory TL#004
Windows Help buffer overflow. Read More

online.securityfocus.com:
Apache Server Side Include Cross Site Scripting Vulnerability. Read More

www.securitytracker.com:
Sendmail Restricted Shell (smrsh) May Let Local Users Bypass Restrictions to Execute Code. Read More

www.securitytracker.com:
HP OpenVMS TCP/IP Services POP Mail Daemon May Give Local Users Elevated Privileges. Read More

www.securitytracker.com:
IBM AIX Operating System 'errpt' Command Buffer Overflow Can Give Root Privileges to Local Users. Read More

www.securitytracker.com:
HP LDAP-UX Integration Software Bug in 'pam_authz' May Let Remote Authenticated Users Gain Elevated Privileges. Read More

www.securiteam.com:
Multiple Vendor Long ZIP Entry Filename Processing Issues. Read More

www.securiteam.com:
Apache 1.3.x Shared Memory Scoreboard Vulnerabilities. Read More

www.securiteam.com:
Insecure XML-RPC Handling in Zope Reveals the Distribution Physical Location. Read More

www.securiteam.com:
GV Execution of Arbitrary Shell Commands (Additional details). Read More

News:
Internet Security Systems Security Alert
Bugbear Hybrid Threat Propagation. Read More

www3.gartner.com:
FrontPage Flaw Shows Security Still Challenges Microsoft. Read More

iris.lcs.mit.edu:
IRIS: Infrastructure for Resilient Internet Systems. Read More

www.theage.com.au:
Bugbear hits hard Down Under. Read More

quote.bloomberg.com:
Bugbear Virus Infects Thousands of Computers in 118 Countries. Read More

www.reuters.com:
Malaysia Questions Origin of Bugbear Computer Virus. Read More

quote.bloomberg.com:
Bugbear E-Mail Virus Infects Millions of Computers Worldwide. Read More

rtnews.globetechnology.com:
Microsoft posts four security alerts. Read More

www.idg.net:
New alerts have analysts doubting Microsoft security. Read More

online.securityfocus.com:
Report: Satellites at Risk of Hacks. Read More

online.securityfocus.com:
Defense Agency Leaves Shopping List Online. Read More

www.washingtonpost.com:
Ex-Hacker Preaches Unique Security Message. Read More

www.jpost.com:
Pro-Islamic militant hacker groups boost attacks security company says. Read More

www.jpost.com:
Hackers vandalize US government website. Read More

www.silicon.com:
BT says: Protect your network from professional hackers. Read More

www.globalwirelessnews.com:
World Bank study says GSM susceptible to hackers. Read More

www.fcw.com:
Security benchmark tools available. Read More

news.zdnet.co.uk:
Scientists find key to water-tight encryption. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 3, 2002. Read More

03 october 2002

New Trojans:
Ulysses 1.73

Fake 0.2

Wanadoo

Vulnerabilities & Exploits:
Westpoint Security Advisory:
Carello 1.3 Remote File Execution. Read More

Westpoint Security Advisory:
Jetty CGIServlet Arbitrary Command Execution. Read More

Westpoint Security Advisory:
MySQL Locally Exploitable Buffer Overflow. Read More

online.securityfocus.com:
Microsoft Internet Explorer Document Reference Zone Bypass Vulnerability. Read More

online.securityfocus.com:
GV GZip Archive Malicious File Name Command Execution Vulnerability. Read More

www.securitytracker.com:
Trolltech Qt/Desktop Bug Lets Remote Users Make the Target User's Qt Assistant Open Local HTML Files. Read More

www.securitytracker.com:
Winamp Media Player Buffer Overflow in Parsing Skin Files Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
WN Server Buffer Overflow in Processing GET Requests Lets Remote Users Execute Arbitrary Code. Read More

www.securitytracker.com:
SafeTP Secure FTP Server Discloses Internal IP Addresses to Remote Users. Read More

www.securitytracker.com:
MyNewsGroups :) Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securiteam.com:
Multiple Vulnerabilities in SuperScout Web Reports Server. Read More

www.securiteam.com:
Jetty CGIServlet Arbitrary Command Execution. Read More

www.securiteam.com:
MySQL Locally Exploitable Buffer Overflow (Windows). Read More

www.securiteam.com:
Apache 2 Cross-Site Scripting. Read More

www.securiteam.com:
Net-SNMP DoS Vulnerability. Read More

News:
Microsoft Security Bulletin MS02-054
Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048). Read More

Microsoft Security Bulletin MS02-055
Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255). Read More

Microsoft Security Bulletin MS02-056
Cumulative Patch for SQL Server (Q316333). Read More

Microsoft Security Bulletin MS02-057
Flaw in Services for Unix 3.0 Interix SDK Could Allow Code Execution (Q329209). Read More

www.theregister.co.uk:
Gartner slams MS security after latest flaw. Read More

www.computerworld.com:
Opinion: Secure software? Don't hold your breath. Read More

www.dallascon.com:
DallasCon Wireless Security Conference. Read More

www.forbes.com:
Infamous Hacker's Laptop Up For Auction. Read More

www.eweek.com:
Microsoft Puts Meat Behind Security Push. Read More

zdnet.com.com:
Bugbear virus finds IE hole. Read More

isp-planet.com:
Bugbear/Tanatos E-mail Worm Detected. Read More

www.nzherald.co.nz:
Virus attempts to override computer protection. Read More

www.theregister.co.uk:
Klez-H enjoying its final days on infamy? Read More

news.com.com:
FBI names most wanted security flaws. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 2, 2002. Read More

02 october 2002

New Trojans:
Ducktoy 1.2

Protoss 1.3m

RVC 0.92

Vulnerabilities & Exploits:
online.securityfocus.com:
Security side-effects of Word fields. Read More

www.secadministrator.com:
Buffer Overrun and Denial of Service in Microsoft FrontPage Server Extensions. Read More

online.securityfocus.com:
Eric S. Raymond Fetchmail Multidrop Mode Email Header Parsing Heap Overflow Vulnerability. Read More

online.securityfocus.com:
Sun ONE Starter Kit / ASTAware SearchDisc Search Engine Directory Traversal Vulnerability. Read More

www.securitytracker.com:
GNU Tar Utility Still Lets Malicious Archives Install Trojan Files on the Host in Other Directories When a Local User Extracts the Archive. Read More

www.securitytracker.com:
CGI-Telnet Perl Script for Web Servers Discloses Password File to Remote Users. Read More

www.securitytracker.com:
Allot's NetEnforcer Holes Let Local Users Gain Elevated Privileges on the System. Read More

www.securitytracker.com:
ASTAware SearchDisc Search Engine in SunONE Starter Kit Discloses Files to Remote Users. Read More

www.securitytracker.com:
Netgear ProSafe VPN Firewall Discloses Passwords Via Configuration Backup File. Read More

www.securiteam.com:
Multiple Vulnerabilities in WASD HTTP Server for OpenVMS. Read More

www.securiteam.com:
BearShare Directory Traversal Issue Resurfaces. Read More

www.securiteam.com:
Buffer Overflow in WN Server. Read More

www.securiteam.com:
Sendmail smrsh Bypass Vulnerabilities. Read More

www.securiteam.com:
Flood ACK Packets Cause an IBM SecureWay Firewall to Hang. Read More

News:
www.newscientist.com:
Viruses that also hack computers on the rise. Read More

www.theregister.co.uk:
Porn diallers and Trojans - the new face of malicious code. Read More

techupdate.zdnet.co.uk:
Unix tools track hackers. Read More

www.silicon.com:
Bugbear worm - how it works. Read More

www.theage.com.au:
New email virus making the rounds. Read More

www.theage.com.au:
Windows network worm spreading. Read More

news.com.com:
Bugbear virus targets Internet Explorer. Read More

www.washingtonpost.com:
Firms Respond to White House Cybersecurity Call. Read More

www.theregister.co.uk:
America's National Cybersecurity Strategy. Read More

www.cnn.com:
Security agency increases monitoring. Read More

online.securityfocus.com:
Mobile phone Java risks 'minimal'. Read More

www.business.scotsman.com:
Shutting the door on cyber criminals. Read More

www.jpost.com:
Pro-Islamic militant hacker groups boost attacks security company says. Read More

www.time.com:
What Spies Beneath. Read More

www.aftenposten.no:
Court OKs surfing for child porn. Read More

www.newsfactor.com:
Daily CyberCrime and Security Report for October 1, 2002. Read More

01 october 2002

New Trojans:
XLog 2.1

Remod 1.0

MultiDownloader 3.0 by Qroject

Tool:
prdownloads.sourceforge.net:
Remote Nmap (Rnmap) is a pair of client and server programs which allow for various authorized clients to run their port scans from a centralized server. New version rnmap_0.9.tar.gz. Read More

Vulnerabilities & Exploits:
bvlive01.iss.net:
Internet Security Systems Security Alert Summary AS02-39 September 30, 2002. Read More

www.securitytracker.com:
Jetty Java Server Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read More

www.securiteam.com:
NETGEAR FVS318 Firewall Router Username/Password Disclosure. Read More

www.securiteam.com:
Software Update Available for Legacy RapidStream Appliances and WatchGuard Firebox Vclass appliances. Read More

www.securiteam.com:
Microsoft PPTP Server and Client Remote Vulnerability. Read More

www.securiteam.com:
Exploitable Buffer Overflow in gv. Read More

www.securiteam.com:
Directory Traversal Vulnerability in Monkey. Read More

www.securiteam.com:
Jetty Cross-Site Scripting Vulnerability. Read More

www.securiteam.com:
SafeTP Reveals Internal Server IP Addresses. Read More

News:
uk.news.yahoo.com:
Bugbear worm opens backdoors. Read More

www.infoworld.com:
Virus poses as Microsoft security patch. Read More

www.itworld.com:
Insiders, not hackers, biggest information theft risk. Read More

news.com.com:
FBI to release computer-security updates. Read More

www.theregister.co.uk:
US P2P Hacking Bill draws support, critics. Read More

www.govexec.com:
Cybersecurity regulations imminent, industry and government warn. Read More

www.pcworld.com:
Web Site Defacements Hit All-Time High. Read More

www.vnunet.com:
The last of the true hackers. Read More

www.pcworld.com:
Internet Pirate Sentenced to Prison Time. Read More


Copyright� MegaSecurity.org