Home    News Archive    Translate Traducen

News February 20003

28 february 2003 New Trojans: Lithium 1.01 server (version b) Little Witch 6.1 (f) server Unknown server Delf.ax (030226) Unknown server (030227) EagleBoy 1.0 Vulnerabilities & Exploits: www.securitytracker.com: Microsoft Internet Explorer Vulnerable Codebase Object Lets Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: CuteNews Include File Flaw Lets Remote Users Execute Arbitrary Commands on the Server. Read more www.debian.org: DSA-255-1 tcpdump -- infinite loop. Read more www.debian.org: DSA-254-1 traceroute-nanog -- buffer overflow. Read more www.securitytracker.com: VERITAS Bare Metal Restore for Tivoli Storage Manager Has Unspecified Flaw That Yields Root Privileges to Remote Users. Read more www.securitytracker.com: GroupWise WebAccess Input Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: Nokia 6210 Mobile Phone Format String Flaw in Processing SMS vCards Lets Remote Users Crash the Phone. Read more www.securitytracker.com: Columbia SIP User Agent (sipc) SIP Protocol Bugs Let Remote Users Deny Service. Read more www.securitytracker.com: ClarkConnect Gateway Discloses Information About the System to Remote Users. Read more News: www.net-security.org: Trojans Used to Spread Massive Infections on the Increase. Read more star-techcentral.com: Security flaw found in Windows ME. Read more www.net-security.org: MS-Windows ME IE/Outlook/HelpCenter Critical Vulnerability. Read more theregister.co.uk: Cryptome Hacked. Read more www.wired.com: Credit Card Cos. Watch Own Backs. Read more www.smh.com.au: Help, they took my identity. Read more theregister.co.uk: Bloomberg hacker convicted of extortion. Read more www.securitynewsportal.com: Federal police seizing control of domain names for Web sites that allegedly violate the law. Read more www.securityfocus.com: Monster.com warns false job postings could lead to identity theft. Read more www.bayarea.com: Is open access an invitation? Read more news.com.com: Is vigilante hacking legal? Read more

27 february 2003 New Trojans: Nethief 3.4 Nethief 2.4 NOSecure 1.3 AOL NOSecure 2.1 DOS Tools: www.insecure.org: Nmap 3.15BETA2 Released. Read more fileforum.betanews.com: Etherscan Password Sniffer 1.0 Beta. Read more Vulnerabilities & Exploits: www.securitytracker.com: QuickTime/Darwin Streaming Server Administration Server Bugs Let Remote Users Execute Arbitrary Commands and May Yield Root Access. Read more www.securitytracker.com: Mambo Site Server Authentication Bug Gives Remote Users Administrative Access. Read more www.securitytracker.com: GONICUS System Administrator (GOsa) Include File Vulnerability Lets Remote Users Execute Arbitrary PHP Code. Read more www.securitytracker.com: Usermin Input Validation Flaw in 'miniserv.pl' May Let Remote Users Gain User or Root Access. Read more www.securitytracker.com: Webmin Input Validation Flaw in 'miniserv.pl' May Let Remote Users Spoof Session IDs and Gain Root Access. Read more www.securitytracker.com: PlatinumFTPserver Input Validation Flaw Lets Remote Users View and Replace Files on the Server. Read more www.securiteam.com: A new Mass-Mailing and Backdoor Capable Worm Found in the Wild. Read more www.securiteam.com: Path Disclosure Bug in TOPo. Read more News: Microsoft Security Bulletin MS03-006 Flaw in Windows Me Help and Support Center Could Enable Code Execution (812709). Read more www.securityfocus.com: Computer hacker convicted of trying to shake down Bloomberg. Read more www.eweek.com: Mitnick: Leaving the Dark Side. Read more www.vnunet.com: UK businesses are virus incubators. Read more www.theage.com.au: Beijing spies a useful friend in Castro. Read more www.nbc6.net: Ridge: Plant, Port Security Lacking. Read more

26 february 2003 New Trojans: AppServ 1.1 Lite-Socks Lamers Death 2.5 (i) server Wini 1.0 Vulnerabilities & Exploits: www.securitytracker.com: Linux 'eject' Utility May Let Local Users Determine Whether Privileged Files on the System Exist. Read more www.securitytracker.com: phpBB SQL Injection Flaw Lets Remote Users Gain Administrative Access. Read more www.securitytracker.com: Moxftp Client Buffer Overflow Lets Remote Servers Execute Arbitrary Code on the Client. Read more www.securitytracker.com: SIRCD IRC Daemon Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Telindus Router Weak Encoding Algorithm Discloses Administrator Password to Remote Users. Read more www.securitytracker.com: zlib Compression Library Buffer Overflow in 'gzprintf()' May Let Users Execute Arbitrary Code. Read more www.securitytracker.com: Rogue Game Software Buffer Overflow Lets Local Users Obtain Elevated Privileges. Read more www.securitytracker.com: WihPhoto Image Gallery Software Discloses Files to Remote Users. Read more News: www.zdnet.com.au: Lovegate worm's got a hold on PCs. Read more edition.cnn.com: 'Lovegate' computer worm spreading. Read more www.hardwarezone.com: Introducing the LoveGate-C Trojan. Read more www.nzherald.co.nz: Hacker ordered to put computer skills to better use. Read more www.enn.ie: Alleged AOL hack raises new concerns. Read more www.theage.com.au: Defence expert warns cyber-terrorism is latest weapon. Read more

25 february 2003 New Trojans: Tourniquet 1.0 beta 2 MSN Corruption Nethief 3.5 SatanzCrew Notifier 1.0 Vulnerabilities & Exploits: www.securityfocus.com: Multiple Vendor FTP pipe Vulnerability. Read more www.debian.org: DSA-253-1 openssl -- information leak. Read more www.securitytracker.com: WWWboard Input Validation Flaw in Message Posting Field Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: Microsoft Outlook Express Security Domain Flaw Lets Remote Users Silently Install and Execute Arbitrary Code. Read more News: www.zdnet.com.au: Lovegate worm's got a hold on PCs. Read more www.theage.com.au: Variant of Lovgate worm found. Read more www.theregister.co.uk: Introducing the Lovgate.C Trojan. Read more www.ciol.com: Users learn to knock off 'Lovegate' virus. Read more www.collegian.psu.edu: Hacker fraud causes banks to use caution. Read more www.theregister.co.uk: Ethical wireless hacker is innocent. Read more www.nzherald.co.nz: Hacker admits wilful damage. Read more www.nzherald.co.nz: Hacker ordered to put computer skills to better use. Read more www.timesonline.co.uk: Attacks on UK computer systems soar. Read more cryptome.org: Citibank tries to gag crypto bug disclosure. Read more money.cnn.com: Cybercrime: Living with it. Read more www.chron.com: Jurors acquit man of hacking system at district clerk's office. Read more www.theinquirer.net: AOL sets new record for (in)security. Read more www.theregister.co.uk: Program hides secret messages in executables. Read more

24 february 2003 New Trojans: zGET 0.2 Pet Badbot 2.0 MSN Troyano 2.01 Vulnerabilities & Exploits: www.securitytracker.com: NuKed-KlaN Input Validation Flaws in 'index.php' Let Remote Users Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: glFtpD FTP Server Bugs Let Remote Authenticated Users Gain Root Level Access. Read more www.securitytracker.com: Cisco PIX Firewall SIP Protocol Bugs Let Remote Users Deny Service. Read more www.securitytracker.com: Cisco IOS Router SIP Protocol Bugs Let Remote Users Deny Service. Read more www.securitytracker.com: Cisco IP Phone SIP Protocol Bugs Let Remote Users Deny Service. Read more www.securitytracker.com: Nortel Succession Communication Server SIP Protocol Bugs Let Remote Users Execute Code or Deny Service. Read more www.securitytracker.com: iptel.org SIP Express Router SIP Protocol Bugs Let Remote Users Execute Code or Deny Service. Read more www.securiteam.com: Proxomitron Naoko Long Path Buffer Overflow/DoS. Read more www.securiteam.com: Symantec Norton AntiVirus 2002 Buffer Overflow Vulnerability. Read more News: online.securityfocus.com: Forensics on the Windows Platform, Part One. Read more online.securityfocus.com: Forensics on the Windows Platform, Part Two. Read more www.securitynewsportal.com: Whitehat hacker dukes it out with Blackhat hacker on Mitnicks Corporate Server. Read more money.cnn.com: Cybercrime: Living with it. Read more www.scotlandonsunday.com: Hackers bid to derail Deepcut campaign. Read more www.canada.com: Mafiaboy opened eyes to cybercrime. Read more www.newscientist.com: Cash machines vulnerable to hackers. Read more

23 february 2003 New Trojans: RemoteCtrol 1.1 Beast 1.92 Elite Spyz 4 CMD 1.0 Vulnerabilities & Exploits: www.securityfocus.com: Norton Antivirus 2002 Email Scanner Buffer Overflow Vulnerability. Read more www.securityfocus.com: PHPBB Auth.PHP File Disclosure Vulnerability. Read more www.securitytracker.com: login_ldap May Grant Access to Remote Users When No Password Is Supplied. Read more www.securitytracker.com: phpMyNewsletter 'customize.php' Include File Bug Discloses Files to Remote Users. Read more www.securitytracker.com: Sage Content Management System Bugs Disclose Installation Path and Let Remote Users Conduct Cross-Site Scripting Flaws. Read more www.securiteam.com: SquirrelMail Proxies IMAP Vulnerability. Read more News: linuxtoday.com: NewsForge: Open Source Security Manual and Training for Ethical Hacking. Read more www.securityfocus.com: How to get an ATM PIN number in 15 guesses. Read more news.bbc.co.uk: Net security software exposed. Read more www.theregister.co.uk: Poker.com continues fight over 'hijacked' URL. Read more

22 february 2003 New Trojans: pcLog 5.10 Invisible Evil 1.1 Sin 2.0 wCRAT 1.2b Vulnerabilities & Exploits: home.eunet.no: Offline NT Password & Registry Editor, Bootdisk. Read more www.securitytracker.com: myPHPNuke Input Validation Flaws in 'links.php' Let Remote Users Conduct Cross-Site Scripting Attack. Read more www.securitytracker.com: Symantec Norton Anti-Virus E-mail Scanning Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: OpenSSL Flaw in Processing Padding Errors May Let Remote Users Obtain Certain Plaintext Information. Read more www.securitytracker.com: Sun Solaris rpcbind Bug Lets Remote Users Deny Service on the System. Read more News: www.wininformant.com: Windows XP Wide Open Using Windows 2000 CD-ROM. Read more www.wired.com: XP Hole Plagues All Similar Apps. Read more www.theregister.co.uk: AOL probes hacker "breach". Read more www.net4nowt.com: TK worm still poses a threat. Read more www.theregister.co.uk: Open Source security manual and training for ethical hacking. Read more www.theregister.co.uk: Crypto attack against SSL outlined. Read more www.informationweek.com: Hacker Forces Deactivation of 16,000 Check Cards. Read more www.tom-cat.com: Is it Adware? ...or is it Spyware?? Read more www.theregister.co.uk: CDT attacks anti child-porn law. Read more www.theregister.co.uk: Schoolgirl turns tables on email credit card fraudster. Read more

21 february 2003 New Trojans: Nethief 1.7 Protoss 1.3 console Fxdoor 1.1 client Ehks 2.0 beta Vulnerabilities & Exploits: www.securitytracker.com: cPanel Web Hosting Control Panel Bugs Let Remote Users Execute Arbitrary Commands and Local Users Gain Root Privileges. Read more www.securitytracker.com: HP-UX Bastille Configuration Error Lets Remote Users Query Sendmail With EXPN and VRFY Commands to Obtain Information About Operating System Users. Read more www.securiteam.com: Unauthorized File Access Vulnerability Found in phpMyNewsletter. Read more News: news.com.com: Lawyers: Hackers sentenced too harshly. Read more arstechnica.com: H/Cracker sentences too stiff? Read more news.bbc.co.uk: Net security software exposed. Read more www.eweek.com: Database Vulnerabilities In The Spotlight. Read more www.blackhat.com: Call For Papers Announcement: Black Hat Briefings Amsterdam. Read more www.nwfusion.com: Flaws discovered in Lotus software. Read more www.securityfocus.com: Airport limo firm allegedly hobbled by revenge hack. Read more www.eweek.com: Microsoft Forms Academic Advisory Board. Read more www.timesonline.co.uk: Firms warned of IT terrorists. Read more www.guardian.co.uk: Electronic Pearl Harbor. Read more

20 february 2003 New Trojans: Kronical Fire 1.0 Igloo 1.8 Igloo 1.5 (b) Dark trojan 1.0 client Tools: www.insecure.org: Nmap version 3.15BETA1 released. Read more www.cisiar.or: Cisilia, Cluster Based Password Brute Forcer. Read more LaBrea: "Sticky" Honeypot and IDS LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers connection attempts in such a way that the machine at the other end gets "stuck", sometimes for a very long time. Read more Vulnerabilities & Exploits: www.securitytracker.com: Lotus iNotes Client ActiveX Control Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Yahoo! Mobile May Disclose Private Information to Remote Users. Read more www.securitytracker.com: IBM Lotus Domino Web Server Redirect Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Lotus Domino Web Server iNotes Buffer Overflow in 'PresetFields' Lets Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Microsoft Windows 'riched20.DLL' Buffer Overflow May Let Remote Users Crash Applications. Read more www.securitytracker.com: PHP Bug in CGI SAPI Discloses Files on the Server to Remote Users. Read more www.securitytracker.com: NetCharts Server Chunked-Encoding Flaw May Disclose Information to Remote Users. Read more News: abcnews.go.com: FBI Probing Theft of 8 Million Credit Card Numbers. Read more www.msnbc.com: Credit card hack traced to outsider. Read more www.crn.com: Hacker Likely Tapped Company's Computers To Get Credit Cards. Read more catless.ncl.ac.uk: Playing Russian Roulette with traffic lights. Read more www.zwire.com: Identity theft cases doubled last year. Read more www.newbernsunjournal.com: International computer attack affects local systems. Read more www.crime-research.org: Special unit to hunt down cybercriminals. Read more

19 february 2003 New Trojans: Little Witch 6.1 (c) Lamers Death 2.5 (b) Server Aqua 0.2 modified client Blhouse Vulnerabilities & Exploits: www.securitytracker.com: Petitforum Discloses Information to Remote Users and Allows Remote Users to Post Messages Acting as Other Users. Read more www.securitytracker.com: BisonFTP Server Discloses Information to Remote Users and Lets Remote Users Deny Service. Read more www.securitytracker.com: D-forum Include File Error Lets Remote Users Execute Arbitrary Commands on the Target Server. Read more www.securitytracker.com: 'Kietu?' Web Site Statistics Software Include File Error Lets Remote Users Execute Arbitrary Commands. Read more www.securitytracker.com: php-Board Forum Discloses Passwords to Remote Users. Read more www.securitytracker.com: BitchX IRC Chat Client Can Be Crashed By Remote Users. Read more News: www.bayarea.com: Student arrested for breaking into school computer network. Read more rss.com.com: Microsoft going after Hotmail spammers. Read more rss.com.com: Oracle plugs six-pack of flaws. Read more

18 february 2003 New Trojans: MRA Rat 1.0 RemoteNC beta3 Assasin 2.0 Public Beta 1.0 CoreServer Unify 1.4 Vulnerabilities & Exploits: www.securiteam.com: NetHack 'games' Privileges Escalation Exploit Code (-s). Read more www.securiteam.com: Mulitple Vulnerabilities Found in BisonFTP (DoS, Directory Traversal @). Read more www.securiteam.com: ORACLE bfilename Function Buffer Overflow Vulnerability. Read more www.securiteam.com: Lotus iNotes Client ActiveX Control Buffer Overrun. Read more www.securiteam.com: Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability. Read more News: europe.cnn.com: Hacker accesses 2.2 million credit cards. Read more uk.news.yahoo.com: Visa/MasterCard accounts hacked into. Read more www.smh.com.au: Instant mayhem. IRC is the preferred medium for hack-attacks. Read more www.zdnet.com.au: US security group issues global honey challenge. Read more www.thestar.com: Exxon Valdez of data leaks may have happened. Read more

17 february 2003 New Trojans: DeathBot 9.02 MSBot (b) Remote Operations 2.2 Remote Operations 2.3 Tool: The Reverse-WWW-Tunnel-Backdoor is proof-of-concept Perl program for the paper "Placing Backdoors through Firewalls". It allows communicating with a shell through firewalls and proxy servers by imitating webtraffic. The master/slave relation is reversed, therefore no listening ports are used on the target machine. (OS: Unix) Download Vulnerabilities & Exploits: www.securitytracker.com: Apcupsd Format String Flaw May Let Remote Users Gain Root Access. Read more www.securitytracker.com: Mac OS X Apple File Protocol (AFP) Access Control Bug Lets Administrators Login Under Other User Identities. Read more www.securitytracker.com: MacOS Classic Emulator TruBlueEnvironment Access Control Bug Lets Local Users Create Files With Root Privileges to Gain Root Level Access. Read more www.securitytracker.com: [Indy]News Forum Software Lets Remote Users Upload Files to the System. Read more www.securitytracker.com: CheetaChat Discloses User Password to Local Users. Read more www.securityfocus.com: Microsoft Internet Explorer ShowHelp Arbitrary Command Execution Vulnerability. Read more News: www.trib.com: Man charged with crashing employer's computer site. Read more www.news-register.net: Cyberterrorism Is a Concern. Read more www.thestar.com: Security documents at risk on federal site: Audit. Read more Bogus Alerts Target PayPal Users. Read more

16 february 2003 New Trojans: PtakkS 2.1 r1 PtakkS 2.1 r6 Kcom cookie 4.0 The Revenge Pack Configuration Vulnerabilities & Exploits: www.securitytracker.com: HP-UX 'disable' Command Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more www.securitytracker.com: Courier Mail Transfer Agent May Let Remote Users Inject and Execute SQL Statements. Read more www.securitytracker.com: Symantec's Norton Anti-Virus Fails to Work After Loading Corrupt Anti-Virus Definitions. Read more www.securiteam.com: RealServer 8 Remote Buffer Overflow Vulnerability (Exploit, SETUP, RTSP). Read more www.securiteam.com: Kaspersky Antivirus DoS (Long Path, AUX). Read more www.securiteam.com: Abyss WebServer Brute Force Vulnerability. Read more www.securiteam.com: CheetaChat Stores Passwords in the Clear. Read more www.securiteam.com: MacOS X TruBlueEnvironment Privilege Escalation Attack. Read more www.securiteam.com: FAR Utility Buffer Overflow. Read more www.securiteam.com: Windows NT 4.0/2000 cmd.exe Long Path Buffer Overflow/DoS. Read more www.securiteam.com: HPUX 'Disable' Buffer Overflow Vulnerability. Read more News: www.vnunet.com: Catherine Zeta-Jones lacks pulling power. Read more www.securitynewsportal.com: Microsoft Files Lawsuit against unknown Hotmail Hackers. Read more economictimes.indiatimes.com: What's a cyber crime, and what's not. Read more www.vnunet.com: Hacker insurance set to rocket. Read more news.com.com: Bush unveils final cybersecurity plan. Read more

15 february 2003 New Trojans: Nethief 3.6 4u Harvester 1.0 Supervisor Plus 1.0 Vulnerabilities & Exploits: arstechnica.com: CD-ROM exploit makes XP passwords useless. Read more www.securitytracker.com: Oracle Application Server MOD_ORADAV Module and DAV_PUBLIC Directory Bugs Let Remote Users Deny Service. Read more www.securitytracker.com: Oracle Database Server Buffer Overflow in ORACLE.EXE Binary May Let Remote Users Execute Arbitrary Code. Read more Oracle Database Server Buffer Overflow in TO_TIMESTAMP_TZ Function May Let Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Oracle Database Server Buffer Overflow in TZ_OFSET Function May Let Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Oracle Database Server Buffer Overflow in BFILENAME() DIRECTORY Parameter May Let Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Abyss Web Server Permits Brute Force Password Guessing on the Administrative Interface. Read more www.securitytracker.com: Lotus Domino Web Server May Disclose File Source Code to Remote Users When Requests Are Appended With a Period. Read more www.securitytracker.com: HP-UX 'stmkfont' Typeface Compiler Buffer Overflow May Execute Arbitrary Code. Read more www.securitytracker.com: IBM AIX 'libIM.a' Library Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more www.securitytracker.com: HP-UX 'rs.F3000' Graphics Driver May Allow Local Users to Gain Elevated Privileges. Read more www.securitytracker.com: HP-UX 'rpc.yppasswd' Daemon Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Sun Solaris 'mail' Application May Disclose User E-mails to Other Local Users. Read more www.securitytracker.com: WoltLab Burning Board Input Validation Bug in 'wiw.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: HP-UX 'lanadmin' Utility Buffer Overflow May Let Local Users Gain Root Privileges. Read more www.securitytracker.com: HP-UX 'landiag' Utility Buffer Overflow May Let Local Users Gain Root Privileges. Read more www.debian.org: DSA-251-1 w3m -- missing HTML quoting. Read more News: www.securityfocus.com: A Short History of Computer Viruses and Attacks. Read more www.wired.com: Bogus Alerts Target PayPal Users. Read more

14 february 2003 New Trojans: MSN Kamuflao 3.0 Toxicity Remote KeyLog Lamers Death 2.7 RC1 Lamers Death 2.5 (f) server Vulnerabilities & Exploits: www.securityfocus.com: Multiple Vendor Email Client JavaScript Information Leakage Vulnerability. Read more www.securityfocus.com: Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability. Read more www.securityfocus.com: Cedric Email Reader Skin Configuration Script Remote File Include Vulnerability. Read more www.securityfocus.com: Cedric Email Reader Global Configuration Script Remote File Include Vulnerability. Read more www.securityfocus.com: Microsoft Windows NT/2000/XP LAN Manager Password Hashing Weakness. Read more www.securityfocus.com: PHPRecipeBook Data Modification Vulnerability. Read more www.securityfocus.com: Alt-N MDaemon/WorldClient Form2Raw Mail Header Spoofing Vulnerability. Read more www.securityfocus.com: Eset Software NOD32 Antivirus Local Buffer Overflow Vulnerability. Read more www.securityfocus.com: Opera opera.PluginContext Native Method Buffer Overflow Vulnerability. Read more www.securityfocus.com: CryptoBuddy Long Passphrase Truncation Weakness. Read more www.securityfocus.com: Norton Antivirus Corporate Edition Configuration File Modification Vulnerability. Read more www.securityfocus.com: CryptoBuddy Unused Encryption Passphrase Vulnerability. Read more www.securityfocus.com: Gallery Insecure File Permissions Vulnerability. Read more www.securityfocus.com: Opera Username URI Warning Dialog Buffer Overflow Vulnerability. Read more www.securityfocus.com: CryptoBuddy Predictable Encrypted Passphrase Weakness. Read more www.securityfocus.com: Netgear FM114P Wireless Firewall File Disclosure Vulnerability. Read more www.securityfocus.com: Gupta SQLBase EXECUTE Buffer Overflow Vulnerability. Read more www.securitytracker.com: CGI::Lite Input Validation Hole May Disclose Files or Grant Shell Access to Remote Users. Read more www.securitytracker.com: Opera Browser May Execute Arbitrary Code When Loading a Malicious URL. Read more www.securitytracker.com: FAR File Manager Shell Overflow May Let Local Users Execute Arbitrary Code. Read more www.securitytracker.com: Cisco IOS Devices May Accept Bogus ICMP Redirects From Remote Users and Reroute Packets Accordingly. Read more www.securitytracker.com: Ericsson ADSL Modem Web Management Interface Grants Access to Any Remote User. Read more www.securitytracker.com: Kaspersky Anti-Virus Can Be Crashed By Local Users. Read more www.debian.org: DSA-250-1 w3mmee-ssl -- missing HTML quoting. Read more News: www.gulftech.org: Remote Shells Using NetCat. Read more star-techcentral.com: Worm lures users with Zeta-Jones photos. Read more

13 february 2003 New Trojans: Silver FTP 1.1 Sigatarius_Spy 5.042 Specrem 6.1 Dominador 1.3 Tool: www.securityfriday.com: IE'en remotely controls Internet Explorer using DCOM. Read more Vulnerabilities & Exploits: www.idefense.com: Buffer Overflow in AIX libIM.a. Read more www.securitytracker.com: Eggdrop IRC Bot Lets Certain Remote Authenticated Users Invoke the Bot as a Proxy. Read more www.securitytracker.com: NOD32 for UNIX Buffer Overflow May Let Local Users Gain Root Privileges. Read more www.securitytracker.com: CryptoBuddy Encryption Weakness Lets Local Users Decrypt Files. Read more www.securitytracker.com: Cedric Email Reader (Webmail) Include File Bug Lets Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: SQLBase Buffer Overflow Lets Remote Authenticated Users Gain System Privileges. Read more www.securitytracker.com: Gallery Image Management Software Lets Local Users Create or Modify Images. Read more www.securitytracker.com: NETGEAR FM114P Wireless Router Input Validation Bug May Disclose Configuration Files to Remote Users. Read more News: www.islandpacket.com: Feds warn 'patriot-hackers' against cyber-attacks. Read more story.news.yahoo.com: If U.S. launches cyberattack, it could change nature of war. Read more www.startribune.com: Some experts say cyberterrorism is very unlikely. Read more www.crime-research.org: Cybercrime show tackles terrorism. Read more www.vnunet.com: 'Annoying' script kiddies no real threat. Read more rtnews.globetechnology.com: Group charged with hacking into satellite TV. Read more www.msnbc.com: Step inside the world of hacking. Read more dc.internet.com: DoJ: We Want to Read Your E-Mail. Read more online.securityfocus.com: Mitnick Banned From Security Group. Read more

12 february 2003 New Trojans: Remote Access (a) Remote Access (b) Remote Access Advanced Remote Vulnerabilities & Exploits: online.securityfocus.com: DCGUI Remote Directory Parsing File Download Vulnerability. Read more online.securityfocus.com: Microsoft Windows Window Message Subsystem Design Error Vulnerability. Read more online.securityfocus.com: WinZip File Encryption Scheme Limited Key Space Vulnerability. Read more www.securitytracker.com: NetHack Game Buffer Overflow Lets Local Users Obtain Additional Privileges. Read more www.securitytracker.com: Red Hat Linux Kernel-Utils 'uml_net' Configuration Error Lets Local Users Perform Privileged Operations. Read more www.securitytracker.com: HP/UX 'wall' Utility Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more News: online.securityfocus.com: What's the World's Most Stupid Security Measure? Read more www.theregister.co.uk: Mitnick shrugs off 'welcome back' hack attack. Read more www.newsfactor.com: How Vulnerable Is the Internet Now? Read more www.theregister.co.uk: Do it with spanners - how the Iraq cyber attack will work. Read more usinfo.state.gov: FBI Chief Says Al-Qaeda Threat Still Strong. Read more quote.bloomberg.com: South Korean Government Issues Warning About Internet Virus. Read more www.smh.com.au: Row over gaming engine security holes ends - peacefully. Read more www.techtv.com: 'Unreal' Security Risk. Read more www.siliconvalley.com: Miguel Helft: If tech companies were liable for security holes, cyberspace would become safer. Read more quote.bloomberg.com: DirecTV, Echostar Lost Millions to Hackers, U.S. Says (Update1). Read more www.reuters.com: Microsoft offers e-mail security newsletter. Read more

11 february 2003 New Trojans: Little Witch 5.7 Miniserver KeyLogger 1.0 Msn Spider 1.0 Nethief 4.0 Vulnerabilities & Exploits: www.illegalaccess.org: Java-Applet crashes Opera 6.05 and 7.01. Read more online.securityfocus.com: irc2 SERVER Command Argument Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft Windows XP HCP URI Buffer Overflow Vulnerability. Read more online.securityfocus.com: RedHat Net-Tools Package Buffer Overflow Vulnerability. Read more online.securityfocus.com: Red Hat Linux User Mode Linux SetUID Installation Vulnerability. Read more online.securityfocus.com: Netscape JavaScript Cache Browsing Vulnerability. Read more online.securityfocus.com: Solaris in.ftpd Remote Denial of Service Vulnerability. Read more online.securityfocus.com: HPUX Wall Message Buffer Overflow Vulnerability. Read more online.securityfocus.com: Posadis DNS Request Question Section Denial Of Service Vulnerability. Read more online.securityfocus.com: Solaris priocntl() System Call Local Root Vulnerability. Read more online.securityfocus.com: Microsoft IIS False Logging Weakness. Read more online.securityfocus.com: W3M Image Attribute Cross Site Scripting Vulnerability. Read more online.securityfocus.com: W3M Frame Enabled Browsing Cross Site Scripting Vulnerability. Read more News: online.securityfocus.com: Famous hacker suffers break-ins to own corporate Web site. Read more www.smh.com.au: When Hotmail isn't that hot. Read more www.ctnow.com: Cyber-Terrorism: Growing Risk. Read more www.fcw.com: Feds look for lessons from Internet worm. Read more online.securityfocus.com: Sacked sysadmin arrested on hacking charges. Read more www.pcworld.com: The Case of the Mysterious .gov Site. Read more

10 february 2003 New Trojans: Broomop 6.3 Insider Server AntiLamer Backdoor 1.4 (c) Server Remote MSN 1.0 Vulnerabilities & Exploits: online.securityfocus.com: Netscape Enterprise Server HTTP Method Name Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft Windows DNS Resource Record Cache Corruption Vulnerability. Read more online.securityfocus.com: L-Soft Listserv SMTP Buffer Overflow Vulnerability. Read more online.securityfocus.com: Solaris NFS lockd Remote Denial of Service Vulnerability. Read more online.securityfocus.com: Sun JSSE/Java Plug-In/Java Web Start Incorrect Certificate Validation Vulnerability. Read more online.securityfocus.com: IBM WebSphere Exported XML Password Encoding Weakness. Read more online.securityfocus.com: Microsoft IIS Malformed HTTP Get Request Denial Of Service Vulnerability. Read more online.securityfocus.com: Microsoft Windows Network Monitor Weak Password Encryption Vulnerability. Read more online.securityfocus.com: Aladdin Knowledge Systems eSafe OPSEC CVP Virus Scanning Bypass Vulnerability. Read more online.securityfocus.com: Microsoft SQL Server 2000 Resolution Service Stack Overflow Vulnerability. Read more online.securityfocus.com: Xpdf/CUPS pdftops Integer Overflow Vulnerability. Read more online.securityfocus.com: CVS Directory Request Double Free Heap Corruption Vulnerability. Read more online.securityfocus.com: GlobalScape CuteFTP Clipboard URL Buffer Overflow Vulnerability. Read more online.securityfocus.com: Celestial Software AbsoluteTelnet Title Bar Buffer Overflow Vulnerability. Read more online.securityfocus.com: GlobalScape CuteFTP LIST Response Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft Internet Explorer ShowHelp Arbitrary Command Execution Vulnerability. Read more online.securityfocus.com: OpenLDAP Multiple Unspecified Arbitrary Code Execution Vulnerabilities. Read more online.securityfocus.com: OpenLDAP Multiple Buffer Overflow Vulnerabilities. Read more online.securityfocus.com: WindowMaker Image Handling Buffer Overflow Vulnerability. Read more News: www.theregister.co.uk: Security experts duped by Slammer 'jihad' rot. Read more www.smh.com.au: Backpackers' savings at risk from online banking scam. Read more www.gomemphis.com: Taking byte from Baghdad. Read more

09 february 2003 New Trojans: Nethief 2.6 CS Trojan RemotanZ - Clone Igloo 1.5 Tool: proDETECT is an open source promiscious mode scanner with a GUI. Read more Vulnerabilities & Exploits: www.securitytracker.com: w3m Text Web Browser Input Validation Flaw Allows Cross-Site Scripting Attacks. Read more www.securitytracker.com: Alt-N WorldClient Default CGI Configuration Lets Remote Users Send Forged Mail Via the Server. Read more www.securitytracker.com: IlohaMail Input Validation Bug Lets Remote Authenticated Users Upload Files to the Server. Read more www.securitytracker.com: Aladdin eSafe Gateway Can Be Bypassed When Used With the Check Point CVP Protocol. Read more www.securitytracker.com: AbsoluteTelnet Buffer Overflow in Title Bar Lets Remote Users Execute Arbitrary Code. Read more online.securityfocus.com: slocate Local Buffer Overrun Vulnerability. Read more online.securityfocus.com: ProFTPD 1.2.0rc2 log_pri() Format String Vulnerability. Read more online.securityfocus.com: UMN GopherD Unauthorized Proxy Vulnerability. Read more online.securityfocus.com: FileSeek CGI Script File Disclosure Vulnerability. Read more online.securityfocus.com: FileSeek CGI Script Remote Command Execution Vulnerability. Read more online.securityfocus.com: Microsoft Internet Explorer Dialog Box Cross-Domain Violation Vulnerability. Read more online.securityfocus.com: phpMyNewsLetter Remote File Include Vulnerability. Read more online.securityfocus.com: AOL Instant Messenger Password Encryption Weakness. Read more online.securityfocus.com: UMN GopherD File Disclosure Vulnerability. Read more online.securityfocus.com: Microsoft Windows XP Redirector Privilege Escalation Vulnerability. Read more News: www.sbpost.ie: Netting a hacker. Read more

08 february 2003 New Trojans: Noname Trojan 1.0 RMS 2.7 RMS 2.1 Server Nuclear Keys 1.0 Vulnerabilities & Exploits: online.securityfocus.com: PHP-Nuke Avatar HTML Injection Vulnerability. Read more online.securityfocus.com: Microsoft Windows 2000 RPC Service Privilege Escalation Vulnerability. Read more online.securityfocus.com: Microsoft Windows 2000 NetBIOS Continuation Packets Kernel Memory Leak Vulnerability. Read more online.securityfocus.com: Macromedia ColdFusion HTTP Client Sample Application Proxy Access Vulnerability. Read more online.securityfocus.com: Electrasoft 32Bit FTP Client Long Server Banner Buffer Overflow Vulnerabiliity. Read more online.securityfocus.com: ByteCatcher FTP Client Long Server Banner Buffer Overflow Vulnerabiliity. Read more online.securityfocus.com: Courier-IMAP Username SQL Injection Vulnerability. Read more online.securityfocus.com: Microsoft Windows NT Win32k.sys Denial of Service Vulnerability. Read more online.securityfocus.com: Multiple Vendor Network Device Driver Frame Padding Information Disclosure Vulnerability. Read more www.securitytracker.com: Linux Kernel 2.4 O_DIRECT Processing Flaw May Disclose File System Information to Local Users. Read more www.securitytracker.com: Direct Connect 4 Linux DCGUI Discloses Files on the System to Remote Users. Read more www.securitytracker.com: Posadis DNS Server Buffer Overflow May Let Remote Users Crash the Server. Read more www.securitytracker.com: Microsoft Internet Explorer showHelp() Domain Security Flaw Lets Remote Users Execute Commands. Read more www.securitytracker.com: Microsoft Windows XP Redirector Buffer Overflow May Let Local Users Gain System Level Privileges. Read more News: online.securityfocus.com: Ashcroft proposes vast new surveillance powers. Read more news.com.com: Microsoft coders get a bug-catcher. Read more www.theregister.co.uk: Security experts duped by Slammer 'jihad' rot. Read more www.theregister.co.uk: US and UK arrests in computer worm probe. Read more www.smh.com.au: The hackers are coming to town. Read more www.theregister.co.uk: Spyware found on one in three corporate networks. Read more www.theregister.co.uk: On the trail of a stolen Tablet PC. Read more news.com.com: International raid nabs two over TK worm. Read more www.theregister.co.uk: Student charged with massive ID fraud. Read more www.washingtonpost.com: Alleged Student Hacker Indicted in Massachusetts. Read more news.yahoo.com: FBI Seeks Hacker Who Stole EBay Info. Read more www.reuters.co.uk: EU to form cybercrime rapid reaction force. Read more

07 february 2003 New Trojans: CamKing Insane TCP Backdoor The Klepto 1.1 BDirect 1.0 Vulnerabilities & Exploits: online.securityfocus.com: PAM pam_xauth Module Unintended X Session Cookie Access Vulnerability. Read more online.securityfocus.com: MySQL Double Free Heap Corruption Vulnerability. Read more online.securityfocus.com: Microsoft Internet Explorer dragDrop Method Local File Reading Vulnerability. Read more www.securitytracker.com: Opera Web Browser Multiple Flaws Disclose Private Information and Let Remote Users Access Local Files and Directories. Read more www.securitytracker.com: TOPo TOP System Bug Discloses Installation Path to Remote Users. Read more www.securitytracker.com: Secure Internet Live Conferencing (SILC) Discloses User Passphrase Via Memory. Read more www.securitytracker.com: WebSphere Discloses Passwords in the XML Configuration Export File. Read more www.securitytracker.com: Majordomo Mailing List Default Configuration Discloses List E-mail Addresses to Remote Users. Read more News: news.scotsman.com: US Security Services Swoop on Suspected Hackers. Read more www.ciol.com: Computer worm criminals arrested. Read more www.ciol.com: Student hacker indicted. Read more online.securityfocus.com: If it's Thursday it must be IE patching day. Read more www.japantimes.co.jp: Police draw more cyber attacks. Read more www.reuters.co.uk: Calif. Man Charged with Hacking ViewSonic System. Read more www.lasvegassun.com: Web Magazine Retracts Virus Attack Story. Read more www.newsday.com: Man goes on trial in Bloomberg cyber-extortion case. Read more www.wired.com: Bush Data-Mining Plan in Hot Seat. Read more www.usatoday.com: 'Erased' hard drives can bite you. Read more

06 february 2003 New Trojans: Z-Demon 1.25 PowerSpider 3.11 Vision de Control 1.0 Broomop 6.2 Vulnerabilities & Exploits: www.securitytracker.com: Compaq Insight Manager Web Agent Session Security Hole May Yield Access to Remote Users. Read more www.securitytracker.com: SpamProbe Can Be Crashed By Remote Users Sending E-mail. Read more www.securitytracker.com: eL DAPo LDAP Management Software Bug Discloses Authentication Information to Remote Users. Read more www.securitytracker.com: Microsoft Internet Explorer May Disclose Local Files to Remote Users Via the dragDrop() Method. Read more www.securitytracker.com: OpenBSD 'chpass' Utility May Disclose the Contents of Files in Certain Formats to Local Users. Read more www.securitytracker.com: PHP-Nuke Input Validation Hole in Avatar Image Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: KaZaA Media Desktop Can Be Crashed By Remote Users in Certain Situations. Read more www.securitytracker.com: BladeEnc MP3 Signed Integer Flaw Lets Remote Users Cause Arbitrary Code to Be Executed. Read more www.securitytracker.com: Nuke Browser Input Validation Vulnerability Lets Remote Users Execute Arbitrary Commands on the Server. Read more www.securitytracker.com: PhpMyShop SQL Injection Flaw Allows Remote Users to Gain Access to the System. Read more www.securiteam.com: Banner Buffer Overflows Found in Multiple FTP Clients. Read more www.securiteam.com: File Stream Overflows Paper. Read more www.pivx.co: bugs founded in the Unreal engine. Read more News: Microsoft Security Bulletin MS03-005 Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577). Read more Microsoft Security Bulletin MS03-004 Cumulative Patch for Internet Explorer (810847). Read more quote.bloomberg.com: Microsoft Says Security Flaws Found in Web Browser (Update1). Read more news.zdnet.co.uk: Phantoms of the Opera fixed. Read more www.smh.com.au: Your ABC unwittingly spreads virus. Read more www.theregister.co.uk: Slammer: Why security benefits from proof of concept code. Read more quote.bloomberg.com: `Slammer' Worm Fastest Ever, Doubling in 8.5 Seconds (Update4). Read more www.theregister.co.uk: BBC sends Archers fans computer virus. Read more www.newsday.com: Man goes on trial in Bloomberg cyber-extortion case. Read more www.hindustantimes.com: India gets its first cyber convict. Read more

05 february 2003 New Trojans: Snurzi GMF 1.0 Fictional Daemon 4.4 Taladrator 2.0 Vulnerabilities & Exploits: security.greymagic.com: Sniffing Opera's Tracks. Read more security.greymagic.com: Phantom of the Opera. Read more security.greymagic.com: Opera Images. Read more www.securitytracker.com: myphpPagetool Include File Error Lets Remote Users Execute Arbitrary Code. Read more www.securiteam.com: Weak Password Protection in WebSphere XML Configuration Export. Read more www.securiteam.com: Majordomo Found to Leak Information. Read more online.securityfocus.com: Microsoft SQL Server 7.0/2000 DBCC Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft SQL Agent Jobs Privilege Elevation Vulnerability. Read more online.securityfocus.com: Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft SQL Server Extended Stored Procedure Privilege Elevation Vulnerability. Read more online.securityfocus.com: SILC Server SSH2 Authentication Password Persistence Weakness. Read more News: www.nwfusion.com: Security experts pick holes in new Opera browser. Read more uk.news.yahoo.com: Worm went global in 10 minutes. Read more europe.cnn.com: Experts: Microsoft security gets an 'F'. Read more online.securityfocus.com: Korean Net users blame MS for Slammer carnage. Read more www.bakutoday.net: Virus triggers suit against Microsoft. Read more www.wininformant.com: Microsoft Revises Five Security Bulletins. Read more story.news.yahoo.com: Kintera lawsuit alleges Convio tapped into private Web site. Read more

04 february 2003 New Trojans: NetControl2 2.80 NetControl2 2.95 RMS 2.6 Client RMS 2.0 RMS 1.1 Vulnerabilities & Exploits: online.securityfocus.com: Windows NT Win32k.sys Denial of Service Vulnerability. Read more online.securityfocus.com: MIT Kerberos / Key Distribution Center Shared Key User Spoofing Vulnerability. Read more online.securityfocus.com: MIT Kerberos ASN.1 Decoder Heap Corruption Vulnerability. Read more online.securityfocus.com: AIX 'lsfs' Local Privilege Escalation Vulnerability. Read more online.securityfocus.com: JustAddCommerce Hidden Form Field Manipulation Vulnerability. Read more online.securityfocus.com: IlohaMail Arbitrary File Attachment Upload Path Vulnerability. Read more online.securityfocus.com: SyGate Insecure UDP Source Port Firewall Bypass Weak Default Configuration Vulnerability. Read more online.securityfocus.com: SpamProbe Remote Denial of Service Vulnerability. Read more online.securityfocus.com: Sun Solaris AT Command Race Condition Vulnerability. Read more online.securityfocus.com: Sun Solaris AT Command Arbitrary File Deletion Vulnerability. Read more online.securityfocus.com: Multiple Vendor FTP pipe Vulnerability. Read more News: www.vnunet.com: SQL Slammer used British code. Read more www.nwfusion.com: Study: Slammer was fastest-spreading worm yet. Read more news.com.com: Slammer--the first 'Warhol' worm? Read more www.vnunet.com: Worm turns on The Archers. Read more www.securitynewsportal.com: SummerCon 2003 for hackers and security pros - June 6-8 - Pittsburgh PA. Read more news.com.com: Report: Net attacks on businesses down. Read more www.charlotte.com: Snooping stalled. Read more www.vnunet.com: PC security flaws on the rise. Read more www.securitynewsportal.com: French hackers wipe clean over 100 Thailand Police web sites. Read more www.infoworld.com: NASA servers hacked. Read more

03 february 2003 New Trojans: Nethief 2.3 NEMAN's Trojan 1.0 NEMAN's Trojan 1.1 NEMAN's Trojan 1.2 Vulnerabilities & Exploits: online.securityfocus.com: Courier-IMAP Username SQL Injection Vulnerability. Read more online.securityfocus.com: Macromedia ColdFusion MX Windows User File Authorization Vulnerability. Read more online.securityfocus.com: HP Compaq Insight Manager/Compaq Web Agent Session Persistence Vulnerability. Read more online.securityfocus.com: slocate Local Buffer Overrun Vulnerability. Read more online.securityfocus.com: eL DAPo Authentication Information Disclosure Weakness. Read more online.securityfocus.com: 3ware Disk Managment Malformed HTTP Request DoS Vulnerability. Read more online.securityfocus.com: Oracle 8i Listener Remote Redirect Denial of Service Vulnerability. Read more online.securityfocus.com: WinSCP SSH2 Authentication Password Persistence Weakness. Read more online.securityfocus.com: Nukebrowser Remote File Include Vulnerability. Read more online.securityfocus.com: Apache Tomcat Null Byte Directory/File Disclosure Vulnerability. Read more online.securityfocus.com: Microsoft Windows Locator Service Buffer Overflow Vulnerability. Read more News: www.computeruser.com: Security experts: more Internet attacks will come. Read more news.bbc.co.uk: How digital Armageddon was averted. Read more www.bayarea.com: Zeroing in on software security. Read more www.sunspot.net: Hackers hit and run on Internet auction sites. Read more joongangdaily.joins.com: By whatever name, viruses spell trouble. Read more joongangdaily.joins.com: Computer laws, hackers squaring off. Read more www.hardwarezone.com: Microsoft preps Firewall upgrade. Read more www.computerworld.com: Free benchmark could have found Slammer vulnerability. Read more

02 february 2003 New Trojans: Exploder Trojan Akosch 1 Akosch 2 Akosch Uploader 2 Vulnerabilities & Exploits: online.securityfocus.com: SILC Server INVITE Command Double Free Heap Corruption Vulnerability. Read more online.securityfocus.com: Deerfield Website Pro Remote Denial of Service Vulnerability. Read more online.securityfocus.com: Van Dyke Software Entunnel SSH2 Authentication Password Persistence Weakness. Read more online.securityfocus.com: Van Dyke Software SecureFX SSH2 Authentication Password Persistence Weakness. Read more online.securityfocus.com: Van Dyke SecureCRT SSH2 Authentication Password Persistence Weakness. Read more online.securityfocus.com: Celestial Software AbsoluteTelnet SSH2 Authentication Password Persistence Weakness. Read more online.securityfocus.com: Putty SSH2 Authentication Password Persistence Weakness. Read more online.securityfocus.com: Web-cyradm Remote Denial of Service Vulnerability. Read more online.securityfocus.com: Microsoft Outlook Express S/MIME Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft SQL Server 2000 Resolution Service Stack Overflow Vulnerability. Read more online.securityfocus.com: Microsoft SQL Server 2000 Resolution Service Heap Overflow Vulnerability. Read more online.securityfocus.com: ISC DHCPD dhcrelay Extraneous Network Packets Vulnerability. Read more online.securityfocus.com: MPE/iX AIFCHANGELOGON Privilege Escalation Vulnerability. Read more online.securityfocus.com: DotProject Remote File Include Vulnerability. Read more online.securityfocus.com: Apache Tomcat Web.XML File Contents Disclosure Vulnerability. Read more online.securityfocus.com: Apache Tomcat Example Web Application Cross Site Scripting Vulnerability. Read more online.securityfocus.com: BEA Systems WebLogic Server and Express Session Sharing Vulnerability. Read more online.securityfocus.com: BEA WebLogic Keystore Clear Text Password Storage Vulnerability. Read more online.securityfocus.com: BEA Systems WebLogic Server and Express Null Character DOS Device Denial of Service Vulnerability. Read more online.securityfocus.com: MySQL Double Free Heap Corruption Vulnerability. Read more www.securitytracker.com: 3ware 3DM Disk Management Utility Web Daemon Bugs Let Remote Users Crash the Software. Read more www.securitytracker.com: ColdFusion MX Configuration Error When Used With IIS and NT Authentication May Grant Unauthorized Access to Remote Authenticated Users. Read more News: www.securitynewsportal.com: Hackers deface numerous NASA web servers on day of Space Shuttle Disaster. Read more Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment. Read more www.prognosisx.com: Counting the cost of Slammer. Read more

01 february 2003 New Trojans: RMS 2.5 Server Magic Link 2.1 version b RBackdoor 1.3 Z-Demon 1.2 Vulnerabilities & Exploits: online.securityfocus.com: MIT Kerberos Key Distribution Center Remote Format String Vulnerabilities. Read more www.securitytracker.com: Apache Tomcat Server URL Parsing Error May Disclose Otherwise Inaccessible Web Directory Listings and Files to Remote Users. Read more www.securitytracker.com: EditTag Web Content Editing Script Discloses Files on the System to Remote Users. Read more www.securitytracker.com: BEA WebLogic May Disclose One User's Session Data to Another User. Read more www.securitytracker.com: BEA WebLogic Server and Express Access Control Error May Disclose Passwords to Local Users. Read more www.securitytracker.com: 'dotproject' Include File Error Allows Remote Users to Execute Arbitrary Code. Read more www.securitytracker.com: Zorum Message Board Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: PuTTY SSH2 Client Software Access Control Bug May Disclose Passwords to Local Users Via Memory. Read more www.securitytracker.com: AbsoluteTelnet SSH2 Client Software Access Control Bug May Disclose Passwords to Local Users Via Memory. Read more www.securitytracker.com: VanDyke Entunnel SSH2 Client Software Access Control Bug May Disclose Passwords to Local Users Via Memory. Read more www.securitytracker.com: VanDyke SecureFX SSH2 Client Software Access Control Bug May Disclose Passwords to Local Users Via Memory. Read more www.securitytracker.com: VanDyke SecureCRT SSH2 Client Software Access Control Bug May Disclose Passwords to Local Users Via Memory. Read more www.securitytracker.com: 'plptools' Format String Flaw Lets Local Users Gain Root Privileges. Read more News: www.theregister.co.uk: Trojan writers exploit Outlook to get around content filtering. Read more www.vnunet.com: Teenaged hacker 'Coolio' faces jail. Read more

Copyright� MegaSecurity.org