|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Network Computing and The SANS Institute (sans+ZZ87261369445585738
sans.org)Date: Thu Jul 26 2001 - 17:33:16 CDT
To: Security Express (SD397643)
Re: Your personalized newsletter
-- Security Alert Consensus --
Number 107 (01.30)
Thursday, July 26, 2001
Created for you by
Network Computing and the SANS Institute
Powered by Neohapsis
----------------------------------------------------------------------
Welcome to SANS' distribution of the Security Alert Consensus.
----------------------------------------------------------------------
*** Sponsored by VeriSign - The Internet Trust Company ***
Pinpoint the right security solution for your company - FREE Guide from
industry leader VeriSign gives you all the facts. Learn how to:
* Add the most powerful online encryption - 128-bit
* Quickly authenticate your site
Get your FREE Guide now at:
http://www.verisign.com/cgi-bin/go.cgi?a=n061142320014000
----------------------------------------------------------------------
Last week was definitely a busy one. The most notable
news was the Code Red worm that ran around exploiting the
Microsoft IIS indexing service buffer overflow. Not only
Windows NT shops were affected; Cisco released an advisory
indicating that IIS was bundled with many of its products.
http://archives.neohapsis.com/archives/bugtraq/2001-07/0446.html
Many reports also surfaced indicating that the worm was crashing
various HP JetDirect-enabled printers and that DSL/cable modem
devices (essentially any network device with a sub-optimal HTTP
management interface) seemed to be taken down in the process. The
"two birds with one worm" thread on Bugtraq mentions many of the
network-device problems. You can view messages from the thread at:
http://archives.neohapsis.com/archives/bugtraq/2001-07/
Those of you Unix folk on the list need not feel left out. While the
Windows NT shops are scrambling to patch the buffer overflow being
exploited by Code Red, you should be busy patching the buffer overflow
found in your telnet daemon -- if you still use it. Kudos to you if
you've moved exclusively to SSH. The details of the vulnerability
are covered in this issue under the Cross-Platform item {01.30.021}.
Until next week,
--Security Alert Consensus Team
************************************************************************
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
TABLE OF CONTENTS:
{01.30.017} Win - Cgiwrap URL request CSS vulnerability
{01.30.002} Linux - Update {01.29.015}: OpenSSL PRNG predictability
{01.30.010} Linux - HTTProtect symlink bypasses protection
{01.30.020} Linux - MasqMail piped alias privilege elevation
{01.30.031} Linux - Update {01.28.021}: xloadimage/faces reader buffer
overflow
{01.30.006} BSD - Update {01.23.008}: OpenSSH 'cookie' file deletion
{01.30.015} BSD - NetBSD sendmsg() causes kernel panic
{01.30.016} BSD - NetBSD sugid/execve() and ptrace() race condition
{01.30.030} Sol - dtmail MAIL env variable overflow
{01.30.004} HPUX - Update {01.15.011}: Multivendor FTP glob
functionality buffer overflow
{01.30.005} HPUX - VVOS mkacct allows unauthorized privileged access
{01.30.008} Other - Tru64 inetd DoS due to failed services
{01.30.001} Cross - tcpdump AFS parsing overflow (2)
{01.30.003} Cross - Squid httpd accelerator unauthorized Web proxy
{01.30.007} Cross - FW-1/Secure Remote network topology exposure
{01.30.009} Cross - phplib libdir remote code injection
{01.30.011} Cross - IBM AlphaWorks TFTP directory traversal attack
{01.30.012} Cross - WebSEAL proxy director /../ bypass/attack
{01.30.013} Cross - IMP malicious JavaScript vulnerability
{01.30.014} Cross - IMP local prefs.lang script execution
{01.30.018} Cross - SSH locked account password authentication bypass
{01.30.019} Cross - DNHTTPD encoded /../ request arbitrary file access
{01.30.021} Cross - Multivendor telentd option handling overflow
{01.30.022} Cross - Procmail unsafe signal handling
{01.30.023} Cross - Update {01.29.014}: uncgi CGI wrapper arbitrary
script execution
{01.30.024} Cross - NetWin Auth weak password hashing and buffer
overflows
{01.30.025} Cross - phpMyChat malformed nick vulnerabilities
{01.30.026} Cross - SILC private message may not be encrypted properly
{01.30.027} Cross - Various miscellaneous open-source application
vulnerabilities
{01.30.028} Cross - Lucent RADIUS server syslog()/log_msg() format
string attack
{01.30.029} Cross - pileup various scanf() overflows
{01.30.032} Cross - Proxomitron URL request CSS vulnerability
{01.30.033} Cross - Arkeia database files world-writable
- --- Windows News -------------------------------------------------------
*** {01.30.017} Win - Cgiwrap URL request CSS vulnerability
Cgiwrap versions prior to 3.7 have been found vulnerable to a
cross-site scripting attack. This could allow a malicious Web site
or e-mail to execute JavaScript in an unsuspecting user's browser.
The vendor has confirmed this vulnerability and
released version 3.7, which is available at:
http://prdownloads.sourceforge.net/cgiwrap/cgiwrap-3.7.tar.gz
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html
- --- Linux News ---------------------------------------------------------
*** {01.30.002} Linux - Update {01.29.015}: OpenSSL PRNG predictability
RedHat and Mandrake have released OpenSSL packages to fix the
vulnerability discussed in {01.29.015} ("OpenSSL PRNG predictability").
Updated RedHat RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0350.html
Updated Mandrake RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0354.html
Source: RedHat, Mandrake (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-07/0350.html
http://archives.neohapsis.com/archives/bugtraq/2001-07/0354.html
*** {01.30.010} Linux - HTTProtect symlink bypasses protection
HTTProtect version 1.1.1 has been found to contain a vulnerability that
would allow local attackers to bypass file modification restrictions
and still modify a file simply by referencing the file via symbolic
links.
The advisory indicates vendor confirmation; a patch is available at:
http://www.omnisecure.com/products/http/Linux/1.1.1/index.htm
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0357.html
*** {01.30.020} Linux - MasqMail piped alias privilege elevation
Versions of MasqMail older than 0.1.15 do not correctly handle piped
aliases. This could allow local attackers to elevate their privileges.
The vulnerability has been confirmed; it was fixed in version 0.1.15.
Source: Freshmeat
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0013.html
*** {01.30.031} Linux - Update {01.28.021}: xloadimage/faces reader
buffer overflow
SuSE has released updated xli/xloadimage packages to fix the
vulnerability discussed in {01.28.021} ("xloadimage/faces reader
buffer overflow").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/linux/suse/2001-q3/0243.html
Source: SuSE
http://archives.neohapsis.com/archives/linux/suse/2001-q3/0243.html
- --- BSD News -----------------------------------------------------------
*** {01.30.006} BSD - Update {01.23.008}: OpenSSH 'cookie' file deletion
NetBSD has released updated openSSH packages to fix the vulnerability
discussed in {01.23.008} ("OpenSSH 'cookie' file deletion").
The NetBSD 1.5 and -current package source as of June 25, 2001,
contain the fixed versions.
Source: NetBSD
http://archives.neohapsis.com/archives/netbsd/2001-q3/0098.html
*** {01.30.015} BSD - NetBSD sendmsg() causes kernel panic
NetBSD has released an advisory detailing a bug in the sendmsg()
function. It's possible for a local attacker to pass a large value
in the msg_controllen parameter of sendmsg(). This will cause the
kernel to panic and create a denial of service situation. NetBSD 1.3
through 1.5 and -current are vulnerable.
This vulnerability has been confirmed. NetBSD 1.4,
1.5 and -current as of July 19, 2001, contain the
updated fix. Various available patches are listed at:
http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html
Source: NetBSD
http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html
*** {01.30.016} BSD - NetBSD sugid/execve() and ptrace() race condition
An advisory released by NetBSD indicates a race condition in the
execve() function. This could allow a local attacker to ptrace() a
setuid/setgid application and potentially execute arbitrary code with
the elevated privileges. NetBSD 1.4, 1.5 and -current are vulnerable.
NetBSD has confirmed this vulnerability. It updated 1.5 and -current
on June 17, 2001, and 1.4 on July 19, 2001. Individual patches are
listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0533.html
Source: NetBSD
http://archives.neohapsis.com/archives/netbsd/2001-q3/0097.html
- --- Solaris News -------------------------------------------------------
*** {01.30.030} Sol - dtmail MAIL env variable overflow
A recently released advisory indicates a buffer overflow in dtmail's
handling of the MAIL environment variable. This could allow a local
attacker to execute arbitrary code under group 'mail' privileges.
Solaris 2.6 and 7 are reported vulnerable. However, this vulnerability
has not yet been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0539.html
- --- HP-UX News ---------------------------------------------------------
*** {01.30.004} HPUX - Update {01.15.011}: Multivendor FTP glob
functionality buffer overflow
HP has released updated patches to fix the vulnerability discussed
in {01.15.011} ("Multivendor FTP glob functionality buffer overflow").
HP patches listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0392.html
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q3/0015.html
*** {01.30.005} HPUX - VVOS mkacct allows unauthorized privileged access
HP has released patches to fix a vulnerability in the program mkacct
that may allow unauthorized privileged access. This vulnerability
only affects HP-UX 11.04 VVOS.
HP patches listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0392.html
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q3/0015.html
- --- Other News ---------------------------------------------------------
*** {01.30.008} Other - Tru64 inetd DoS due to failed services
Compaq has released an advisory indicating that the inetd service
shipped with Tru64 version 5.1 may stop accepting incoming connections
if one of the handled services crashes upon startup. This could result
in a denial of service situation.
Compaq has confirmed the problem and made a patch available. Contact
your normal Compaq Services support channel and request the patch
using the reference SSRT0708U.
Source: Compaq
http://archives.neohapsis.com/archives/compaq/2001-q3/0012.html
- --- Cross-Platform News ------------------------------------------------
*** {01.30.001} Cross - tcpdump AFS parsing overflow (2)
Another buffer overflow was found in tcpdump's parsing of AFS RPC
packets. This could allow a remote attacker to execute arbitrary code
on a system that is running tcpdump.
FreeBSD has confirmed this vulnerability. FreeBSD version 3.x, 4.4
and 4.3-STABLE after July 17, 2001, are not affected. Other platforms
are vulnerable as well.
Source: FreeBSD
http://archives.neohapsis.com/archives/freebsd/2001-07/0340.html
*** {01.30.003} Cross - Squid httpd accelerator unauthorized Web proxy
Squid prior to 2.3STABLE5 has been found to contain a
vulnerability in the http accelerator feature. When configured
with 'http_accel_with_proxy_off', any request to squid will bypass
ACLs. This vulnerability may allow squid to be used as a port scanner
or otherwise proxy unauthorized requests.
This vulnerability has been confirmed, and version 2.3STABLE5 has
been released.
Squid updates/downloads:
http://www.squid-cache.org/
Updated RedHat RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0401.html
Updated Immunix RPMs:
http://archives.neohapsis.com/archives/linux/immunix/2001-q3/0025.html
Updated Trustix RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html
Source: RedHat, Immunix, Trustix (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-07/0401.html
http://archives.neohapsis.com/archives/linux/immunix/2001-q3/0025.html
http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html
*** {01.30.007} Cross - FW-1/Secure Remote network topology exposure
This is more of a heads-up than a vulnerability: Certain configurations
of Secure Remote for Firewall-1, when used with FWZ encryption,
will gladly send network topology data to unauthenticated remote
users. The proper fix is to make sure network topology is sent only
to authenticated users or to predistribute an appropriate userc.c
file. Newer versions (4.1SP1) will not send this data by default.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0320.html
*** {01.30.009} Cross - phplib libdir remote code injection
Versions of phplib prior to 7.2d do not properly check incoming user
data, thereby allowing an attacker to redefine an internal library
variable ($_PHPLIB[libdir]) and cause the library to fetch a script
from a remote server and execute it. Technically, any application
built on top of vulnerable phplib versions are exploitable.
This vulnerability has been confirmed. Version
7.2d contains a fix and can be downloaded from:
http://sourceforge.net/project/showfiles.php?group_id=31885
&release_id=44737
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0504.html
*** {01.30.011} Cross - IBM AlphaWorks TFTP directory traversal attack
The IBM AlphaWorks TFTP Server for Java has been reported vulnerable to
a reverse directory traversal ('..') attack. This could allow remote
attackers to retrieve arbitrary files on the system readable by the
TFTP service.
This vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0455.html
*** {01.30.012} Cross - WebSEAL proxy director /../ bypass/attack
The Tivoli SecureWay Policy Director version 3.x ships with the
WebSEAL proxy service. This service has been found vulnerable
to reverse directory traversal ('..') attacks, which would allow
a remote attacker to access Web files otherwise restricted by the
policy director. All platforms for this product are vulnerable.
Tivoli has confirmed this vulnerability and released updated patches.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0497.html
*** {01.30.013} Cross - IMP malicious JavaScript vulnerability
IMP versions prior to 2.2.6 are vulnerable to an attacker embedding
various malicious JavaScript in HTML elements within an e-mail,
which would be executed in usersŐ browsers when they view the e-mail.
This vulnerability has been confirmed; a fix was included in version
2.2.6.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0491.html
*** {01.30.014} Cross - IMP local prefs.lang script execution
A vulnerability was found in IMP versions prior to 2.2.6 that allows
a local attacker, or anyone capable of writing a file to the target
server, to create a trojaned prefs.lang file and then trick IMP into
executing any PHP script commands contained within it. This attack
could be used to expose IMP configuration information, including
database authentication credentials.
This vulnerability has been confirmed. Version 2.2.6 has been released.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0491.html
*** {01.30.018} Cross - SSH locked account password authentication
bypass
SSH Secure Shell version 3.0.0 does not properly handle small (two
characters or less) password fields, which are commonly used on various
Unix systems to indicate 'locked out' accounts. This results in the
ability of a local attacker to log into the system under the account
without having to supply a password.
The vendor has confirmed this vulnerability and released version 3.0.1.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0486.html
*** {01.30.019} Cross - DNHTTPD encoded /../ request arbitrary file
access
DNHTTPD server versions prior to 0.4.1 contain a bug in the handling
of encoded URL requests that include reverse directory traversal
('..') notation. This allows remote attackers to access arbitrary
files outside the Web root that are readable by the DNHTTPD service.
The vendor has confirmed this vulnerability and released version 0.4.1.
Source: Freshmeat
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0002.html
*** {01.30.021} Cross - Multivendor telentd option handling overflow
An advisory has been released indicating that a remote attacker could
use a buffer overflow in the handling of telnet connection options to
execute arbitrary code with root privileges. The advisory indicates
various BSDs, Linux, IRIX and Solaris as vulnerable; other platforms
also may be vulnerable.
This vulnerability has been confirmed on some platforms.
FreeBSD has released a patch:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:49/
telnetd-crypto.patch
Caldera OpenLinux 2.3 may be vulnerable; patches are listed at:
http://archives.neohapsis.com/archives/linux/caldera/2001-q3/0005.html
Source: Caldera, SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0351.html
http://archives.neohapsis.com/archives/netbsd/2001-q3/0092.html
http://archives.neohapsis.com/archives/linux/caldera/2001-q3/0005.html
*** {01.30.022} Cross - Procmail unsafe signal handling
Procmail has been found to handle signals insecurely. This could
result in possible privilege escalation by a local attacker.
RedHat has confirmed this vulnerability and released updated packages.
Updated RedHat RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0394.html
Source: RedHat (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-07/0394.html
*** {01.30.023} Cross - Update {01.29.014}: uncgi CGI wrapper arbitrary
script execution
The vendor has released an updated uncgi package to fix the
vulnerability discussed in {01.29.014} ("uncgi CGI wrapper arbitrary
script execution").
The latest version can be downloaded from:
http://www.midwinter.com/~koreth/uncgi.html
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0349.html
*** {01.30.024} Cross - NetWin Auth weak password hashing and buffer
overflows
The NetWin Authentication Module version 3.0b, which is used in
various products (SurgeFTP and DMail), has flaws in the hashing
algorithm used to store passwords. This flaw allows passwords to be
decrypted easily and multiple passwords to be accepted for any one
actual password. Buffer overflows also are reported in the handling
of various operations, which potentially could be triggered remotely.
This vulnerability has not been confirmed. Exploit code is available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0452.html
*** {01.30.025} Cross - phpMyChat malformed nick vulnerabilities
phpMyChat versions prior to 0.14.5 contain two vulnerabilities related
to malformed user nicknames. These bugs could leave the accounts
unmanageable by administrative utilities. Another bug causes registered
users to lose rights in various situations when they join a chat.
The vendor has confirmed this vulnerability and released version
0.14.5.
Source: Freshmeat
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0001.html
*** {01.30.026} Cross - SILC private message may not be encrypted
properly
SILC versions prior to 0.4 may not properly encrypt a private message
with the intended recipient's private key, resulting in a nonencrypted
message.
The vendor has confirmed this vulnerability and released version 0.4.
Source: Freshmeat
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0003.html
*** {01.30.027} Cross - Various miscellaneous open-source application
vulnerabilities
We don't normally do a massive grouping like this. In this case,
however, we feel that it's worth alerting you, particularly because
some of the programs are popular and used frequently. Many open-source
programs were recently reported vulnerable, due to entries found in
their change logs. Unfortunately, in many instances the exact nature
of the vulnerability was not specified, so we are just going to list
the applications here with the available information. The vendor has
confirmed all of these problems, which have been fixed by updated
versions.
SANE scanner software versions prior to 1.0.5 indicate a
vulnerability. This is likely limited to a local attack only.
TWIG PHP imap client versions prior to 2.7.2 (and especially 2.7.0)
contain various multiple security fixes.
FileManager, a Perl CGI, has security problems in versions prior
to 0.95.
nPulse nmap utility prior to version 0.53p4 contains a security
vulnerability in the included Web server.
phpWebSite versions prior to 0.7.9 have a minor security problem when
a site runs multiple copies of phpWebSite under the same domain.
AutoDNS encrypted DNS request change manager has security problems
related to the handling of domain names in versions prior to 0.0.4.
Versions of the IntraGnat project management tool prior to 1.4 have
an undisclosed security problem.
The netscript TCP scripting engine prior to version 1.6.3 has security
issues in the parsing of returned data, which hints at a remote server
potentially executing arbitrary code as the user running netscript.
Source: VulnWatch, Freshmeat
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0010.html
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0012.html
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0004.html
http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html
*** {01.30.028} Cross - Lucent RADIUS server syslog()/log_msg() format
string attack
Versions of the Lucent/Livingston RADIUS daemon prior to 2.1.va.1
contain various format string attacks in the handling of syslog()
and log_msg() parameters. These could potentially allow a remote
attacker to execute arbitrary code on the system.
The vendor has confirmed this vulnerability, and version 2.1.va.1
fixes it.
Source: Freshmeat
http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html
*** {01.30.029} Cross - pileup various scanf() overflows
Version 1.2 of pileup has been released. It fixes various buffer
overflows caused by the use of the scanf() function.
The vendor has confirmed this vulnerability.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0512.html
*** {01.30.032} Cross - Proxomitron URL request CSS vulnerability
Proxomitron proxy versions Naoko-4 beta4 are vulnerable to cross-site
scripting in the handling of URL requests. This allows a malicious Web
site or e-mail to execute arbitrary JavaScript code in an unsuspecting
user's Web browser.
The vendor has confirmed this vulnerability and released version
Naoko-4 beta5.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0531.html
*** {01.30.033} Cross - Arkeia database files world-writable
Arkeia backup software version 4.2.8-2 (and probably prior) has been
found to set insecure file permission on various database/configuration
files. This could allow a local attacker to overwrite these files.
This vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0521.html
************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (BSD/OS)
Comment: For info see http://www.gnupg.org
iD8DBQE7YJZq+LUG5KFpTkYRAgN1AJwMzD5J63C8cKjYzyuoHaufqg4+3QCeLaip
YI5YeP5PENlcJhMYJHTxrbs=
=t+z2
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
*** Sponsored by VeriSign - The Internet Trust Company ***
Pinpoint the right security solution for your company - FREE Guide from
industry leader VeriSign gives you all the facts. Learn how to:
* Add the most powerful online encryption - 128-bit
* Quickly authenticate your site
Get your FREE Guide now at:
http://www.verisign.com/cgi-bin/go.cgi?a=n061142320014000
----------------------------------------------------------------------
Become a Security Alert Consensus member! If this e-mail was passed to
you and you would like to begin receiving our security e-mail newsletter
on a weekly basis, we invite you to subscribe today. Send an email to
sanssans.org with the subject "Subscribe SAC"
We are signing the Consensus newsletter
with PGP. The new SANS PGP key is posted at:
http://certserver.pgp.com:11371/pks/lookup?op=get&search=0xA1694E46
and can be accessed from the SANS Web site (http://www.sans.org).
Special Note: To better secure your confidential information,
we will no longer include personal URLs in our Consensus
newsletter mailings. Instead, we have created a new form
(http://www.sans.org/sansurl). On this form you can enter the SD
number located near your name at the top of the newsletter. When you
submit this form, an e-mail containing a URL will be sent to you at
the e-mail address on record. With this URL you can make changes to
your account (edit the content of your Consensus mailing, for example)
without endangering the security of your personal URL. If you'd like
to change your e-mail address or other information, or unsubscribe
to this newsletter, please visit your new URL as described above. If
you have any problems or questions, e-mail us at <consensusnwc.com>.
Missed an issue? You can find all back issues of
Security Alert Consensus (and Security Express) online.
http://archives.neohapsis.com/
Your opinion counts. We'd like to hear your thoughts on Security Alert
Consensus. E-mail any questions or comments to <consensusnwc.com>.
Copyright (c) 2001 Network Computing, a CMP Media LLC
publication. All Rights Reserved. Distributed by Network
Computing (http://www.networkcomputing.com) and The SANS Institute
(http://www.sans.org). Powered by Neohapsis Inc., a Chicago-based
security assessment and integration services consulting group
(infoneohapsis.com | http://www.neohapsis.com/).
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]