|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RISK: The Consensus Security Vulnerability Alert Vol. 7 No. 33
From: The SANS Institute (ConsensusSecurityVulnerabilityAlertsans.org)
Date: Fri Aug 15 2008 - 08:40:38 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Two types of critical vulnerabilities this week: Those that can be
exploited by viewing web sites and those that can be exploited by opening
Word, Excel or PowerPoint files. This pattern of vulnerabilities closely
matches the pattern techniques being used in cyber espionage.
Alan
*************************************************************************
RISK: The Consensus Security Vulnerability Alert
August 14, 2008 Vol. 7. Week 33
*************************************************************************
RISK is the SANS community's consensus bulletin summarizing the most
important vulnerabilities and exploits identified during the past week
and providing guidance on appropriate actions to protect your systems
(PART I). It also includes a comprehensive list of all new
vulnerabilities discovered in the past week (PART II).
Summary of Updates and Vulnerabilities in this Consensus
Platform Number of Updates and Vulnerabilities
- ------------------------ -------------------------------------
Windows 6 (#1, #2, #8)
Microsoft Office 12 (#3, #4, #5, #6, #7)
Other Microsoft Products 6 (#12)
Third Party Windows Apps 4 (#9, #11)
Linux 3
HP-UX 2
Solaris 3
Cross Platform 11 (#10)
Web Application - Cross Site Scripting 10
Web Application - SQL Injection 14
Web Application 20
Network Device 5
*************************************************************************
SPONSORED BY SANS NETWORK SECURITY 2008 Ð LAS VEGAS
September 28-October 6.
Fifty courses including the much sought after new penetration testing and
secure coding courses. A big exhibit; a big evening program. By far the
best value on security education. Early registration discount deadline
next Wednesday.
http://www.sans.org/ns2008
ADDITIONAL TRAINING UPDATE
- - Boston (8/9-8/16) http://www.sans.org/boston08/
- - Virginia Beach (8/21-8/29): http://www.sans.org/vabeach08/
- - Chicago (9/3-9/10) http://www.sans.org/chicago08 AUDIT & COMPLIANCE
- - and in 100 other cites and on line any time: www.sans.org
*************************************************************************
Table Of Contents
Part I -- Critical Vulnerabilities from TippingPoint
(www.tippingpoint.com)
Widely Deployed Software
(1) CRITICAL: Microsoft Color Management System Remote Code Execution
(MS08-046)
(2) CRITICAL: Microsoft Internet Explorer Multiple Vulnerabilities (MS08-
045)
(3) CRITICAL: Microsoft Access Snapshot Viewer ActiveX Control Remote
Code Execution (MS08-041)
(4) CRITICAL: Microsoft Excel Multiple Vulnerabilities (MS08-043)
(5) CRITICAL: Microsoft PowerPoint Multiple Vulnerabilities (MS08-051)
(6) CRITICAL: Microsoft Office Filters Multiple Vulnerabilities (MS08-
044)
(7) CRITICAL: Microsoft Word Remote Code Execution Vulnerability (MS08-
042)
(8) HIGH: Microsoft Windows Event System Multiple Vulnerabilities (MS08-
049)
(9) HIGH: WebEx Meeting Manager ActiveX Control Buffer Overflow
(10) HIGH: BitTorrent and uTorrent Torrent File Processing Buffer
Overflow
(11) HIGH: Maxthon Browser Content-Type Handling Buffer Overflow
(12) LOW: Microsoft Windows Messenger Information Disclosure (MS08-050)
*************************************************************************
Are you a penetration tester who wants to learn about the latest testing
procedures and tools to improve your skills? Come to the Penetration
Testing and Ethical Hacking Summit to hear experts discuss policy,
process and technical aspects of testing. September 17 - London.
http://www.sans.org/info/31639
*************************************************************************
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from
Qualys (www.qualys.com)
- - -- Windows
08.33.1 - Microsoft Windows "NSlookup.exe" Unspecified Remote Code
Execution
08.33.2 - Microsoft Windows Messenger ActiveX Control Information
Disclosure
08.33.3 - Microsoft Windows Event System User Subscription Request
Remote Code Execution
08.33.4 - Microsoft Windows Event System Array Index Verification Remote
Code Execution
08.33.5 - Microsoft Windows Image Color Management Remote Code Execution
08.33.6 - Microsoft Windows IPsec Information Disclosure
- - -- Microsoft Office
08.33.7 - Microsoft PowerPoint Picture Index Remote Code Execution
08.33.8 - Microsoft PowerPoint Picture Index Variant Remote Code
Execution
08.33.9 - Microsoft PowerPoint List Value Parsing Remote Code Execution
08.33.10 - Microsoft Office Malformed EPS Filter Remote Code Execution
08.33.11 - Microsoft Office Malformed PICT Filter Remote Code Execution
08.33.12 - Microsoft Office PICT Filter Parsing Remote Code Execution
08.33.13 - Microsoft Office Malformed BMP Filter Remote Code Execution
08.33.14 - Microsoft Office WPG Image File Remote Code Execution
08.33.15 - Microsoft Excel Indexing Validation Remote Code Execution
08.33.16 - Microsoft Excel Index Array Remote Code Execution
08.33.17 - Microsoft Excel Record Parsing Remote Code Execution
08.33.18 - Microsoft Excel Credential Caching
- - -- Other Microsoft Products
08.33.19 - Microsoft Outlook Express And Windows Mail MHTML Handler
Information Disclosure
08.33.20 - Microsoft Internet Explorer HTML Objects Variant Memory
Corruption
08.33.21 - Microsoft Internet Explorer Uninitialized Memory Corruption
08.33.22 - Microsoft Internet Explorer HTML Component Handling Memory
Corruption
08.33.23 - Microsoft Internet Explorer HTML Objects Memory Corruption
08.33.24 - Microsoft Internet Explorer HTML Object Memory Corruption
- - -- Third Party Windows Apps
08.33.25 - Maxthon Browser Content-Type Buffer Overflow
08.33.26 - JComSoft "AniGIF.ocx" ReadGIF and ReadGIF2 Methods ActiveX
Buffer Overflow Vulnerabilities
08.33.27 - WebEx Meeting Manager "atucfobj.dll" ActiveX Control Remote
Buffer Overflow
08.33.28 - uTorrent and BitTorrent File Handling Remote Buffer Overflow
- - -- Linux
08.33.29 - Linux Kernel UBIFS Orphan Inode Local Denial of Service
08.33.30 - IPsec-Tools Remote Denial of Service
08.33.31 - Amarok "MagnatuneBrowser::listDownloadComplete()" Insecure
Temporary File Creation
- - -- HP-UX
08.33.32 - HP-UX "libc" Unspecified Remote Denial of Service
08.33.33 - HP-UX "ftpd" Unspecifed Remote Privilege Escalation
- - -- Solaris
08.33.34 - Sun Solaris Trusted Extensions Labeled Networking Security
Bypass
08.33.35 - Sun Solaris "pthread_mutex_reltimedlock_np(3C)" API Local
Denial of Service
08.33.36 - Sun Solaris "sendfilev()" Local Denial of Service
- - -- Cross Platform
08.33.37 - QEMU Security Bypass
08.33.38 - OpenVMS Finger Service Stack-Based Buffer Overflow
08.33.39 - Sun Java Micro Edition (ME) Multiple Unspecified Security-
Bypass Vulnerabilities
08.33.40 - PowerDNS Malformed Query Handling Weakness
08.33.41 - Apache Tomcat UTF-8 Directory Traversal
08.33.42 - Ruby Multiple Security Bypass and Denial of Service
Vulnerabilities
08.33.43 - Xen Para Virtualized Frame Buffer 'ioemu' Frontend Frame
Buffer Denial of Service
08.33.44 - Vim "mch_expand_wildcards()" Heap-Based Buffer Overflow
08.33.45 - PHP Multiple Buffer Overflow Vulnerabilities
08.33.46 - SOURCENEXT Virus Security and Virus Security ZERO Unspecified
Denial of Service
08.33.47 - VMWare VirtualCenter User Account Information Disclosure
- - -- Web Application - Cross Site Scripting
08.33.48 - Yogurt Social Network "uid" Parameter Multiple Cross-Site
Scripting Vulnerabilities
08.33.49 - RMSOFT Downloads Plus Multiple Cross-Site Scripting
Vulnerabilities
08.33.50 - Adobe Presenter Multiple Cross Site Scripting Vulnerabilities
08.33.51 - Google Notebook and Google Bookmarks Multiple Unspecified
Cross-Site Scripting Vulnerabilities
08.33.52 - Kshop "kshop_search.php" Cross-Site Scripting
08.33.53 - KAPhotoservice Multiple Cross-Site Scripting Vulnerabilities
08.33.54 - Quate CMS Multiple Cross-Site Scripting Vulnerabilities
08.33.55 - Domain Group Network GooCMS "index.php" Cross-Site Scripting
08.33.56 - Datafeed Studio "search.php" Cross-Site Scripting
08.33.57 - IDevSpot PhpLinkExchange "index.php" Multiple Cross-Site
Scripting Vulnerabilities
- - -- Web Application - SQL Injection
08.33.58 - e107 CMS "download.php" SQL Injection
08.33.59 - Discuz! "index.php" SQL Injection
08.33.60 - LiteNews "index.php" SQL Injection
08.33.61 - PHP-Nuke Kleinanzeigen Module "lid" Parameter SQL Injection
08.33.62 - Quicksilver Forums "index.php" SQL Injection
08.33.63 - Vacation Rental Script "index.php" SQL Injection
08.33.64 - Battle.net Clan Script "index.php" Multiple SQL Injection
Vulnerabilities
08.33.65 - ZeeScripts ZeeBuddy "bannerclick.php" SQL Injection
08.33.66 - psipuss Multiple SQL Injection Vulnerabilities
08.33.67 - OpenImpro "image.php" SQL Injection
08.33.68 - Ovidentia "index.php" SQL Injection
08.33.69 - IceBB "index.php" SQL Injection
08.33.70 - bBlog "builtin.help.php" SQL Injection
08.33.71 - Joomla! "com_user" Component SQL Injection
- - -- Web Application
08.33.72 - RMSOFT MiniShop "search.php" Multiple Cross-Site Scripting
Vulnerabilities
08.33.73 - Yogurt Social Network Scrapbook HTML Injection
08.33.74 - Contenido Multiple Unspecified Remote File Include
Vulnerabilities
08.33.75 - Free Hosting Manager Administrator Cookie Authentication
Bypass
08.33.76 - IntelliTamper HTML "Location" Header Parsing Buffer Overflow
08.33.77 - PHP-Ring Administrator Cookie Authentication Bypass
08.33.78 - txtSQL "startup.php" Remote File Include
08.33.79 - pPIM Multiple Remote Vulnerabilities
08.33.80 - LoveCMS Multiple Security Bypass Vulnerabilities
08.33.81 - Gallery Multiple Remote Vulnerabilities
08.33.82 - Chupix CMS Contact Module "index.php" Multiple Local File
Include Vulnerabilities
08.33.83 - phpKF-Portal Multiple Local File Include Vulnerabilities
08.33.84 - com_uchat component Mambo and Joomla! Component Multiple
Remote File Include Vulnerabilities
08.33.85 - Multiple WebmasterSite Products Remote Command Execution
08.33.86 - DD-WRT Site Survey SSID Script Injection
08.33.87 - Linkspider Multiple Remote File Include Vulnerabilities
08.33.88 - Harmoni "Username" Field HTML Injection
08.33.89 - Kayako SupportSuite Multiple Input Validation Vulnerabilities
08.33.90 - Datafeed Studio "patch.php" Remote File Include
08.33.91 - Bugzilla "--attach_path" Directory Traversal
- - -- Network Device
08.33.92 - Nokia Series 40 Multiple Unspecified Unauthorized Access
Vulnerabilities
08.33.93 - McAfee Encrypted USB Manager Remote Security Bypass
08.33.94 - Computer Associates "kmxfw.sys" Local Code Execution and
Remote Denial of Service Vulnerabilities
08.33.95 - Alcatel-Lucent OmniSwitch Products HTTP Header Remote Buffer
Overflow
08.33.96 - NXP Semiconductors MIFARE Classic Smartcard Multiple
Unspecified Security Vulnerabilities
______________________________________________________________________
PART I Critical Vulnerabilities
Part I for this issue has been compiled by Rob King at TippingPoint, a
division of 3Com, as a by-product of that company's continuous effort to
ensure that its intrusion prevention products effectively block exploits
using known vulnerabilities. TippingPoint's analysis is complemented by
input from a council of security managers from twelve large organizations
who confidentially share with SANS the specific actions they have taken
to protect their systems. A detailed description of the process may be
found at http://www.sans.org/newsletters/cva/#process
*****************************
Widely Deployed Software
*****************************
(1) CRITICAL: Microsoft Color Management System Remote Code Execution
(MS08-046)
Affected:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Description: The Microsoft Color Management System (CMS) is a component
of the Windows operating system that parses International Color
Consortium (ICC) color profiles in image files that are used to ensure
consistent color across displays and platforms. It contains a heap-based
buffer overflow vulnerability in its parsing of this profile information.
A specially crafted image file embedded in a web page or other document
or otherwise opened by a user could trigger this buffer overflow.
Successfully exploiting this buffer overflow would allow an attacker to
execute arbitrary code with the privileges of the current user. Some
technical details are publicly available for these vulnerabilities.
Status: Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/MS08-046.mspx
iDefense Security Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742
International Color Consortium Home Page
http://www.color.org/index.xalter
SecurityFocus BID
http://www.securityfocus.com/bid/30594
*******************************************************
(2) CRITICAL: Microsoft Internet Explorer Multiple Vulnerabilities (MS08-
045)
Affected:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Description: Microsoft Internet Explorer contains multiple
vulnerabilities in its handling of HTML objects. A specially crafted web
page could trigger one of these vulnerabilities using specially crafted
HTML or scripts. Successfully exploiting one of these vulnerabilities
would allow an attacker to execute arbitrary code with the privileges of
the current user. Some technical details are publicly available for some
of these vulnerabilities.
Status: Vendor confirmed, updates available.
References:
Zero Day Initiative Advisories
http://zerodayinitiative.com/advisories/ZDI-08-051/
http://zerodayinitiative.com/advisories/ZDI-08-050/
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx
SecurityFocus BIDs
http://www.securityfocus.com/bid/30614
http://www.securityfocus.com/bid/30611
http://www.securityfocus.com/bid/30613
http://www.securityfocus.com/bid/30610
*******************************************************
(3) CRITICAL: Microsoft Access Snapshot Viewer ActiveX Control Remote
Code Execution (MS08-041)
Affected:
Snapshot Viewer for Microsoft Access
Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
Description: The Access component of Microsoft Office provides some of
its functionality via an ActiveX control. This control contains a flaw in
its handling of user input. A malicious web page that instantiated this
control could trigger this flaw. Successfully exploiting this flaw would
allow an attacker to execute arbitrary code with the privileges of the
current user. Proof-of-concept code for this vulnerability is publicly
available, and it is believed that this vulnerability is being actively
exploited in the wild. This vulnerability was disclosed prior to the
Microsoft advisory and was discussed in a previous edition of RISK.
Status: Vendor confirmed, updates available. Users can mitigate the
impact of this vulnerability by disabling the affected control via
Microsoft's "kill bit" mechanism using CLSIDs "F0E42D50-368C-11D0-AD81-
00A0C90DC8D9", "F0E42D60-368C-11D0-AD81-00A0C90DC8D9", and "F2175210-
368C-11D0-AD81-00A0C90DC8D9". Note that this may affect normal
application functionality.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx
Proof-of-Concept
http://pstgroup.blogspot.com/2008/07/exploitmicrosoft-office-snapshot-
viewer.html
Previous RISK Entry
https://www.sans.org/newsletters/risk/display.php?v=7&i=28#widely1
SecurityFocus BID
http://www.securityfocus.com/bid/30114
*******************************************************
(4) CRITICAL: Microsoft Excel Multiple Vulnerabilities (MS08-043)
Affected:
Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Excel Viewer 2003
Microsoft Office Excel SharePoint
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Description: Microsoft Excel contains multiple vulnerabilities in its
parsing of Excel documents. A specially crafted Excel file could trigger
one of these vulnerabilities. Successfully exploiting these
vulnerabilities would allow an attacker to execute arbitrary code with
the privileges of the current user or gain access to otherwise secure
remote data sources. Note that, on recent versions of Microsoft Office,
documents are not opened upon receipt without first prompting the user.
Some technical details are publicly available for these vulnerabilities.
Status: Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx
Zero Day Initiative Advisory
http://zerodayinitiative.com/advisories/ZDI-08-048/
iDefense Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=740h
ttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=741
SecurityFocus BIDs
http://www.securityfocus.com/bid/30641
http://www.securityfocus.com/bid/30639
http://www.securityfocus.com/bid/30640
*******************************************************
(5) CRITICAL: Microsoft PowerPoint Multiple Vulnerabilities (MS08-051)
Affected:
Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office 2004 for Mac
Description: Microsoft PowerPoint contains multiple vulnerabilities in
its handling of PowerPoint files. A specially crafted PowerPoint file
could trigger one of these vulnerabilities. Successfully exploiting one
of these vulnerabilities would allow an attacker to execute arbitrary
code with the privileges of the current user. Note that, on recent
versions of Microsoft Office, documents are not opened upon receipt
without first prompting the user. Some technical details are publicly
available for these vulnerabilities.
Status: Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx
iDefense Advisories
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=738
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=739
SecurityFocus BIDs
http://www.securityfocus.com/bid/30579
http://www.securityfocus.com/bid/30554
http://www.securityfocus.com/bid/30552
*******************************************************
(6) CRITICAL: Microsoft Office Filters Multiple Vulnerabilities (MS08-
044)
Affected:
Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
Microsoft Office Project 2002
Microsoft Office Converter Pack
Microsoft Works 8
Description: Microsoft Office provides various filters - software that
can transparently convert various files among various formats. Several of
these filters contain flaws in their parsing of various file formats. A
specially crafted document could trigger one of these vulnerabilities,
allowing an attacker to execute arbitrary code with the privileges of the
current user. Note that, on recent versions of Microsoft Office,
documents are not opened upon receipt without first prompting the user.
Some technical details are publicly available for these vulnerabilities.
Status: Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms08-044.mspx
Zero Day Initiative Advisory
http://zerodayinitiative.com/advisories/ZDI-08-049/
iDefense Advisories
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=736
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=737
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=741
SecurityFocus BIDs
http://www.securityfocus.com/bid/30595
http://www.securityfocus.com/bid/30597
http://www.securityfocus.com/bid/30599
http://www.securityfocus.com/bid/30598
http://www.securityfocus.com/bid/30600
*******************************************************
(7) CRITICAL: Microsoft Word Remote Code Execution Vulnerability (MS08-
042)
Affected:
Microsoft Office XP
Microsoft Office 2003
Description: Microsoft Word contains a memory corruption vulnerability in
its parsing of Word documents. A specially crafted document could trigger
this vulnerability. Successfully exploiting this vulnerability would
allow an attacker to execute arbitrary code with the privileges of the
current user. Note that, on recent versions of Microsoft Office,
documents are not opened upon receipt without first prompting the user.
This vulnerability was previously discussed in a previous version of
RISK. It is believed that this vulnerability is being actively exploited
in the wild, and exploit code is available to subscribers to the CORE
Impact product.
Status: Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx
SANS Internet Security Center Blog Posting
http://isc.sans.org/diary.html?storyid=4696
Previous RISK Entry
https://www.sans.org/newsletters/risk/display.php?v=7&i=28#widely2
SecurityFocus BID
http://www.securityfocus.com/bid/30124
*******************************************************
(8) HIGH: Microsoft Windows Event System Multiple Vulnerabilities (MS08-
049)
Affected:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Description: The Microsoft Windows Event System (ES) is a component of
the Microsoft Windows operating system that manages method calls, events
and subscriptions to events for user applications. It contains two
vulnerabilities in its handling of user requests. A specially crafted
user request could trigger one of these vulnerabilities to execute
arbitrary code with the privileges of the vulnerable subsystem. Some
technical details are publicly available for these vulnerabilities. Note
that an attacker would require authentication to exploit these
vulnerabilities.
Status: Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms08-049.mspx
SecurityFocus BIDs
http://www.securityfocus.com/bid/30586
http://www.securityfocus.com/bid/30584
*******************************************************
(9) HIGH: WebEx Meeting Manager ActiveX Control Buffer Overflow
Affected:
WebEx Meeting Manager ActiveX control versions prior to 20.2008.2606.4919
Description: WebEx is a popular conferencing tool. Part of its
functionality is provided through a "meeting manager" ActiveX control.
This control contains a vulnerability in its handling of arguments passed
to its "NewObject" method. A specially crafted web page that instantiates
this control could trigger this vulnerability to execute arbitrary code
with the privileges of the current user. A proof-of-concept for this
vulnerability is publicly available.
Status: Vendor confirmed, updates available. Users can mitigate the
impact of this vulnerability by disabling the affected control via
Microsoft's "kill bit" mechanism, using CLSID "32E26FD9-F435-4A20-A561-
35D4B987CFDC". Note that this could affect normal application
functionality.
References:
Posting by Elazar
http://lists.grok.org.uk/pipermail/full-disclosure/2008-
August/063692.html
Proof-of-Concept
http://milw0rm.com/exploits/6220
Microsoft Knowledge Base Article (details the "kill bit" mechanism)
http://support.microsoft.com/kb/240797
SecurityFocus BID
http://www.securityfocus.com/bid/30578
*******************************************************
(10) HIGH: BitTorrent and uTorrent Torrent File Processing Buffer
Overflow
Affected:
uTorrent versions prior to 1.8 rc7
BitTorrent versions 6.0.3 and prior
Description: BitTorrent is a popular file distribution system. A given
"torrent" (shared file) is described using a ".torrent" file. The
BitTorrent and uTorrecnt clients contain a flaw in their parsing of the
"created by" field of these files. A specially crafted .torrent file
could trigger this vulnerability, allowing an attacker to execute
arbitrary code with the privileges of the current user. Note that
.torrent files are often opened automatically, without first prompting
the user. Full technical details are publicly available for this
vulnerability.
Status: Vendor confirmed, updates available.
References:
Posting by Rhys Kidd (PDF link)
http://seclists.org/dailydave/2008/q3/att-
0155/Stack_Overflow_in_uTorrent_-_Kidd_pdf
Secunia Security Advisories
http://secunia.com/advisories/31445/
http://secunia.com/advisories/31441/
SecurityFocus BID
http://www.securityfocus.com/bid/30653
*******************************************************
(11) HIGH: Maxthon Browser Content-Type Handling Buffer Overflow
Affected:
Maxthon Web Browser versions prior to 2.0
Description: Maxthon is the second most popular web browser in China . It
contains a flaw in its handling of the HTTP "Content-type" header. A
specially crafted header sent by a malicious server could trigger this
flaw, leading to a buffer overflow. Successfully exploiting this buffer
overflow would allow an attacker to execute arbitrary code with the
privileges of the current user. Full technical details and a proof-of-
concept are publicly available for this vulnerability.
Status: Vendor confirmed, updates available.
References:
Proof-of-Concept
http://downloads.securityfocus.com/vulnerabilities/exploits/30617-poc.pl
Maxthon Home Page
http://www.maxthon.com/
SecurityFocus BID
http://www.securityfocus.com/bid/30617
*******************************************************
(12) LOW: Microsoft Windows Messenger Information Disclosure (MS08-050)
Affected:
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows 2000
Description: Microsoft Windows Messenger is Microsoft Windows's built-in
instant messaging and conferencing client. Part of its functionality is
provided by an ActiveX control. This control contains an information
disclosure vulnerability. A malicious web page that instantiates this
control could access arbitrary information with the privileges of the
current user, including that user's Windows Messenger authentication
credentials. Successfully stealing these credentials would allow an
attacker to log in to messaging services as the victim.
Status: Vendor confirmed, updates available. Users can mitigate the
impact of this vulnerability by disabling the affected control via
Microsoft's "kill bit" mechanism using CLSID "B69003B3-C55E-4b48-836C-
BC5946FC3B28". Note that this may affect normal application
functionality.
References:
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms08-050.mspx
Microsoft Knowledge Base Article (details the "kill bit" mechanism)
http://support.microsoft.com/kb/240797
Messenger Home Page
http://get.live.com/messenger/overview
SecurityFocus BID
http://www.securityfocus.com/bid/30551
*******************************************************
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 33, 2008
This list is compiled by Qualys ( www.qualys.com ) as part of that
company's ongoing effort to ensure its vulnerability management web
service tests for all known vulnerabilities that can be scanned. As of
this week Qualys scans for 5549 unique vulnerabilities. For this special
SANS community listing, Qualys also includes vulnerabilities that cannot
be scanned remotely.
______________________________________________________________________
08.33.1 CVE: Not Available
Platform: Windows
Title: Microsoft Windows "NSlookup.exe" Unspecified Remote Code
Execution
Description: Microsoft Windows is exposed to a remote code execution
issue due to an unspecified error in "NSlookup.exe" when parsing
malformed functions. Microsoft Windows XP Professional SP2 is
affected.
Ref: http://www.securityfocus.com/bid/30636
______________________________________________________________________
08.33.2 CVE: Not Available
Platform: Windows
Title: Microsoft Windows Messenger ActiveX Control Information
Disclosure
Description: Microsoft Windows Messenger is an instant messaging
application available for Microsoft Windows. The application is
exposed to an information disclosure issue that occurs in the
"Messenger.UIAutomation.1" ActiveX control identified by CLSID:
B69003B3-C55E-4b48-836C-BC5946FC3B28.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx
______________________________________________________________________
08.33.3 CVE: CVE-2008-1457
Platform: Windows
Title: Microsoft Windows Event System User Subscription Request Remote
Code Execution
Description: Microsoft Windows Event System is a service that
distributes events from publishers to subscribing objects to
facilitate event notifications for applications. Microsoft Windows
Event System is exposed to a remote code execution issue because the
application fails to handle per-user subscriptions in a proper manner.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx
______________________________________________________________________
08.33.4 CVE: CVE-2008-1456
Platform: Windows
Title: Microsoft Windows Event System Array Index Verification Remote
Code Execution
Description: Microsoft Windows Event System is a service that
distributes events from publishers to subscribing objects to
facilitate event notifications for applications. Microsoft Windows
Event System is exposed to a remote code execution issue that arises
because the application fails to verify the range for values used as
an index for a static array of function pointers.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-049.mspx
______________________________________________________________________
08.33.5 CVE: CVE-2008-2245
Platform: Windows
Title: Microsoft Windows Image Color Management Remote Code Execution
Description: Microsoft Windows is exposed to a remote code execution
issue due to a flaw in the Microsoft Color Management System (MSCMS)
module of the Image Color Management System (ICM). This issue may
arise when the module parses image files and allocates memory.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx
______________________________________________________________________
08.33.6 CVE: CVE-2008-2246
Platform: Windows
Title: Microsoft Windows IPsec Information Disclosure
Description: Microsoft Windows is prone to a vulnerability in the
IPsec implementation. The vulnerability exists due to an error that
occurs when pre-existing IPsec policies are imported from a Windows
Server 2003 domain to a Windows Server 2008 domain.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-047.mspx
______________________________________________________________________
08.33.7 CVE: CVE-2008-0120
Platform: Microsoft Office
Title: Microsoft PowerPoint Picture Index Remote Code Execution
Description: Microsoft PowerPoint is exposed to a remote code
execution issue that is caused by an error that can occur when the
application calculates memory requirements for a malformed picture
index in a specially crafted PowerPoint file.
Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php
?id=739
______________________________________________________________________
08.33.8 CVE: CVE-2008-0121
Platform: Microsoft Office
Title: Microsoft PowerPoint Picture Index Variant Remote Code
Execution
Description: Microsoft PowerPoint is exposed to a remote code
execution issue due to an error that can occur when the application
calculates memory requirements for a malformed picture index in a
specially crafted PowerPoint file.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx
______________________________________________________________________
08.33.9 CVE: CVE-2008-1455
Platform: Microsoft Office
Title: Microsoft PowerPoint List Value Parsing Remote Code Execution
Description: Microsoft PowerPoint is exposed to a remote code
execution issue that is caused by an error that occurs when the
application calculates memory requirements for parsing list values in
a specially crafted PowerPoint file.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-051.mspx
______________________________________________________________________
08.33.10 CVE: CVE-2008-3019
Platform: Microsoft Office
Title: Microsoft Office Malformed EPS Filter Remote Code Execution
Description: Microsoft Office is exposed to a remote code execution issue
that occurs when the Office EPS (Encapsulated PostScript) filter
parses a malformed EPS file. Attackers can exploit this issue by
enticing a victim to open the malicious file with the vulnerable
application.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-044.mspx
______________________________________________________________________
08.33.11 CVE: CVE-2008-3018
Platform: Microsoft Office
Title: Microsoft Office Malformed PICT Filter Remote Code Execution
Description: Microsoft Office is exposed to a remote code execution
issue that occurs when the Office PICT filter parses a malformed PICT
file. Attackers can exploit this issue by enticing a victim to open
the malicious file with the vulnerable application.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-044.mspx
______________________________________________________________________
08.33.12 CVE: CVE-2008-3021
Platform: Microsoft Office
Title: Microsoft Office PICT Filter Parsing Remote Code Execution
Description: Microsoft Office is exposed to a remote code execution
issue that occurs when the Office PICT filter parses a malformed PICT
image file. Attackers can exploit this issue by enticing a victim to
open the malicious file with the vulnerable application.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-044.mspx
______________________________________________________________________
08.33.13 CVE: CVE-2008-3020
Platform: Microsoft Office
Title: Microsoft Office Malformed BMP Filter Remote Code Execution
Description: Microsoft Office is prone to a remote code execution
issue. The issue occurs when the Office BMP filter parses a malformed
BMP file. Attackers can exploit this issue by enticing a victim to
open the malicious file with the vulnerable application.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-044.mspx
______________________________________________________________________
08.33.14 CVE: CVE-2008-3460
Platform: Microsoft Office
Title: Microsoft Office WPG Image File Remote Code Execution
Description: Microsoft Office is exposed to a remote code execution
issue.
The issue occurs when the Office WPG (WordPerfect Graphics) filter
parses a malformed WPG file. Attackers can exploit this issue by
enticing a victim to open the malicious file with the vulnerable
application.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-044.mspx
______________________________________________________________________
08.33.15 CVE: CVE-2008-3004
Platform: Microsoft Office
Title: Microsoft Excel Indexing Validation Remote Code Execution
Description: Microsoft Excel is a spreadsheet application that is part
of the Microsoft Office suite. Excel is exposed to a remote code
execution issue when parsing malformed Excel files. This issue occurs
because the application fails to validate index values in Excel files.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx
______________________________________________________________________
08.33.16 CVE: CVE-2008-3005
Platform: Microsoft Office
Title: Microsoft Excel Index Array Remote Code Execution
Description: Microsoft Excel is a spreadsheet application that is part
of the Microsoft Office suite. Excel is exposed to a remote code
execution issue when parsing malformed Excel files. This issue occurs
because the application fails to validate index array records in Excel
files.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx
______________________________________________________________________
08.33.17 CVE: CVE-2008-3006
Platform: Microsoft Office
Title: Microsoft Excel Record Parsing Remote Code Execution
Description: Microsoft Excel is a spreadsheet application that is part
of the Microsoft Office suite. Excel is exposed to a remote code
execution issue when parsing malformed Excel files. This issue occurs
because the application fails to validate record values in Excel
files.
Ref: http://www.zerodayinitiative.com/advisories/ZDI-08-048/
______________________________________________________________________
08.33.18 CVE: CVE-2008-3003
Platform: Microsoft Office
Title: Microsoft Excel Credential Caching
Description: Microsoft Excel is a spreadsheet application that is part
of the Microsoft Office suite. Microsoft Excel is exposed to an issue
that allows unauthorized access to remote data source credentials that
have been cached in Excel files. Microsoft Excel 2007 and Microsoft
Office 2008 for Mac are affected.
Ref: http://blogs.technet.com/swi/archive/2008/08/12/ms08-043-how-to-p
revent-this-information-disclosure-vulnerability.aspx
______________________________________________________________________
08.33.19 CVE: CVE-2008-1448
Platform: Other Microsoft Products
Title: Microsoft Outlook Express And Windows Mail MHTML Handler
Information Disclosure
Description: Microsoft Outlook Express and Windows Mail are email
client applications available for Microsoft Windows. The applications
are exposed to an information disclosure issue because of an error in
Windows MHTML protocol handler.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-048.mspx
______________________________________________________________________
08.33.20 CVE: CVE-2008-2258
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer HTML Objects Variant Memory
Corruption
Description: Microsoft Internet Explorer is exposed to a remote memory
corruption issue that occurs when the application attempts to parse a
specially crafted Web page. This issue is due to the application
attempting to access uninitialized memory while parsing
specially crafted Web pages.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx
______________________________________________________________________
08.33.21 CVE: CVE-2008-2256
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer Uninitialized Memory Corruption
Description: Microsoft Internet Explorer is exposed to a remote memory
corruption issue that occurs when the application attempts to parse a
specially crafted Web page. This issue occurs when the application
attempts to access incorrectly initialized or deleted objects in
memory.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx
______________________________________________________________________
08.33.22 CVE: CVE-2008-2259
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer HTML Component Handling Memory
Corruption
Description: Microsoft Internet Explorer is exposed to a remote memory
corruption issue that occurs when the application attempts to parse a
specially crafted Web page. Specifically, this issue presents itself
when the application attempts to validate arguments while handling
print previews.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx
______________________________________________________________________
08.33.23 CVE: CVE-2008-2257
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer HTML Objects Memory Corruption
Description: Microsoft Internet Explorer is exposed to a remote memory
corruption issue that occurs when the application attempts to parse a
specially crafted Web page. This issue is due to the application
attempting to access uninitialized memory while parsing
specially crafted Web pages.
Ref: http://www.zerodayinitiative.com/advisories/ZDI-08-050/
______________________________________________________________________
08.33.24 CVE: CVE-2008-2254
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer HTML Object Memory Corruption
Description: Microsoft Internet Explorer is exposed to a remote memory
corruption issue that occurs when the application attempts to parse a
specially crafted Web page. This issue is due to the application
attempting to access uninitialized memory while parsing
specially crafted Web pages.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx
______________________________________________________________________
08.33.25 CVE: Not Available
Platform: Third Party Windows Apps
Title: Maxthon Browser Content-Type Buffer Overflow
Description: Maxthon Browser is a web browser available for Microsoft
Windows. The application is exposed to a stack-based buffer overflow
issue because it fails to properly validate the "Content-Type" before
copying it into an insufficiently sized buffer. Maxthon Browser
versions prior to 2.0 are affected.
Ref: http://www.securityfocus.com/bid/30617
______________________________________________________________________
08.33.26 CVE: Not Available
Platform: Third Party Windows Apps
Title: JComSoft "AniGIF.ocx" ReadGIF and ReadGIF2 Methods ActiveX
Buffer Overflow Vulnerabilities
Description: Animation GIF ActiveX control is an ActiveX control for
displaying and manipulating GIF files. The control is exposed to
multiple buffer overflow issues because it fails to perform adequate
boundary checks on user-supplied data. Animation GIF ActiveX versions
2.47, 1.12a and 1.12b are affected.
Ref: http://support.microsoft.com/kb/240797
______________________________________________________________________
08.33.27 CVE: Not Available
Platform: Third Party Windows Apps
Title: WebEx Meeting Manager "atucfobj.dll" ActiveX Control Remote
Buffer Overflow
Description: WebEx is a file-sharing and conferencing application set
for Microsoft Windows. The "atucfobj" module of WebEx Meeting Manager
is exposed to a stack-based buffer overflow issue because it fails to
perform adequate boundary checks on user-supplied input. "atucfobj.dll"
version 20.2008.2601.4928 is affected.
Ref: http://support.microsoft.com/kb/240797
______________________________________________________________________
08.33.28 CVE: Not Available
Platform: Third Party Windows Apps
Title: uTorrent and BitTorrent File Handling Remote Buffer Overflow
Description: uTorrent and BitTorrent are Torrent clients available for
Microsoft Windows. The applications are exposed to a remote buffer
overflow issue because they fail to properly bounds check
user-supplied input before copying it to an insufficiently sized
memory buffer. This issue occurs when a malicious ".torrent" file
containing an excessive value for the "created by" field is handled by
a vulnerable application. uTorrent version 1.7.7 (build 8179) and
BitTorrent version 6.0.3 (build 8642) are affected.
Ref: http://www.securityfocus.com/bid/30653
______________________________________________________________________
08.33.29 CVE: CVE-2008-3275
Platform: Linux
Title: Linux Kernel UBIFS Orphan Inode Local Denial of Service
Description: The Linux kernel is exposed to a local denial of service
issue affecting the VFS behavior in UBIFS (UBI File System). UBIFS is
a flash filesystem comparable to JFFS2. The issue occurs because the
"->delete_inode()" function may not be properly called in certain
cases, causing the child dentry cache for deleted directories to
persist on disk. As a result, the orphaned inode area can be overflowed.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=457858
______________________________________________________________________
08.33.30 CVE: Not Available
Platform: Linux
Title: IPsec-Tools Remote Denial of Service
Description: IPsec-Tools is a port of KAME's IPsec utilities for the
Linux-2.6 IPsec implementation. IPsec-Tools is affected by a remote
denial of service issue because the application fails to properly
handle certain network packets. IPsec-Tools versions prior to 0.7.1
are affected.
Ref: http://sourceforge.net/mailarchive/message.php?msg_name=200807240
84529.GA3768%40zen.inc
______________________________________________________________________
08.33.31 CVE: Not Available
Platform: Linux
Title: Amarok "MagnatuneBrowser::listDownloadComplete()" Insecure
Temporary File Creation
Description: Amarok is a media-player application available for Linux
and Unix operating platforms. The issue occurs in the
"MagnatuneBrowser::listDownloadComplete()" function of the
"amarok/src/magnatunebrowser/magnatunebrowser.cpp" file. Amarok
version 1.4.9.1 is affected.
Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494765
______________________________________________________________________
08.33.32 CVE: CVE-2008-1664
Platform: HP-UX
Title: HP-UX "libc" Unspecified Remote Denial of Service
Description: HP-UX is exposed to a remote denial of service issue. The
cause of this issue is unknown. Exploiting this issue allows remote
attackers to trigger denial of service conditions. HP-UX versions
B.11.23 and B.11.31 using libc are affected.
Ref: http://www.securityfocus.com/bid/30581
______________________________________________________________________
08.33.33 CVE: CVE-2008-1668
Platform: HP-UX
Title: HP-UX "ftpd" Unspecifed Remote Privilege Escalation
Description: HP-UX is a UNIX-based operating system. HP-UX running
"ftpd" is exposed to a remote privilege escalation issue. Remote
attackers can exploit this issue to gain elevated privileges on the
affected computer.
Ref: http://www.securityfocus.com/bid/30666
______________________________________________________________________
08.33.34 CVE: Not Available
Platform: Solaris
Title: Sun Solaris Trusted Extensions Labeled Networking Security
Bypass
Description: Sun Solaris is an enterprise-grade UNIX distribution.
Solaris is exposed to a security bypass issue that affects the Trusted
Extensions labeled networking. A Solaris Trusted Extensions system
with a labeled zone which is in the "installed" state is vulnerable to
a security bypass issue. Solaris 10 and OpenSolaris platforms are
affected.
Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-66-240099-1
______________________________________________________________________
08.33.35 CVE: Not Available
Platform: Solaris
Title: Sun Solaris "pthread_mutex_reltimedlock_np(3C)" API Local
Denial of Service
Description: Sun Solaris is an enterprise-grade UNIX distribution. The
Sun Solaris "pthread_mutex_reltimedlock_np(3C)" (priority-inherited
pthread mutex) API is exposed to a local denial of service issue.
Solaris 10 and OpenSolaris versions prior to build snv_90 for SPARC
and x86 platforms are affected.
Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-66-239387-1
______________________________________________________________________
08.33.36 CVE: Not Available
Platform: Solaris
Title: Sun Solaris "sendfilev()" Local Denial of Service
Description: Sun Solaris is an enterprise-grade UNIX distribution. The
Sun Solaris "sendfilev()" system call is exposed to an unspecified
local denial of service issue. A local unprivileged attacker can
exploit this issue with a malicious program designed to trigger the
issue. Solaris 10 and OpenSolaris versions prior to build snv_95 for
SPARC and x86 platforms are affected.
Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-66-239186-1
______________________________________________________________________
08.33.37 CVE: CVE-2008-1945
Platform: Cross Platform
Title: QEMU Security Bypass
Description: QEMU is a processor emulator used to virtualize computer
systems and to run guest operating systems within a host. QEMU is
exposed to a security bypass issue because the application fails to
properly restrict access to certain functionality.
Ref: http://www.securityfocus.com/bid/30604
______________________________________________________________________
08.33.38 CVE: Not Available
Platform: Cross Platform
Title: OpenVMS Finger Service Stack-Based Buffer Overflow
Description: The finger service ("fingerd") is part of the MultiNet
suite of TCP/IP applications for OpenVMS. The service is exposed to a
stack-based buffer overflow issue because it fails to adequately
bounds check user-supplied input.
Ref: http://www.securityfocus.com/archive/1/495207
______________________________________________________________________
08.33.39 CVE: Not Available
Platform: Cross Platform
Title: Sun Java Micro Edition (ME) Multiple Unspecified
Security Bypass Vulnerabilities
Description: Sun Java Micro Edition (ME) is an implementation of the
Java runtime environment designed for use on mobile devices such as
cellular phones. Java ME is exposed to two unspecified issues that can
be leveraged to bypass Java security restrictions.
Ref: http://www.securityfocus.com/archive/1/495224
______________________________________________________________________
08.33.40 CVE: CVE-2008-3337
Platform: Cross Platform
Title: PowerDNS Malformed Query Handling Weakness
Description: PowerDNS is an open-source DNS server. The application is
exposed to a weakness caused by dropping malformed DNS queries. This
issue increases the risk that other nameservers have of accepting
spoofed answers and having their cache poisoned for domains hosted by
PowerDNS nameservers. PowerDNS versions prior to 2.9.21.1 are
affected.
Ref: http://doc.powerdns.com/powerdns-advisory-2008-02.html
______________________________________________________________________
08.33.41 CVE: CVE-2008-2938
Platform: Cross Platform
Title: Apache Tomcat UTF-8 Directory Traversal
Description: Apache Tomcat is a Java-based webserver application for
multiple operating systems. The application is exposed to a directory
traversal issue because it fails to sufficiently sanitize
user-supplied input.
Ref: http://www.securityfocus.com/archive/1/495318
______________________________________________________________________
08.33.42 CVE: Not Available
Platform: Cross Platform
Title: Ruby Multiple Security Bypass and Denial of Service
Vulnerabilities
Description: Ruby is an object-oriented programming language. Ruby is
exposed to multiple issues. Attackers can exploit these issues to
perform unauthorized actions on affected applications. Ruby versions
1.8.5, 1.8.6-p286, 1.8.7-p71, and 1.9 r18423 are affected.
Ref: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilit
ies-in-ruby/
______________________________________________________________________
08.33.43 CVE: Not Available
Platform: Cross Platform
Title: Xen Para Virtualized Frame Buffer "ioemu" Frontend Frame Buffer
Denial of Service
Description: Xen is an open-source hypervisor or virtual machine
monitor. The application is exposed to a local denial of service issue
that occurs in the "tools/ioemu/hw/xenfb.c" source file. This issue
occurs because the hypervisor's para-virtualized framebuffer (PFVP)
fails to perform sufficient validation on the frontend frame buffer
description.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=447759
______________________________________________________________________
08.33.44 CVE: CVE-2008-3432
Platform: Cross Platform
Title: Vim "mch_expand_wildcards()" Heap-Based Buffer Overflow
Description: Vim is a text editor available for multiple operating
platforms. The application is exposed to a heap-based buffer overflow
issue because it fails to perform adequate boundary checks on
user-supplied data. Vim versions 6.2.429 through 6.3.058 are affected.
Ref: http://www.openwall.com/lists/oss-security/2008/07/15/4
______________________________________________________________________
08.33.45 CVE: Not Available
Platform: Cross Platform
Title: PHP Multiple Buffer Overflow Vulnerabilities
Description: PHP is a general-purpose scripting language that is
especially suited for web development and can be embedded into HTML.
PHP is exposed to multiple buffer overflow issues because the
application fails to perform adequate boundary checks on user-supplied
data. PHP versions prior to 4.4.9 are affected.
Ref: http://www.php.net/archive/2008.php#id2008-08-07-1
______________________________________________________________________
08.33.46 CVE: Not Available
Platform: Cross Platform
Title: SOURCENEXT Virus Security and Virus Security ZERO Unspecified
Denial of Service
Description: SOURCENEXT Virus Security and Virus Security ZERO are
antivirus applications that protect computers from viruses. Virus
Security and Virus Security ZERO are exposed to an unspecified denial
of service issue. Virus Security and Virus Security ZERO versions up
to and including 9.5.0173 are affected.
Ref: http://jvn.jp/en/jp/JVN66077895/
______________________________________________________________________
08.33.47 CVE: CVE-2008-3514
Platform: Cross Platform
Title: VMWare VirtualCenter User Account Information Disclosure
Description: VMWare VirtualCenter client is an application that
monitors and manages virtualized IT environments through a single
interface. The application is exposed to an information disclosure
issue.
Ref: http://www.vmware.com/support/vi3/doc/vi3_esx35u2_vc25u2_rel_note
s.html
______________________________________________________________________
08.33.48 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Yogurt Social Network "uid" Parameter Multiple Cross-Site
Scripting Vulnerabilities
Description: Yogurt Social Network is a social networking module for
multiple CMS applications. The application is exposed to multiple
cross-site scripting issues because it fails to properly sanitize
user-supplied input. Yogurt Social Network version 3.2 rc1 is
affected.
Ref: http://lostmon.blogspot.com/2008/08/yogurt-social-network-multipl
e-scripts.html
______________________________________________________________________
08.33.49 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: RMSOFT Downloads Plus Multiple Cross-Site Scripting
Vulnerabilities
Description: RMSOFT Downloads Plus is a web-based downloads module for
multiple CMS applications. The application is exposed to multiple
cross-site scripting issue because it fails to properly sanitize
user-supplied input. Downloads Plus versions 1.5 and 1.7 are affected.
Ref: http://lostmon.blogspot.com/2008/08/rmsoft-downloads-plus-two-scr
ipts-two.html
______________________________________________________________________
08.33.50 CVE: CVE-2008-3515, CVE-2008-3516
Platform: Web Application - Cross Site Scripting
Title: Adobe Presenter Multiple Cross-Site Scripting Vulnerabilities
Description: Adobe Presenter is an application for creating web-based
Flash presentations. The application is exposed to multiple cross-site
scripting issues because sites generated with the vulnerable
application fail to sufficiently sanitize user-supplied data. Adobe
Presenter versions 6 and 7 are affected.
Ref: http://www.adobe.com/support/security/bulletins/apsb08-17.html
______________________________________________________________________
08.33.51 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Google Notebook and Google Bookmarks Multiple Unspecified
Cross-Site Scripting Vulnerabilities
Description: Google Notebook and Google Bookmarks are applications
that extend the functionality of various browsers. Google Notebook is
exposed to three unspecified cross-site scripting issues. An attacker
can create a malformed block note containing malicious script code and
invite an unsuspecting victim to share it.
Ref: http://www.securityfocus.com/archive/1/495179
______________________________________________________________________
08.33.52 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Kshop "kshop_search.php" Cross-Site Scripting
Description: Kshop is an ecommerce module for the Xoops content
manager. The application is exposed to a cross-site scripting issue
because it fails to sufficiently sanitize user-supplied input to the
"search" parameter of the "kshop_search.php" script. Kshop version
2.22 is affected.
Ref: http://lostmon.blogspot.com/2008/08/kshop-module-search-variable-
and-field.html
______________________________________________________________________
08.33.53 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: KAPhotoservice Multiple Cross-Site Scripting Vulnerabilities
Description: KAPhotoservice is a web-based application for ordering
photo prints. The application is exposed to multiple cross-site
scripting issues. The application fails to properly sanitize
user-supplied input to the following scripts and parameters:
"search.asp": "filename" and "order.asp": "page".
Ref: http://www.securityfocus.com/bid/30567
______________________________________________________________________
08.33.54 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Quate CMS Multiple Cross-Site Scripting Vulnerabilities
Description: Quate CMS is a PHP-based content manager. Quate CMS is
exposed to multiple cross-site scripting issues because it fails to
adequately sanitize user-supplied input to the "page_area" and
"page_header" parameters of the
"/admin/includes/themes/default/header.php" script. Quate CMS version
0.3.4 is affected.
Ref: http://www.securityfocus.com/bid/30570
______________________________________________________________________
08.33.55 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Domain Group Network GooCMS "index.php" Cross-Site Scripting
Description: GooCMS is a web content management system. The
application is exposed to cross-site scripting attacks because it
fails to sufficiently sanitize user-supplied input to the "s"
parameter of the "index.php" script. GooCMS version 1.02 is affected.
Ref: http://www.securityfocus.com/bid/30635
______________________________________________________________________
08.33.56 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Datafeed Studio "search.php" Cross-Site Scripting
Description: Datafeed Studio is a web-based application for managing
merchant datafeeds. The application is exposed to cross-site scripting
attacks because it fails to sufficiently sanitize user-supplied input
to the "q" parameter of the "search.php" script. Datafeed Studio
version 1.6.2 is affected.
Ref: http://www.securityfocus.com/bid/30660
______________________________________________________________________
08.33.57 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: IDevSpot PhpLinkExchange "index.php" Multiple Cross-Site
Scripting Vulnerabilities
Description: PhpLinkExchange is a web application used to maintain a
link exchange directory. The application is exposed to cross-site
scripting attacks because it fails to sufficiently sanitize
user-supplied input to the "catid" and "id" parameters of the
"index.php" script. PhpLinkExchange version 1.01 is affected.
Ref: http://www.securityfocus.com/bid/30665
______________________________________________________________________
08.33.58 CVE: Not Available
Platform: Web Application - SQL Injection
Title: e107 CMS "download.php" SQL Injection
Description: e107 CMS is a PHP-based content manager. The application
is exposed to an SQL injection issue because it fails to sufficiently
sanitize user-supplied data to the "id" parameter of the
"download.php" script before using it in an SQL query. e107 CMS
version 0.7.11 is affected.
Ref: http://www.securityfocus.com/archive/1/495247
______________________________________________________________________
08.33.59 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Discuz! "index.php" SQL Injection
Description: Discuz! is web-based forum software. The application is
exposed to an SQL injection issue because it fails to sufficiently
sanitize user-supplied data to the "searchid" parameter of the
"index.php" script before using it in an SQL query. Discuz! version
6.0.1 is affected.
Ref: http://www.securityfocus.com/bid/30583
______________________________________________________________________
08.33.60 CVE: Not Available
Platform: Web Application - SQL Injection
Title: LiteNews "index.php" SQL Injection
Description: LiteNews is a news script application. The application is
exposed to an SQL injection issue because it fails to sufficiently
sanitize user-supplied data to the "id" parameter of the "index.php"
script before using it in an SQL query.
LiteNews version 0.1 is affected.
Ref: http://www.securityfocus.com/bid/30575
______________________________________________________________________
08.33.61 CVE: Not Available
Platform: Web Application - SQL Injection
Title: PHP-Nuke Kleinanzeigen Module "lid" Parameter SQL Injection
Description: Kleinanzeigen is a classifieds module for the PHP-Nuke
content manager. The module is exposed to an SQL injection issue
because it fails to sufficiently sanitize user-supplied data to the
"lid" parameter before using it in an SQL query.
Ref: http://www.securityfocus.com/archive/1/495166
______________________________________________________________________
08.33.62 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Quicksilver Forums "index.php" SQL Injection
Description: Quicksilver Forums is a web-based forum application. The
application is exposed to an SQL injection issue because it fails to
sufficiently sanitize user-supplied data to the "forums[]" parameter
of the "index.php" script before using it in an SQL query. Quicksilver
Forums version 1.4.1 is affected.
Ref: http://www.securityfocus.com/bid/30623
______________________________________________________________________
08.33.63 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Vacation Rental Script "index.php" SQL Injection
Description: Vacation Rental Script is a web-based property management
application. The application is exposed to an SQL injection issue
because it fails to sufficiently sanitize user-supplied data to the
"id" parameter of the "index.php" script before using it in an SQL
query. Vacation Rental Script version 3.0 is affected.
Ref: http://www.securityfocus.com/bid/30626
______________________________________________________________________
08.33.64 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Battle.net Clan Script "index.php" Multiple SQL Injection
Vulnerabilities
Description: Battle.net Clan Script is a clan management application.
The application is exposed to multiple SQL injection issues because it
fails to sufficiently sanitize user-supplied input to the "showmember"
and "thread" parameters of the "index.php" script before using them in
an SQL query. Battle.net Clan Script version 1.5.2 is affected.
Ref: http://sourceforge.net/projects/haudenschilt/
______________________________________________________________________
08.33.65 CVE: Not Available
Platform: Web Application - SQL Injection
Title: ZeeScripts ZeeBuddy "bannerclick.php" SQL Injection
Description: ZeeBuddy is a web-based property management application.
The application is exposed to an SQL injection issue because it fails
to sufficiently sanitize user-supplied data to the "adid" parameter of
the "bannerclick.php" script before using it in an SQL query. ZeeBuddy
version 2.1 is affected.
Ref: http://www.securityfocus.com/bid/30628
______________________________________________________________________
08.33.66 CVE: Not Available
Platform: Web Application - SQL Injection
Title: psipuss Multiple SQL Injection Vulnerabilities
Description: psipuss is a web-based image manager. The application is
exposed to multiple SQL injection issues because it fails to
sufficiently sanitize user-supplied input. psipuss version 1.0 is
affected.
Ref: http://www.securityfocus.com/bid/30629
______________________________________________________________________
08.33.67 CVE: Not Available
Platform: Web Application - SQL Injection
Title: OpenImpro "image.php" SQL Injection
Description: OpenImpro is a web-based content management application.
The application is exposed to an SQL injection issue because it fails
to sufficiently sanitize user-supplied data to the "id" parameter of
the "image.php" script before using it in an SQL query. OpenImpro
version 1.1 is affected.
Ref: http://www.securityfocus.com/bid/30631
______________________________________________________________________
08.33.68 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Ovidentia "index.php" SQL Injection
Description: Ovidentia is a web-based content management application.
The application is exposed to an SQL injection issue because it fails
to sufficiently sanitize user-supplied data to the "item" parameter of
the "index.php" script before using it in an SQL query. Ovidentia
version 6.6.5 is affected.
Ref: http://www.securityfocus.com/archive/1/495313
______________________________________________________________________
08.33.69 CVE: Not Available
Platform: Web Application - SQL Injection
Title: IceBB "index.php" SQL Injection
Description: IceBB is web-based forum software. The application is
exposed to an SQL injection issue because it fails to sufficiently
sanitize user-supplied data to the "skin" parameter of the "index.php"
script before using it in an SQL query. IceBB versions prior to
1.0-rc10 are affected.
Ref: http://forums.xaos-ia.com/?topic=765
______________________________________________________________________
08.33.70 CVE: Not Available
Platform: Web Application - SQL Injection
Title: bBlog "builtin.help.php" SQL Injection
Description: bBlog is a weblog application. The application is exposed
to an SQL injection issue because it fails to sufficiently sanitize
user-supplied data to the "mod" parameter of the
"bblog_plugins/builtin.help.php" script before using it in an SQL
query. bBlog version 0.7.6 is affected.
Ref: http://www.securityfocus.com/bid/30658
______________________________________________________________________
08.33.71 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Joomla! "com_user" Component SQL Injection
Description: "com_user" is a PHP-based component for the Joomla!
content manager. The application is exposed to an SQL injection issue
because it fails to sufficiently sanitize user-supplied data to the
"token" parameter of the "controller.php" script before using it in
an SQL query. Joomla! version 1.5.5 is affected.
Ref: http://www.securityfocus.com/bid/30667
______________________________________________________________________
08.33.72 CVE: Not Available
Platform: Web Application
Title: RMSOFT MiniShop "search.php" Multiple Cross-Site Scripting
Vulnerabilities
Description: RMSOFT MiniShop is a web-based shopping cart module for
multiple CMS applications. The application is exposed to multiple
cross-site scripting issues because it fails to properly sanitize
user-supplied input. MiniShop version 1.0 is affected.
Ref: http://www.securityfocus.com/bid/30616
______________________________________________________________________
08.33.73 CVE: Not Available
Platform: Web Application
Title: Yogurt Social Network Scrapbook HTML Injection
Description: Yogurt Social Network is a social networking module for
multiple CMS applications. The application is exposed to an HTML
injection issue because it fails to properly sanitize user-supplied
input to the description field of a scrapbook entry before using it in
dynamically generated content. Yogurt Social Network version 3.2 rc1
is affected.
Ref: http://lostmon.blogspot.com/2008/08/yogurt-social-network-multipl
e-scripts.html
______________________________________________________________________
08.33.74 CVE: Not Available
Platform: Web Application
Title: Contenido Multiple Unspecified Remote File Include
Vulnerabilities
Description: Contenido is a PHP-based content manager. The application
is exposed to multiple unspecified remote file include issues because
it fails to sufficiently sanitize user-supplied input. Contenido
versions prior to 4.8.7 are affected.
Ref: http://forum.contenido.org/viewtopic.php?t=22129
______________________________________________________________________
08.33.75 CVE: Not Available
Platform: Web Application
Title: Free Hosting Manager Administrator Cookie Authentication Bypass
Description: Free Hosting Manager is a web-based account management
application implemented in PHP. The application is exposed to an
authentication bypass issue because it fails to adequately verify
user-supplied input used for cookie-based authentication. Free Hosting
Manager versions 1.2 and 2.0 are affected.
Ref: http://www.securityfocus.com/bid/30580
______________________________________________________________________
08.33.76 CVE: Not Available
Platform: Web Application
Title: IntelliTamper HTML "Location" Header Parsing Buffer Overflow
Description: IntelliTamper is a spider application for scanning
web sites. The application is exposed to a buffer overflow issue
because the application fails to perform adequate boundary checks on
user-supplied data. IntelliTamper version 2.07 is affected.
Ref: http://www.securityfocus.com/bid/30622
______________________________________________________________________
08.33.77 CVE: Not Available
Platform: Web Application
Title: PHP-Ring Administrator Cookie Authentication Bypass
Description: PHP-Ring is a web-based application. The application is
exposed to an authentication bypass issue because it fails to
adequately verify user-supplied input used for cookie-based
authentication. PHP-Ring version 0.9.1 is affected.
Ref: http://www.securityfocus.com/bid/30624
______________________________________________________________________
08.33.78 CVE: Not Available
Platform: Web Application
Title: txtSQL "startup.php" Remote File Include
Description: txtSQL is a web-based application framework that includes
a flat-file database management system. The application is exposed to
a remote file include issue because it fails to properly sanitize
user-supplied input to the "CFG[txtsql][class]" parameter of the
"startup.php" script. txtSQL version 2.2 Final is affected.
Ref: http://www.securityfocus.com/bid/30625
______________________________________________________________________
08.33.79 CVE: Not Available
Platform: Web Application
Title: pPIM Multiple Remote Vulnerabilities
Description: pPIM is a web-based application. The application is
exposed to multiple issues. pPIM versions 1.0 and earlier are
affected.
Ref: http://www.securityfocus.com/bid/30627
______________________________________________________________________
08.33.80 CVE: Not Available
Platform: Web Application
Title: LoveCMS Multiple Security Bypass Vulnerabilities
Description: LoveCMS is a web-based content manager. The application
is exposed to multiple security bypass issues because it fails to
properly control access to some pages. LoveCMS version 1.6.2 is
affected.
Ref: http://www.securityfocus.com/bid/30562
______________________________________________________________________
08.33.81 CVE: Not Available
Platform: Web Application
Title: Gallery Multiple Remote Vulnerabilities
Description: Gallery is PHP-based software for managing photos. The
application is exposed to multiple remote issues. Gallery versions
prior to 1.5.8 are affected.
Ref: http://www.securityfocus.com/bid/30563
______________________________________________________________________
08.33.82 CVE: Not Available
Platform: Web Application
Title: Chupix CMS Contact Module "index.php" Multiple Local File
Include Vulnerabilities
Description: Contact is a phonebook module for Chupix CMS. The
application is exposed to multiple local file include issues because
it fails to properly sanitize user-supplied input to the "module"
parameter of the "index.php" and the "admin/index.php" scripts.
Contact version 0.1.0 is affected.
Ref: http://www.securityfocus.com/bid/30564
______________________________________________________________________
08.33.83 CVE: Not Available
Platform: Web Application
Title: phpKF-Portal Multiple Local File Include Vulnerabilities
Description: phpKF-Portal is a PHP-based content manager. The
application is exposed to multiple local file include issues because
it fails to properly sanitize user-supplied input. phpKF-Portal
version 1.10 is affected.
Ref: http://www.securityfocus.com/bid/30566
______________________________________________________________________
08.33.84 CVE: Not Available
Platform: Web Application
Title: com_uchat component Mambo and Joomla! Component Multiple Remote
File Include Vulnerabilities
Description: The com_uchat component is a chat component for the Mambo
and Joomla! content managers. The application is exposed to multiple
remote file include issues because it fails to sufficiently sanitize
user-supplied input. com_uchat version 0.9.2 is affected.
Ref: http://www.securityfocus.com/bid/30571
______________________________________________________________________
08.33.85 CVE: Not Available
Platform: Web Application
Title: Multiple WebmasterSite Products Remote Command Execution
Description: Multiple WebmasterSite products are exposed to a remote
shell command execution vulnerability because the applications fail to
sufficiently sanitize user-supplied data. Attackers may require valid
authentication credentials for the affected applications to access the
user profile in order to exploit this issue.
Ref: http://www.securityfocus.com/bid/30572
______________________________________________________________________
08.33.86 CVE: Not Available
Platform: Web Application
Title: DD-WRT Site Survey SSID Script Injection
Description: DD-WRT is a set of Linux-based firmware for wireless
routers. The firmware includes a web-based administrative interface.
The web interface is exposed to a script injection issue because it
fails to adequately sanitize user-supplied data to the "Site Survey"
section of the administrative web interface. DD-WRT versions prior to
24-sp1 are affected.
Ref: http://www.dd-wrt.com/dd-wrtv3/community/developmentnews/1-common
/24-dd-wrtv24sp1.html
______________________________________________________________________
08.33.87 CVE: Not Available
Platform: Web Application
Title: Linkspider Multiple Remote File Include Vulnerabilities
Description: Linkspider is a web-based application. The application is
exposed to multiple remote file include issues because it fails to
sufficiently sanitize user-supplied input to the
"$_SERVER["DOCUMENT_ROOT"]" parameter of the "links.php" and
"links.inc.php" scripts. Linkspider version 1.08 is affected.
Ref: http://www.securityfocus.com/bid/30632
______________________________________________________________________
08.33.88 CVE: Not Available
Platform: Web Application
Title: Harmoni "Username" Field HTML Injection
Description: Harmoni is an application framework. The application is
exposed to an HTML injection issue because it fails to properly
sanitize user-supplied input to the
"username" field before using it in dynamically generated content.
Harmoni versions prior to 1.4.7 are affected.
Ref: http://www.securityfocus.com/bid/30637
______________________________________________________________________
08.33.89 CVE: Not Available
Platform: Web Application
Title: Kayako SupportSuite Multiple Input Validation Vulnerabilities
Description: Kayako SupportSuite is a web-based support application.
The application is exposed to multiple input validation issues.
Exploiting these issues could allow an attacker to steal cookie-based
authentication credentials, access or modify data, or exploit latent
vulnerabilities in the underlying database. Kayako SupportSuite
versions prior to 3.30 are affected.
Ref: http://www.securityfocus.com/archive/1/495309
______________________________________________________________________
08.33.90 CVE: Not Available
Platform: Web Application
Title: Datafeed Studio "patch.php" Remote File Include
Description: Datafeed Studio is a PHP-based application that allows
users to convert datafeeds into dynamic websites. The application is
exposed to a remote file include issue because it fails to properly
sanitize user-supplied input to the "INSTALL_FOLDER" parameter of the
"admin/bin/patch.php" script.
Ref: http://www.securityfocus.com/bid/30659
______________________________________________________________________
08.33.91 CVE: Not Available
Platform: Web Application
Title: Bugzilla "--attach_path" Directory Traversal
Description: Bugzilla is a web-based bug tracking application. The
application is exposed to a directory traversal issue because it fails
to sufficiently sanitize user-supplied input. Bugzilla versions 2.22.1
through 2.22.4 and versions 2.23.3 and later are affected.
Ref: https://bugzilla.mozilla.org/show_bug.cgi?id=437169
______________________________________________________________________
08.33.92 CVE: Not Available
Platform: Network Device
Title: Nokia Series 40 Multiple Unspecified Unauthorized Access
Vulnerabilities
Description: Nokia Series 40 is a operating platform for mobile
devices. Series 40 is exposed to fourteen unspecified issues that can
be leveraged to gain unauthorized access to affected devices.
Ref: http://www.securityfocus.com/archive/1/495224
______________________________________________________________________
08.33.93 CVE: Not Available
Platform: Network Device
Title: McAfee Encrypted USB Manager Remote Security Bypass
Description: McAfee Encrypted USB Manager is an application to
securely store data on a McAfee Encrypted USB drive. The application
is exposed to a security-bypass issue. Specifically, the issue occurs
when the password "Re-use Threshold" policy is set to a non-zero
value. McAfee Encrypted USB Manager version 3.1.0.0 is affected.
Ref: http://www.mcafee.com/apps/downloads/security_updates/hotfixes.as
p?region=us&segment=enterprise
______________________________________________________________________
08.33.94 CVE: CVE-2008-3174, CVE-2008-2926
Platform: Network Device
Title: Computer Associates "kmxfw.sys" Local Code Execution and Remote
Denial of Service Vulnerabilities
Description: Multiple Computer Associate products are affected by two
issues. An arbitrary code execution issue occurs because the
"kmxfw.sys" driver fails to properly verify IOCTL requests; and a
denial of service issue occurs due to an unspecified error in the
"kmxfw.sys" driver.
Ref: http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560
______________________________________________________________________
08.33.95 CVE: Not Available
Platform: Network Device
Title: Alcatel-Lucent OmniSwitch Products HTTP Header Remote Buffer
Overflow
Description: Alcatel-Lucent OmniSwitch series is a product family of
switches. Alcatel-Lucent OmniSwitch products are exposed to a remote
buffer overflow issue because the application fails to perform
adequate boundary checks on user-supplied data.
Ref: http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitc
h.htm
______________________________________________________________________
08.33.96 CVE: Not Available
Platform: Network Device
Title: NXP Semiconductors MIFARE Classic Smartcard Multiple
Unspecified Security Vulnerabilities
Description: The MIFARE Classic smartcard is a contactless proximity
card based on the ISO/IEC 14443 RFID standard. The card has been
implemented for storing and tracking electronic fares in several major
transit systems. The application is exposed to multiple unspecified
security issues.
Ref: https://www.defcon.org/html/defcon-16/dc-16-speakers.html#Anderso
n
______________________________________________________________________
(c) 2008. All rights reserved. The information contained in this
newsletter, including any external links, is provided "AS IS," with no
express or implied warranty, for informational purposes only. In some
cases, copyright for material in this newsletter may be held by a
party other than Qualys (as indicated herein) and permission to use
such material must be requested from the copyright owner.
Subscriptions: RISK is distributed free of charge by the SANS
Institute to people responsible for managing and securing information
systems and networks. You may forward this newsletter to others
with such responsibility inside or outside your organization. For
a free subscription, (and for free posters) or to update a current
subscription, visit http://portal.sans.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIpYGp+LUG5KFpTkYRAhNxAKCUbIV9VX9pvON95FLPtQxJYLaSaQCeLUKT
VedhbXcSaV1Np6i/a38GB+Q=
=O6JA
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]