|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Network Computing and The SANS Institute (sans
sans.org)Date: Thu Feb 22 2001 - 15:16:04 CST
Re: Your personalized newsletter
-- Security Alert Consensus --
Number 085 (00.61)
Thursday, February 22, 2001
Created for you by
Network Computing and the SANS Institute
Powered by Neohapsis
----------------------------------------------------------------------
Welcome to the latest edition of Security Alert Consensus! Below you
should find information pertaining only to the categories you requested.
If you have any problems or questions, please e-mail us at
<consensusnwc.com>.
----------------------------------------------------------------------
*** This issue sponsored by Internet Security Systems ***
Connect - Internet Security Systems' International Security Summit
Join Nokia, VeriSign, RSA Security and other sponsors March 11-16 for
courses, workshops and seminars addressing all areas of online security,
including security management, threat management & response, risk
assessment and security policy development.
Visit http://www.issconnect.net
----------------------------------------------------------------------
As the fallout to last week's Anna Kournijova virus outbreak subsides,
a few points were driven home by the siege. First, organizations that
had an effective incident response capability clearly came out on top.
Many companies were able to identify the virus early on, and shut down
their SMTP connectors until updated antivirus signatures became
available. Second, organizations that did not have INBOUND antivirus
mail scanners attached to their Exchange systems were reminded once
again of the benefit of doing so. Unfortunately, many administrators
found out the hard way that Exchange's inflexible mail-filtering
abilities often come up short.
Finally, a few antivirus vendors came out of the fiasco shining. For
example, the SANS GIAC project received numerous reports from TrendMicro
customers who were unaffected by the outbreak. Apparently, TrendMicro
identified the virus over the weekend and successfully pushed out
effective signature updates to their clients before Anna hit hard on
Monday. While organizations will continue to be plagued by virus
outbreaks, it's nice to see some effective executions on the incident
response front.
Until next week,
- Security Alert Consensus Team
************************************************************************
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
TABLE OF CONTENTS:
{01.08.005} Win - Pi3Web full path disclosure and ISAPI request buffer
overflow
{01.08.009} Win - MS01-010: Windows Media Player skins file download
vulnerability
{01.08.010} Win - MS01-011: Malformed request to domain controllers can
cause DoS
{01.08.012} Win - 'MM notify callback' winlogon DoS
{01.08.023} Win - Update {01.07.026}: PcAnywhere large data stream
DoS/buffer overflow
{01.08.029} Win - Moby Netsuite Web server large URL DoS
{01.08.031} Win - Van Dyke VShell username buffer overflow
{01.08.032} Win - ITAfrica Webactive HTTP server file disclosure
{01.08.036} Win - BadBlue Web server path disclosure and DoS
{01.08.038} Win - Reflection FTP server password buffer overflow
{01.08.013} Linux - Update {00.56.034}: glibc incorrectly loads
libraries from ld.so.cache for suid/sgid apps
{01.08.016} Linux - Update {01.07.006}: Kernel allows ptrace() of
suid/sgid applications
{01.08.017} Linux - Update {01.07.005}: Kernel memory read via negative
sysctl() parameter value
{01.08.018} Linux - Update {00.56.042}: ProFTPD various memory leaks
{01.08.019} Linux - Update {01.07.011}: Multiple XFree86 vulnerabilities
{01.08.026} Linux - Licq RMS plugin DoS
{01.08.028} Linux - Adcycle.com adcenter CGI authentication bypass
{01.08.006} BSD - USER_LDT allows call gates to execute protected
kernel code
{01.08.008} Sol - pam_ldap null password authentication bypass
{01.08.025} NW - RSA authentication man-in-the-middle attack
{01.08.002} HPUX - iPlanet secured Web request DoS
{01.08.022} HPUX - Various text editor temp file handling
vulnerabilities
{01.08.020} NApps - Watchguard Firebox II PPTP DoS
{01.08.035} NApps - Fore/Marconi ASX switch management service DoS
{01.08.001} Cross - Authentication bypass/database tampering in PHP-Nuke
{01.08.003} Cross - Bajie HTTP JServer file upload and remote command
execution
{01.08.004} Cross - Resin reverse directory traversal vulnerability
{01.08.007} Cross - Vixie cron long user name buffer overflow
{01.08.011} Cross - Update {01.07.027}: Multivendor SSH1 CRC attack
detect code vulnerability
{01.08.014} Cross - Update {01.07.019}: ROADS search CGI file
disclosure via form parameter
{01.08.015} Cross - Multiple KTH Kerberos IV vulnerabilities (libkrb,
telnetd, temp file)
{01.08.021} Cross - Analog ALIAS buffer overflow
{01.08.024} Cross - Update {01.07.025}: PHP-Nuke file disclosure/script
execution via opendir script
{01.08.027} Cross - Mailnews CGI remote command execution
{01.08.030} Cross - Thinking Arts store.cgi file disclosure
{01.08.033} Cross - W3.org Amaya sendtemp.pl file disclosure
{01.08.034} Cross - PGP4Pine expired keys cause mail to be sent
unencrypted
{01.08.037} Cross - Kicq embedded URL command execution
- --- Windows News -------------------------------------------------------
*** {01.08.005} Win - Pi3Web full path disclosure and ISAPI request
buffer overflow
Pi3Web Web server version 1.0.1 has been found to contain a remotely
exploitable buffer overflow in the handling of ISAPI requests, whereby
a remote attacker can execute arbitrary code on the server. Pi3Web has
also been found to disclose full file paths when a request to a
nonexistent file is made. This vulnerability has not been confirmed.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0316.html
*** {01.08.009} Win - MS01-010: Windows Media Player skins file
download vulnerability
Microsoft has released MS01-010 ("Windows Media Player skins file
download vulnerability"). This advisory covers the vulnerability
discussed in {00.56.040} ("Windows Media Player Java vulnerability via
custom skins"). A malicious Web site can embed Java applets in Windows
Media Player skin packages, which then can be called under local system
privileges. This would allow the malicious Web site to access local
system files.
FAQ and patch:
http://www.microsoft.com/technet/security/bulletin/MS01-010.asp
Source: Microsoft
http://archives.neohapsis.com/archives/vendor/2001-q1/0042.html
*** {01.08.010} Win - MS01-011: Malformed request to domain controllers
can cause DoS
Microsoft has released MS01-011 ("Malformed request to domain controller
can cause denial of service"). Particular malformed requests to Windows
2000 domain controllers can cause the system to consume excess CPU
cycles, causing a denial of service due to high CPU usage.
This vulnerability affects Windows 2000 domain controllers.
FAQ and patch:
http://www.microsoft.com/technet/security/bulletin/MS01-011.asp
Source: Microsoft
http://archives.neohapsis.com/archives/vendor/2001-q1/0054.html
*** {01.08.012} Win - 'MM notify callback' winlogon DoS
A vulnerability has been reported indicating that a denial of service
is possible using the 'MM notify callback' message sent to winmm.dll,
which in turn is used by winlogon. The result is that local users can
cause winlogon.exe to crash. This vulnerability has not been confirmed.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0322.html
*** {01.08.023} Win - Update {01.07.026}: PcAnywhere large data stream
DoS/buffer overflow
Symantec has confirmed the vulnerability discussed in {01.07.026}
("PcAnywhere large data stream DoS/buffer overflow"). This vulnerability
has been fixed in PcAnywhere version 9.01.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html
*** {01.08.029} Win - Moby Netsuite Web server large URL DoS
Moby Netsuite Web server version 1.02 contains a denial of service
attack that allows a remote attacker to crash the service by sending a
large URL request. Execution of arbitrary code is not yet confirmed.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0346.html
*** {01.08.031} Win - Van Dyke VShell username buffer overflow
Van Dyke Technologies' VShell SSH server version 1.0 contains a buffer
overflow in the username handling. This allows a remote attacker to
execute arbitrary code on the system under local system privileges. The
vendor has confirmed the vulnerability and an update is available at:
http://www.vandyke.com/download/vshell
Source: Win2KSecurityAdvice
http://archives.neohapsis.com/archives/win2ksecadvice/2001-q1/0072.html
*** {01.08.032} Win - ITAfrica Webactive HTTP server file disclosure
ITAfrica's Webactive HTTP server allows a remote attacker to access
arbitrary files on the server by using reverse directory traversal
('..') notation in URL requests. This vulnerability has not been
confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0332.html
*** {01.08.036} Win - BadBlue Web server path disclosure and DoS
Working Resource's BadBlue Web server versions prior to 1.02.8 contain
a buffer overflow in the handling of large URL parameters passed to
ext.dll, which crashes the Web service. Ext.dll was also found to
disclose full file paths. The vendor has confirmed the vulnerabilities
and released version 1.02.8.
Source: Win2KSecurityAdvice
http://archives.neohapsis.com/archives/win2ksecadvice/2001-q1/0073.html
*** {01.08.038} Win - Reflection FTP server password buffer overflow
Reflection FTP server version 7.01 contains a buffer overflow in the
handling of authentication passwords. Execution of arbitrary code may
be possible.
This product has been discontinued, so the vulnerability will not be
fixed.
Source: SecurityFocus Vuln-Dev
http://archives.neohapsis.com/archives/vuln-dev/2001-q1/0343.html
- --- Linux News ---------------------------------------------------------
*** {01.08.013} Linux - Update {00.56.034}: glibc incorrectly loads
libraries from ld.so.cache for suid/sgid apps
TurboLinux has released updated glibc packages that fix the
vulnerability discussed in {00.56.034} ("glibc incorrectly loads
libraries from ld.so.cache for suid/sgid apps").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/linux/turbolinux/
2001-q1/0004.html
Source: TurboLinux
http://archives.neohapsis.com/archives/linux/turbolinux/
2001-q1/0004.html
*** {01.08.016} Linux - Update {01.07.006}: Kernel allows ptrace() of
suid/sgid applications
Trustix has released updated kernel packages that fix the vulnerability
discussed in {01.07.006} ("Kernel allows ptrace() of suid/sgid
applications").
Updated Trustix RPMs are listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html
Source: Trustix (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html
*** {01.08.017} Linux - Update {01.07.005}: Kernel memory read via
negative sysctl() parameter value
Trustix has released updated kernel packages that fix the vulnerability
discussed in {01.07.005} ("Kernel memory read via negative sysctl()
parameter value").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html
Source: Trustix (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html
*** {01.08.018} Linux - Update {00.56.042}: ProFTPD various memory leaks
Trustix has released updated proftpd packages that fix the vulnerability
discussed in {00.56.042} ("ProFTPD various memory leaks").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html
Source: Trustix (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html
*** {01.08.019} Linux - Update {01.07.011}: Multiple XFree86
vulnerabilities
Debian has released updated m68k XFree86 packages that fix the
vulnerability discussed in {01.07.011} ("Multiple XFree86
vulnerabilities").
Updated m68k DEBs are listed at:
http://archives.neohapsis.com/archives/vendor/2001-q1/0041.html
Source: Debian
http://archives.neohapsis.com/archives/vendor/2001-q1/0041.html
*** {01.08.026} Linux - Licq RMS plugin DoS
Licq versions 1.0.2 and prior contain a denial of service in the Remote
Management Service plugin. A remote attacker can send malformed packets
to the RMS service, which will cause Licq to crash. This vulnerability
has not been confirmed.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0365.html
*** {01.08.028} Linux - Adcycle.com adcenter CGI authentication bypass
Adcycle.com's adcenter CGI version 0.78b contains a SQL parameter
parsing vulnerability that allows remote attackers to bypass proper
authentication, thereby allowing them to access the administration
functions of the adcenter CGI. This vulnerability has not been
confirmed.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0342.html
- --- BSD News -----------------------------------------------------------
*** {01.08.006} BSD - USER_LDT allows call gates to execute protected
kernel code
Because of a bug in NetBSD's user-definable local descriptor table
support, a local user is able to define a segment call gate and execute
protected kernel code. This allows a local attacker to gain root access
or crash the system. The vendor has confirmed this vulnerability.
NetBSD's GENERIC and GENERIC-LAPTOP kernels prior to January 18, 2001,
contain the vulnerability. There is also a discussion (URL referenced
below) about OpenBSD containing the vulnerability when used in
combination with the WINE Windows emulator (USER_LDT is required for
WINE to work).
NetBSD has a patch available at:
http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html
Source: NetBSD, SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html
http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html
- --- Solaris News -------------------------------------------------------
*** {01.08.008} Sol - pam_ldap null password authentication bypass
Solaris 8's pam_ldap module contains a bug that allows a user to log
into a valid account without knowing the valid password. The vendor has
confirmed this vulnerability, which is documented as bug 4384816.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0344.html
- --- NetWare News -------------------------------------------------------
*** {01.08.025} NW - RSA authentication man-in-the-middle attack
Bindview has released an advisory that indicates a possible
man-in-the-middle attack against NetWare's RSA authentication protocol,
which may allow an attacker to reveal password hashes and possible
private keys.
The vendor has confirmed this vulnerability. Various workarounds are
listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-02/0301.html
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0301.html
- --- HP-UX News ---------------------------------------------------------
*** {01.08.002} HPUX - iPlanet secured Web request DoS
HP has released patches for iPlanet Web Server version 4.x, which is
included with HP-UX 11.04 (VVOS). The patch eliminates a denial of
service that would allow a remote attacker to crash the service using
malformed secure Web requests. The vendor has confirmed this
vulnerability.
HP has released patch PHSS_23215.
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q1/0041.html
*** {01.08.022} HPUX - Various text editor temp file handling
vulnerabilities
HP has released updates for temporary file handling vulnerabilities in
e, ex, vi, edit, view and vedit (the specific vulnerabilities have been
previously reported).
HP has release the following patches:
HP-UX 11.00: PHCO_22229
HP-UX 11.04: PHCO_23354
HP-UX 10.20: PHCO_22228
HP-UX 10.24: PHCO_23353
HP-UX 10.10: PHCO_22848
HP-UX 10.01: PHCO_22849
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q1/0042.html
- --- Network Appliances News --------------------------------------------
*** {01.08.020} NApps - Watchguard Firebox II PPTP DoS
Watchguard's Firebox II contains a denial of service in the PPTP
service. It is possible for a remote attacker to send malformed packets,
which will cause the PPTP deamon to crash. The vendor has confirmed this
vulnerability and released an update, which is available via its
LiveSecurity site at: http://www.watchguard.com/support
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0278.html
*** {01.08.035} NApps - Fore/Marconi ASX switch management service DoS
Fore/Marconi ASX-1000 switches with ForeThought firmware version 6.2
contain a denial of service attack whereby a remote attacker can send
malformed packets to the telnet and HTTP management services, causing
the services to become unavailable. This vulnerability has not been
confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0349.html
- --- Cross-Platform News ------------------------------------------------
*** {01.08.001} Cross - Authentication bypass/database tampering in
PHP-Nuke
PHP-Nuke versions 4.3 and 4.4 (and possibly prior) do not correctly
handle user parameters passed to SQL queries, allowing a remote attacker
to bypass user authentication or otherwise tamper with the database.
This vulnerability has been confirmed.
No patches have been made available. Software homepage:
http://www.phpnuke.org/
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0257.html
*** {01.08.003} Cross - Bajie HTTP JServer file upload and remote
command execution
Bajie HTTP JServer version 0.78 ships with a default servlet, named
'UploadServlet,' which allows remote attackers to upload arbitrary files
to the Web server. Another bug allows a remote attacker to execute CGI
programs contained outside the Webroot using reverse directory traversal
('..') notation in URL requests. This allows a remote attacker to upload
custom CGI scripts to be executed, or to execute command line commands.
The advisory indicates that the vendor had confirmed this problem.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.html
*** {01.08.004} Cross - Resin reverse directory traversal vulnerability
Resin Web server version 1.2.2 contains a vulnerability that allows a
remote attacker to request files outside the Webroot by using a modified
reverse directory traversal ('\..') URL request.
The vendor has confirmed this vulnerability and released version 1.2.3,
available at:
http://www.caucho.com/download/index.xtp
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0315.html
*** {01.08.007} Cross - Vixie cron long user name buffer overflow
Vixie cron ships the 'crontab' application, which contains a buffer
overflow in the handling of large user names. This could allow a local
user to gain root privileges. RedHat has confirmed this vulnerability.
Updated RedHat RPMs are listed at:
http://archives.neohapsis.com/archives/linux/redhat/2001-q1/0050.html
Updated Immunix RPMs are listed at:
http://archives.neohapsis.com/archives/linux/immunix/2001-q1/0066.html
Source: RedHat, Immunix
http://archives.neohapsis.com/archives/linux/redhat/2001-q1/0050.html
http://archives.neohapsis.com/archives/linux/immunix/2001-q1/0066.html
*** {01.08.011} Cross - Update {01.07.027}: Multivendor SSH1 CRC attack
detect code vulnerability
SuSE and NetBSD have released updated ssh packages that fix the
vulnerability discussed in {01.07.027} ("Multivendor SSH1 CRC attack
detect code vulnerability"). In addition, Foundry NetIron and ServerIron
appliances are reported to reboot upon exploitation of this
vulnerability.
Updated SuSE RPMs are listed at:
http://archives.neohapsis.com/archives/linux/suse/2001-q1/0868.htm
NetBSD package details are listed at:
http://archives.neohapsis.com/archives/netbsd/2001-q1/0094.html
Source: SuSE, NetBSD, SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/linux/suse/2001-q1/0868.html
http://archives.neohapsis.com/archives/netbsd/2001-q1/0094.html
http://archives.neohapsis.com/archives/bugtraq/2001-02/0280.html
*** {01.08.014} Cross - Update {01.07.019}: ROADS search CGI file
disclosure via form parameter
ROADS version 2.4 has been released. This fixes the vulnerability
discussed in {01.07.019} ("ROADS search CGI file disclosure via form
parameter").
The new version can be downloaded at:
http://www.roads.lut.ac.uk/lists/open-roads/2001/02/
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0293.html
*** {01.08.015} Cross - Multiple KTH Kerberos IV vulnerabilities
(libkrb, telnetd, temp file)
FreeBSD has released an advisory detailing multiple vulnerabilities in
its included Kerberos IV support, which is based on the KTH Kerberos
distribution. There is a buffer overflow in the libkrb library and
temporary file mishandling by the ticket management routines, neither
telnetd nor login properly filter Kerberos-related environment variables
on login. The vulnerabilities may allow both remote and local attackers
to gain root access to the system. FreeBSD has confirmed these
vulnerabilities.
FreeBSD 3.5 and 4.2 STABLE as of December 15, 2000, contain the fixed
versions. Individual patches are available at the URL referenced below.
Source: FreeBSD
http://archives.neohapsis.com/archives/freebsd/2001-02/0282.html
*** {01.08.021} Cross - Analog ALIAS buffer overflow
A buffer overflow has been found in the Analog logfile analysis program
in all versions obtained prior to February 13, 2001. The buffer overflow
may be remotely exploitable if the CGI form interface has been
installed. The author has confirmed this vulnerability and released an
updated version, which is available for download at:
http://www.analog.cx/
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0264.html
*** {01.08.024} Cross - Update {01.07.025}: PHP-Nuke file
disclosure/script execution via opendir script
PHP-Nuke has released an updated opendir.php script that fixes the
vulnerability discussed in {01.07.025} ("PHP-Nuke file disclosure/script
execution via opendir script").
The updated script can be downloaded at:
http://www.phpnuke.org/download.php?op=mydown&did=64
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0261.html
*** {01.08.027} Cross - Mailnews CGI remote command execution
The mailnews CGI versions 1.1 and 1.3 allow a remote attacker to execute
arbitrary command line commands via the 'address' URL parameter. This
vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0347.html
*** {01.08.030} Cross - Thinking Arts store.cgi file disclosure
Thinking Arts store.cgi allows a remote attacker to view arbitrary files
readable by the Web server by using reverse directory notation ('..')
in URL requests. This vulnerability has not been confirmed.
No patches have been released.
Vendor homepage:
http://www.thinkingarts.com/
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0324.html
*** {01.08.033} Cross - W3.org Amaya sendtemp.pl file disclosure
W3.org's Amaya Web server comes with the sendtemp.pl sample CGI
application. This app allows remote attackers to request arbitrary files
from the system by modifying the 'templ' URL parameter. This
vulnerability has not been confirmed.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0259.html
*** {01.08.034} Cross - PGP4Pine expired keys cause mail to be sent
unencrypted
PGP4Pine version 1.75-6 has been found to improperly handle expired
public keys when used in combination with gpg. If a public key is
expired, gpg will abort the encryption; however, PGP4Pine continues to
send the e-mail--unencrypted.
A third-party patch is available at:
http://archives.neohapsis.com/archives/bugtraq/2001-02/0367.html
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0367.html
*** {01.08.037} Cross - Kicq embedded URL command execution
Kicq version 1.0.0 (and possibly others) has been found to directly pass
URLs in messages to a command line viewer. This allows a remote attacker
to embed shell metacharacters in a URL, resulting in the execution of
arbitrary command line commands should a user click on a malicious URL
embedded in a received message. This vulnerability has not been
confirmed.
No patches have been made available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0276.html
************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (BSD/OS)
Comment: For info see http://www.gnupg.org
iD8DBQE6lX7d+LUG5KFpTkYRAhNTAJ4k/9RhAzJIw76KsxJK9Kb2CCOWiwCeIwg4
e43wAgrlP6ZzbTUB0XGYu10=
=tI3O
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
*** This issue sponsored by Internet Security Systems ***
Connect - Internet Security Systems' International Security Summit
Join Nokia, VeriSign, RSA Security and other sponsors March 11-16 for
courses, workshops and seminars addressing all areas of online security,
including security management, threat management & response, risk
assessment and security policy development.
Visit http://www.issconnect.net
----------------------------------------------------------------------
Become a Security Alert Consensus member! If this e-mail was passed to
you and you would like to begin receiving our security e-mail newsletter
on a weekly basis, we invite you to subscribe today at:
http://www.networkcomputing.com/consensus/.
We are signing the Consensus newsletter with PGP. The new SANS PGP key
is posted at:
http://certserver.pgp.com:11371/pks/lookup?op=get&search=0xA1694E46 and
can be accessed from the SANS Web site: http://www.sans.org.
Special Note: To better secure your confidential information, we will
no longer include personal URLs in our Consensus newsletter mailings.
Instead, we have created a new form, located at:
http://www.sans.org/sansurl. On this form you can enter the SD number
located near your name at the top of the newsletter. When you submit
this form, an e-mail containing a URL will be sent to you at the e-mail
address on record. With this URL you can make changes to your account
(edit the content of your Consensus mailing, for example) without
endangering the security of your personal URL. If you'd like to change
your e-mail address or other information, or unsubscribe to this
newsletter, please visit your new URL as described above. If you have
any problems or questions, e-mail us at <consensusnwc.com>.
Missed an issue? You can find all back issues of Security Alert
Consensus (and Security Express) online at:
http://archives.neohapsis.com/.
Your opinion counts. We'd like to hear your thoughts on Security Alert
Consensus. E-mail any questions or comments to <consensusnwc.com>.
Copyright (c) 2001 CMP Media Inc. A service of Network Computing. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com) and The SANS Institute
(http://www.sans.org). Powered by Neohapsis Inc., a Chicago-based
security assessment and integration services consulting group
(infoneohapsis.com | http://www.neohapsis.com/).
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]