Home.

News Archive    Translate Traducen

News December 2002

30 december 2002 New Trojans: Akosch 2 client Cookie Monster 0.24 beta Gates of Hell 1.2 Vulnerabilities & Exploits: www.dsinet.org: Potential DOS attack with Web-CyrAdm. Read More online.securityfocus.com: Microsoft Windows File Protection Signed File Replacement Vulnerability. Read More online.securityfocus.com: Microsoft Windows File Protection Code-Signing Verification Weakness. Read More online.securityfocus.com: Microsoft Internet Explorer Multimedia Page Cross-Site Scripting Vulnerability. Read More www.securitytracker.com: PHP Buffer Overflow in Wordwrap() Function May Let Remote Users Crash the Server. Read More www.securitytracker.com: SkyStream Networks Edge Media Router (EMR-5000) Command Shell Buffer Overflow Lets Remote Authenticated Users Gain Root Privileges. Read More www.securitytracker.com: Typespeed Buffer Overflow May Let Local Users Obtain 'Games' Group Privileges. Read More www.securiteam.com: PHRACK #60 Has Been Released. Read More www.securiteam.com: PUTTY SSH-Client Exploit. Read More News: www.guninski.com: 2002 In review. Read More mdn.mainichi.co.jp: 'Big brother' data for entire town stolen. Read More www.gulf-news.com: Mideast firms urged to focus on e-security. Read More www.nypost.com: MAD HACKER: I'LL WRECK U.S. WITH �WAR' VIRUS. Read More

29 december 2002 New Trojans: MSN Trojan 4.0 Skun 0.1.5 Fearless Webdownloader 1.2 Vulnerabilities & Exploits: www.securitytracker.com: Microsoft Windows File Protection Mechanism Weakness in Trusting Code-Signing Certificate Chains Lets Arbitrary Remote Users Sign Code That Will Be Trusted By Windows. Read More www.securitytracker.com: Microsoft Windows File Protection Weakness May Let Local Users Replace Code With Previous Vulnerable Versions Without Detection. Read More www.securitytracker.com: Microsoft Internet Explorer Bug in Loading Multimedia Files May Let Remote Users Execute Arbitrary Scripting Code in Other Domains. Read More www.securitytracker.com: Monopd Game Server Buffer Overflow May Let Remote Users Execute Arbitrary Code on the System. Read More News: online.securityfocus.com: Former computer hacker granted radio license; may go back online next month. Read More www.nydailynews.com: Notorious hacker is back online. Read More www.bday.co.za: Hacker helps pupils view results. Read More www.theinquirer.net: Yahoo Chat could have a security problem. Read More hoovnews.hoovers.com: FBI sets up a cybercrime center in South Carolina. Read More www.washtimes.com: Hacker threat seen as overdone. Read More www.canada.com: Internet, key computer systems vulnerable to cyber attack, say experts. Read More www.zdnet.com.au: Threats move beyond Linux to Windows. Read More

28 december 2002 New Trojans: RBackdoor 1.2 Nethief 3.1 Vulnerabilities & Exploits: Internet Security Systems: Dynamic Trojan Horse Network Hybrid Threat Propagation. Read More online.securityfocus.com: ncftpd STAT File Globbing Remote Buffer Overflow Vulnerability. Read More online.securityfocus.com: MHonArc m2h_text_html Filter Cross Site Scripting Vulnerability. Read More online.securityfocus.com: Melange Chat System msgText Remote Buffer Overflow Vulnerability. Read More online.securityfocus.com: Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability. Read More online.securityfocus.com: HP JFS Improper Sticky Bit Functionality Vulnerability. Read More online.securityfocus.com: Microsoft Windows XP Wireless LAN AP Information Disclosure Vulnerability. Read More online.securityfocus.com: Eric S. Raymond Fetchmail Heap Corruption Vulnerability. Read More News: rtnews.globetechnology.com: Cyberspace sentinels brace for trouble. Read More

27 december 2002 New Trojans: NetMagik 1.6Xp DDoS Trojan 2.0 Invisible Activity Spy 2.2 Vulnerabilities & Exploits: News:

26 december 2002 New Trojans: Cold Fusion 1.0 Jesus Touch 1.5 Magic Link 1.2 Tools: MAC Changer. A GNU/Linux utility for viewing/manipulating the MAC address of network interfaces. Read More Nmap 3.10ALPHA9 is now available. Read More Vulnerabilities & Exploits: www.securitytracker.com: Xpdf 'pdftops' Integer Overflow May Let Remote Users Cause Arbitrary Code to Be Executed By a Target User. Read More www.securitytracker.com: Common UNIX Printing System (CUPS) 'pdftops' Integer Overflow May Let Remote Users Cause Arbitrary Code to Be Executed By a Target User. Read More www.securitytracker.com: MATLAB Unsafe Temporary Files Lets Local Users Overwrite Certain Files or Cause Target Users to Execute Arbitrary Code. Read More www.securitytracker.com: Junkbuster Proxy Default Configuration on Red Hat Linux Lets Remote Users Send SPAM Via the Proxy. Read More www.securitytracker.com: PHP-Nuke Discloses Installation Path to Remote Users. Read More www.securitytracker.com: Hyperion FTP Server Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read More www.securitytracker.com: Apache 'printenv' Script Input Validation Bugs in Older Versions May Let Remote Users Conduct Cross-Site Scripting Attacks. Read More www.securitytracker.com: Chetcpasswd.cgi Bugs May Disclose Some Shadow Password File Contents to Remote Users and May Let Local Users Grab Root Privileges. Read More www.securiteam.com: zkfingerd Remote Exploit. Read More www.securiteam.com: Melange Chat System Remote Exploit Code Released. Read More www.securiteam.com: Multiple Buffer overruns RealNetworks Helix Universal Server. Read More www.securiteam.com: Polycom Video Conference System Management Server Authentication Bypass Vulnerability. Read More www.securiteam.com: ProFTPD Long Password Crash. Read More News: www.pcmag.com: Security Alert: Beware Nasty Flash 'Toons. Read More online.securityfocus.com: XP audio vuln shout goes out. Read More www.eweek.com: Microsoft Users Upset With 'Security Updates'. Read More www.net-security.org: Interview with Bob Toxen. Read More star-techcentral.com: Hack, the herald angels sing! Read More www.washtimes.com: Hacker threat seen as overdone. Read More www.newsre.com: Number of Hacking Web Sites Grows 45 Percent. Read More

25 december 2002 New Trojans: Theef 2.00 Beta 0.3 Public LANfiltrator 1.0 fixed Nethief 1.3 Vulnerabilities & Exploits: www.idefense.com: Integer Overflow in pdftops. Read More Debian Security Advisory: DSA-216-1 fetchmail -- buffer overflow. Read More online.securityfocus.com: W-Agora EditForm.PHP Cross-Site Scripting Vulnerability. Read More online.securityfocus.com: W-Agora EditForm.PHP PHP Include Vulnerability. Read More online.securityfocus.com: CUPS Negative Length HTTP Header Vulnerability. Read More online.securityfocus.com: Multiple Vendor X Font Server Remote Buffer Overrun Vulnerability. Read More online.securityfocus.com: Interbase GDS_Lock_MGR Interbase Environment Variable Buffer Overflow Vulnerability. Read More online.securityfocus.com: Multiple Vendor SSH2 Implementation Incorrect Field Length Vulnerabilities. Read More online.securityfocus.com: Multiple Vendor SSH2 Implementation Buffer Overflow Vulnerabilities. Read More online.securityfocus.com: Multiple Vendor SSH2 Implementation Empty Elements / Multiple Separator Vulnerabilities. Read More online.securityfocus.com: Multiple Vendor SSH2 Implementation Null Character Handling Vulnerabilities. Read More www.macromedia.com: Macromedia Flash Malformed Header Vulnerability Issue. Read More News: linuxtoday.com: ZDNet Australia: Trojan Horses Plague Open Source. Read More www.pcmag.com: Security Alert: Beware Nasty Flash 'Toons. Read More news.com.com: A happy New Year for hacker Mitnick. Read More www.eweek.com: Microsoft Security Guru Leaves Post. Read More www.dailymail.com: County vulnerable to hackers. Read More

24 december 2002 New Trojans: Magic Link 1.66 Trojan Spirit 2001a Beta Edition GOP 1.2 Vulnerabilities & Exploits: Debian Security Advisory: DSA-215-1 cyrus-imapd -- buffer overflow. Read More www.iss.net: SuSE gfxmenu could allow a local attacker to bypass. Read More www.securitytracker.com: Axis Network Camera and Other Devices May Let Remote Users Execute Arbitrary Code. Read More www.securitytracker.com: KDE Input Validation Vulnerabilities May Let Remote Users Execute Arbitrary Commands on the System. Read More www.securitytracker.com: Captaris Infinite WebMail Server Input Validation Flaws Let Remote Users Conduct Cross-Site Scripting Attacks. Read More www.securityfocus.com: Top Attacks for the 1st Quarter 2002. Read More News: www.silicon.com: Users warned over IE clipboard exploit. Read More www.stjoenews-press.com: St. Joseph man held as hacker. Read More online.securityfocus.com: STMPClean Race Condition Vulnerability. Read More hoovnews.hoovers.com: The Observer: Cyber thieves net millions as Christmas shoppers go online. Read More www.wnbc.com: Queens Hacker Arrested For Stealing Kinko's Credit-Card Numbers. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 23, 2002. Read More

23 december 2002 New Trojans: TrojMax 2.0 NETMagik 1.5 LittleBusters 1.0 Tool: sourceforge.net: Winfingerprint 0.5.5 Winfingerprint is a Win32 MFC VC++ .NET based security tool that is able to Determine OS, enumerate users, groups, shares, SIDs, transports, sessions, services, service pack and hotfix level, date and time, disks, and open tcp and udp ports. Read More Vulnerabilities & Exploits: www.securitytracker.com: PHP-Nuke Mail Feature CR-LF Injection Bug Lets Remote Users Send E-mail Via the System. Read More www.securitytracker.com: Polycom ViewStation FX Discloses Administrator Password to Remote Users. Read More www.securitytracker.com: Cisco IOS Routers Can Be Made to Consume All Available Bandwidth By Remote Users Sending Spoofed EIGRP Announcements. Read More www.securiteam.com: Microsoft Hotmail Cross-Site Scripting (XSS) Flaws. Read More www.securiteam.com: Remote Heap malloc/free and Multiple Overflow Vulnerability in WSMP3 (Exploit). Read More www.securiteam.com: XSS Vulnerabilities in Oracle Website. Read More www.securiteam.com: Security Problems Found with mkstemp(). Read More www.i-security.nl: Cobalt RaQ 4 and possibly others overflow.cgi remote root exploit which takes advantage of a flaw in the Security Hardening Package. Read More News: online.securityfocus.com: 'Twas the Night Before Christmas, 2002. Read More online.securityfocus.com: A Year-end Mailbag. Read More www.betanews.com: Symantec Invites pcAnywhere 11.0 Testers. Read More cryptome.org: Mole hunt at Foreign Office to find internet leaker. Read More

22 december 2002 New Trojans: KoreTek 1.4 HoaVeLu 2.0 client iSpyNow 2.0 Tool: sniffdet.sourceforge.net: SniffDet - Remote Sniffer Detection Tool/Library. Read More rpcap.sourceforge.net: RPCAP, Remote Packet Capture System. Read More Vulnerabilities & Exploits: www.securitytracker.com: nCipher PKCS#11 Library Access Control Bugs May Let Users Obtain Plaintext Keys. Read More www.securitytracker.com: Cisco IOS Operating System Has SSH Bugs That Allow Remote Users to Cause the Device to Reboot. Read More www.securitytracker.com: Open WebMail Input Validation Bug Lets Local Users and Certain Remote Users Execute Code With Root Privileges. Read More www.securitytracker.com: OKENA StormWatch Default Configuration Error Gives Remote Users Adminstrative Access to the Database. Read More www.securitytracker.com: Common UNIX Printing System (CUPS) Has Multiple Bugs That Let Remote and Local Users Gain Root Privileges on the System. Read More www.securitytracker.com: Winamp Audio Player Buffer Overflows Let Remote Users Execute Arbitrary Code. Read More News: www.newsday.com: Hacker admits to downloading information from Kinko's computers. Read More www.stjoenews-press.com: St. Joseph man held as hacker. Read More www.lightreading.com: Picolight Site Hacked. Read More

21 december 2002 New Trojans: Beast 1.9 Beast 1.8 version b Stealth Recorder 2.0 Vulnerabilities & Exploits: www.securitytracker.com: Microsoft Windows XP Shell Buffer Overflow in Processing Audio Files Allows Remote Users to Execute Arbitrary Code. Read More Debian Security Advisory: DSA-214-1 kdnetwork -- buffer overflows. Read More News: www.silicon.com: Welsh virus writer infects 27,000. Read More www.hindustantimes.com: Briton admits creating notorious computer viruses. Read More www.internetwk.com: Report: Bush Administration Plans Mandatory Government Internet Monitoring. Read More online.securityfocus.com: White House: Internet monitoring center wouldn't spy on e-mails. Read More abcnews.go.com: Thieves Using Cyber-Methods to Commit Brick-and-Mortar Crime. Read More

20 december 2002 New Trojans: MoSucker 3.0 (b) DataRape 1.3 DataRape 1.2 modified server Vulnerabilities & Exploits: www.idefense.com: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS). Read More www.securitytracker.com: TYPSoft FTP Server Failure to Filter '...' Strings Lets Remote Users View Arbitrary Directory Listings. Read More www.securitytracker.com: Melange Chat System Buffer Overflow Lets Remote Users Execute Arbitrary Code on the System. Read More www.securitytracker.com: LocalWEB2000 Web Server Discloses Plaintext Passwords to Remote Users. Read More www.securitytracker.com: CartMan Shopping Cart Lets Remote Users Modify Prices of Items in Their Shopping Basket. Read More www.securitytracker.com: SpeedProject's SpeedCommander Input Validation Flaw May Let Malicious 'tar' Archives Overwrite or Create Arbitrary Files When Expanded. Read More www.securitytracker.com: SpeedProject's Squeez Input Validation Flaw May Let Malicious 'tar' Archives Overwrite or Create Arbitrary Files When Expanded. Read More www.securitytracker.com: Aladdin ZipMagic Input Validation Flaw May Let Malicious 'tar' Archives Overwrite or Create Arbitrary Files When Expanded. Read More www.securitytracker.com: PKZIP Input Validation Flaw May Let Malicious 'tar' Archives Overwrite or Create Arbitrary Files When Expanded. Read More www.securitytracker.com: WinZip Input Validation Flaw May Let Malicious 'tar' Archives Overwrite or Create Arbitrary Files When Expanded. Read More www.securitytracker.com: GNU 'cpio' Input Validation Flaw May Let Malicious 'tar' Archives Overwrite or Create Arbitrary Files When Expanded. Read More www.securitytracker.com: Linux 2.2 Kernel Bug in /proc/pid/mem mmap() Interface May Let Local Users Crash the System. Read More www.securitytracker.com: Community Wizard Input Validation Flaw Lets Remote Users Inject SQL Commands. Read More www.securitytracker.com: GoAhead Web Server Discloses Script Source Code to Remote Users. Read More News: europe.cnn.com: E-card virus warning for Christmas. Read More www.wired.com: Beware the Latest MP3 Worms. Read More www.internetwk.com: Iraq_Oil Virus Finds New Way Of Spreading. Read More www.tomshardware.com: Software Hackers 1, DCMA 0. Read More www.theinquirer.net: MP3 bug in Windows XP desktop affects security - critically. Read More news.com.com: Microsoft flaws could hit music traders. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 19, 2002. Read More

19 december 2002 New Trojans: MyCenter Prosty Frapes 0.14 Tool: www.insecure.org: Nmap 3.10ALPHA7 Released. Read More Vulnerabilities & Exploits: www.securitytracker.com: Zkfingerd Daemon Unsafe Syslog Call Lets Remote Users Execute Arbitrary Code. Read More www.securitytracker.com: PFinger Daemon Format String Bug May Let Remote Users Execute Arbitrary Code in Certain Cases. Read More www.securitytracker.com: Xerces XML Parser Bug in Handling DTDs May Let Users Cause Denial of Service Conditions. Read More www.securitytracker.com: Sybase EAServer Bug in Parsing XML DTDs May Let Remote Users Crash the Server. Read More www.securitytracker.com: Symantec VelociRaptor Firewall Buffer Overflow in RealAudio Proxy Allows Remote Users to Deny Service and Possibly Execute Arbitrary Code on the Firewall. Read More www.securitytracker.com: Symantec Enterprise Firewall Buffer Overflow in RealAudio Proxy Allows Remote Users to Deny Service and Possibly Execute Arbitrary Code on the Firewall. Read More www.securitytracker.com: SSH Communications SSH Client and Server SSH2 Implementation Bugs May Allow Remote Denial of Service or Code Execution. Read More www.securitytracker.com: F-Secure SSH Client and Server SSH2 Implementation Bugs May Allow Remote Denial of Service or Code Execution. Read More www.securitytracker.com: Cryptainer Discloses Password in Memory to Local Users. Read More News: Microsoft Security Bulletin MS02-072 Unchecked Buffer in Windows Shell Could Enable System Compromise (329390). Read More www.zdnet.com.au: Vulnerability compromises Explorer multimedia handling. Read More www.vnunet.com: Users bemoan Microsoft's security initiatives. Read More www.vnunet.com: Klez wins virus of the year. Read More www.silicon.com: 'Flash!' Aaargghh... here to hack every one of us. Read More itmanagement.earthweb.com: Worm Spreads Without Help From Email, Web. Read More www.thestate.com: Computer crime center opens. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 18, 2002. Read More

18 december 2002 New Trojans: DKangel 2.51 server masterU Tight VNC 1.2.1 Vulnerabilities & Exploits: The Evolution of Cross-Site Scripting Attacks (pdf). Read More online.securityfocus.com: MyPHPSoft MyPHPLinks SQL Injection Administration Bypassing Vulnerability. Read More online.securityfocus.com: Bea Systems WebLogic Xerces XML Parser Denial Of Service Vulnerability. Read More www.securitytracker.com: MyPHPLinks Input Validation Flaw Lets Remote Users Inject SQL Characters to Gain Administrative Access on the Application. Read More www.securiteam.com: XSS Vulnerability Found in Cisco Website. Read More www.securiteam.com: Vulnerabilities in SSH2 Implementations from Multiple Vendors. Read More www.securiteam.com: TYPSoft FTP Server Directory Traversal Vulnerability. Read More www.securiteam.com: Macromedia Shockwave Flash Malformed Header Overflow (Additional problems). Read More News: www.pcworld.com: 'Iraq Oil' Worm Oozes Onto the Net. Read More www.informationweek.com: New Virus Attacks Windows 2000, XP Machines. Read More www.smh.com.au: New Windows network worm detected. Read More www.internetweek.com: Flash Has Security Hole, But Fix Is Offered. Read More www.pcpro.co.uk: Secure Shell found to be not so secure. Read More linuxtoday.com: Two Book Reviews on Wireless Security and Crackproof Software. Read More www.siliconvalley.com: High school student earns A in hacking. Read More www.chron.com: Prosecutors don't seek jail for hacker `DVD Jon'. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 17, 2002. Read More

17 december 2002 New Trojans: Sonick Trojan 2.0 UpFucker Backdoor 1.0 Invisible Activity Spy 2.1 Vulnerabilities & Exploits: bvlive01.iss.net: Internet Security Systems Security Alert Summary AS02-50. Read More www.nextgenss.com: PFinger Format String vulnerability. Read More www.nextgenss.com: zkfingerd Format String vulnerability. Read More www.rapid7.com: Vulnerabilities in SSH2 Implementations from Multiple Vendors. Read More www.nii.co.in: Password Disclosure in Cryptainer. Read More online.securityfocus.com: LogiSense Hawk-i Login SQL Injection Vulnerability. Read More online.securityfocus.com: WGet NLST Client Side File Overwriting Vulnerability. Read More online.securityfocus.com: Halcyon Software iASP File Disclosure Vulnerability. Read More online.securityfocus.com: XOOPS Information Disclosure Vulnerability. Read More online.securityfocus.com: mICQ Denial Of Service Vulnerability. Read More online.securityfocus.com: EServ Buffer Overflow Vulnerability. Read More News: star-techcentral.com: E-mail viruses double in 2002. Read More www.newhousenews.com: Who Is Liable When Hackers Breach Software Security? Read More www.smh.com.au: Virus warning: old wine in new bottles. Read More www.eweek.com: Researchers Warn of Serious SSH Flaws. Read More www.theregister.co.uk: Home user insecurity spurs email virus growth in 2002. Read More www.theregister.co.uk: Your Microsoft critical security patches tonight. Read More www.internetweek.com: Microsoft Gets Serious About Web Service Security. Read More news.bbc.co.uk: E-mail security warning for MPs. Read More triangle.bizjournals.com: High risk for cyber attack. Read More www.eweek.com: Feds Call for Security Help. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 16, 2002. Read More

16 december 2002 New Trojans: Sweet Heart 1.0 version b DarkSky 1.0 version b Cang Vulnerabilities & Exploits: online.securityfocus.com: Symantec Enterprise Firewall RealAudio Proxy Buffer Overflow Vulnerability. Read More online.securityfocus.com: Overkill Remote Buffer Overflow Vulnerability. Read More online.securityfocus.com: Lynx Command Line URL CRLF Injection Vulnerability. Read More online.securityfocus.com: Mambo Site Server Account Registration HTML Injection Vulnerability. Read More online.securityfocus.com: Mambo Site Server Path Disclosure Vulnerability. Read More online.securityfocus.com: Mambo Site Server PHPInfo.PHP Information Disclosure Vulnerability. Read More online.securityfocus.com: Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability. Read More online.securityfocus.com: Webshots Desktop Screen Saver Password Bypassing Vulnerability. Read More online.securityfocus.com: Mod_SSL Wildcard DNS Cross Site Scripting Vulnerability. Read More online.securityfocus.com: Macromedia Flash Unspecified SWF Buffer Overflow Vulnerability. Read More online.securityfocus.com: Apache Server Side Include Cross Site Scripting Vulnerability. Read More online.securityfocus.com: VIM ModeLines Arbitrary Command Execution Vulnerability. Read More online.securityfocus.com: Apache Web Server Scoreboard Memory Segment Overwriting SIGUSR1 Sending Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine Java Object Instantiation Denial Of Service Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine Standard Security Manager Access Validation Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine user.dir Access Information Disclosure Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine JDBC API Access Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine URL Parsing Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine CODEBASE Parameter File Disclosure Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine COM Object Access Validation Vulnerability. Read More online.securityfocus.com: Safe.PM Unsafe Code Execution Vulnerability. Read More online.securityfocus.com: Deerfield VisNetic WebSite Cross Site Scripting Vulnerability. Read More online.securityfocus.com: Microsoft Internet Explorer PNG Deflate Heap Corruption Vulnerability. Read More online.securityfocus.com: Microsoft Windows SMB Signing Vulnerability. Read More online.securityfocus.com: Microsoft Java Virtual Machine Multiple Vulnerabilities. Read More online.securityfocus.com: Microsoft Windows Window Message Subsystem Design Error Vulnerability. Read More online.securityfocus.com: Microsoft Windows 2000/XP NetDDE Privilege Escalation Vulnerability. Read More www.securitytracker.com: Stryon Instant ASP (iASP) Input Validation Flaw Discloses Files on the System to Remote Users. Read More www.securitytracker.com: Eserv Boundary Error Lets Remote Users Crash the Mail, News, Web, and FTP Services. Read More www.securitytracker.com: Fetchmail Buffer Overflow in Processing Addresses Lets Remote Users Execute Arbitrary Code on the System. Read More www.securiteam.com: Multiple Mambo Site Server Security Weaknesses. Read More www.securiteam.com: Remote Console Applet Allows Remote File Retrieval. Read More www.securiteam.com: VisNetic WebSite XSS vulnerability through HTTP Referer header. Read More www.securiteam.com: Eserv Remote Denial of Service (5mb HELO). Read More www.securiteam.com: MyPHPLinks Vulnerable to SQL Injection. Read More www.securiteam.com: gfxboot Allows Boot Password Circumvention. Read More News: www.ananova.com: 'Big increase in e-mail viruses'. Read More www.counterpane.com: Fun with Vulnerability Scanners. Read More www.counterpane.com: ECHELON Technology. Read More www.counterpane.com: The Fallacy of Cracking Contests. Read More

15 december 2002 New Trojans: Bouffe Troyen 1.0 BlueAdeptz (test 02) Storm DDOS Attack 1.2 Vulnerabilities & Exploits: online.securityfocus.com: Cobalt RaQ4 Administrative Interface Command Execution Vulnerability. Read More online.securityfocus.com: Deerfield VisNetic Website OPTIONS Memory Corruption Vulnerability. Read More online.securityfocus.com: GNU SharUtils UUDecode Symbolic Link Attack Vulnerability. Read More online.securityfocus.com: Macromedia JRun 4/ColdFusion MX XML Parser Denial Of Service Vulnerability. Read More online.securityfocus.com: Gordano Mail Server 'rword' Filter Bypass Vulnerability. Read More online.securityfocus.com: Multiple Unspecified RealOne Player Buffer Overflow Vulnerabilities. Read More online.securityfocus.com: dvips Arbitrary Command Execution Vulnerability. Read More online.securityfocus.com: Multiple Vendor FTP Client Side File Overwriting Vulnerability. Read More online.securityfocus.com: myServer File Disclosure Vulnerability. Read More online.securityfocus.com: HP-UX Visualize Conference Insecure Default Permissions Vulnerability. Read More online.securityfocus.com: Cisco OSM Line Cards Denial Of Service Vulnerability. Read More online.securityfocus.com: Sun Solaris Network Interface Denial Of Service Vulnerability. Read More online.securityfocus.com: Trend Micro PC-cillin Mail Scanner Buffer Overflow Vulnerability. Read More online.securityfocus.com: HP-UX xntpd Unspecified Denial Of Service Vulnerability. Read More online.securityfocus.com: Samba Server Encrypted Password Buffer Overrun Vulnerability. Read More online.securityfocus.com: Zeus Web Server Admin Interface Cross Site Scripting Vulnerability. Read More online.securityfocus.com: PADL Software nss_ldap DNS Buffer Overflow Vulnerability. Read More www.securitytracker.com: Macromedia ColdFusion Server Bug In Parsing XML DTDs May Let Remote Users Crash the Server. Read More www.securitytracker.com: Macromedia JRun Server Bug In Parsing XML DTDs May Let Remote Users Crash the Server. Read More www.securitytracker.com: Macromedia Flash Player Buffer Overflow in Processing Flash Headers Allows Remote Users to Execute Arbitrary Code. Read More www.securitytracker.com: vBulletin Forum Fails to Filter Scripting Code From Certain HTML Tags, Permitting Cross-Site Scripting Attacks. Read More www.securitytracker.com: Mambo Site Server Content Management System Has Multiple Bugs That May Let Remote Users Gain Access to the Database. Read More www.securitytracker.com: RealNetworks Helix Universal Server Has Unspecified Vulnerabilities. Read More www.securitytracker.com: MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts. Read More News: firstmonday.org: Analysis of Defacement of Indian Web Sites. Read More www.thescotsman.co.uk: Angry Kuwaiti hacker launches cyber attack. Read More www.eweek.com: New Language Assesses Software Flaws. Read More www.theregister.co.uk: All bugs are created equal. Read More

14 december 2002 New Trojans: Reverse Trojan 2.12 Magic Link 1.3 Jad 1.1 Vulnerabilities & Exploits: security.e-matters.de: Fetchmail remote vulnerability. Read More online.securityfocus.com: TCPDump Memory Corruption Vulnerability. Read More online.securityfocus.com: Kunani FTP File Disclosure Vulnerability. Read More online.securityfocus.com: GTetrinet Multiple Remote Buffer Overflow Vulnerabilities. Read More online.securityfocus.com: Canna Server Denial Of Service Vulnerability. Read More online.securityfocus.com: Sun/Netscape Java Virtual Machine Bytecode Verifier Vulnerability. Read More online.securityfocus.com: Canna Server Local Buffer Overflow Vulnerability. Read More www.securitytracker.com: Microsoft Windows OS Bug in Processing WM_TIMER Messages May Let Local Users Gain Elevated Privileges. Read More www.securitytracker.com: Microsoft SMB Signing Flaw May Let Remote Users With Access to an SMB Session Gain Control of a Network Client. Read More www.securitytracker.com: BEA WebLogic Bug In Parsing XML DTDs May Let Remote Users Crash the Server. Read More www.securitytracker.com: Several FTP Clients Have an Input Validation Flaw That May Let Malicious Servers Write Files to Arbitrary Locations. Read More www.securitytracker.com: Wget FTP Client Input Validation Flaw May Let Malicious Servers Write Files to Arbitrary Locations. Read More www.securitytracker.com: Multi-Tech ProxyServer Default Configuration Gives Remote Users Control of the System. Read More www.securitytracker.com: VisNetic WebSite Web Server Software Can Be Crashed By Remote Users. Read More www.securitytracker.com: RealOne Player Has Multiple, Unspecified Buffer Overruns That May Let Remote Users Execute Arbitrary Code. Read More www.securitytracker.com: Cisco IOS With Optical Service Module (OSM) Line Cards Can Be Crashed By Remote Users on the Local Network. Read More www.securitytracker.com: HP-UX Visualize Conference Unsafe File Permissions May Let Local Users Gain Elevated Privileges. Read More www.securitytracker.com: Xntpd Time Daemon on HP-UX May Crash or Degrade. Read More www.securitytracker.com: myServer Web Server Input Validation Flaw Discloses Files on the System to Remote Users. Read More News: zdnet.com.com: Week in review: More security flaws. Read More zdnet.com.com: Spam headaches bring more pain. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 13, 2002. Read More

13 december 2002 New Trojans: Exception manager Depth Charge 1.0 Beta 2 LazyAdmin 1.42 Vulnerabilities & Exploits: www.guninski.com: Some vim problems, yet still vim much better than windows. Read More Debian Security Advisory DSA-208-1 perl -- broken safe compartment. Read More Debian Security Advisory DSA-205-1 gtetrinet -- buffer overflow. Read More Debian Security Advisory DSA-206-1 tcpdump -- denial of service. Read More Debian Security Advisory DSA-207-1 tetex-bin -- arbitrary command execution. Read More security.e-matters.de: Multiple MySQL vulnerabilities. Read More www.securitytracker.com: Apt-www-proxy Server Format String Hole Lets Remote Users Execute Arbitrary Commands. Read More www.securitytracker.com: Kunani FTP Server Input Validation Flaw Discloses Files on the System to Remote Users. Read More www.securitytracker.com: Trend Micro OfficeScan Buffer Overflow May Let Local Users Gain Elevated Privileges. Read More www.securitytracker.com: Trend Micro PC-cillin Scanner Buffer Overflow May Let Local Users Gain Elevated Privileges. Read More www.securiteam.com: OSM Line Card Header Corruption Vulnerability. Read More www.securiteam.com: MTPSR1-120 Firewall Proxy Configuration Software Insecurity. Read More www.securiteam.com: Kunani FTP Server Vulnerable to a Directory Traversal Attack. Read More www.securiteam.com: Directory Traversing Vulnerability in 'myServer' Web Server. Read More www.securiteam.com: Enceladus Server Directory Traversal Vulnerability. Read More www.securiteam.com: Flaw in SMB Signing Could Enable Group Policy to be Modified. Read More News: www.itconsultantmagazine.com: Is remote admin software cause for concern? Read More www.net-security.or: New "Prestige" Worm Uses Social Engineering. Read More www.zdnet.com.au: IDC: Cyberterror to hit in 2003. Read More www.theregister.co.uk: Your Microsoft critical security patches tonight. Read More www.informationweek.com: Microsoft Patches Eight New Security Holes. Read More quote.bloomberg.com: Microsoft Says Windows Is Susceptible to Takeover Bug (Update1). Read More www.tennessean.com: Hacker routed online paper to porn site, publisher says. Read More www.canada.com: Wardriving for Wi-Fi. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 12, 2002. Read More

12 december 2002 New Trojans: Freak 1.0 SlimFTP 3.12 Tourniquet 1.1.667 NetDown 1.0 Vulnerabilities & Exploits: www.eeye.com: PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability. Read More www.krusesecurity.dk: VisNetic WebSite Denial of Service. Read More online.securityfocus.com: KisMac Insecure File Permissions Vulnerability. Read More online.securityfocus.com: Ultimate PHP Board ViewTopic.PHP Cross Site Scripting Vulnerability. Read More online.securityfocus.com: Ultimate PHP Board ViewTopic.PHP Directory Contents Browsing Vulnerability. Read More online.securityfocus.com: Ultimate PHP Board Add.PHP Path Disclosure Vulnerability. Read More www.securitytracker.com: Enceladus Server Suite Buffer Overflow Lets Remote Users Execute Arbitrary Code on the System. Read More www.securitytracker.com: Ikonboard Input Filtering Bug in Photo URL and Another Field Allows Cross-Site Scripting Attacks. Read More www.securitytracker.com: OpenLDAP2 Libraries Have Unspecified Buffer Overflows That May Allow Remote Users to Execute Arbitrary Code. Read More www.securiteam.com: Directory Traversal Vulnerabilities in FTP Clients. Read More www.securiteam.com: Enceladus Server Suite Buffer Overflow Vulnerability. Read More News: Virus Alert: WORM_WINEVAR.A This destructive Internet worm runs on all Windows platforms. This worm propagates using its own SMTP or Simple Mail Transfer Protocol engine and sends email to addresses it gathers from HTML files on the infected system. This worm sends email using a known exploit that causes the attachment to automatically execute when the message is viewed or previewed on Internet Explorer-based email clients, such as Microsoft Outlook and Outlook Express. This exploit is known as Automatic Execution of Embedded MIME type. It is capable of terminating certain monitoring programs and antivirus products from memory. Upon restart, this worm deletes all files from local drives, except files that are currently running on the system. Read More Microsoft Security Bulletin MS02-071 Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310). Read More Microsoft Security Bulletin MS02-069 Flaw in Microsoft VM Could Enable System Compromise (810030). Read More Microsoft Security Bulletin MS02-070 Flaw in SMB Signing Could Enable Group Policy to be Modified (309376). Read More online.securityfocus.com: Rooting Out Corrupted Code. Read More zdnet.com.com: Researchers seek to "throttle" worms. Read More www.newsfactor.com: Trojans Declare War on PC Users. Read More asia.cnn.com: eBay warns users of Net scam. Read More straitstimes.asia1.com.sg: China's great firewall really works. Read More www.silicon.com: Teen hacker faces two years for DeCSS 'offence'. Read More zdnet.com.com: Gov't tightens its case in hacking trial. Read More www.hoosiertimes.com: 'Hackers' eyes cutting-edge subculture. Read More zdnet.com.com: IT users in password hell. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 11, 2002. Read More

11 december 2002 New Trojans: Cyanure 1.0 HLS Heroin Injector 2.0 Master Vulnerabilities & Exploits: online.securityfocus.com: KisMac Insecure File Permissions Vulnerability. Read More online.securityfocus.com: Fortres 101 Software Disabling Protection Circumventing Vulnerability. Read More online.securityfocus.com: Apple Mac OS X Directory Kernel Panic Denial Of Service Vulnerability. Read More online.securityfocus.com: Groff Pre-Processor Buffer Overflow Vulnerability. Read More www.securitytracker.com: Ultimate PHP Board Discloses Path to Remote Users and Allows Cross-Site Scripting Attacks. Read More www.securitytracker.com: TFTPD32 FTP Server Can Be Crashed By Remote Authenticated Users Requesting DOS Devices. Read More www.securitytracker.com: APBoard Forum Access Control Bug in 'useraction.php' May Let Remote Users Subscribe to Intenal Forum Message Threads. Read More News: wichita.bizjournals.com: SC Telcom hit by international hackers. Read More www.theregister.co.uk: DALnet debilitated by DoS attacks. Read More www.wired.com: Hackers Want Their Prize Money. Read More www.eweek.com: Patch as Patch Can. Read More www.msnbc.com: Elaborate credit card con still works. Read More www.theregister.co.uk: Hi-tech crime threatens UK plc - survey. Read More www.wired.com: Complex Networks Too Easy to Hack. Read More news.com.com: Testimony ends in Adobe hacking trial. Read More www.internetweek.com: Microsoft Ups Rating of IE Security Flaw's Severity. Read More www.techtv.com: The Latest Hacker Techniques. Read More www.idg.net: Next Year's Hot Security Tools. Read More news.com.com: Code cracking in court. Read More news.com.com: Web filters blocking health sites. Read More www.wired.com: Raided Firm's Software Checks Out. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 10, 2002. Read More

10 december 2002 New Trojans: Remote Hack 1.6 Beta WM Chat System 1.1 REA2 Vulnerabilities & Exploits: online.securityfocus.com: APBoard Unauthorized Thread Reading Vulnerability. Read More online.securityfocus.com: Multiple Vendor X Font Server Remote Buffer Overrun Vulnerability. Read More online.securityfocus.com: Calisto Internet Talker Denial Of Service Vulnerability. Read More online.securityfocus.com: SuSE GNUPlot French Documentation Buffer Overflow Vulnerability. Read More online.securityfocus.com: OpenLDAP Multiple Buffer Overflow Vulnerabilities. Read More online.securityfocus.com: Sapio WebReflex Directory Traversal Vulnerability. Read More online.securityfocus.com: LPRNG html2ps Remote Command Execution Vulnerability. Read More online.securityfocus.com: Debian Internet Message Insecure Temporary File Creation Vulnerability. Read More online.securityfocus.com: Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability. Read More online.securityfocus.com: Apache Web Server Scoreboard Memory Segment Overwriting SIGUSR1 Sending Vulnerability. Read More online.securityfocus.com: Apache Server Side Include Cross Site Scripting Vulnerability. Read More online.securityfocus.com: Cobalt RaQ4 Administrative Interface Command Execution Vulnerability. Read More online.securityfocus.com: Akfingerd File Disclosure Vulnerability. Read More online.securityfocus.com: Akfingerd Local Denial Of Service Attack. Read More online.securityfocus.com: Akfingerd Remote Denial Of Service Vulnerability. Read More online.securityfocus.com: Samba Server Encrypted Password Buffer Overrun Vulnerability. Read More online.securityfocus.com: KDE KIO Subsystem Network Protocol Implementation Arbitrary Command Execution Vulnerability. Read More online.securityfocus.com: Exim Internet Mailer Format String Vulnerability. Read More online.securityfocus.com: Microsoft Windows XP Wireless LAN AP Information Disclosure Vulnerability. Read More News: europe.cnn.com: Teen hacker denies DVD pirating. Read More news.com.com: Sklyarov testifies in copyright trial. Read More news.com.com: Germany cautious on Microsoft security. Read More www.theregister.co.uk: Web pedos crack into corporate servers. Read More www.jsonline.com: The good and bad of computer hacking. Read More www.smh.com.au: More spam, less viruses - stats tell the tale. Read More europe.cnn.com: FBI: Hacker stole 80,000 credit cards. Read More www.theregister.co.uk: Organised Net crime rising sharply - top UK cop. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 9, 2002. Read More

09 december 2002 New Trojans: Remote Operations 2.4 LazyAdmin 1.1 TrojMax Vulnerabilities & Exploits: www.securitytracker.com: Mac OS X Can Be Crashed By Local Users. Read More WebReflex Web Server Discloses Arbitrary Files on the System to Remote Users. Read More www.securiteam.com: Cobalt RaQ4 Remote Root Exploit (overflow.cgi). Read More www.securiteam.com: Lawson Financials RDBMS Insecurity. Read More www.securiteam.com: Proxy Vulnerability in TrendMicro InterScan VirusWall. Read More www.securiteam.com: WebReflex Directory Traversal Vulnerability. Read More www.securiteam.com: Bypassing Pedestal Software Integrity Protection Driver (Time Vulnerability). Read More www.securiteam.com: Local Netfilter / IPTables IP Queue PID Wrap Flaw. Read More www.securiteam.com: Local Root Vulnerability Found in Exim (pid_file_path). Read More www.securiteam.com: SAP Database Local Root via Symlink. Read More www.securiteam.com: SquirrelMail XSS Vulnerabilities. Read More News: www.zdnet.com.au: Microsoft: IE hole worse than reported. Read More www.haaretzdaily.com: Hacker suspected of stealing data from American company. Read More www.sfgate.com: Hacker hero and Hollywood nemesis _ a Norwegian teenager _ goes on trial. Read More online.securityfocus.com: Barbarians at the Gate: An Introduction to Distributed Denial of Service Attacks. Read More

08 december 2002 New Trojans: R0xr4t 1.2 Mutant Version Niklaus Majesty Vulnerabilities & Exploits: online.securityfocus.com: Apache/Tomcat Mod_JK Chunked Encoding Denial Of Service Vulnerability. Read More online.securityfocus.com: ISC BIND SIG Cached Resource Record Buffer Overflow Vulnerability. Read More online.securityfocus.com: ISC BIND DNS Resolver Buffer Overflow Vulnerability. Read More online.securityfocus.com: Microsoft Outlook 2002 Email Header Processing Denial of Service Vulnerability. Read More Multiple Microsoft Internet Explorer Cached Objects Zone Bypass Vulnerability. Read More online.securityfocus.com: Multiple Vendor Sun RPC xdr_array Buffer Overflow Vulnerability. Read More online.securityfocus.com: Sun Solaris Libthread Library Denial of Service Vulnerability. Read More online.securityfocus.com: GV Malformed File Local Buffer Overflow Vulnerability. Read More online.securityfocus.com: Multiple Vendor Invalid X.509 Certificate Chain Vulnerability. Read More online.securityfocus.com: SAP DB Symbolic Link Vulnerability. Read More online.securityfocus.com: Pine From: Field Heap Corruption Vulnerability. Read More online.securityfocus.com: HP-UX ied Unspecified Information Disclosure Vulnerability. Read More online.securityfocus.com: Computer Associates eTrust Antivirus EE Privilege Escalation Vulnerability. Read More SMB2WWW Remote Command Execution Vulnerability. Read More online.securityfocus.com: Sun Solaris System Panic Denial Of Service Vulnerability. Read More online.securityfocus.com: KDE Konqueror Sub-Frames Script Execution Vulnerability. Read More online.securityfocus.com: KDE Secure Cookie Exposure Vulnerability. Read More online.securityfocus.com: KDE KPF Icon Option File Disclosure Vulnerability. Read More online.securityfocus.com: KDE Network RESLISA Buffer Overflow Vulnerability. Read More online.securityfocus.com: Bradford Barrett Webalizer Reverse DNS Buffer Overflow Vulnerability. Read More www.securitytracker.com: XOOPS Portal Input Filtering Flaw in Private Message Module Lets Remote Users Execute Cross-Site Scripting Attacks. Read More www.securitytracker.com: Sun Cobalt RaQ 4 Security Hardening Package CGI Input Validation Flaw Lets Remote Users Gain Root Access. Read More www.securitytracker.com: TrendMicro InterScan VirusWall Proxy Bug Lets Remote Users Connect to Internal Hosts Via the Proxy. Read More www.securitytracker.com: Akfingerd Finger Server Has Multiple Bugs That Allow Remote Users to Deny Service and Local Users to View Certain Files on the System. Read More www.securitytracker.com: Fortres 101 Disk Security Software Bug Lets Local Users Gain Unrestriced Disk Access. Read More www.securitytracker.com: Apache mod_jk Module Processing Bug When Used With Tomcat May Disclose Information to Remote Users or Crash. Read More News: www.business.scotsman.com: Huge increase in hackers and pornographers. Read More online.securityfocus.com: Suspected terror financier target of U.S. search of Massachusetts firm. Read More www.wired.com: Hacker From the 'Hood Tells All. Read More www.wired.com: An Inside Look at China Filters. Read More www.vnunet.com: Beware the eBay identity thieves. Read More www.vnunet.com: UK still vulnerable to hackers. Read More

07 december 2002 New Trojans: Volkoser 1.0 Ping Door 4.1 Big Brother 3.5.1 Vulnerabilities & Exploits: Debian Security Advisory DSA-204-1 kdelibs -- arbitrary program execution. Read More online.securityfocus.com: phpBB search.php Cross Site Scripting Vulnerability. Read More online.securityfocus.com: Aldap Contact Manager Authentication Bypass Vulnerability. Read More online.securityfocus.com: Zeroo HTTP Server Directory Traversal Vulnerability. Read More online.securityfocus.com: Microsoft Internet Explorer Dialog Style Same Origin Policy Bypass Vulnerability. Read More online.securityfocus.com: Linux Netfilter/IPTables IP Queuing Arbitrary Network Traffic Reading Vulnerability. Read More online.securityfocus.com: Buffalo AirStation Pro Intelligent Access Point Port 80 Denial Of Service Vulnerability. Read More online.securityfocus.com: Multiple Linksys Devices Heap Corruption Denial Of Service. Read More online.securityfocus.com: Multiple Linksys Devices strcat() Buffer Overflow Vulnerability. Read More online.securityfocus.com: Multiple Linksys Devices GET Request Buffer Overflow Vulnerability. Read More online.securityfocus.com: WindowMaker Image Handling Buffer Overflow Vulnerability. Read More www.securitytracker.com: KisMAC Wireless Protocol Stumbler Installation Bug May Overwrite File Permissions. Read More www.securitytracker.com: SquirrelMail Input Validation Flaw in 'read_body.php' Lets Remote Users Conduct Cross Site Scripting Attacks. Read More www.securitytracker.com: Microsoft Windows XP Wireless LAN Support May Disclose Access Point Information to Remote Users. Read More www.securitytracker.com: Sygate Personal Firewall Can Be Stopped Without a Password Even if a Password is Required. Read More www.securitytracker.com: Microsoft Outlook Bug in Processing Malformed E-mail Headers Lets Remote Users Crash the Client. Read More www.securitytracker.com: Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges. Read More www.securitytracker.com: Netscape Enterprise Server Manager Input Validation Flaw Lets Remote Users Execute Application Commands. Read More www.securitytracker.com: HP-UX ied(1) Input Editor May Disclose 'Invisible' Data to Local Users. Read More www.securitytracker.com: SMB2WWW Web-Based Windows Networking Client Bug Lets Remote Users Execute Arbitrary Programs. Read More www.securitytracker.com: SAP DB Database Symlink Bug Lets Local Users Execute Arbitrary Files With Root Privileges. Read More News: online.securityfocus.com: Federal agents raid Boston-area software company in terrorism investigation. Read More www.hackinglinuxexposed.com: /etc/inittab - The Most Overlooked Cracker Haven. Read More www.eweek.com: The Emerging Class of Security Tools. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 6, 2002. Read More

06 december 2002 New Trojans: BioNet 4.00.05 BE Hornet 1.0 Stealth Eye 1.1 Vulnerabilities & Exploits: online.securityfocus.com: Pedestal Software Integrity Protection Driver Bypass Vulnerability. Read More online.securityfocus.com: Xinetd Open File Descriptor Denial Of Service Vulnerability. Read More online.securityfocus.com: 3Com SuperStack 3 NBX FTPD Denial of Service Vulnerability. Read More online.securityfocus.com: libSieve Error Message Buffer Overrun Vulnerability. Read More online.securityfocus.com: Cyrus IMAPD Pre-Login Heap Corruption Vulnerability. Read More online.securityfocus.com: 3D3.Com ShopFactory Shopping Cart Cookie Price Manipulation Vulnerability. Read More Debian Security Advisory DSA-203-1 smb2www -- arbitrary command execution. Read More www.securitytracker.com: Sendmail 'check_relay' E-mail Access Control Features Can Be Bypassed By Remote Users. Read More www.securitytracker.com: Microsoft Internet Explorer showModalDialog() Input Validation Flaw Lets Remote Users Execute Arbitary Scripting Code in Any Security Zone. Read More www.securitytracker.com: Linux Kernel Netfilter/IPTables Experimental Queueing Bug May Disclose Network Traffic to Local Users. Read More www.securitytracker.com: Linksys BEFW11S4 Wireless Router Buffer Overflows and Parsing Bugs Let Remote Users Take Full Control of the Router. Read More www.securitytracker.com: Internet Message (IM) Perl Libraries Use Unsafe Temporary Files That Allow Local Users to Gain Elevated Privileges. Read More www.securitytracker.com: Sun Solaris Kernel 'struioget()' Bug Lets Local Users Panic the System. Read More www.securiteam.com: ShopFactory Shopping Cart Price Manipulation. Read More www.securiteam.com: Remote Heap malloc/free and Multiple Overflow Vulnerability in WSMP3. Read More www.securiteam.com: Windows XP Disclosure of Registered AP Information. Read More www.securiteam.com: E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail. Read More www.securiteam.com: Apache/Tomcat Denial of Service and Information Leakage Vulnerability. Read More www.securiteam.com: Cyrus Sieve / libSieve Buffer Overflow. Read More www.securiteam.com: Pre-Login Buffer Overflow in Cyrus IMAP server. Read More News: www.theinquirer.net: New worm attacks hard drives. Read More www.ispreview.co.uk: New E-Mail Virus Warning - SfxDeth.A. Read More www.it-analysis.com: Trouble With Trojans. Read More www.eweek.com: Security Expert Takes Issue With Rating of New IE Flaw. Read More www.theinquirer.net: Islamic fundamentalist hackers launch 100+Web attacks. Read More www.nzherald.co.nz: I shut radio site, boasts teen hacker. Read More www.hilltoptimes.com: Computer teams help thewart attacks from hackers. Read More www.vnunet.com: Interview: Microsoft wages war on flaws. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 5, 2002. Read More

05 december 2002 New Trojans: DTr 1.4.3 Whomp Downloader 4.0 ButtMan 0.9p Vulnerabilities & Exploits: www.securiteam.com: Zeroo Webserver Remote Directory Traversal Exploit. Read More www.securiteam.com: BigFun Remote DoS Attack. Read More www.securiteam.com: 3com NBX IP Phone System Denial of Service Attack (CEL). Read More www.securiteam.com: Vulnerability Report for Linksys Devices. Read More www.securiteam.com: Poisonous Style for Dialog Window Bypasses Zone Security. Read More www.securitytracker.com: Computer Associates InoculateIT Incremental Scan Weakness May Fail to Detect Viruses in Certain Cases. Read More www.securitytracker.com: Lawson Financials Discloses Database Password to Local Users in a Certain Configuration. Read More www.securitytracker.com: Cyrus IMAP Server Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read More www.securitytracker.com: Cyrus IMAP Server 'Sieve' Buffer Overflows Let Local Users Gain Elevated Privileges. Read More www.securitytracker.com: ShopFactory Shopping Cart Lets Remote Users Modify the Prices of Items in Their Shopping Cart. Read More www.securitytracker.com: Thatphpware Has More Input Validation Flaws That Let Remote Users Execute Arbitrary Code. Read More www.securitytracker.com: 3Com SuperStack 3 NBX and NBX 100 Telephony Systems Can Be Crashed By Remote Users Sending FTP Commands. Read More News: Microsoft Security Bulletin MS02-067 E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866). Read More Microsoft Security Bulletin MS02-068 Cumulative Patch for Internet Explorer (324929). Read More news.zdnet.co.uk: Lagel worm wipes files. Read More www.pcworld.com: New Year to Bring Nastier Viruses Yet. Read More www.smh.com.au: New virus spotted, may have originated Down Under. Read More www.pcworld.com: Klez Worm Was Worst of 2002. Read More www.secunia.com: Microsoft update to stop remote execution. Read More news.com.com: "Security warning" ads draw lawsuit. Read More www.hilltoptimes.com: Computer teams help thewart attacks from hackers. Read More www.denverpost.com: Hacker breaks into book promotion. Read More www.newsfactor.com: Does Cybercrime Still Pay? Read More www.web-user.co.uk: Criminals spy on absent web users. Read More www.theregister.co.uk: PGP goes back to its roots. Read More www.newsfactor.com: Daily CyberCrime and Security Report for December 4, 2002. Read More

04 december 2002 New Trojans: Cyrex msn trojan Invisible Activity Spy 2.0 Daodan 1.1 Vulnerabilities & Exploits: Debian Security Advisory DSA-202-1 im -- insecure temporary files. Read More online.securityfocus.com: Pserv HTTP Request Parsing Buffer Overflow. Read More online.securityfocus.com: Pserv User-Agent HTTP Header Buffer Overflow Vulnerability. Read More online.securityfocus.com: Pserv HTTP Version Specifier Buffer Overflow Vulnerability. Read More online.securityfocus.com: Pserv Request Method Buffer Overflow Vulnerability. Read More online.securityfocus.com: Pserv Stream Reading Buffer Overflow Vulnerability. Read More online.securityfocus.com: SuidPerl Information Disclosure Vulnerability. Read More News: www.itworld.com: Virus payloads getting bigger, nastier. Read More horus.vcsa.uci.edu: Hackers Infiltrate. Read More www.theage.com.au: The men who hold off Canberra's cyber siege. Read More news.com.com: Copyright law stands first day of trial. Read More kerneltrap.org: Interview: Ingo Molnar. Read More www.silicon.com: What's hot in the world of spam? Read More

03 december 2002 New Trojans: DTr 1.5 Poor SlimFTPd 3.1 Vulnerabilities & Exploits: Debian Security Advisory DSA-201-1 freeswan -- denial of service. Read More online.securityfocus.com: Mozilla Browser Large HTTP Header Buffer Overflow Vulnerability. Read More online.securityfocus.com: Mozilla Netscape Navigator Plug-In Path Disclosure Vulnerability. Read More online.securityfocus.com: Netscape/Mozilla Javascript Array Object Heap Corruption Vulnerability. Read More online.securityfocus.com: PalmOS Authentication Bypass Vulnerability. Read More online.securityfocus.com: Jahia Null Password LDAP Authentication Bypass Vulnerability. Read More online.securityfocus.com: Microsoft Internet Explorer UserData Insecure Default Configuration Vulnerability. Read More online.securityfocus.com: Imatix Xitami 2.5 Beta Denial Of Service Vulnerability. Read More online.securityfocus.com: Steve Horsburg Filemanager File Disclosure Vulnerability. Read More online.securityfocus.com: Sun Solaris 8 PAM Session Evasion Vulnerability. Read More online.securityfocus.com: Sun Solaris PCMCIAD File Corruption Vulnerability. Read More online.securityfocus.com: Lib CGI Include Buffer Overflow Vulnerability. Read More online.securityfocus.com: Livingston RADIUS Accounting Hostname Resolution Buffer Overflow Vulnerability. Read More online.securityfocus.com: News Evolution Include Undefined Variable Command Execution Vulnerability. Read More www.securitytracker.com: Webster HTTP Server Multiple Bugs Let Remote Users Execute Arbitrary Code and View Files on the System. Read More online.securityfocus.com: Boozt index.cgi Buffer Overrun Vulnerability. Read More online.securityfocus.com: Linux Kernel 2.4 System Call TF Flag Denial Of Service Vulnerability. Read More online.securityfocus.com: Sun Solaris MailTool Attachment Denial Of Service Vulnerability. Read More online.securityfocus.com: Solaris priocntl() System Call Local Root Vulnerability. Read More online.securityfocus.com: Microsoft Windows XP Fast User Switching Process Viewing Weakness. Read More online.securityfocus.com: Bogofilter Bogopass Insecure Temporary File Creation Vulnerability. Read More online.securityfocus.com: Moby NetSuite POST Handler Buffer Overflow Vulnerability. Read More online.securityfocus.com: Samba Server Encrypted Password Buffer Overrun Vulnerability. Read More News: abc.net.au: S Koreans launch cyber attack on US over schoolgirls' deaths. Read More www.eweek.com: ISS Goes Public With Vulnerability Disclosure Guidelines. Read More www.eweek.com: Hacker Log: Pathway to Successful Site Attack. Read More www.eweek.com: Security Firm Deserts Users. Read More www.oaklandtribune.com: Hackers prey on passwords with ease. Read More

02 december 2002 New Trojans: TLPilon 1.2 Dark Omen 1.3 Super Stealth Key Capturer 2.0 Vulnerabilities & Exploits: online.securityfocus.com: Traceroute-Nanog Hostname Buffer Overflow Vulnerability. Read More online.securityfocus.com: PortailPHP SQL Injection Vulnerability. Read More online.securityfocus.com: Sendmail SMRSH Double Pipe Access Validation Vulnerability. Read More online.securityfocus.com: Clam AntiVirus Archive Scanning Memory Corruption Vulnerability. Read More online.securityfocus.com: YaBB YaBB.pl Cross Site Scripting Vulnerability. Read More online.securityfocus.com: pWins Web Server Directory Traversal Vulnerability. Read More www.securitytracker.com: Bogofilter 'bogopass' SPAM Filter Provides Local Users With an Attack Method to Gain Elevated Privileges on the System. Read More www.securitytracker.com: Moby NetSuite Buffer Overflow in Processing POST Requests Lets Remote Users Crash the Service. Read More www.securiteam.com: VNC Man in the Middle Exploit Code. Read More www.securiteam.com: User Downgraded from Administrator to User Retains the Ability to List Other User's Running Tasks. Read More www.securiteam.com: Multiple pServ Remote Buffer Overflow Vulnerabilities. Read More www.securiteam.com: Webster HTTP Server Buffer Overflow Vulnerabilities. Read More www.securiteam.com: Moby NetSuite POST Denial of Service Vulnerability. Read More www.securiteam.com: TracerouteNG - The Never Ending Story. Read More www.securiteam.com: Bogofilter Contrib/Bogopass Temp File Vulnerability. Read More News: abc.net.au: S Koreans launch cyber attack on US over schoolgirls' deaths. Read More www.nytimes.com: The Insecurity of Computer Security. Read More www.usatoday.com: Millions of pirates are plundering satellite TV. Read More

01 december 2002 New Trojans: GhostVoice 1.2 NetKill 1.01 DTr 1.4.4 (c) Vulnerabilities & Exploits: x82.inetcop.org: Remote Libcgi-tuxbr CGI Sxploit. Read More online.securityfocus.com: Sybase Adaptive Server DROP DATABASE Buffer Overflow Vulnerability. Read More www.securitytracker.com: Aldap Contact Manager Authentication Flaw Lets Remote Users Obtain Administrative Privileges on the Application. Read More www.securitytracker.com: pWins Web Server Input Validation Flaw Discloses Files on the System to Remote Users. Read More News: www.hardwarezone.com: RealPlayer security fix is faulty. Read More www.computeruser.com: RealPlayer Patch Fails to Fix Flaws. Read More www.silicon.com: Virus Top Ten: Bugbear top of the pops. Read More www.computeruser.com: IT Warns Against Slippery Slope to Regulation. Read More news.com.com: Week in review: Scuttling the pirates. Read More news.com.com: Microsoft antitrust ruling faces appeal. Read More www.computeruser.com: Hackers Fight Censorship, Human Rights Violations. Read More

Copyright� MegaSecurity.org