Home
News Archive    Translate Traducen
News november 2003
30 november 2003

New in Archive
DA-WEB 2.0

Tiny Shell 1.0

TemporalFTP 2.1

Guides, Papers, etc.
www.robertgraham.com:
DECOMPILED SOURCE FOR MS RPC DCOM BLASTER WORM. Read more

Vulnerabilities & Exploits
www.securityfocus.com:
Microsoft Internet Explorer MHTML Forced File Execution Vulnerability. Read more

www.securitytracker.com:
Applied Watch Command Center Authentication Flaw Lets Remote Users Add Accounts and IDS Rules. Read more

www.securitytracker.com:
Apache mod_python String Processing Bug Lets Remote Users Crash the Web Server. Read more

News
timesofindia.indiatimes.com:
Hackers strike sites at will, govt helpless. Read more

29 november 2003

New in Archive
Harvester 2003 (mail)

Fake Msn 1.0

Skatan-bot 0.02

RUX The TIc.K 3.0 (a)

Guides, Papers, etc.
www.securityfocus.com:
Fighting Spammers With Honeypots: Part 2. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
OpenCA Certificate Processing Flaws May Accept Revoked or Expired Certificates. Read more

www.securitytracker.com:
Microsoft Exchange 2003 With Outlook Web Access and Windows SharePoint Services May Grant Incorrect E-mail Account Access to Remote Authenticated Users. Read more

www.securitytracker.com:
phpBB Input Validation Flaw in 'search_id' Permits SQL Injection and Yields Administrative Access. Read more

www.securiteam.com:
EPIC4 CTCP Nicknames Buffer Overflow. Read more

News
money.cnn.com:
Microsoft probes new Explorer holes. Read more

www.theregister.co.uk:
Reseller touts home WLAN pack with easy to use security. Read more

www.infoanarchy.org:
Winny authors arrested in Japan. Read more

catless.ncl.ac.uk:
Old Nigerian scam nets $400,000. Read more

28 november 2003

New in Archive
PaSzCzuS 1.8

Remote-Anything 3.0.4

Dewin (k)

Guides, Papers, etc.
www.gilliss.com:
Packet Sniffing by Gregory Gilliss. Read more

Vulnerabilities & Exploits
www.secunia.com:
Microsoft Internet Explorer Multiple Vulnerabilities. Read more

www.safecenter.net:
Internet Explorer System Compromise Vulnerabilities. Read more

www.securitytracker.com:
RNN Guestbook Authentication Flaw in 'gbadmin.cgi' Yields Administrative Access to Remote Users. Read more

www.securitytracker.com:
GNU Screen Integer Overflow in 'ansi.c' May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
GnuPG ElGamal Signature Flaw May Disclose Type 20 ElGamal Private Keys to Remote Users. Read more

www.securitytracker.com:
snif Input Validation Flaw Discloses Files to Remote Users. Read more

www.securitytracker.com:
BIND 8 Negative Cache Poisoning May Cause Denial of Service Conditions. Read more

www.securitytracker.com:
My_eGallery Include File Flaw Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
RemotelyAnywhere Input Validation Flaw in 'autologon.html' Permits Remote Cross-Site Scripting Attacks. Read more

News
www.theregister.co.uk:
Spanish police arrest Raleka virus suspect. Read more

www.theregister.co.uk:
EU internet privacy laws tightened. Read more

www.centredaily.com:
`Wardrivers' prowl neighborhoods in search of free Internet. Read more

economictimes.indiatimes.com:
Cyber watchdogs to get stronger teeth. Read more

www.bakutoday.net:
Hero Hacker Does It Again. Read more

www.economist.com:
Fighting the worms of mass destruction. Read more

27 november 2003

New in Archive
FireNet

Sdbot (bx)

AircBot 1.0

Guides, Papers, etc.
www.securityfocus.com:
Fighting Spammers With Honeypots: Part 1. Read more

Vulnerabilities & Exploits
www.s-quadra.com:
FreeRADIUS <= 0.9.3 rlm_smb module stack overflow vulnerability. Read more

www.securitytracker.com:
Mac OS X Trust of DHCP-Provided Directory Servers Lets Remote Users Login With Root Privileges. Read more

www.securitytracker.com:
ChatZilla 'irc://' Server Name Buffer Overflow Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Macromedia JRun Input Validation Flaws in Administrative Interface Permit Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Xitami Malformed Header Request DoS. Read more

www.securiteam.com:
Thomson TCM315 Denial of Service (Long GET Request). Read more

www.securiteam.com:
Eudora LaunchProtect Bypassing. Read more

www.security-corporation.com:
Remotely anywhere Cross Site Scripting Vulnerability. Read more

News
www.digitmag.co.uk:
New security threat discovered in Microsoft's IE. Read more

itvibe.com:
Raleka virus writer arrested. Read more

news.bbc.co.uk:
E-commerce targeted by blackmailers. Read more

26 november 2003

New in Archive
The TIc.K 2003 beta

The TIc.K 2003

Cruel Intentionz 1.2 (b) server

Iroffer 1.2b09

Guides, Papers, etc.
Simulating and optimising worm propagation algorithms. (pdf) Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft Internet Explorer Invalid ContentType May Disclose Cache Directory Location to Remote Users. Read more

www.securitytracker.com:
Microsoft Internet Explorer MHT Redirect Flaws Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
CommerceSQL Shopping Cart Discloses Files to Remote Users. Read more

www.securitytracker.com:
Monit Buffer Overflow Lets Remote Users Obtain Root Privileges. Read more

www.securitytracker.com:
Pan Newsreader Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Thomson TCM315 Can Be Crashed By Remote Users. Read more

News
www.theregister.co.uk:
Scripting flaws pose severe risk for IE users. Read more

www.securityfocus.com:
Nachi worm infected Diebold ATMs. Read more

www.theregister.co.uk:
Trojan poses as naked XXX pics. Read more

news.zdnet.co.uk:
Sysbug Trojan jumps on sexual bandwagon. Read more

www.globetechnology.com:
Decades after creation, viruses defy cure. Read more

www.theregister.co.uk:
Busting the Worm Writers. Read more

www.thecouriermail.news.com.au:
Wireless security problem. Read more

25 november 2003

New in Archive
Atwinda

Attack FTP

Blastit (a)

News
www.theregister.co.uk:
Nigerian fraudsters 'shop early for Xmas'. Read more

news.com.com:
Exchange flaw could open up user accounts. Read more

www.theregister.co.uk:
Wi-Fi hacker caught downloading child porn. Read more

www.news.scotsman.com:
Staff warned as bosses begin to adopt Big Brother tactics. Read more

www.sunspot.net:
Hackers live by their own code. Read more

www.securitypipeline.com:
Programmer Charged With Making Violent "Spam Rage" Threats. Read more

24 november 2003

New in Archive
Hawk 1.1

Netzwerkchat 2.60

Andromeda 1.0

Tools
Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. Read more

Vulnerabilities & Exploits
PrimeBase SQL Database Server Discloses Database Passwords to Local Users. Read more

www.securitytracker.com:
SIRCD May Grant Operator Privileges to Remote Authenticated Users. Read more

www.securitytracker.com:
Mac OS X Finder Grants Privileged Directory Access to Local Admin Users. Read more

www.securitytracker.com:
Opera Buffer Overflow in Processing Skin Files May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
vbPortal 'friend.php' Script Lets Remote Users Send Anonymous E-mail. Read more

www.securiteam.com:
Sybase ASE Remote Password Array Denial of Service. Read more

www.securiteam.com:
WebFS Long File Overflow Exploit. Read more

www.securiteam.com:
Opera File Creation and Execution Exploit (Malicious Web Server). Read more

www.securiteam.com:
mod_gzip debug_mode Exploit Code. Read more

www.securiteam.com:
Microsoft SharePoint Portal and Team Services Vulnerability. Read more

www.securiteam.com:
FreeRADIUS "Tunnel-Password" Attribute Handling Vulnerability. Read more

www.securiteam.com:
HPUX dtmailpr Buffer Overflow Vulnerability (DISPLAY). Read more

News
www.securityfocus.com:
Exploit Code on Trial. Read more

23 november 2003

New in Archive
Messiah 1.0 v2

Tranzhva 1.0

Cabronator 2.1 client

Progenic Mail Trojan beta

xlbh 1.1

Vulnerabilities & Exploits
www.securitytracker.com:
Opera Input Validation Flaw in Opera MIME Types Lets Remote Users Write Arbitrary Files. Read more

www.securitytracker.com:
SGI IRIX rpc.mountd Bugs May Let Remote Users Access NFS Services. Read more

News
www.theregister.co.uk:
Michigan Wi-Fi hackers 'try to steal credit card details'. Read more

www.snpx.com:
War driving kiddie porn downloader busted using other peoples wireless networks. Read more

www.pcworld.com:
FTC Cracks Down on Internet Scams. Read more

22 november 2003

New in Archive
Oracle 1.0 client added

SWU32 1.03

Harvester 2003 v01

Vulnerabilities & Exploits
wwww.securitytracker.com:
OpenBSD semctl() and semop() Bugs Let Local Users Crash the System. Read more

wwww.securitytracker.com:
OpenBSD sysctl(3) Flaw Lets Local Users Crash the System. Read more

www.securitytracker.com:
Xitami Web Server Bug in Processing Certain HTTP POST Headers Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Sybase Adaptive Server Enterprise (ASE) Can Be Crashed By Remote Authenticated Users Sending Invalid Password Arrays. Read more

www.securitytracker.com:
FreeRADIUS String Tag Negative Integer Overflow Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
IBM AIX rcp Buffer Overflow Lets Local Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
Mac OS X Screen Effects Lets Physically Local Users Bypass Authentication and Access Dock Functions. Read more

www.securitytracker.com:
gm4 on Mac OS X Has Format String Flaw That May Allow Local Users to Gain Elevated Privileges. Read more

News
www.securityfocus.com:
New charges in Lowe's wi-fi hacks. Read more

www.theregister.co.uk:
UK ID theft gang jailed for �350K fraud. Read more

www.eweek.com:
Symantec CEO Warns of Drop in Internet Use. Read more

www.internetnews.com:
Debian Servers Hacked. Read more

times.hankooki.com:
Largest Internet Hacking Ring Uncovered. Read more

www.theregister.co.uk:
Bluejacking ain't hijacking. Read more

www.neowin.net:
Virus tries to con PayPal users. Read more

www.knxv.com:
Hacker life doesn't last forever. Read more

21 november 2003

New in Archive
Antylamus 0.2

x.l.b.h 1.0

MAD:RAT 1.0

Vulnerabilities & Exploits
www.rapid7.com:
Sybase ASE 12.5 Remote Password Array Denial of Service. Read more

www.securitytracker.com:
Effect Office Buffer Overflow Lets Remote Users Crash the Application. Read more

www.securitytracker.com:
Sun Solaris PGX32 Frame Buffer Has Buffer Overflow That Yields Root Privileges to Local Users. Read more

www.securitytracker.com:
Microsoft SharePoint May Let Remote Users Access Protected Pages Without Authenticating. Read more

News
www.usatoday.com:
PayPal spoof e-mail virus spread slowing. Read more

www.securitypipeline.com:
"Phishing" Identity Theft Is Gaining Popularity. Read more

seattlepi.nwsource.com:
3 indicted for hacking Lowe's system. Read more

www.sundaytimes.co.za:
I know! Let's have a hackers' union! Read more

20 november 2003

New in Archive
Paszczus 1.7

Rewind 1.2

iseekumona

Fearless Lite 1.01

Guides, Papers, etc.
patriot.net:
The Dark Side of NTFS (Microsoft�s Scarlet Letter). Read more

www.giac.org:
Windows, NTFS and Alternate Data Streams. (pdf) Read more

www.securityfocus.com:
Home User Security: Your First Defense. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Kerio WinRoute Firewall Discloses Authentication Data to Remote Sites When Using Proxy Authentication. Read more

www.securitytracker.com:
Half-Life Dedicated Server Discloses Configuration Files to Remote Users if Downloads Are Permitted. Read more

www.securitytracker.com:
Apple 'sudo' on Laptops May Let Local Users Execute Commands Without Authenticating. Read more

www.securiteam.com:
Opera Skinned and Opera Directory Traversal (Exploit). Read more

www.securiteam.com:
IA WebMail Server Buffer Overflow Vulnerability (Exploit). Read more

www.securiteam.com:
OpenBSD exec_ibcs2_coff_prep_zmagic() Kernel Stack Overflow. Read more

News
www.theage.com.au:
Gobo goes over to the other side. Read more

www.oaklandtribune.com:
Sandia Labs studies phony computer network for hackers. Read more

www.washingtonpost.com:
Hackers Did Not Cause Blackout - Report. Read more

www.heraldsun.news.com.au:
Hackers can needle out website data. Read more

www.theage.com.au:
Hacker gang uncovered in South Korea. Read more

news.com.com:
'Spyware' steps out of the shadows. Read more

19 november 2003

New in Archive
Hawk Loader 1.0

dmass 1.0

Beast 2.02(b) server

Starcross 1.0

Guides, Papers, etc.
www.securityfocus.com:
Oracle Row Level Security: Part 2. Read more

www.net-security.org:
Worms Of The Future: Trying To Exorcise The Worst. (pdf) Read more
This is a research paper on the security (or lack of) within computer systems and ways of improvement with respect to mobile and hostile code such as worms.

www.net-security.org:
Flooding From The Underground - A Global Threat. (pdf) Read more
When Khaled Mardam-Bey developed an IRC client for the Windows platform, I doubt he envisaged mIRC becoming the basis for the control of an immeasurable number of compromised machines in bot-nets. Khaled has the original authors of the Global-Threat (GT) bot to thank for that.

Vulnerabilities & Exploits
www.securitytracker.com:
SqWebMail URL-based Session IDs Let Remote Users Hijack E-mail Sessions. Read more

www.securitytracker.com:
HP-UX dtmailpr Buffer Overflow Lets Local Users Grab Root Privileges. Read more

www.securitytracker.com:
HP-UX CDE Has Unspecified Flaw That Allows Remote Denial of Service. Read more

www.securitytracker.com:
Koch Roland's PHP Gastebuch Input Validation Flaw in '$path' Variable Permits Remote Code Execution. Read more

www.securitytracker.com:
SAP DB web-tools Have Multiple Flaws That Disclose Files, Permit Remote Code Execution, and Grant Access to Remote Users. Read more

www.securitytracker.com:
phpWebFileManager Input Validation Flaw in 'f' Variable Discloses Files to Remote Users. Read more

www.securitytracker.com:
OpenBSD Kernel ibcs Overflow Yields Root Privileges to Local Users. Read more

www.securitytracker.com:
NetServe Discloses Files on the System to Remote Users. Read more

www.securitytracker.com:
iPlanet Web Server Log Analyzer Input Filtering Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks Against Administrators. Read more

www.securitytracker.com:
SAP DB 'niserver' Buffer Overflow Lets Remote Users Gain Root/LocalSystem Privileges. Read more

www.securitytracker.com:
SAP DB NETAPI32.DLL Path Specification Flaw Lets Local Users Gain SYSTEM Privileges. Read more

News
www.theregister.co.uk:
Cisco combats network worms. Read more

www.theregister.co.uk:
Proposed: a Bounty for Bugs. Read more

www.nzherald.co.nz:
Phony card scam parts unwary customers from funds. Read more

www.smh.com.au:
Teenager hacked into Cambridge Uni, court told. Read more

www.theregister.co.uk:
The economics of spam. Read more

www.theregister.co.uk:
New worm scams PayPal punters. Read more

www.theregister.co.uk:
'Police abduction warning' email is a hoax. Read more

home.hamptonroads.com
ID theft outrunning laws and technology. Read more

zdnet.com.com:
Report: Net attacks increasing. Read more

18 november 2003

New in Archive
Jump Trojan 2.0

Rewind 1.1

Mind Control 7.0

Tools
Hackbot is a vulnerability scanner that started as a joke at first, but now it has become a serious project. Hackbot scans over 300 CGI's, scans for banners of several services, does unicode checks, checks for open relays, outsmarts Cisco PIX MailGuard, can do ripe checkup, spamcop db checkup, X connect test and lots more. Read more

Vulnerabilities & Exploits
www.securiteam.com:
pcAnywhere Allows Local Users to Become SYSTEM. Read more

www.guninski.com: OpenBSD kernel overflow, yet still *BSD much better than windows. Read more

www.debian.org:
DSA-402-1 minimalist -- unsanitised input. Read more

www.atstake.com:
Multiple Issues with SAP DB Web-tools. Read more

www.securitytracker.com:
Minimalist Input Validation Flaw Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
monopd Game Daemon Race Condition May Let Remote Users Deny Service. Read more

www.securitytracker.com:
Zebra netlink Message Spoofing May Let Local Users Deny Service. Read more

www.securitytracker.com:
Quagga Routing Software Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Zebra Routing Software Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Solaris cachefsd cfsd_calloc() Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters. Read more

www.securiteam.com:
Multiple Issues with SAP DB Web-tools. Read more

www.securiteam.com:
SAP DB Privilege Escalation/Remote Code Execution. Read more

News
pcworld.idg.com.au:
Attack code surfaces for latest Windows vulnerability. Read more

www.theregister.co.uk:
Road Runner messages 'censored', newsgroups complain. Read more

www.internetweek.com:
Gates Thinks Seamless And Secure. Read more

www.computerweekly.com:
How to secure a wireless Lan. Read more

news.bbc.co.uk:
Pickpockets turn to technology. Read more

www.dailystar.com.lb:
Computer hacking: potentially a new kind of war in the Middle East. Read more

www.homechannelnews.com:
FBI arrests Michigan duo for hacking Lowe�s system. Read more

17 november 2003

New in Archive
Lyusane 0.5

G.R.O.B. 4.0.8

Red ZONE 6.5 (c) server

Wintro 1.0

Vulnerabilities & Exploits
www.debian.org:
DSA-401-1 hylafax -- format strings. Read more

www.securitytracker.com:
monopd Game Daemon Race Condition May Let Remote Users Deny Service. Read more

www.securitytracker.com:
Zebra netlink Message Spoofing May Let Local Users Deny Service. Read more

www.securitytracker.com:
Quagga Routing Software Can Be Crashed By Remote User. Read more

www.securitytracker.com:
Zebra Routing Software Can Be Crashed By Remote Users. Read more

www.securiteam.com:
Solaris cachefsd cfsd_calloc() Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters. Read more

www.securiteam.com:
Planet Network Switch Default Administrative User. Read more

News
news.com.com:
Gates addresses spam, security flaws at Comdex. Read more

reviews-zdnet.com.com:
It wasn't me, it was the Trojan horse. Read more

www.rednova.com:
Encryption Technology Promises Unbreakable Codes. Read more

www.net4nowt.com:
Tracking the underground hackers. Read more

www.khaleejtimes.com:
New Zealand police warn about gold credit card scam from China. Read more

16 november 2003

New in Archive
Optix Pro 1.32 server

Snow 1.3

Phantom FTP server 2.0(b)

DTr 1.6 (a)

Vulnerabilities & Exploits
www.securitytracker.com:
monopd Game Daemon Race Condition May Let Remote Users Deny Service. Read more

www.securitytracker.com:
Zebra netlink Message Spoofing May Let Local Users Deny Service. Read more

www.securitytracker.com:
Quagga Routing Software Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Zebra Routing Software Can Be Crashed By Remote Users. Read more

News
news.xinhuanet.com:
Experts warn of "New Happy Time" computer virus. Read more

www.broadbandreports.com:
Mimail-I Paypal Scam. Read more

kyw.com:
Beware Of Internet Scam. Read more

www.computerworld.com:
Phishers and bugs: New worm uses PayPal scam. Read more

money.guardian.co.uk:
Nigerian email conmen fall into their targets' net. Read more

15 november 2003

New in Archive
Perfect Keylogger 1.47

Remote Computer Control Center 1.25

Mind Control 6.0

Tools
Remote Access Session is a security tool to analyze the integrity of systems.
The program tries to gain access to a system using the most advanced techniques of remote intrusion.
It can either work in normal mode (which is fast) or hard mode (which is more intensive).
There is a big difference between Remote Access Session and other remote security audit tools.
If Remote Access Session finds a remote vulnerability that gives user account or root,
it will try to exploit it and it will return a shell. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
PostMast Proxy Server Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
MyServer Can Be Crashed With Specially Crafted URLs. Read more

www.securitytracker.com:
Web Wiz Forums Registration Scripts Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
WebWasher Classic Proxy Input Validation Flaw Permits Remote Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
HP-UX Partition Manager (parmgr) Certification Validation Flaw May Grant Access to Remote Users. Read more

www.securitytracker.com:
Symantec pcAnywhere Help Interface Yields SYSTEM Privileges to Users. Read more

www.securitytracker.com:
iproute netlink Message Spoofing May Let Local Users Deny Service. Read more

www.securitytracker.com:
glibc getifaddrs() Message Spoofing May Let Local Users Deny Service. Read more

www.securitytracker.com:
terminatorX Multipe Buffer Overflows Lets Local Users Execute Arbitrary Code with Root Privileges. Read more

News
www.theregister.co.uk:
Phishing and viral tech combines in new menace. Read more

www.sundaytimes.co.za:
FNB Card Security Week: What you should know when transacting online. Read more

www.theregister.co.uk:
Al Jazeera hacker gets community service. Read more

news.bbc.co.uk:
Cracking the hacker underground. Read more

14 november 2003

New in Archive
Fearless Lite 1.0

Netrunner 2.5

Minicom 3.6.4.1

Vulnerabilities & Exploits
www.securitytracker.com:
PeopleSoft PeopleTools iClient Lets Remote Users Upload and Execute Arbitrary Commands. Read more

www.securitytracker.com:
PeopleSoft PeopleTools Discloses Installation Path to Remote Users. Read more

www.securitytracker.com:
iproute netlink Message Spoofing May Let Local Users Deny Service. Read more

www.securitytracker.com:
glibc getifaddrs() Message Spoofing May Let Local Users Deny Service. Read more

www.securitytracker.com:
terminatorX Multipe Buffer Overflows Lets Local Users Execute Arbitrary Code with Root Privileges. Read more

www.securitytracker.com:
SCO UNIX procfs 'as' Access Control Flaw Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
PHP-Coolfile 'action.php' Discloses Administrative Password in 'config.php'. Read more

www.securitytracker.com:
BEA WebLogic Configuration Error May Disclose MBean Data to Remote Users. Read more

www.securitytracker.com:
BEA WebLogic Node Manager Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
BEA WebLogic T3S Protocol May Not Encrypt Connections in Certain Cases. Read more

www.securitytracker.com:
BEA WebLogic May Disclose JMS Provider Passwords to Local or Remote Authenticated Users. Read more

www.securitytracker.com:
FortiGate Firewall Admin Interface Input Validation Flaw Permits Remote Cross-Site Scripting Attacks Against Administrators. Read more

www.securitytracker.com:
Clam AntiVirus 'clamav-milter' Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
BEA WebLogic Input Validation Flaw in Proxy Plug-in Lets Remote Users Crash the Service With Malformed URLs. Read more

www.securitytracker.com:
Opera Browser Input Validation Flaw in opera: Protocol Permits Remote Directory Traversal. Read more

www.securitytracker.com:
Opera MIME Types Let Remote Users Place Arbitrary Files in Certain Directories on the Target System. Read more

www.securiteam.com:
terminatorX Exploitable Stack-Based Overflow (load_tt_part()). Read more

News
www.theregister.co.uk:
East European gangs in online protection racket. Read more

zdnet.com.com:
Trojan hides in fake Citibank e-mail. Read more

www.theregister.co.uk:
Microsoft's New Security Mojo. Read more

news.com.com:
Al-Jazeera hacker sentenced. Read more

economictimes.indiatimes.com:
Zombie machines fuel cyber crime wave. Read more

www.nbr.co.nz:
Is that a virus in your cellphone or are you just being paranoid ? Read more

13 november 2003

New in Archive
WinEggDrop Shell Eternity

srvcmd

Ptakks resurrecion r2.c

Vulnerabilities & Exploits
www.securiteam.com:
Nokia IPSO Script Injection Vulnerability. Read more

www.securiteam.com:
Cumulative Security Update for Internet Explorer (MS03-048). Read more

www.securiteam.com:
Windows Workstation Service Remote Buffer Overflow (Exploit). Read more

www.securiteam.com:
Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (MS03-050). Read more

www.securiteam.com:
Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (Technical Details, MS03-051). Read more

News
www.securityfocus.com:
Banking Scam Revealed. Read more

www.theregister.co.uk:
One, two, three, four MS patches at our door. Read more

www.theregister.co.uk:
WorldPay recovers from massive attack. Read more

www.securityfocus.com:
Wireless hacking bust in Michigan. Read more

12 november 2003

New in Archive
PcShare 2.0

PasswordAngel

Vulnerabilities & Exploits
xforce.iss.net:
Microsoft Workstation Service Buffer Overflow. Read more

www.securitytracker.com:
Microsoft Works Macro Name Length Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Word Macro Name Length Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Excel Macro Security Flaw Lets Remote Users Execute Arbitrary Macro Codes. Read more

www.securitytracker.com:
Microsoft SharePoint Team Services Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft FrontPage Server Extensions Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Microsoft Windows Workstation Service (wkssvc.dll) Buffer Overflow Lets Remote Users Execute Arbitrary Code with System Privileges. Read more

www.securitytracker.com:
Fujitsu tsworks Attachment Expansion Buffer Overflow May Permit Remote Code Execution. Read more

www.securitytracker.com:
UnAce File Name Buffer Overflow May Allow Remote Code Execution. Read more

www.securitytracker.com:
Symbol Technologies PDT 8100 Default WEP Keys May Grant Remote Users Access to the Network. Read more

www.securitytracker.com:
DailyDose Input Validation Flaw in $template Variable Permits Remote OS Command Execution. Read more

www.securitytracker.com:
Eudora Buffer Overflow During Reply-To-All Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Bugzilla Javascript Buglists May Disclose Restricted Data to Remote Users. Read more

www.securitytracker.com:
tc.SimpleWebServer '.../' Directory Traversal Flaw Discloses Files to Remote Users. Read more

www.securitytracker.com:
(Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
Hylafax Format String Flaws in 'hfaxd' Yield Root Privileges to Remote Users. Read more

www.securitytracker.com:
EPIC4 Buffer Overflow in Processing CTCP Nicknames May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Conquest Game Buffer Overflows Let Local Users Obtain Elevated Privileges. Read more

www.securitytracker.com:
AOL Instant Messenger Can Be Disconnected By Remote Users Sending Spoofed FIN or SYN Scans. Read more

www.securiteam.com:
Unace Exploitable Buffer Overflow (Filename). Read more

www.debian.org:
DSA-400-1 omega-rpg -- buffer overflow. Read more

News
Microsoft Security Bulletin MS03-049
Buffer Overrun in the Workstation Service Could Allow Code Execution (828749). Read more

Microsoft Security Bulletin MS03-050
Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run. Read more

Microsoft Security Bulletin MS03-051
Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution. Read more

www.microsoft.com:
How to Tell If a Microsoft Security-Related Message Is Genuine. Read more

www.bizreport.com:
Microsoft Warns of Latest Software Holes. Read more

www.taipeitimes.com:
Citibank discovers flaw in security. Read more

www.theregister.co.uk:
Eudora users warned over 'reply to all' trick. Read more

news.com.com:
Did hackers expose N-Gage games? Read more

www.guardian.co.uk:
Cyber-terror crackdown sparks civil rights fears. Read more

www.esj.com:
Commentary: Computer Explosion Equals Virus Explosion. Read more

11 november 2003

New in Archive
Sweet Heart 1.0 (b)

Skull-Burrow 3.0 (f)

Webserver LITE 1.0

Kavar 3.0

Vulnerabilities & Exploits
www.securitytracker.com:
phpBB Input Validation Flaw in 'profile.php' Lets Remote Users Inject SQL Commands. Read more

www.debian.org:
DSA-398-1 conquest -- buffer overflow. Read more

www.debian.org:
DSA-399-1 epic4 -- buffer overflow. Read more

News
news.independent.co.uk:
Hackers, shopfronts and worms: How fraud on the internet costs customers �100,000 a day. Read more

www.securityfocus.com:
Singapore government given sweeping powers to monitor computer activity. Read more

www.theregister.co.uk:
FBI on look-out for foreign government hackers. Read more

timesofindia.indiatimes.com:
No-holds barred cyber war. Read more

www.washtimes.com:
Spam harmed economy more than hackers, viruses. Read more

reviews-zdnet.com.com:
Why Microsoft's hacker bounty is wasted money. Read more

www.thelouisvillechannel.com:
Computer Hackers Find New Stomping Ground. Read more

www.msnbc.com:
Who falls for e-mail scams? Read more

www.internetweek.com:
The Mind Of A Hacker. Read more

10 november 2003

New in Archive
Nethief XP (a)

NetBull 1.1 (b)

August 1.0(b)

Vulnerabilities & Exploits
www.securitytracker.com:
IBM DB2 'db2start', 'db2stop', and 'db2govd' Flaws May Yield Root Privileges to Local Users. Read more

www.securitytracker.com:
Net-SNMP May Let Remote Authenticated Users Access Excluded Objects. Read more

www.securiteam.com:
Microsoft Windows XP/2000 Remote Return into Libc Exploit (RPC, DCOM). Read more

www.securiteam.com:
phpBB 'u' Variable SQL Injection. Read more

www.securiteam.com:
0verkill Environment Variable Buffer Overflow. Read more

News
www.theage.com.au:
Hackers reach Defence files: report. Read more

www.heraldsun.news.com.au:
Hackers steal top secrets. Read more

www.infoworld.com:
Virus writers dismiss Microsoft's bounty fund. Read more

www.detnews.com:
Security flaws hit Microsoft. Read more

www.swissinfo.org:
Scientists seek to plug gaps in computer security. Read more

09 november 2003

New in Archive
Legendmir 1.03

Legendmir 1.5

Sdbot china

Tools
packetstormsecurity.nl:
Proof of concept PAM backdoor for Linux and FreeBSD that adds a magic password. Download

Guides, Papers, etc.
www.securityfocus.com:
Oracle Row Level Security: Part 1. Read more

News
www.theregister.co.uk:
AV vendors shun MS bounty hunters. Read more

www.securityfocus.com:
Ashcroft takes on foreign government hackers. Read more

news.bbc.co.uk:
A glimpse inside the virus writer. Read more

www.theregister.co.uk:
MS releases Office 2003 bug fix. Read more

www.detnews.com:
Security flaws hit Microsoft. Read more

08 november 2003

New Trojans
PtakkS resurrecion r3

Sweet Heart 1.0 (c)

DarkSky 1.0 v2

Vulnerabilities & Exploits
www.debian.org:
DSA-397-1 postgresql -- buffer overflow. Read more

www.securitytracker.com:
HP-UX libc Flaw Prevents NLSPATH From Being Appropriately Restricted. Read more

www.securitytracker.com:
HP Software Distributor Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

News
www.securitypipeline.com:
More Internet Explorer Vulnerabilities Surface. Read more

www.securityfocus.com:
Ashcroft takes on foreign government hackers. Read more

www.theregister.co.uk:
Linux kernel backdoor blocked. Read more

news.bbc.co.uk:
Retailers count cost of Worldpay attack. Read more

www.accountancyage.com:
Funding to fight cybercrime unlikely to rise. Read more

www.detnews.com:
At Microsoft, security flaws emerge as threat to bottom line. Read more

07 november 2003

New Trojans
Devil 5

Snake 1.0 beta 1

Snake 1.0 beta 2

Guides, Papers, etc.
www.winnetmag.com:
NAT Transversal. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
Mac OS X Terminal Bug May Let Remote Users Gain Access to the System. Read more

www.securitytracker.com:
CDE libDTHelp Buffer Overflow Lets Local Users Execute Arbitrary Code With Root Privileges. Read more

www.securitytracker.com:
OpenBSD Kernel Bug in Processing File Headers Lets Local Users Crash the System. Read more

www.securiteam.com:
TelCondex SimpleWebserver Buffer Overflow (Exploit). Read more

www.securiteam.com:
Serious Sam DoS. Read more

www.securiteam.com:
BEA Tuxedo Administration CGI Multiple Argument Issues. Read more

www.securiteam.com:
Plug and Play Web Server '/asdf.?' DoS. Read more

www.securiteam.com:
BRS WebWeaver User-Agent DoS. Read more

www.securiteam.com:
LiteServe Buffer Overflow in Handling Server's Log. Read more

News
www.securityfocus.com:
Thwarted Linux backdoor hints at smarter hacks. Read more

www.business.scotsman.co:
Hackers in attack on RBS credit card firm. Read more

zdnet.com.com:
Microsoft bounty to disrupt virus writers? Read more

rss.com.com:
Gap in Windows lets in pop-ups, says FTC. Read more

www.techworld.com:
Bad day for WLAN security. Read more

zdnet.com.com:
Researcher warns Wi-Fi users of bad passwords. Read more

techfocus.org:
Again: Microsoft Forgets to Renew Domain Name. Read more

06 november 2003

New Trojans
Snow 3.0

Vagr Nocker 5.0

NT Shell 1.0

Tools
www.pentest.co.uk:
Btscanner is a tool designed specifically to extract as much information as possible from a Bluetooth device without the requirement to pair. Read more

Guides, Papers, etc.
www.securityfocus.com:
Wireless Intrusion Detection Systems. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
OpenSSL ASN.1 Parsing Recursion May Let Remote Users Crash OpenSSL-based Applications. Read more

www.securitytracker.com:
X-CD-Roast Symlink Flaw May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
LiteServe Log Viewer Buffer Overflow May Let Remote Users Execute Arbitrary Code on the Target System. Read more

www.securitytracker.com:
NIPrint Print Server Help File Bug Lets Local Users Execute Shell Commands With SYSTEM Privileges. Read more

www.securitytracker.com:
NIPrint Print Server Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
OpenBSD ISAKMP Daemon (isakmpd) May Let Remote Users Delete Arbitrary Security Associations. Read more

www.securitytracker.com:
Oracle Application Server Portal Component Permits Remote SQL Injection, Graning Access to Remote Users. Read more

www.securitytracker.com:
Bugzilla May Disclose Data Summaries to Remote Users and Let Privileged Authenticated Users Execute Arbitrary SQL Commands. Read more

www.securitytracker.com:
Unichat Character Processing Flaw Lets Remote Users Crash a Target User's Client. Read more

www.securitytracker.com:
SHOUTcast Server 'icy-name' and 'icy-url' Buffer Overflow Lets Remote Authenticated Users Crash the Server. Read more

www.securitytracker.com:
CUPS IPP Busy Loop May Let Remote Users Deny Service. Read more

www.securitytracker.com:
DBMail SMTP Input Validation Flaw Lets Remote Users Execute Arbitary Commands in a Certain Configuration. Read more

www.securitytracker.com:
Ethereal Buffer Overflows in GTP, ISAKMP, MEGACO, and SOCKS Dissectors Permit Remote Code Execution. Read more

www.securiteam.com:
NIPrint LPD-LPR Print Server (Cross Platform Exploit). Read more

www.securiteam.com:
OpenBSD ibcs2 Kernel Panic (Exploit). Read more

www.securiteam.com:
Denial of Service in ASN.1 Parsing. Read more

News
www.theregister.co.uk:
MS puts $250k bounty on virus authors' heads. Read more

www.washingtonpost.com:
Microsoft Puts Bounty on Virus Authors. Read more

economictimes.indiatimes.com:
Brazil police bust gang of Internet hackers. Read more

www.web-user.co.uk:
WorldPay toppled by hack attack. Read more

www.bizreport.com:
'DDoS' Attacks Still Pose Threat to Internet. Read more

zdnet.com.com:
'Homeless Hacker' speaks out. Read more

www.theregister.co.uk:
Italian charged in porn dialler virus scam. Read more

05 november 2003

New Trojans
Nuclear RAT 1.0

Crnet1.1

InclineRoad 1.0

Guides, Papers, etc.
guh.nu:
How to install VNC via a remote command prompt on a Windows 2000 computer. Read more

Vulnerabilities & Exploits
www.guninski.com:
OpenBSD kernel panic, yet still *BSD much better than windows. Read more www.securitytracker.com:
Web Wiz Forums Discloses Private Messages to Remote Users. Read more

www.securitytracker.com:
Tritanium Bulletin Board Discloses Messages to Remote Authenticated Users. Read more

www.securitytracker.com:
Plug and Play Web Server Proxy Service Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
IA WebMail Server Buffer Overflow in Processing HTTP Headers Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
NIPrint LPD-LPR Print Server (Exploit). Read more

www.securiteam.com:
IA WebMail Server Buffer Overflow Exploit. Read more

www.securiteam.com:
Aborting the OS X's Init Script Allows Gaining of Root Console. Read more

www.securiteam.com:
Multiple Payload Handling Flaws in ISAKMPd. Read more

www.securiteam.com:
NIPrint LPD-LPR Print Server (Long Request). Read more

www.securiteam.com:
IA WebMail Server Buffer Overflow Vulnerability. Read more

www.securiteam.com:
VMware GSX Server Remote Buffer Overflow (GLOBAL). Read more

www.securiteam.com:
OpenAutoClassifieds Cross-Site Scripting Vulnerability. Read more

News
news.com.com:
Microsoft to offer bounty on hackers. Read more

www.whatpc.co.uk:
Ex-hackers 'rubbish at security'. Read more

www.denverpost.com:
New rules cut hackers less slack. Read more

www.theregister.co.uk:
Israeli man charged with hacking Mossad. Read more

www.bizreport.com:
'DDoS' Attacks Still Pose Threat to Internet. Read more

www.theregister.co.uk:
Security fears over UK 'snooper's charter'. Read more

www.mytown.co.nz:
E-mail scam extracts bank customer details. Read more

04 november 2003

New Trojans
Hanky Panky 1.0

Hanky Panky 1.1

Rexec

Vulnerabilities & Exploits
www.securitytracker.com:
BRS WebWeaver Can Be Crashed By Remote Users Sending Long 'User-Agent' Contents. Read more

www.securitytracker.com:
Sun Java File Installation Hole Lets Local Users Overwrite Files During Installation. Read more

www.securiteam.com:
SHOUTcast Server Buffer Overflow (icy-name, icy-url). Read more

News
www.theregister.co.uk:
Dangerous Mimail variant knocks over anti-spam sites. Read more

www.mytown.co.nz:
E-mail scam extracts bank customer details. Read more

www.networknews.co.uk:
Web hoaxes set to increase. Read more

www.theregister.co.uk:
Brazilian script kiddie arrested in Japan. Read more

www.informationweek.com:
Longhorn May Pose Security Concerns. Read more

www.haaretz.com:
Israeli arrested for hacking Mossad espionage agency site. Read more

03 november 2003

New Trojans
Skull-Burrow 3.0b (l)

Yulihubot 1.1

Trojan B'Gone 1.0

Vulnerabilities & Exploits
www.securiteam.com:
Wu-FTPd Remote DoS (/bin/ls). Read more

www.securiteam.com:
Default Password List (Default passwords sometimes stay for good). Read more

www.securiteam.com:
BEA WebLogic Example InteractiveQuery.jsp XSS Issue. Read more

www.securiteam.com:
Unauthorized Message Access in Web Wiz Forums. Read more

www.securiteam.com:
TelCondex SimpleWebserver Buffer Overflow. Read more

www.securiteam.com:
Mac OS X Panther Screen Lock Bypass. Read more

www.securiteam.com:
MPM Guestbook Multiple Vulnerabilities (CSS, Path Disclosure). Read more

www.securiteam.com:
tHTTPd Virtual Hosting Security Hole (Host: ../..). Read more

www.securiteam.com:
Buffer Overflow in PostgreSQL's cash_words(). Read more

www.securiteam.com:
Buffer Overflow in PostgreSQL's lpad() and rpad(). Read more

www.securiteam.com:
Buffer Overflow in PostgreSQL's repeat(). Read more

www.securiteam.com:
PostgreSQL to_ascii() Buffer Overflow Vulnerability. Read more

News
grep.law.harvard.edu:
New Worm Steals Your Data. Read more

www.heraldsun.news.com.au:
Internet phone slug. Read more

www.yomiuri.co.jp:
Boy hacker arrested over violation of computer law. Read more

www.computerweekly.com:
Briton pleads guilty to US nuclear lab hacking attack. Read more

02 november 2003

New Trojans
HG-Web Downloader 1.0

Raza FTP 1.0

DSK-Lite (a) version 2

Guides, Papers, etc.
www.hert.org:
Backdooring Binary Objects. Read more

Vulnerabilities & Exploits
www.securitytracker.com:
frox FTP Proxy Can Be Crashed By Remote Users Conducting Port Scans.

www.securitytracker.com:
Novell ZENworks Buffer Overflow in PMAP.NLM Lets Remote Users Crash the System. Read more

www.securitytracker.com:
Novell NetWare Buffer Overflow in PMAP.NLM Lets Remote Users Crash the System. Read more

www.securitytracker.com:
Booby Error Page Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft Internet Explorer IFRAME Refresh Lets Remote HTML Access Local Files. Read more

www.securitytracker.com:
Citrix MetaFrame Input Validation Flaw in 'NFuse_Message' Variable Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
VMware GSX Server Buffer Overflow in VMware Authorization Service Input Lets Remote Users Execute Arbitrary Code. Read more

News

01 november 2003

New Trojans
Pilot 1.0.5

Remote Shut 1.1

Taladrator 2.1(b) server

PwlTools with dropper

Vulnerabilities & Exploits
www.securitytracker.com:
LedForums 'Top Message' Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
FlexWATCH Network Video Server Authentication Flaw Grants Administrative Access to Remote Users. Read more

www.securitytracker.com:
iWeb Server '%5C' Input Validation Flaw Discloses Files on the System to Remote Users. Read more

News
www.pcworld.com:
New Worm Steals User Data. Read more

www.chron.com:
Sealed with a kiss, new e-mail virus spreading. Read more

www.theregister.co.uk:
The conspiracy against our in-boxes. Read more

www.timesonline.co.uk:
Founder of Redbus denies hacking. Read more

news.zdnet.co.uk:
Worms and toasters turn up heat on corporate security. Read more


Copyright� MegaSecurity.org