NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > SANS> 2003

From: Network Computing and The SANS Institute (sans+ZZ19570268751127399_at_sans.org)
Date: Thu Jan 23 2003 - 16:15:00 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Re: Your personalized newsletter

                 -- Security Alert Consensus --
                       Number 003 (03.03)
                  Thursday, January 23, 2003
                       Created for you by
            Network Computing and the SANS Institute
                      Powered by Neohapsis

----------------------------------------------------------------------

Welcome to SANS' distribution of the Security Alert Consensus.

************************* Begin Advertisement ************************

This issue sponsored by SPI Dynamics.

ALERT: Automatic Remote Code Audit and Report for your Web Apps Test
your Web applications for SQL Injection, Cross-Site Scripting and
Session Hijacking
All undetectable by Firewalls and IDS!
FREE 15 Day Product Trial and Comprehensive Vulnerability Report
http://www.spidynamics.com/mktg/freewebinspect38

************************** End Advertisement *************************

An interesting new attack vector was published. Based on cross-site
scripting, the new 'cross-site tracing' (XST) uses a Web server's
TRACE method to access a user's cookies and authentication
information. The net result: HTTP servers that allow TRACE
requests are open to cross-site scripting regardless of any
CGIs/scripts on the Web server. You can read more about it at:
http://www.betanews.com/whitehat/WH-WhitePaper_XST_ebook.pdf

Until next week,
--Security Alert Consensus Team

************************************************************************

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

TABLE OF CONTENTS:

{03.03.015} Win - WebCollection Plus CGI arbitrary file reading
{03.03.017} Win - Shambala FTP server ftproot escaping
{03.03.019} Win - Xynph FTP server ftproot escaping
{03.03.021} Win - NiteServer FTP server ftproot escaping
{03.03.024} Win - CuteFTP large LIST response overflow
{03.03.001} Linux - Update {03.02.016}: Bugzilla backup configuration
            password disclosure
{03.03.002} Linux - Update {03.01.010}: CUPS multiple vulnerabilities
{03.03.005} Linux - Update {02.49.013}: Canna two local vulnerabilities
{03.03.006} Linux - SuSE susehelp CGI command execution
{03.03.009} Linux - Update {03.02.014}: IMP CGI various SQL injection
{03.03.011} Linux - Update {02.49.014}: wget directory recursion
            vulnerability
{03.03.012} Linux - Update {02.49.019}: Cyrus SASL library overflows
{03.03.025} Linux - Mandrake printer-drivers vulnerability
{03.03.022} HPUX - Xserver vulnerability on HP-UX 11.22
{03.03.023} HPUX - sort utility vulnerabilities
{03.03.007} SCO - Update {02.45.007}: BIND SIG cached RR overflow + 2
            DoS
{03.03.003} Cross - CVS directory double-free vulnerability
{03.03.004} Cross - Multiple PHP script vulnerabilities 01/21
{03.03.008} Cross - MySQL multiple vulnerabilities 01/21
{03.03.010} Cross - ISC DHCP/minires buffer overflow
{03.03.013} Cross - PeopleSoft XXE file reading
{03.03.014} Cross - Apache 2.0.44 released, with security fixes
{03.03.016} Cross - PostgreSQL VACUUM data destructions
{03.03.018} Cross - IPFilter bad checksum state tracking DoS
{03.03.020} Cross - VIM comments command execution

- --- Windows News -------------------------------------------------------

*** {03.03.015} Win - WebCollection Plus CGI arbitrary file reading

Follet Software's WebCollection Plus CGI suite version 5.00 allows
a remote attacker to view arbitrary files on the system via the
s.dll CGI.