Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!

News Archive    Translate Traducen    Home

News March 20002

30 April 2002 New trojans: Muska52 1.5 Alicia Server version i Gaura Client. Gaura is now complete. News: www.esecurityonline.com: CDE dtprintinfo Help search buffer overflow vulnerability. Read more www.it-checkpoint.net: Several x-dev.de Guestbook and xNewsletter Vulnerabilities. Read more mantra.freeweb.hu: qpopper 4.0.4 buffer overflow condition. Read more www.securiteam.co: IndiaTimes.com - Email - Session hijacking and Inbox Blocking. Read more www.securiteam.co: MP3 Files can Cause Code Execution under Winamp. Read more www.securiteam.co: CSS Bug in Browser Testing Script. Read more www.securiteam.co: PHP-Survey Global.INC Information Disclosure Vulnerability. Read more www.salon.com: AOL Instant Messenger is hacked. Read more www.internetnews.com: AIM Today Gets Hacked. Read more www.computing.vnunet.com: Military hackers hit US Defense office. Read more www.computing.vnunet.com: Vivendi strikes back at 'sabotage' hackers. Read more www.computing.vnunet.com: Firms complacent over antivirus. Read more zdnet.com.com: Worms--who's the deadliest of them all? Read more www.cnet.com: Survey: Klez worm tops SirCam, Nimda. Read more www.nipc.gov: "Propagation of the W32/Klez.h@mm Worm and Variants". Read more news.zdnet.co.uk: MS security cop patrols a tough beat. Read more news.zdnet.co.uk: 'Blended' attacks pose serious security threat. Read more

29 April 2002 New trojan(s): BioNet 4.00.03 BE Delta Remote Access version b Optix PRO 1.0 News: www.guninski.com: More Office XP problems - Version 3.0. Read more wwwpool.quickfire.org: directNIC CSS vulnerabilities. Read more online.securityfocus.com: PHP-Survey Global.INC Information Disclosure Vulnerability. Read more www.securitytracker.com: PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users. Read more www.securitytracker.com: Winamp MP3 Player Buffer Overflow in the Mini-Browser Lets Remote Users Cause Arbitrary Code Inserted into MP3 Files to Be Executed. Read more digitalmass.boston.com: Vivendi to lodge complaint on suspected Internet hacking at annual meeting. Read more www.taipeitimes.com: `Task Force Tiger' put to the test. Read more in.tech.yahoo.com: Internet as warfare tool comes of age in Afghan conflict. Read more www.internetnews.com: EU Throws The Book At Cyber Criminals. Read more www.computeruser.com: Klez infection spreading across the Net - anti-virus firm. Read more www.theregister.co.uk: Crackers favour war dialling and weak passwords. Read more www.computeruser.com: The war of the wares Spyware battles defenseware for control of your PC. Read more www.newsbytes.com: Security Agents Head For Cybercrime School. Read more

28 April 2002 New trojan(s): Netkey PSYchoFiles 1.1b Client Pasana Server News: online.securityfocus.com: Nullsoft Winamp Minibrowser ID3v2 Buffer Overflow Vulnerability. Read more online.securityfocus.com: PHPProjekt SQL Injection Vulnerability. Read more www.securitytracker.com: ZeroForum Discussion Board Vulnerable to Cross-Site Scripting Attacks Because It Allows User-Supplied Javascript in BBCode Image Tags. Read more www.securitytracker.com: Microsoft Outlook Weak Security Enforcement When Editing Messages with Microsoft Word Lets Remote Users Send Malicious Code to Outlook Recipients That Will Be Executed When Forwarded or Replied To. Read more www.securitytracker.com: Sudo Utility Has Heap Overflow That May Let Local Users Execute Arbitrary Code with Root Privileges. Read more www.securiteam.com: Multiple Vulnerabilities in Stack Smashing Protection Technologies. Read more www.securiteam.com: Writing Buffer Overflow Exploits - a Tutorial for Beginners. Read more www.securiteam.com: Apache Security Configuration Guide. Read more www.securiteam.com: Linux Security Configuration Document. Read more www.securiteam.com: Fingerprinting Port 80 Attacks: A Look into Web Server, and Web Application Attack Signatures: Part Two. Read more www.securiteam.com: Practical Exploitation of RC4 Weaknesses in WEP Environments. Read more www.washingtonpost.com: Worries of Cyberattacks on U.S. Are Aired. Read more www.newsbytes.com: Security Agents Head For Cybercrime School. Read more www.techfocus.org: Crackers and Feds working together? What it will take: Read more

27 April 2002 New trojan(s): DKangel 2.41 Alicia Server (b) & (d) KWM Server version b Tool: www.insecure.org: Nmap version 2.54BETA33 is available. Read more www.shadowpenguin.org: GreedyDog is the ethernet packet sniffer for Linux, FreeBSD, OpenBSD, NetBSD, Solaris2, SunOS4, AIX, HP-UX, IRIX, MacOSX, and Windows2000/Xp. Read more www.intranode.com: New Tool And Technique For Remote Operating System Fingerprinting. Read more reeler.org: nstats prints statistics about ethernet network traffic. Read more News: Microsoft Security Bulletin MS02-006 Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run. Read more www.cert.org: Overview of Attack Trends (pdf). Read more online.securityfocus.com: Sudo Password Prompt Heap Overflow Vulnerability. Read more online.securityfocus.com: Microsoft Baseline Security Analyzer Plaintext Result File Vulnerability. Read more online.securityfocus.com: Microsoft Plugs Scripting Hole In Word/Outlook Combo. Read more www.securitytracker.com: PHProjekt Groupware Has Multiple Flaws That Allow Remote Users to Gain Unauthorized Access, Make Changes to the Database, and View Files Located Anywhere on the System. Read more www.securitytracker.com: SGI IRISconsole Management Software May Let Remote Users Login With the Wrong Password. Read more www.securitytracker.com: FreeBSD Kernel Memory Map Bug in 'mmap()' and 'msync()' May Let Local Users Crash the System. Read more www.securitytracker.com: More PHP-Nuke Input Filtering Bugs Let Remote Users Conduct Cross-Site Scripting Attacks Against Other Users. Read more www.securitytracker.com: Microsoft Internet Explorer Browser Can Be Crashed By Remote HTML Containing Malicious Image Tags That Cause Infinite Processing Loops. Read more www.securitytracker.com: Kerberos4 FTP Client Heap Overflow Lets Malicious Servers Execute Arbitrary Code on the FTP Client. Read more www.securiteam.com: Denial of Service in Mosix. Read more www.iss.net: Klez (W32.Klez.gen@mm) mass mailing worm. Read more afr.com: Klez virus sweeping world. Read more www.newsbytes.com: Chernobyl Virus Damage Expected To Be Minimal. Read more www.theregister.co.uk: Cisco and Sophos spoofed in virus mail-outs. Read more www.newsbytes.com: Microsoft Yanks Office Tools After Security Report. Read more www.theregister.co.uk: Crackers favour war dialling and weak passwords. Read more www.theregister.co.uk: MS Word runs malicious e-mail scripts. Read more

26 April 2002 New trojan(s): Feuerleiter 2.0 Feri Server (d) Lurker 1.1 Server. Complete now. News: Microsoft Security Bulletin MS02-021 E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward (Q321804). Read more www.debian.org: DSA-127-1 xpilot-server -- remote buffer overflow. Read more www.debian.org: DSA-126-1 imp -- cross-site scripting. Read more online.securityfocus.com: Internet Explorer Recursive JavaScript Event Denial of Service Vulnerability. Read more online.securityfocus.com: Microsoft Outlook Express DOS Device Denial of Service Vulnerability. Read more www.securitytracker.com: HP-UX passwd(1) Utility May Allow Local Users to Corrupt the Password File. Read more www.securitytracker.com: csMailto Perl-based Form Mail Script Input Validation Flaw Allows Remote Users to Execute Arbitrary Commands on the Server. Read more www.securitytracker.com: MOSIX Cluster Environment for Linux Allows Remote Users to Crash the Cluster With Arbitrary Packets. Read more www.securitytracker.com: WoltLab Burning Board PHP-based Forum Software Has Input Filtering Flaws That Allow Cross-Site Scripting Attacks. Read more www.securitytracker.com: PHP Posix_getpw* Functions Ignore Safe_mode and Open_basedir Settings Allowing Restricted Users to Retrieve Password Information. Read more www.securitytracker.com: LabVIEW Test and Measurement Software Can Be Crashed By Remote Users. Read more www.securitytracker.com: ICQ Instant Messaging Client Can Be Crashed When Malformed '.hpf' Files are Loaded. Read more www.securitytracker.com: Intellisol Xpede Expense Reporting Software from WorkforceROI Has Multiple Flaws That Disclose Sensitive Information to Remote Users and Allow Remote Users to Make Administrative Changes. Read more www.securitytracker.com: Linux 'ld-linux.so.2' Dynamic Linker Allows Local Users to Execute Programs For Which They Do Not Have Execute Permissions. Read more www.securiteam.com: csMailto.cgi - Remote Command Execution. Read more www.securiteam.com: Intel D845HV/WN/PT Series Motherboard Vulnerability. Read more www.securiteam.com: De-Anonymizer (SCRIPT Bypassing). Read more www.securiteam.com: InterScan Reveals The List of BCC When It Strips Attachments (Via Alert). Read more www.securiteam.com: LabVIEW Web Server DoS Vulnerability. Read more www.securiteam.com: Sudo Password Prompt Vulnerability. Read more www.securiteam.com: Kerberos4 FTP Client Found to Contain a Heap Overflow. Read more www.chicagotribune.com: CIA warns of Chinese plans for cyber-attacks on U.S. Read more www.siliconvalley.com: China not thought capable of hacking sensitive U.S., Taiwanese documents. Read more www.siliconvalley.com: CIA: China planning cyber-attacks on U.S., Taiwan. Read more news.com.com: New "Klez" still clobbering PC users. Read more www.koreaherald.co.kr: Hackers exploit Korea to attack global systems. Read more www.techtv.com: Female Hacker Packs Punch. Read more www.theregister.co.uk: FAA hacked by patriots. Read more news.com.com: Hackers turn tables on file-swapping firms. Read more news.zdnet.co.uk: Lack of reporting hits cybercrime fight. Read more www.theregister.co.uk: Security exhibitors set up insecure WLANs. Read more

25 April 2002 New trojan(s): Opwin 1.1 Darksky 1.0 DRA Server (a) Tools: www.abim.wd1.net: AVP Clone project - Anti Virus - Version 0.1.7 by Senna Spy. Read more www.32bits.co.uk: DLock will watch your file system for specific files, and alert you if they appear (virus, spyware, copy, and paste, whatever). Read more www.snort.org: Snort 1.8.7beta1 available. Download News: online.securityfocus.com: Matu FTP Client Buffer Overflow Vulnerability. Read more online.securityfocus.com: BSD exec C Library Standard I/O File Descriptor Closure Vulnerability. Read more online.securityfocus.com: SLRNPull Spool Directory Command Line Parameter Buffer Overflow Vulnerability. Read more online.securityfocus.com: PsyBNC Oversized Passwords Denial Of Service Vulnerability. Read more online.securityfocus.com: Philip Chinery's Guestbook Script Injection Vulnerability. Read more online.securityfocus.com: vqServer CGI Demo Program Script Injection Vulnerability. Read more www.securitytracker.com: Microsoft MSN Messenger Instant Messaging Client Discloses Buddy List to Local Users. Read more www.securitytracker.com: Matu FTP Client Buffer Overflow Allows Remote Malicious FTP Servers to Execute Arbitrary Code on the Client. Read more www.securitytracker.com: psyBNC Internet Relay Chat (IRC) Bouncer Authentication Processing Bug Lets Remote Users Tie Up All Available Connection Slots. Read more www.securitytracker.com: Slrnpull News Retrieval Application Buffer Overflow in Spool Directory Option May Allow Local Users to Obtain Elevated Privileges. Read more www.securitytracker.com: BSD UNIX Kernel File Descriptor Processing Flaw May Let Local Users Write to Root Owned Files to Gain Root Privileges on the System. Read more www.securitytracker.com: Lil' HTTP Server Discloses Files Located Outside of the Web Document Directory to Remote Users and Allows Remote Users to Conduct Cross-site Scripting Attacks Against Administrators. Read more www.securitytracker.com: vqServer Java-based Web Server Sample CGI Script Allows Cross-Site Scripting Attacks. Read more www.finjan.com: Microsoft Baseline Security Analyzer exploit (Exposed vulnerabilities' list). Read more infosec.uninet.edu: Logs of online conference at UniNet. Read more cyberlaw.stanford.edu: Stanford's Center for Internet and Society Conference on Computer Security Vulnerability Disclosure. Read more www.vnunet.com: Interpol warns firms over security 'vacuum'. Read more www.theregus.com: Virus writers outpace traditional AV. Read more www.extremetech.com: Worm Writers Get Wormier. Read more www.techfocus.org: Klez worm spoofs From field, confuses lusers. Read more www.ledger-enquirer.com: Air Force cadets face hackers in cyberbattle. Read more www.silicon.com: Cisco blunders with insecure web page. Read more www.theregus.com: Security exhibitors set up insecure WLANs. Read more europe.cnn.com: Viruses with more bark than bite. Read more timesofindia.indiatimes.com: CBI registers first hacking case. Read more www.computing.vnunet.com: Third of UK businesses at DDoS risk. Read more www.msnbc.com: �Brute force� card thieves attack. Read more

24 April 2002 New trojan(s): Net Advance 3.0.0 beta 3 FTP Trojan Generator Delf Server (k) News: www.securitytracker.com: Microsoft Internet Explorer Web Browser Can Be Crashed By Remote Users With OLE OBJECT Element Dependency Loops. Read more www.securitytracker.com: ICQ Chat Client Can Be Crashed By Remote Users Sending Malformed Contact Packets. Read more www.securitytracker.com: PostCalendar Add-on Module for PostNuke Lets Remote Users Conduct Cross-Site Scripting Attacks Against PostCalendar Users. Read more www.securitytracker.com: Philip Chinery's Guestbook.pl Script Fails to Filter User-Supplied Input, Allowing Cross-Site Scripting Attacks. Read more www.securiteam.com: AIM Remote File Transfer/Direct Connection Vulnerability. Read more www.securiteam.com: Suid Application Execution May Give Local Root (Testing App). Read more www.securiteam.com: Matu FTP Remote Buffer Overflow Vulnerability. Read more www.securiteam.com: psyBNC Vulnerable to a DoS Attack (Exploit). Read more www.securiteam.com: Suid Application Execution May Give Local Root (Exploit Code). Read more www.securiteam.com: Philip Chinery's Guestbook Cross Site Scripting Vulnerability. Read more www.securiteam.com: Posix_getpw* Ignores Safe_mode and Open_basedir Settings. Read more www2.caller.com: Cyber-wars between Israel and Palestinians. Read more timesofindia.indiatimes.com: Taiwan organising cyber war drill. Read more www.computing.vnunet.com: Rumbled Russian hackers banged up. Read more www.zdnet.com: Why the Klez worm just won't go away. Read more zdnet.com.com: Europe plans to jail hackers. Read more quote.bloomberg.com: Microsoft's Gates Says Plan Would Mean End to Windows (Update3). Read more www.cnn.com: Gates: Penalties would hamper Windows. Read more www.nwfusion.com: Honeynet looks to sting hackers. Read more www.businessweek.com: The Devil Is in the E-Mail. Read more www.eveningtelegraph.co.uk: SCOTLAND-WIDE SCHEME IN FIGHT AGAINST CRIME. Read more www.ireland.com: EU proposes harmonisation of rules on cyber-crime. Read more www.cjonline.com: Names, credit card numbers found via city's Web site. Read more www.internetnews.com: Airline Database Posted On Defacement. Read more

23 April 2002 New trojan(s): BioNet 4.0.2 BE Hydroleak beta 1 Daniel Server. Daniel is now comlete. News: online.securityfocus.com: Faq-O-Matic Cross Site Scripting Vulnerability. Read more online.securityfocus.com: PostCalendar 3.0 Cross Site Scripting Vulnerability. Read more online.securityfocus.com: Microsoft Internet Explorer Self-Referential Object Denial of Service Vulnerability. Read more online.securityfocus.com: WorkforceROI XPede Arbitrary Time Sheet Disclosure Vulnerabiltiy. Read more online.securityfocus.com: PostBoard BBCode IMG Tag Script Injection Vulnerability. Read more online.securityfocus.com: OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability. Read more online.securityfocus.com: PostBoard Topic Title Script Execution Vulnerability. Read more online.securityfocus.com: PostBoard BBCode Denial Of Service Vulnerability. Read more www.securiteam.com: vqServer Demo File Cross-Site Scripting. Read more www.securiteam.com: Lil' HTTP Server "Referer" Cross Site Scripting Vulnerability. Read more www.securiteam.com: Lil' HTTP Server Directory Traversal Vulnerability. Read more www.securiteam.com: Slrnpull Buffer Overflow (-d Parameter). Read more www.securiteam.com: AFS/Kerberos Support in OpenSSH Poses a Security Threat. Read more www.securiteam.com: Suid Application Execution May Give Local Root. Read more www.securitytracker.com: GNU Screen Window Manager Lets Local Users Execute Arbitrary Code With Root Privileges to Gain Root Access on the System. Read more www.extremetech.com: IMHO: Dear Bill: Don't Do It! Read more www.extremetech.com: Hackers Skeptical Of Microsoft's "Holey War". Read more www.newsfactor.com: How Teens Still Hack Million-Dollar Security Systems. Read more timesofindia.indiatimes.com: Taiwan organising cyber war drill. Read more www.pcmag.com: Microsoft Security Tool Leaves Holes. Read more www.spacer.com: Defending The Data. Read more www.newscientist.com: New tool dupes computer defences. Read more augustachronicle.com: Hijacked Web sites can become weapon in terrorists' arsenal. Read more www.oreillynet.com: Wireless LAN Security: A Short History. Read more www.cleveland.com: Instant messagers, beware! Instant monitoring is coming. Read more www.nandotimes.com: ATM hackers sentenced in Russia. Read more www.fcw.com: Army proxy server closes Web back door. Read more www.zdnet.com: Keep your files safe with these encryption tools. Read more

22 April 2002 New trojan(s): Protoss 1.6 Alicia Server (d) Stats Server Tool: www.monkey.org: Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host. Read more News: www.securitytracker.com: OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions. Read more www.securitytracker.com: Snitz Forums Input Validation Error Lets Remote Users Insert SQL Commands and View the Database Contents. Read more www.securitytracker.com: Foundstone FScan Port Scanning Utility May Execute Arbitrary Code When Scanning Malicious Remote Servers. Read more www.securitytracker.com: Microsoft Distributed Transaction Coordinator Can Be Crashed By Remote Users Sending Malformed Packets. Read more www.securiteam.com: User Privileges Vulnerability in Oracle9i Database Server. Read more www.securiteam.com: Xpede Found to Contain Multiple Vulnerabilities. Read more www.securiteam.com: MHonArc Script Filtering Bypass Vulnerability. Read more www.securiteam.com: IcrediBB Contains a Cross Site Scripting Vulnerability. Read more www.cisco.com: Simplex TCC, TCC+, TCCi, XC, XCVT and XC10G Configuration are Unsupported. Read more rtnews.globetechnology.com: EU to clamp down on hacking, Internet attacks. Read more news.bbc.co.uk: Virus returns with a sting in its tail. Read more www.msnbc.com: A $1 billion, corporate-funded hack? Read more www.newsbytes.com: Plans For Secure Federal Intranet Moving Forward. Read more www.theregister.co.uk: NTL hacked? Read more www.stuff.co.nz: Don't overlook the potential security threat from within. Read more www.usatoday.com: Future of e-mail encryption uncertain. Read more

21 April 2002 New trojan(s): LastDoor 1.0 SysRoot Server Bigorna 1.0 Client. Biogorna 1.0 is now complete. News: spoor12.edup.tudelft.nl: Local file detecting and installed software fingerprinting. Read more spoor12.edup.tudelft.nl: How to Executing scripts when reading a malicious email in Hotmail.. Read more online.securityfocus.com: IcrediBB Script Injection Vulnerability. Read more online.securityfocus.com: Foundstone FScan Banner Grabbing Format String Vulnerability. Read more online.securityfocus.com: Oracle E-Business Suite 11i Unauthorized PL/SQL Procedure Access Vulnerability. Read more www.securitytracker.com: MHonArc Mail-to-HTML Converter Input Filtering Mechanisms Can Be Bypassed, Allowing Cross-Site Scripting Attacks. Read more www.securitytracker.com: Caldera Open UNIX X11 Library Buffer Overflow May Allow Users to Exploit Applications That are Based on the Library to Gain Elevated Privileges. Read more www.securitytracker.com: Linker Search Engine Software Has Input Validation Flaw That Lets Remote Users View Files on the System and Gain Administrative Access to the Search Engine. Read more www.securitytracker.com: 'Chanserv' Services in Many Internet Relay Chat (IRC) Servers 'De-op' Users Too Slowly, Allowing Remote Users to Potentially Cause Denial of Service Conditions. Read more www.securitytracker.com: PVote Online Voting System Lack of Authentication Lets Remote Users Gain Administrative Access to the Application. Read more www.securitytracker.com: Buffer Overflow in Solaris Event Detector Daemon (edd) for Enterprise 10000 SSP Server May Let Remote Users Gain Root Access to the System. Read more www.securitytracker.com: Macromedia ColdFusion Server Discloses Installation Path to Remote Users. Read more www.securitytracker.com: HP MPE/iX Operating System Can Be Crashed By Remote Users Sending Malformed IP Packets. Read more www.securiteam.com: DoS in Multiple IE Versions (Self-Referenced Directives). Read more www.securiteam.com: Snitz Forums 2000 Remote SQL Query Manipulation Vulnerability. Read more www.securiteam.com: Tomcat Real Path Disclosure Vulnerability. Read more zdnet.com.com: Turning red over Klez virus. Read more www.commweb.com: Gates: Crashes And Hacks Foil Windows. Read more www.wired.com: Annoying Worm Writer Wants Job. Read more

20 April 2002 New trojan(s): Mini Evangelion Yajing 1.0 Server Dosh Server version d News: www.guardent.com: Format String Attacks (pdf). Read more www.appsecinc.com: Microsoft SQL Server: Buffer Overflows in numerous extended stored procedures. Read more spoor12.edup.tudelft.nl: SkyLined: The homepage for absolutely nothing. Read more online.securityfocus.com: MPE/iX Malformed IP Packet Denial of Service Vulnerability. Read more online.securityfocus.com: AOLServer Developer API Ns_PdLog() Format String Vulnerability. Read more www.securitytracker.com: Oracle E-Business Suite Input Validation Flaw May Let Remote Users Execute Arbitrary PL/SQL Procedures on the Applications Database. Read more www.securitytracker.com: Talentsoft Web+ Buffer Overflow in Processing Cookies Lets Remote Users Execute Arbitrary Code With SYSTEM Privileges. Read more www.securitytracker.com: Microsoft Back Office Web Administration Authentication Mechanism Can Be Bypassed By Remote Users. Read more www.securitytracker.com: WebTrends Reporting Center Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code with SYSTEM Privileges. Read more www.securitytracker.com: FreeBSD UNIX ICMP Implementation Lets Remote Users Cause the Kernel to Consume All Available Memory. Read more www.securitytracker.com: Sambar Server Discloses Script Source Code to Remote Users and Can Be Crashed By Remote Users via Malformed URLs. Read more www.securitytracker.com: Microsoft Windows 2000 'microsoft-ds' Service Flaw Allows Remote Users to Create Denial of Service Conditions By Sending Malformed Packets. Read more www.securiteam.com: Foundstone Fscan Format String Bug. Read more www.securiteam.com: Gawk Contains an Exploitable Buffer Overflow. Read more www.securiteam.com: Posadis Format String and Buffer Overflow Exploit Codes. Read more www.securiteam.com: An Alternative Method to Check for LKM Backdoor/Rootkit. Read more www.securiteam.com: Multiple Vulnerabilities Found in PVote. Read more www.securiteam.com: Compaq Tru64 UNIX dtprintinfo "-session" Buffer Overflow Vulnerability. Read more www.securiteam.com: Compaq Tru64 UNIX libc Buffer Overflow Vulnerability. Read more www.securiteam.com: DDate Proof Of Concept Exploit and Bug details. Read more www.securiteam.com: FileSeek CGI Script Command Execution and Arbitrary File Viewing Vulnerabilities. Read more online.securityfocus.com: VBA Emulation � A Viable Method of Macro Virus Detection? Part One. Read more news.com.com: New Klez worm squirms across Internet. Read more www.theregister.co.uk: Klez worm infects and infuriates. Read more www.computeruser.com: New take on Klez worm spreading, anti-virus firms say. Read more www.cnet.com: Klez virus passes confidential info. Read more www.newsbytes.com: Palestinian Sites Knocked Offline By Mideast Conflict. Read more news.com.com: New tool helps hackers evade detection. Read more news.bbc.co.uk: Hacking 'legal' in Argentina. Read more www.ecommercetimes.com: Hacking Through the Wireless Jungle. Read more www.theregister.co.uk: My daily virus. Read more www.govexec.com: White House cyber czar describes next phase of Internet plan. Read more

19 April 2002 New trojan(s): Wildek 0.3 Servers Remote Saucer 1.1 Little Witch 5.1 News: www.hert.org: Format string vulnerability. Read more www.team-teso.net: Exploiting format string vulnerabilities. Read more www.intranode.com: New Tool And Technique For Remote Operating System Fingerprinting (pdf). Read more Oracle Security Alert #33 User Privileges Vulnerability in Oracle9i Database Server (pdf). Read more online.securityfocus.com: Symantec Norton Personal Firewall 2002 Portscan Protection Bypass Vulnerability. Read more www.securitytracker.com: Pipermail Mailing List Archive Software Directory Permission Flaw May Let Local Users View Private Mailing List Archive Contents. Read more www.securitytracker.com: AOL Instant Messenger Temporary File Flaw May Allow Remote Users on an AIM Direct Connection to Create Files With Arbitrary File Names on the Host. Read more www.securitytracker.com: AOLserver Format String Flaw and Buffer Overflow in 'libnspd.a' API for External Database Driver Proxy Daemons May Let Remote Users Execute Arbitrary Code. Read more www.securitytracker.com: Microsoft Internet Explorer (IE) 'dialogArguments' Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks Against IE Users. Read more www.securitytracker.com: PostBoard Add-on Module for PostNuke Allows Cross-Site Scripting Attacks and Denial of Service Attacks. Read more www.securitytracker.com: XPilot Gaming Server Has Buffer Overflow That Lets Remote Users Execute Arbitrary Code on the Server. Read more www.securitytracker.com: IcrediBB Bulletin Board Allows Cross-Site Scripting Attacks to Steal User and Administrator Authentication Cookies. Read more www.securitytracker.com: Wiley Computer's CGI/Perl Cookbook FileSeek.cgi Script Lets Remote Users Execute Arbitrary Commands on the Server and View Files Located Anywhere on the Server. Read more www.securitytracker.com: Oracle Database ANSI Outer Join Syntax Lets Valid Users Obtain Unauthorized Access to Sensitive Data in the Data Dictionary. Read more www.securitytracker.com: Demarc PureSecure Network Monitor Allows Remote Users to Inject SQL Commands to Bypass the Authentication Process and Gain Administrator Access to the Application. Read more www.securitytracker.com: Norton Personal Firewall Portscan Detection Fails to Detect and Block SYN/FIN Scans. Read more www.securitytracker.com: HP Photosmart Printer Drivers Use Unsafe File Permissions and Let Local Users Gain Elevated Privileges on the System. Read more www.securitytracker.com: FreeBSD UNIX Kernel Flaw in Providing SYN Flood Protection Lets Remote Users Crash the Kernel With Valid TCP/IP Packets. Read more www.securitytracker.com: Symantec Enterprise Firewall (Raptor) FTP Proxy Allows Remote Users to Conduct FTP Bounce Attacks Using Protected FTP Servers. Read more www.securitytracker.com: Macromedia ColdFusion Web Application Server Allows Remote Users to Conduct Cross-Site Scripting Attacks to Steal Authentication Cookie. Read more www.securitytracker.com: IBM Lotus Domino Web Server Buffer Overflow During Authentication May Let Remote Users Crash the Web Server. Read more www.securiteam.com: Back Office Web Administration Authentication Bypass. Read more www.securiteam.com: ColdFusion Allows for Path Disclosure (DOS Devices). Read more www.securiteam.com: SQL Extended Procedure Functions Contain Unchecked Buffers. Read more www.securiteam.com: IBM Informix Web DataBlade Local Root by Design. Read more www.securiteam.com: Symantec Enterprise Firewall FTP Bounce Vulnerability (Patch Available). Read more www.securiteam.com: WebTrends Reporting Center Buffer Overflow and Path Disclosure. Read more www.canada.com: Bundled program threat to computer privacy. Read more www.latimes.com: These Nets Have Security Holes. Read more www.wired.com: Carnivore's New Leash on Life? Read more www.vnunet.com: Corporate hacks go unreported. Read more www.vnunet.com: DoS attack storms port 445. Read more www.vnunet.com: Bug Watch: All quiet on the virus front. Read more www.theregister.co.uk: Middle East conflict spills over into cyberspace. Read more cansecwest.com: The third annual CanSecWest conference. Read more eprairie.com: Security, Disaster Recovery Issues After Sept. 11. Read more www.cnn.com: Hack attack, how you might be a target. Read more www.computerworld.com: Q&A: Microsoft Senior VP Paul Flessner on Trustworthy Computing. Read more www.newsbytes.com: Florida Bank Suffers Online Security Breach. Read more www.zdnet.com: Uncrackable encryption: It's no longer just sci-fi. Read more

18 April 2002 New trojan(s): Muska52 1.4 Galaxy Server Nethero 1.0a News: Microsoft Security Bulletin MS02-020 SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507). Read more DSA-127-1 xpilot-server -- remote buffer overflow. Read more online.securityfocus.com: Multiple Microsoft Products for MacOS File URL Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft Internet Explorer Unicode Character Handling DoS Vulnerability. Read more www.securitytracker.com: Microsoft Outlook Express for Mac OS Has Buffer Overflow in Processing the 'file://' URL That Allows Remote Users to Cause Arbitrary Code to Be Executed. Read more www.securitytracker.com: Microsoft Office for Mac OS Has Buffer Overflow in Processing the 'file://' URL That Allows Remote Users to Cause Arbitrary Code to Be Executed. Read more www.securitytracker.com: Microsoft Internet Explorer for Mac OS Has Buffer Overflow in Processing the 'file://' URL That Allows Remote Users to Cause Arbitrary Code to Be Executed. Read more www.securitytracker.com: Microsoft Word Object Creation Flaw Lets Remote Users Create ActiveX That Will Consume Memory on the Victim's Computer. Read more www.securitytracker.com: SOAP::Lite for Perl Lets Remote Users Call Arbitrary Perl Functions on the System. Read more www.securitytracker.com: xNewsletter PHP-based News Distribution Script Discloses Subscriber Addresses to Remote Users and Lets Remote Users Create Denial of Service Conditions. Read more www.securitytracker.com: xGB PHP-based Guestbook Software Allows Cross-Site Scripting Attacks and Lets Remote Users Delete the Datafile and Possibly Execute Arbitrary PHP Commands on the Server. Read more www.securitytracker.com: Cisco CallManager Affected by Microsoft Internet Information Server (IIS) Bugs. Read more www.securitytracker.com: SGI IRIX Operating System XFS Filesystem Bug Lets Remote Users Cause Applications to Hang. Read more www.securitytracker.com: AOL Instant Messenger (AIM) Chat Software May Disclose Buddy List Information to Local Users. Read more www.securitytracker.com: Computer Associates CA-MLINK Buffer Overflows May Let Local Users Gain Root Privileges on the System. Read more www.securitytracker.com: Nortel CVX-1800 Multi-service Access Switch Discloses Administrative Account Names and Passwords to Remote Users. Read more www.securitytracker.com: Melange Chat Server Buffer Overflow in Processing of '/yell' Message May Let Remote Users Execute Arbitrary Code on the Chat Server. Read more www.securitytracker.com: SunShop Shopping Cart Lack of Input Filtering Lets Remote Users Conduct Cross-Site Scripting Attacks Against SunShop Site Administrators. Read more www.securitytracker.com: Webalizer Buffer Overflow Allows Remote Users to Execute Arbitrary Code on the Server via Reverse DNS Lookups. Read more www.securiteam.com: Using the Backbutton under IE Found to be Dangerous. Read more www.securiteam.com: Raptor Firewall FTP Bounce Vulnerability. Read more www.securiteam.com: Demarc PureSecure Allows Users to Bypass Login Restrictions. Read more www.securiteam.com: Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute. Read more www.theregister.co.uk: The IE back-button attack. Read more www.informationweek.com: Klez Worm Is Back April. Read more www.infoworld.com: Microsoft defends Baseline Security Analyzer tool. Read more www.silicon.com: Microsoft security hole enables Mac hacks. Read more www.techtv.com: Sir Dystic from the hacker group Cult of the Dead Cow hacks a home computer in a simulated attack. Read more news.bbc.co.uk: Indian hacker turns cyber cop. Read more www.scientificamerican.com: Survival in an Insecure World. Read more www.nationalpost.com: Networks ill-prepared for hackers, terrorists. Read more www.miami.com: U.S. targets cybercriminals. Read more www.wired.com: Perplexing Argentine Hack Law. Read more

17 April 2002 New trojan(s): Gothic Intruder 1.1 Fenster 2.1 Server Derek 2.0 Server verion b Tool: www.monkey.org: fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host. Read more ntsecurity.nu: PromiscDetect checks if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer. Read more curl.haxx.se: LibcURL, a Multi-Protocol File Transfer Library. Read more jquiroga.d2g.com: SQLExecute Helper Tool. Read more News: Microsoft Security Bulletin MS02-019 Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute (Q321309). Read more www.pentest-limited.com: Exploiting And Protecting Oracle (pdf). Read more www.debian.org: DSA-126-1 imp -- cross-site scripting. Read more jscript.dk: IE allows universal Cross Site Scripting. Read more www.digitaloffense.net: Microsoft FTP Service STAT Globbing DoS. Read more www.dsinet.org: 2 vulnerabilities in FileSeek. Read more www.w00w00.org: Vulnerability in Multiple Microsoft Products for Mac OS. Read more online.securityfocus.com: Using the backbutton in IE is dangerous. Read more www.nta-monitor.com: Raptor Firewall FTP Bounce vulnerability. Read more online.securityfocus.com: Bradford Barrett Webalizer Reverse DNS Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft Internet Explorer History List Script Injection Vulnerability. Read more online.securityfocus.com: StepWeb Search Engine Admin Webpage Access Vulnerability. Read more www.securitytracker.com: StepWeb Search (SWS) Perl-based Search Engine Inadequate Access Controls Lets Remote Users Gain Administrative Access to the Search Engine. Read more www.securiteam.com: Remote Buffer Overflow in Webalizer (DNS Resolve). Read more www.securiteam.com: Microsoft IE/Office for Mac OS Buffer Overflow Vulnerability. Read more www.meganet.com: Crack the code and win a brand new Ferrari 360 Challenge! Read more abcnews.go.com: Filtering Out Terrorists? Internet Cafes Struggle With Issues of Terrorism vs. Privacy. Read more www.computing.vnunet.com: Apply IIS patches 'immediately'. Read more www.bbj.hu: New internet legislation outlaws all hacking. Read more www.computing.vnunet.com: Hackers target Israel. Read more www.zdnet.com: Warning! Why one virus alert system won't fit all. Read more www.ecommercetimes.com: Behind the Security Breach Hype. Read more www.idg.net: Q&A: Microsoft Senior VP Paul Flessner on Trustworthy Computing. Read more www.online.ie: Gaucho hackers escape legal lasso. Read more www.computing.vnunet.com: Users spill password beans. Read more

16 April 2002 New trojan(s): Zhang Server (Backdoor.Zhang)is renamed to SweetHeart SweetHeart 1.0 Client. SweetHeart 1.0 is now complete. LameRemote 1.0 Sysinst Server News: www.it-checkpoint.net: The Guestbook- and Newsletterscript by "x-development" are vulnerable to Cross Site Scripting Vulnerabilities. Read more www.iss.net: Internet Security Systems Security Alert Summary AS02-15. Read more www.ppp-design.de: cross-site-scripting bug in SunShop Shopping Cart. Read more online.securityfocus.com: IRIX XFS filesystem denial of service attack. Read more www.securiteam.com: Writing Buffer Overflow Exploits - a Tutorial for Beginners. Read more www.securiteam.com: Linux Security Configuration Document. Read more www.securiteam.com: Practical Exploitation of RC4 Weaknesses in WEP Environments, Read more www.securiteam.com: /usr/bin/mail OpenBSD Local Root Compromise (Escaping Tilde, Exploit). Read more www.securiteam.com: INN Security Problems Allow Gaining of news Privileges. Read more www.securiteam.com: Tivoli Storage Manager Web Server Found to Contain a Buffer Overflow. Read more www.eweek.com: Flaws in Microsoft Tool Mount. Read more www.globeandmail.ca: Argentine judge rules in favour of hackers. Read more hoovnews.hoovers.com: New internet legislation outlaws all hacking. Read more www.theregister.co.uk: Clinton worm variant makes fun of Sharon. Read more www.usatoday.com: Is your credit card account at risk online? Read more www.iht.com: Wireless nanny-cam may leave the home exposed. Read more www.eweek.com: Contracts Getting Tough on Security. Read more portal.telegraph.co.uk: Court to hear Canal Plus claim on pay-TV hacking. Read more

15 April 2002 New trojan(s): Protoss 1.5 Dewin Server version b Tini version a News: online.securityfocus.com: OpenBSD Default Crontab root Compromise Vulnerability. Read more online.securityfocus.com: IBM Informix Web Datablade Page Request SQL Injection Vulnerability. Read more online.securityfocus.com: IBM Tivoli Storage Manager Long Username Buffer Overflow Vulnerability. Read more online.securityfocus.com: Caldera X11 Library -xrm Buffer Overflow Vulnerability. Read more online.securityfocus.com: IBM Tivoli Storage Manager Client Acceptor Buffer Overflow Vulnerability. Read more online.securityfocus.com: IBM Informix Web Datablade SQL Query HTML Decoding Vulnerability. Read more online.securityfocus.com: SGI IRIX Mail Core Dump Vulnerability. Read more online.securityfocus.com: InterNetNews Multiple Local Format String Vulnerabilties. Read more www.accessatlanta.com: Microsoft now focusing on security issues. Read more news.independent.co.uk: Security systems help internet paedophiles hide abuse. Read more www.koreaherald.co.kr: Global hacking competition kicks off tomorrow. Read more www.startribune.com: Study: Damage from hackers and viruses increases. Read more www.computerworld.com: Security experts say voice mail systems vulnerable. Read more www.internetworld.com: Personnel and E-mail Security. Read more

14 April 2002 New trojan(s): NetDevil 1.3 Daodan 1.24 Server. Daodan is now complete. Shaden Server version a Tools: bob.firstcodings.com: AuthentProtect is a small ISAPI filter that denies IIS authentication based on given usernames. It is mainly intended to block brute force attack against users for which NTFS permissions cannot be revoked (mainly administrators). Read more www.laurentconstantin.com: Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. Read more community.whitehatsec.com: WHArsenal is designed to be the next generation of professional web application security audit software. Architected from the ground up to be a generic web application security productivity tool. Read more News: www.securitytracker.com: Multiple Vulnerabilities in IBM Informix Web DataBlade Let Remote Users Execute SQL Commands on the Server.Read more www.securitytracker.com: Microsoft Internet Information Server (IIS) FTP STAT Command Bug Lets Remote Users Crash Both the FTP and the Web Services. Read more www.securitytracker.com: Microsoft Internet Information Server (IIS) URL Length Bug Lets Remote Users Crash the Web Service. Read more www.securitytracker.com: NetWare Web Search Server User Input Filtering Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: InterNetNews (INN) Format String Bugs May Let Local Users Obtain Elevated Privileges on the System. Read more www.securitytracker.com: OpenBSD 'rexecd' Remote Execution Daemon May Let Remote Users Execute Shell Commands As a Different User. Read more www.securitytracker.com: OpenBSD 'rshd' Remote Shell Daemon May Let Remote Users Execute Commands As a Different User. Read more www.securitytracker.com: OpenBSD '/usr/bin/mail' May Let Local Users Execute Commands With Root Privileges By Specifying a Malicious Crontab Entry. Read more www.securitytracker.com: Tivoli Storage Manager Buffer Overflows May Let Remote Users Execute Arbitrary Code on the System. Read more www.securitytracker.com: Microsoft Windows 2000 Group Policy Object Enforcement Can Be Circumvented if User License Limits are Exceeded. Read more www.eweek.com: Microsoft's Flaw-Finding Tool Has Its Own Flaw. Read more security.alldas.org: Automatic tool to mass-hack computers using the lpd exploit for RedHat 7. Read more www.newarchitectmag.com: distributing viruses. Should virus writers be allowed to post harmful code on the Web? Read more www.newsbytes.com: Another Computing Platform Gets Its First Virus. Read more newsforge.com: Ottawa Linux Symposium: Kernel hackers can avoid United States. Read more www.latimes.com: Firms to Introduce Anti-Hacking Standard. Read more www.businessweek.com: This Ex-Hacker's Fat Is in the Fire. Read more www.silicon.com: Meet the world's most dangerous hacker - Doris from Accounts. Read more staging.infoworld.com: We can work it out. Read more

13 April 2002 New trojan(s): Wolff 1.1 EvilGoar Server F-Backdoor 1.5 News: New Startup Methods by Doc~ online.securityfocus.com: Microsoft IIS Help File Search Cross Site Scripting Vulnerability. Read more online.securityfocus.com: Microsoft IIS HTR ISAPI Extension Buffer Overflow Vulnerability. Read more online.securityfocus.com: WatchGuard SOHO Firewall Vanishing IP Restrictions Vulnerability. Read more online.securityfocus.com: Microsoft IIS HTTP Header Field Delimiter Buffer Overflow Vulnerability. Read more online.securityfocus.com: Microsoft IIS FTP Connection Status Request Denial of Service Vulnerability. Read more online.securityfocus.com: Microsoft IIS Chunked Encoding Transfer Heap Overflow Vulnerability. Read more online.securityfocus.com: Microsoft IIS HTTP Redirect Cross Site Scripting Vulnerability. Read more online.securityfocus.com: EMUMail HTTP Host Arbitrary Config File Loading Vulnerability. Read more online.securityfocus.com: Microsoft IIS Chunked Encoding Heap Overflow Variant Vulnerability. Read more online.securityfocus.com: Microsoft IIS ISAPI Filter Access Violation Denial of Service Vulnerability. Read more online.securityfocus.com: Microsoft IIS HTTP Error Page Cross Site Scripting Vulnerability. Read more online.securityfocus.com: Microsoft IIS ASP Server-Side Include Buffer Overflow Vulnerability. Read more online.securityfocus.com: ASP-Nuke Plaintext Cookie Authentication Credentials User Account Compromise Vulnerability. Read more online.securityfocus.com: ASP-Nuke Cross-Agent Scripting Vulnerability. Read more www.securitytracker.com: Microsoft Internet Information Server ASP HTTP Header Processing Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server. Read more www.securitytracker.com: Microsoft Internet Information Server (IIS) Buffer Overflow in ASP Server-Side Include Function May Let Remote Users Execute Arbitrary Code on the Web Server. Read more www.securitytracker.com: Anthill Bug Tracking System Flaws Let Remote Users Enter Bug Reports Without Having an Account and Also Conduct Cross-Site Scripting Attacks. Read more www.securitytracker.com: Abyss Web Server Discloses Web Server Password File to Remote Users. Read more www.securitytracker.com: Microsoft Internet Information Server Comes With Code That Allows Remote Users to Conduct Cross-Site Scripting Attacks. Read more www.eurekalert.org: UMass computer scientist offers a new way to track internet vandals. Read more www.vnunet.com: Can you trust an ethical hacker? Read more www.netmag.co.uk: The hacking mirror crack'd. Read more english.pravda.ru: PEOPLE PREFER NOT TO COMPLAIN OF HACKERS. Read more www.sfgate.com: Voice mail systems have few safeguards. Read more www.bday.co.za: Theft is top information security risk. Read more www.vnunet.com: Users slam Microsoft Security Analyser. Read more

12 April 2002 New trojan(s): Zaratustra 0.99 Zombie Server version c XHX Server News: online.securityfocus.com: Microsoft IIS HTR ISAPI Extension Buffer Overflow Vulnerability. Read more online.securityfocus.com: Powerboards User Account Arbitrary File Creation Vulnerability. Read more online.securityfocus.com: Powerboards Cookie Manipulation Account Compromise Vulnerability. Read more online.securityfocus.com: Powerboards Administrative Access Vulnerability. Read more online.securityfocus.com: Powerboards error.php Cross Site Scripting Vulnerability. Read more online.securityfocus.com: Microsoft Windows Terminal Server Group Policy Bypass Vulnerability. Read more online.securityfocus.com: Powerboards Unauthorized Post Deletion Vulnerability. Read more www.securitytracker.com: Cisco Aironet Wireless Devices Have an Unspecified Flaw in the Telnet Access Daemon That Lets Remote Users Cause Denial of Service Conditions. Read more www.securitytracker.com: Sun Cluster Process (in.mond) Daemon May Let Remote Users Access System Logs and Configuration Data. Read more www.securitytracker.com: Anthill Login and JavaScript Vulnerabilities. Read more www.securitytracker.com: Multiple CGIscript.net Scripts Allow Remote Code Execution. Read more www.computeruser.com: Microsoft patches ten new security bugs in IIS. Read more www.theregister.co.uk: Win-XP Search Assistant silently downloads files. Read more CERT� Advisory CA-2002-09 Multiple Vulnerabilities in Microsoft IIS. Read more linuxtoday.com: Red Hat Unveils CVE Security Compatibility. Read more www.secadministrator.com: Denial of Service in Watchguard Firebox. Read more www.rfc-editor.org: Clarifications to the DNS Specification. Read more www.businessweek.com: This Ex-Hacker's Fat Is in the Fire. Read more www.theregister.co.uk: Give your password to complete strangers? No problem..Read more

11 April 2002 New trojan(s): Webcam Trojan Spie Server Messah 1.0 Client News: Microsoft Security Bulletin MS02-018 Cumulative Patch for Internet Information Services (Q319733). Read more www.iss.net: Multiple Remote Vulnerabilities in Microsoft IIS. Read more Thor Larholm security advisory TL#001. IIS allows universal CrossSiteScripting. Read more Cgi Security Advisory #9 Netware Web Search Engine, and Microsoft IIS Help File Search Facility Cross Site Scripting Holes. Read more www.eeye.com: Digital Security Announces a Major Vulnerability in Default Installations of Windows NT 4.0 and Windows 2000 Server Systems Running IIS. Read more archives.neohapsis.co: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow. Read more www.cisco.com: Cisco Security Advisory: Solaris /bin/login Vulnerability. Read more www.securitytracker.com: Microsoft Office Web Components Let Remote Users Determine if Specified Files Exist on Another User's Host. Read more www.securitytracker.com: Microsoft Office Web Components Let Remote Users Gain Full Read and Write Control Over Another User's Clipboard, Even if Clipboard Access Via Scripts is Disabled. Read more www.securitytracker.com: Microsoft Office Web Components Let Remote Users Write Code to Run in the Victim's Local Security Domain and Access Local or Remote Files. Read more www.securitytracker.com: Microsoft Office Web Components in Office XP Lets Remote Users Cause Malicious Scripting to Be Executed By Another User's Browser Even If Scripting is Disabled. Read more www.securitytracker.com: TYPSoft FTP Server Discloses Listing of Directory Contents for Any Directory on the Disk Drive. Read more www.securitytracker.com: Horde Internet Messaging Program (IMP) Has Another Unfiltered Input That Allows Remote Users to Conduct Cross-Site Scripting Attacks Against IMP Users. Read more www.securitytracker.com: Infopop's Ultimate Bulletin Board (UBB) Forum Software Filtering Bug Lets Remote Users Conduct Cross-Site Scripting Attacks Against Some UBB Users. Read more www.securitytracker.com: Bulk Mailer Software Buffer Overflow and Race Condition May Let Local Users Obtain Root Level Access. Read more www.securitytracker.com: Funk Software Proxy Remote Control Software May Let Remote Users Gain Unauthorized Access to the System. Read more www.securitytracker.com: WatchGuard Firebox SOHO IP Options Processing Bug Lets Remote Users Crash the Firewall When in a Certain Configuration. Read more www.securiteam.com: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow (Additional Details). Read more www.theregister.co.uk: A trio of MS-Office security vulns. Read more www.theregister.co.uk: Eight new IIS security holes exposed. Read more www.internetnews.com: Microsoft IIS Patch, Round Two. Read more www.computerworld.com: Tricky worm can spread via AOL's instant message. Read more www.vnunet.com: 'Free porn' worm turns nasty. Read more www.computerworld.com: Denial-of-service attacks still a threat. Read more www.theregister.co.uk: Scottish ISP floored as DDoS attacks escalate. Read more www.businessweek.com: This Ex-Hacker's Fat Is in the Fire. Read more www.siliconvalley.com: Judge sentences man to 16 months in prison for hacking. Read more asia.cnn.com: Experts: Chat rooms a haven for hackers. Read more

10 April 2002 New trojan(s): Bionet 4.0.1 BE Zany 1.0 Client Dosh Server version a News: www.securiteam.com: Windows 2000 Server Running Terminal Services Security Vulnerability (Licenses). Read more www.securiteam.com: Abyss Web Server Administration Password File Retrieval Exploit. Read more www.pcworld.com: Tricky Worm Can Spread via AIM, IRC. Read more www.computing.vnunet.com: Those top 20 viruses in full. Read more www.zdnet.com: How to beat software's gaping security hole. Read more www.computing.vnunet.com: Cert warns of automated attacks. Read more www.CybercrimeConference.org: National Cybercrime Conference. Read more www.computerworld.com: Outflanking The Cyberterrorist Threat. Read more www.computing.vnunet.com: : NetViews: Stop the war on security. Read more www.businessweek.com: Cracks in the Firewall. Read more www.cs.berkeley.edu: Reflections on Brilliant Digital: Single Points of Internet 0wnership. Read more www.computerworld.com: Terrorism 101 With Eric Shaw. Read more staging.infoworld.com: We can work it out. Read more

09 April 2002 New trojan(s): Lithium 1.01 Gibbon Server (b) Nether 2.5 Server Tool: Internet Security Systems' Wireless Scanner(tm) application provides automated detection and security analyses of mobile networks utilizing 802.11b WLAN (Wi-Fi) access points and clients. Read more News: GreyMagic Security Advisory GM#005-IE Read more GreyMagic Security Advisory GM#006-IE Read more GreyMagic Security Advisory GM#007-IE Read more GreyMagic Security Advisory GM#008-IE Multiple local files detection issues with OWC in IE. Read more online.securityfocus.com: Anthill Cross-Agent Scripting Vulnerability. Read more www.securiteam.com: Exploiting the Race Conditions in LogWatch. Read more www.securiteam.com: Unauthorized Remote Control Access to Systems Running Funk Software's Proxy. Read more www.securiteam.com: WatchGuard SOHO Denial of Service (Packet Parsing). Read more www.securiteam.com: Apache Security Configuration Guide. Read more www.securiteam.com: Fingerprinting Port 80 Attacks: A Look into Web Server, and Web Application Attack Signatures: Part Two. Read more www.linuxsecurity.com: Dsniff 'n the Mirror. A practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. Read more www.linuxsecurity.com: Overview of Attack Trends. Read more vnunet.com: Expert warns of Trojan explosion. Read more www.theregister.co.uk: Not Brilliant, KaZaA's crackers. Read more www.silicon.com: 'Smart' viruses plaguing end users. Read more www.theregister.co.uk: My daily virus. Read more vnunet.com: US cyber attacks on the rise. Read more vnunet.com: NetWare flaw threatens servers. Read more www.fcw.com: NIST guides target e-mail, patches. Read more www.cnn.com: FBI: Cybercrime rising. Read more www.wininformant.com: Microsoft Releases Baseline Security Analyzer. Read more

08 April 2002 New trojan(s): Intruzzo 2002 Belio Server Wollf Server News: online.securityfocus.com: CA-MLink MLClear Command Line Buffer Overflow Vulnerability. Read more www.securitytracker.com: Oracle Database TSN Listener Buffer Overflow Lets Local Users Gain Elevated Privileges on the System. Read more www.securitytracker.com: Tarantella Native Client Password Saving Restriction Can Be Circumvented. Read more www.securitytracker.com: EMU Webmail Server Discloses Files on the Server to Remote Users. Read more www.securitytracker.com: Dynamic Guestbook Input Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks Against Other Users and May Allow Arbitrary Commands to be Executed in Certain Situations. Read more www.securitytracker.com: phpBB Forum May Let Remote Users Corrupt the phpBB Database Using Malicious 'BBcode'. Read more cryptome.org: Dirty AntiSec - DIRT's Firewall Disabler. Read more online.securityfocus.com: Past its Prime: Is Anti-Virus Scanning Obsolete? Read more www.cnet.com: Theft of data, viruses rank high in cyber security. Read more www.businessweek.com: Sentencing Study Probes Hacker Motives. Read more www.neowin.net: Hacking up, disclosure down, FBI survey says. Read more

07 April 2002 New trojan(s): Delta Remote Access (c) Lurker 1.1 Client Gaura Server News: cryptome.org: called TOAST (Tactical Overload Assured System Termination), which is a DDoS tool for governments. Read more cryptome.org: Dirty Spock, the minutes from the meeting where Frank Jones initially scammed the government and got them to invest hard money into the development of DIRT. Read more www.securiteam.com: Exploit for Tarantella Enterprise 3 Installations. Read more www.securiteam.com: ICECast Remote Exploit Code (GET Overflow). Read more online.securityfocus.com: PHPBB BBCode Denial Of Service Vulnerability. Read more online.securityfocus.com: PHPBB BBCode Database Corruption Vulnerability. Read more online.securityfocus.com: EMUMail Arbitrary File Reading Vulnerability. Read more online.securityfocus.com: Oracle Configurator Test Parameter Cross Site Scripting Vulnerability. Read more online.securityfocus.com: Floosietek FTGate USER Command Mailbox Lock Vulnerability. Read more online.securityfocus.com: Floosietek FTGate Rcpt to: Flood Denial of Service Vulnerability. Read more www.securiteam.com: Cisco Secure ACS Web Server has a Directory Traversal Issue (Additional details). Read more www.securiteam.com: VNC Vulnerable to Zlib Double Free Security Issue. Read more www.securiteam.com: MP3 Files Opened by Winamp Can Take Control of the Winamp's Minibrowser. Read more www.securiteam.com: Windows 2000 DCOM Clients May Leak Sensitive Information onto the Network. Read more www.securiteam.com: Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution. Read more www.securiteam.com: Opening Group Policy Files for Exclusive Read Blocks Policy Application. Read more www.securiteam.com: PHPBB BBcode Process Vulnerability (DoS). Read more www.securiteam.com: SQL Injection Vulnerability Found in phpGroupWare. Read more www.securiteam.com: EMU Webmail Allows Reading of Arbitrary Files and View Directories. Read more www.theregister.co.uk: Sentencing commission considers hackers' motives. Read more www.nandotimes.com: Hacking up, disclosure down, FBI survey says. Read more www.washtech.com: Sourcefire Finds Big Market In Sniffing Out Cyber-Attacks. Read more zdnet.com.com: Don't let Brilliant hijack your PC. Read more

06 April 2002 New trojan(s): NewFuture 1.0 beta 1 Little Witch 5.0.1 Client verion c Ramus Client News: www.digitux.net: Race conditions in logwatch. Read more www.digitux.net: Security vulnerability in audit subsystem. Read more www.computer.org: Bug Hunting: The Seven Ways of the Security Samurai. Read more online.securityfocus.com: Microsoft Windows 2000 / NT / XP MUP UNC Request Buffer Overflow Vulnerability. Read more online.securityfocus.com: Floosietek FTGate APOP Command Heap Overflow Vulnerability. Read more online.securityfocus.com: IRIX SNMP Daemon Buffer Overflow Vulnerability. Read more online.securityfocus.com: Dynamic Guestbook Remote Command Execution Vulnerability. Read more online.securityfocus.com: Quik-Serv Web Server Arbitrary File Disclosure Vulnerability. Read more online.securityfocus.com: Multiple Vendor TalkD User Validation Vulnerability. Read more online.securityfocus.com: CiscoSecure ACS For Windows Format String Vulnerability. Read more online.securityfocus.com: Dynamic Guestbook Cross-Agent Scripting Vulnerability. Read more www.theregister.co.uk: Sentencing commission considers hackers' motives. Read more www.extremetech.com: Crypto Keys At Risk. Read more rtnews.globetechnology.com: Virus showcases Russian porn. Read more www.geek.com: The difference between hackers and terrorists. Read more

05 April 2002 New trojan(s): Snape 1.2 DataSpy Network X 0.5 beta Hidedoor Server News: Microsoft Security Bulletin MS02-016 Q318593: Opening Group Policy Files for Exclusive Read Blocks Policy Application. Read more Microsoft Security Bulletin MS02-017 Q311967: Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution. Read more online.securityfocus.com: Nullsoft Winamp Script Injection Vulnerability. Read more online.securityfocus.com: Icecast AVLLib Buffer Overflow Vulnerability. Read more online.securityfocus.com: Lotus Domino MS-DOS Device Path Disclosure Vulnerability. Read more online.securityfocus.com: ZoneLabs ZoneAlarm MailSafe Extension Dot Filtering Bypass Vulnerability. Read more online.securityfocus.com: Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability. Read more online.securityfocus.com: Microsoft Internet Explorer Cascading Style Sheet File Disclosure Vulnerability. Read more online.securityfocus.com: Netware Remote Manager Authentication Buffer Overflow Vulnerability. Read more online.securityfocus.com: Sun Solaris XSun Color Database File Heap Overflow Vulnerability. Read more online.securityfocus.com: Oracle 8i TNS Listener Local Command Parameter Buffer Overflow Vulnerability. Read more Tarantella Security Bulletin #04 Incorrect file permissions during installation may allow a user to gain root privileges. Read more www.securiteam.com: Cisco Products found to Contain zlib Compression Library Vulnerability. Read more www.securiteam.com: Netware Remote Manager Found to Contain a Buffer Overflow. Read more www.securiteam.com: Cisco Secure ACS Web Server Found to Contain Vulnerabilities. Read more www.securiteam.com: Quik-Serv Web Server Arbitrary File Disclosure. Read more www.securiteam.com: FTGate PRO/Office Security Vulnerabilities (Released Hotfixes). Read more www.securiteam.com: Lotus Domino Physical Path Revealed. Read more www.securiteam.com: Huge Privacy Threats in Webmails and How Big Companies Handle Them. Read more www.securiteam.com: Dynamic Guestbook CSS and Arbitrary Command Execution. Read more www.securiteam.com: Multiple Vendor "talkd" User Validation Fault. Read more www.securiteam.com: Remote Buffer Overflow Vulnerability in IRIX SNMP Daemon. Read more zdnet.com.com: Sick of IE? Then try a new Web browser. Read more www.silicon.com: Cisco security not up to the job - Check Point. Read more www.computeruser.com: 'Rent-a-hacker' site says it offers cracking for hire. Read more www.nikkeibp.asiabiztech.com: Klez.E Virus Still Rampant on 6th of Month. Read more www.pcworld.com: PDASecure Keeps Microdrives Secure. Read more

04 April 2002 New trojan(s): Cyn 2.1 Netvaiser 2.09 Client Shipper 1.1 Server News: www.slipstick.com: Avoid WordMail to Lessen Impact of Outlook's Latest HTML Mail Vulnerability. Read more Cisco Security Advisory: Web Interface Vulnerabilities in Cisco Secure ACS for Windows. Read more online.securityfocus.com: Caldera OpenLinux StartKDE Script LD_LIBRARY_PATH Vulnerability. Read more online.securityfocus.com: Sambar Server Authentication Buffer Overflow Vulnerability. Read more www.blackhat.com: Black Hat Briefings (Vegas) Call for Papers. Read more www.itworld.com: Security researcher uncovers two Office XP flaws. Read more www.itworld.com: ISS: Worms overtake DoS as top attacks in 2002. Read more www.siliconvalley.com: Miami Judge Drops Hacker Conviction. Read more www.govexec.com: Army official warns that hackers could infiltrate battlefield. Read more www.zdnet.com: Why con artists are your biggest security threat. Read more www.aftenposten.no: Norway vulnerable to computer terror. Read more www.idg.net: Server port 80 plagues Internet security. Read more www.theregister.co.uk: US courts claim jurisdiction over Sklyarov. Read more www.themoscowtimes.com: Workers Are No. 1 Threat to Russia's IT. Read more www.nypost.com: LOSER LOVER JAILED FOR HACKING PAY FILES. Read more

03 April 2002 New trojan(s): Remote XS Onalf Server Radix Server News: www.insecure.org: Nmap 2.54BETA32 released. Read more www.edvicesecurity.com: Various Vulnerabilities in ZoneAlarm MailSafe. Read more www.nsfocus.com: Buffer overflow vulnerability in Xsun shiped with Solaris system. Read more agricola.myweb.nl: Creating an anti-virus rule in Outlook 2002 (XP). Read more online.securityfocus.com: Microsoft Office XP Spreadsheet Host().SaveAs() File Creation Vulnerability. Read more online.securityfocus.com: Microsoft Outlook 2002 HTML Mail Script Execution Vulnerability. Read more www.securitytracker.com: Microsoft Office XP Active Content Bug Lets Remote Users Cause Code to Be Executed on an Office User's Computer. Read more www.theregister.co.uk: MS security patch fails to work. Read more www.theregister.co.uk: Windows Messenger 'Trojan update'. Read more securityresponse.symantec.com: Microsoft Virtual Machine multiple flaws allow malicious control. Read more www.itworld.com: Security flaw in Cisco CallManager could lead to DoS. Read more www.silicon.com: Virus warning: it's MyLife. Read more techupdate.zdnet.com: MyLife worm mutating into new forms. Read more www.theregister.co.uk: Undead virus infects the dim-witted. Read more www.newsfactor.com: Whatever Happened to Carnivore? Read more www.linuxsecurity.com: Tales of a White Hat War Driver. Read more www.theregister.co.uk: Cumulative IE patch for malicious cookies. Read more www.pcmag.com: XML Security Risks. Read more www.nwfusion.com: Security researcher uncovers two Office XP flaws. Read more www.silicon.com: eBay locks down serious security hole. Read more news.com.com: eBay closes password option to plug hole. Read more linuxtoday.com: LinuxPR: Linux and BSD Security Workshop in Everett, Wash. Read more linuxtoday.com: NewsForge: Three of the Internet's Best Places to Get Started with Linux. Read more

02 April 2002 New trojan(s): Ducktoy 1.0 Starline 2.0 beta (complete) Wukaz 1.03 Server News: www.securitytracker.com: Caldera OpenLinux Name Service Cache Daemon (ncsd) Flaw May Let Users Spoof the DNS and Bypass Security Checks. Read more www.securiteam.com: Privacy Issues found in metor.com (A Search Engine). Read more www.securiteam.com: New Office XP Security Problems Discovered. Read more www.eweek.com: Warning: Any User Can 'Root' Win NT, 2000. Read more www.theregister.co.uk: Win-NT, 2K debug process gives up control. Read more asia.cnet.com: "Critical" holes trouble Microsoft. Read more asia.cnet.com: New antivirus software targets worm holes. Read more zdnet.com.com: Golden-oldie worms top the hit list. Read more www.fcw.com: DISA seeks detection system. Read more www.newsbytes.com: Government Agencies Exposed Internal Databases. Read more www.computeruser.com: Hackers, remote computing fuel security market, not 9-11. Read more www.gcn.com: CVE dictionary contains more than 2,000 entries. Read more

01 April 2002 New trojan(s): Sambus Arsd Diego Tool: Stealth Tools 2.0 by Gobo News: Georgi Guninski security advisory #53, 2002 More Office XP problems. Read more online.securityfocus.com: Always On, Always Vulnerable: Securing Broadband Connections. Read more online.securityfocus.com: ZeroForum User-Embedded Scripting Vulnerability. Read more www.securiteam.com: Anonymizer and MSIE Make Up a Bad Combination. Read more www.securiteam.com: Oracle9i TSN Vulnerable to a DoS Attack. Read more www.securiteam.com: PGP with Outlook Stores Password Pass Phrases in the Clear. Read more www.securiteam.com: WWWIsis Remote Command Execution and File Retrieval. Read more asia.cnet.com: "Critical" holes trouble Microsoft. Read more www.chron.com: Tracing terror's digital footprints. Read more www.cnn.com: U.S. government trains cyberdefenders. Read more zdnet.com.com: Europe falters on Echelon spy network. Read more news.scotsman.com: Data rape. Read more

Copyright� MegaSecurity.org