|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Network Computing and The SANS Institute (sans+ZZ37856337779384681
sans.org)Date: Thu Oct 25 2001 - 13:57:07 CDT
Re: Your personalized newsletter
-- Security Alert Consensus --
Number 120 (01.43)
Thursday, October 25, 2001
Created for you by
Network Computing and the SANS Institute
Powered by Neohapsis
----------------------------------------------------------------------
Welcome to the latest edition of Security Alert Consensus! Below
you should find information pertaining only to the categories you
requested. If you have any problems or questions, please e-mail us
at <consensusnwc.com>.
----------------------------------------------------------------------
** Request your FREE Internet Security Handbook **
It's more important than ever to protect your information assets, avoid
business interruption, and prevent revenue loss. Request your *FREE*
copy of "Securing the Internet Economy: An Executive Guide to Managing
Online Risk" from Internet Security Systems (ISS).
Click here: http://www.iss.net/mktg/sac10401/
----------------------------------------------------------------------
Tons of Linux updates have been released this week. Most important
was a gaggle of bugs found in the kernel (reported in this issue
as {01.43.015}. You might want to think about popping over to
www.kernel.org (or mirror) and grabbing the latest and greatest.
What's interesting about this recent batch of security fixes is the
fact that (one of) the kernel maintainers was tight-lipped about the
nature of the problem because of the legislation set forth by the
Digital Millennium Copyright Act. It's unfortunate to see that legal
acts such as the DMCA, and the upcoming SSSCA, are impacting the IT
community's ability to be informed about security problems. Hopefully,
the day won't come were newsletters such as SAC are illegal under
some such silly computer crime law.
http://marc.theaimsgroup.com/?l=linux-kernel&m=100374609914587&w=2
Until next week,
--Security Alert Consensus Team
************************************************************************
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
TABLE OF CONTENTS:
{01.43.002} Win - Citrix MetaFrame session flood/timeout DoS
{01.43.010} Win - SSPD server malformed data DoS
{01.43.012} Win - MS01-052: Invalid RDP causes Terminal Server to crash
{01.43.019} Win - Lotus Notes client embedded object in e-mail
{01.43.026} Win - IE about: zone CSS
{01.43.029} Win - MS01-053: Mac IE executes some downloaded files
{01.43.003} Linux - Update {01.40.016}: OpenSSH from restriction bypass
{01.43.004} Linux - Update {01.41.007}: htdig/htsearch alternate
configuration file vulnerability
{01.43.005} Linux - Update {01.42.020}: login stored PAM result absorbs
other user credentials
{01.43.008} Linux - Update {01.41.011}: W3Mail webmail CGI command
execution
{01.43.013} Linux - gftp "shoulder surfing" password viewing
{01.43.014} Linux - Update {01.42.011}: Apache 1.3.22 available, with
security fixes
{01.43.015} Linux - Linux kernel security updates (both 2.2 and 2.4)
{01.43.016} Linux - Quota bypass via setuid file descriptors
{01.43.022} Linux - Update {01.39.015}: Squid FTP mkdir PUT DoS
{01.43.024} Linux - Update {01.27.040}: xvt command line buffer overflow
{01.43.025} Linux - Update {01.36.007}: Multiple xinetd vulnerabilities
{01.43.028} Linux - Update {00.56.022}: sdiff insecure temp file
handling
{01.43.032} Linux - HP Secure OS file system protection bypass
{01.43.030} Sol - Update {01.22.024}: yppasswdd RPC service buffer
overflow
{01.43.033} Sol - Update {00.26.008}: Local ufsrestore command buffer
overflow
{01.43.034} Sol - Update {01.15.001}: ntpd/xntpd control request
parsing buffer overflow
{01.43.006} HPUX - Update {01.30.021}: Multiple vendor telnetd option
handling overflow
{01.43.007} HPUX - HPUX 11.20 restriction bypass
{01.43.018} HPUX - Tomcat update
{01.43.023} SGI - IGMP packets may crash system
{01.43.001} SCO - Update {01.40.020}: (rpc.)ttdbserver syslog() format
string attack
{01.43.009} Cross - procmail privilege elevation via signals
{01.43.011} Cross - Oracle 9 iAS Web services DoS/overflow
{01.43.017} Cross - nvi file name format string vulnerability
{01.43.020} Cross - Network Query Tool CGI command execution
{01.43.021} Cross - Webmin insecure local temp file handling
{01.43.027} Cross - WebCart CGI 'nextpage' parameter command execution
{01.43.031} Cross - Sun JRE allows clipboard access
- --- Windows News -------------------------------------------------------
*** {01.43.002} Win - Citrix MetaFrame session flood/timeout DoS
A denial of service attack has been found in various versions of
Citrix' MetaFrame. It's possible for a remote attacker to cause the
entire system to crash by using a particular connection method and
then allowing the connection to timeout.
The vendor has confirmed this vulnerability and released various hot
fixes, which are available at:
http://www.citrix.com/support
Source: VulnWatch
http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0009.html
*** {01.43.010} Win - SSPD server malformed data DoS
The SSPD server included with Windows ME has been found susceptible to
a denial of service attack whereby a remote attacker connects to the
service and sends a few unexpected characters, causing the service
to crash.
This vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0133.html
*** {01.43.012} Win - MS01-052: Invalid RDP causes Terminal Server to
crash
Microsoft has released MS01-052 ("Invalid RDP causes Terminal Server
to crash"). A particular series of data sent to a Terminal Server
service can cause the system to crash, requiring a reboot. This
obviously leads to a remote denial of service.
FAQ and patch:
http://www.microsoft.com/technet/security/bulletin/MS01-052.asp
Source: Microsoft
http://archives.neohapsis.com/archives/vendor/2001-q4/0012.html
*** {01.43.019} Win - Lotus Notes client embedded object in e-mail
A recent advisory indicates it's possible to embed objects in e-mail
that could be potentially executed by the Lotus Notes client without
any warning, thus allowing malicious e-mail to run arbitrary programs.
This vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0180.html
*** {01.43.026} Win - IE about: zone CSS
A report was released this week indicating that Internet Explorer
versions prior to 6.0 are vulnerable to Cross-Site Scripting for
about: URLs. This could allow a malicious Web site or e-mail to
execute arbitrary script under lax security restrictions.
This vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0155.html
*** {01.43.029} Win - MS01-053: Mac IE executes some downloaded files
Microsoft has released MS01-053 ("Mac IE executes some downloaded
files"). Internet Explorer version 5.1 for Mac OS X has been found
to automatically execute BinHex and MacBinary files without prompting
the user.
FAQ and patch:
http://www.microsoft.com/technet/security/bulletin/MS01-053.asp
Source: Microsoft
http://archives.neohapsis.com/archives/vendor/2001-q4/0014.html
- --- Linux News ---------------------------------------------------------
*** {01.43.003} Linux - Update {01.40.016}: OpenSSH from restriction
bypass
Multiple vendors have released updated openSSH packages, which fix
the vulnerability discussed in {01.40.016} ("OpenSSH from restriction
bypass").
Updated Mandrake RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0119.html
Updated Trustix RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0127.html
Updated RedHat RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0185.html
Updated Immunix RPMs:
http://archives.neohapsis.com/archives/linux/immunix/2001-q4/0014.html
Source: Immunix, Mandrake, Trustix, RedHat (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0119.html
http://archives.neohapsis.com/archives/bugtraq/2001-10/0127.html
http://archives.neohapsis.com/archives/bugtraq/2001-10/0185.html
http://archives.neohapsis.com/archives/linux/immunix/2001-q4/0014.html
*** {01.43.004} Linux - Update {01.41.007}: htdig/htsearch alternate
configuration file vulnerability
SuSE and Debian have released updated htdig packages, which fix the
vulnerability discussed in {01.41.007} ("htdig/htsearch alternate
configuration file vulnerability").
Updated Debian DEBs:
http://archives.neohapsis.com/archives/vendor/2001-q4/0003.html
Updated SuSE RPMs:
http://archives.neohapsis.com/archives/linux/suse/2001-q4/0414.html
Source: Debian, SuSE
http://archives.neohapsis.com/archives/vendor/2001-q4/0003.html
http://archives.neohapsis.com/archives/linux/suse/2001-q4/0414.html
*** {01.43.005} Linux - Update {01.42.020}: login stored PAM result
absorbs other user credentials
Trustix and SuSE have released updated util-linux packages, which fix
the vulnerability discussed in {01.42.020} ("login stored PAM result
absorbs other user credentials").
Updated Trustix RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0129.html
Updated SuSE RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0161.html
Source: Trustix, SuSE (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0129.html
http://archives.neohapsis.com/archives/bugtraq/2001-10/0161.html
*** {01.43.008} Linux - Update {01.41.011}: W3Mail webmail CGI command
execution
Debian has released updated w3m packages, which fix the vulnerability
discussed in {01.41.011} ("W3Mail webmail CGI command execution").
Updated DEBs are listed at:
http://archives.neohapsis.com/archives/vendor/2001-q4/0004.html
Source: Debian
http://archives.neohapsis.com/archives/vendor/2001-q4/0004.html
*** {01.43.013} Linux - gftp "shoulder surfing" password viewing
gftp has been found to display a user's password while logging in. This
may allow someone in the vicinity of the user to see the password.
If this is important to you, download updated Debian DEBs at:
http://archives.neohapsis.com/archives/vendor/2001-q4/0009.html
Source: Debian
http://archives.neohapsis.com/archives/vendor/2001-q4/0009.html
*** {01.43.014} Linux - Update {01.42.011}: Apache 1.3.22 available,
with security fixes
Conectiva and Engarde have released updated Apache packages, which fix
the vulnerability discussed in {01.42.011} ("Apache 1.3.22 available,
with security fixes").
Updated Conectiva RPMs:
http://archives.neohapsis.com/archives/linux/conectiva/2001-q4/0003.html
Updated Engarde RPMs:
http://archives.neohapsis.com/archives/linux/engarde/2001-q4/0000.html
Source: Conectiva, Engarde
http://archives.neohapsis.com/archives/linux/conectiva/2001-q4/0003.html
http://archives.neohapsis.com/archives/linux/engarde/2001-q4/0000.html
*** {01.43.015} Linux - Linux kernel security updates (both 2.2 and 2.4)
A lot of movement has happened in the last week with the Linux kernels.
First off, 2.2.19 and prior, as well as 2.4.9 and prior, are vulnerable
to another ptrace() bug, which allows a local user to gain root access.
There is also a local denial of service bug, which is related to
nested symlinks in kernels prior to 2.4.12.
Note that the latest 2.4 kernel is 2.4.13. Kernel 2.2.20 will
be released shortly -- in the meantime, use the 2.2.19 patches
available at:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0135.html
Many vendors have also released updated kernel packages.
Updated Caldera RPMs:
http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0002.html
Updated RedHat RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0145.html
Updated Engarde RPMs:
http://archives.neohapsis.com/archives/linux/engarde/2001-q4/0001.html
Updated Trustix RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0149.html
Updated Immunix RPMs:
http://archives.neohapsis.com/archives/linux/immunix/2001-q4/0022.html
Source: Caldera, RedHat, Engarde, Trustix, Immunix, SecurityFocus
Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0135.html
http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0002.html
http://archives.neohapsis.com/archives/bugtraq/2001-10/0145.html
http://archives.neohapsis.com/archives/linux/engarde/2001-q4/0001.html
http://archives.neohapsis.com/archives/bugtraq/2001-10/0149.html
http://archives.neohapsis.com/archives/linux/immunix/2001-q4/0022.html
*** {01.43.016} Linux - Quota bypass via setuid file descriptors
A recent advisory indicates it's possible to bypass quote restrictions
via the use of setuid file output, which is seemingly not included
in quota counts. This allows a local attacker to consume more disk
space than allowed.
This vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0179.html
*** {01.43.022} Linux - Update {01.39.015}: Squid FTP mkdir PUT DoS
RedHat has released updated squid packages, which fix the vulnerability
discussed in {01.39.015} ("Squid FTP mkdir PUT DoS").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0189.html
Source: RedHat (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0189.html
*** {01.43.024} Linux - Update {01.27.040}: xvt command line buffer
overflow
Debian has released updated xvt packages, which fix the vulnerability
discussed in {01.27.040} ("xvt command line buffer overflow").
Updated DEBs are listed at:
http://archives.neohapsis.com/archives/vendor/2001-q4/0005.html
Source: Debian
http://archives.neohapsis.com/archives/vendor/2001-q4/0005.html
*** {01.43.025} Linux - Update {01.36.007}: Multiple xinetd
vulnerabilities
Engarde has released updated xinetd packages, which fix the
vulnerability discussed in {01.36.007} ("Multiple xinetd
vulnerabilities").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/linux/engarde/2001-q4/0002.html
Source: Engarde
http://archives.neohapsis.com/archives/linux/engarde/2001-q4/0002.html
*** {01.43.028} Linux - Update {00.56.022}: sdiff insecure temp file
handling
RedHat has released updated diffutils packages, which fix the
vulnerability discussed in {00.56.022} ("sdiff insecure temp file
handling").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-10/0161.html
Source: RedHat (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0161.html
*** {01.43.032} Linux - HP Secure OS file system protection bypass
HP's Secure OS system version 1.0 for Linux has been found to
not always provide the correct file system protection. This could
potentially allow local attackers to access files they otherwise
wouldn't be able to access.
HP has released patches:
i586: HPTL_00001
i686-UNP: HPTL_00002
i686-SMP: HPTL_00003
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q4/0021.html
- --- Solaris News -------------------------------------------------------
*** {01.43.030} Sol - Update {01.22.024}: yppasswdd RPC service buffer
overflow
Sun has released patches for the vulnerability discussed in {01.22.024}
("yppasswdd RPC service buffer overflow").
The following patches are available:
SunOS 5.8 -- 111596-02
SunOS 5.8_x86 -- 111597-02
SunOS 5.7 -- 111590-02
SunOS 5.7_x86 -- 111591-02
SunOS 5.6 -- 106303-03
SunOS 5.6_x86 -- 106304-03
Source: Sun (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0192.html
*** {01.43.033} Sol - Update {00.26.008}: Local ufsrestore command
buffer overflow
Sun has released patches that fix the vulnerability discussed in
{00.26.008} ("Local ufsrestore command buffer overflow").
A full patch matrix is available at the reference URL below.
Source: Sun (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0209.html
*** {01.43.034} Sol - Update {01.15.001}: ntpd/xntpd control request
parsing buffer overflow
Sun has released patches for the vulnerability discussed in {01.15.001}
("ntpd/xntpd control request parsing buffer overflow ").
A full patch matrix is available at the reference URL listed below.
Source: Sun (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0214.html
- --- HP-UX News ---------------------------------------------------------
*** {01.43.006} HPUX - Update {01.30.021}: Multiple vendor telnetd
option handling overflow
HP has released patches for the vulnerability discussed in {01.30.021}
("Multiple vendor telnetd option handling overflow"). Only HPUX 10.x
machines are vulnerable.
Install the correct patch:
HPUX 10.01: PHNE_24820
HPUX 10.10: PHNE_24820
HPUX 10.20: PHNE_24821
HPUX 10.24: PHNE_25217
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
*** {01.43.007} HPUX - HPUX 11.20 restriction bypass
HP has released an advisory indicating that HPUX 11.20 on the IA
platform contains an error in the execution of binaries. This error
could allow local attackers to elevate their privileges.
Users of HPUX 11.20 should install patch PHSS_25454.
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
*** {01.43.018} HPUX - Tomcat update
HP has released updated Tomcat packages, which fix various security
issues found in older versions of Tomcat (previously reported in SAC).
HPUX 11.04 (VVOS) users should install PHSS_24823 and PHSS_25221.
Source: HP
http://archives.neohapsis.com/archives/hp/2001-q4/0020.html
- --- SGI News -----------------------------------------------------------
*** {01.43.023} SGI - IGMP packets may crash system
IRIX prior to version 6.5.13 is vulnerable to a remote denial of
service, whereby an attacker can send a particular IGMP packet and
cause the system to immediately panic.
SGI has confirmed this vulnerability and released a set of patches
for all versions of IRIX 6.5.x. The full patch matrix is available
at the reference URL below.
Source: SGI
http://archives.neohapsis.com/archives/vendor/2001-q4/0015.html
- --- SCO News -----------------------------------------------------------
*** {01.43.001} SCO - Update {01.40.020}: (rpc.)ttdbserver syslog()
format string attack
Caldera/SCO has released updated ttdbserver packages, which fix the
vulnerability discussed in {01.40.020} ("(rpc.)ttdbserver syslog()
format string attack").
Updated binaries are available at:
ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.28/
Source: Caldera/SCO (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0116.html
- --- Cross-Platform News ------------------------------------------------
*** {01.43.009} Cross - procmail privilege elevation via signals
Debian has released an advisory indicating the possibility of local
attackers elevating their privileges on older versions of procmail,
if procmail is installed setuid. Other platforms may be vulnerable,
as well.
Updated DEBs are listed at:
http://archives.neohapsis.com/archives/vendor/2001-q4/0006.html
Source: Debian
http://archives.neohapsis.com/archives/vendor/2001-q4/0006.html
*** {01.43.011} Cross - Oracle 9 iAS Web services DoS/overflow
Oracle 9 iAS version 2.0.0.1.0 has been found to contain a buffer
overflow in the handling of various Web requests. This overflow
could allow a remote attacker to crash the listening Web servers or
potentially execute arbitrary code.
The vendor has confirmed this vulnerability and released various
patches. Full patch information is available at the reference URL
below.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0134.html
*** {01.43.017} Cross - nvi file name format string vulnerability
The nvi file editor has been found to contain a format string
vulnerability in the handling of file names. It's possible for a
user to be tricked into opening a malicious file, which could execute
arbitrary code under the user's privileges.
Debian has confirmed this vulnerability. Updated Debian DEBs are
listed at:
http://archives.neohapsis.com/archives/vendor/2001-q4/0011.html
Source: Debian
http://archives.neohapsis.com/archives/vendor/2001-q4/0011.html
*** {01.43.020} Cross - Network Query Tool CGI command execution
The Network Query Tool CGI version 1.0, in both standalone and PHPNuke
add-on versions, does not properly filter out Unix metacharacters from
user-supplied data before passing them on to a command line shell
for execution. Thus, it's possible for a remote attack to execute
arbitrary commands.
This vulnerability has not been confirmed.
Source: VulnWatch
http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0014.html
*** {01.43.021} Cross - Webmin insecure local temp file handling
The Webmin HTTP administration interface has been found to insecurely
create temporary files, potentially allowing local attackers to
execute arbitrary commands with root privileges.
This vulnerability has not been confirmed.
Source: VulnWatch
http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0015.html
*** {01.43.027} Cross - WebCart CGI 'nextpage' parameter command
execution
Mountain Network Systems' WebCart CGI version 8.4 has been found to
not properly filter metacharacters from the 'nextpage' URL parameter
before passing them to a shell. A remote attacker is thereby allowed
to execute arbitrary command line commands under the Web server's
privileges.
This vulnerability has not been confirmed.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0159.html
*** {01.43.031} Cross - Sun JRE allows clipboard access
Sun has released an advisory indicating that its JRE versions 1.3.0_02
and earlier contain a bug that would allow an untrusted applet to
access the clipboard.
Sun has released updated JRE versions for Solaris, Windows and Linux. A
full list of updates is available at the reference URL below.
HP has also released update information, which is available at:
http://archives.neohapsis.com/archives/hp/2001-q4/0021.html
Source: Sun, HP (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-10/0193.html
http://archives.neohapsis.com/archives/hp/2001-q4/0021.html
************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (BSD/OS)
Comment: For info see http://www.gnupg.org
iD8DBQE72F4m+LUG5KFpTkYRAi4GAKCUEEMwmTGWtLFUVBfxs3aND8mNjACeMpm0
yUAuiJOfQGhKrStvr0BozEY=
=9AFK
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
** Request your FREE Internet Security Handbook **
It's more important than ever to protect your information assets, avoid
business interruption, and prevent revenue loss. Request your *FREE*
copy of "Securing the Internet Economy: An Executive Guide to Managing
Online Risk" from Internet Security Systems (ISS).
Click here: http://www.iss.net/mktg/sac10401/
----------------------------------------------------------------------
Become a Security Alert Consensus member! If this e-mail was passed
to you and you would like to begin receiving our security e-mail
newsletter on a weekly basis, we invite you to subscribe today.
http://www.networkcomputing.com/consensus/.
We are signing the Consensus newsletter
with PGP. The new SANS PGP key is posted at:
http://certserver.pgp.com:11371/pks/lookup?op=get&search=0xA1694E46
and can be accessed from the SANS Web site (http://www.sans.org).
Special Note: To better secure your confidential information,
we will no longer include personal URLs in our Consensus
newsletter mailings. Instead, we have created a new form
(http://www.sans.org/sansurl). On this form you can enter the SD
number located near your name at the top of the newsletter. When you
submit this form, an e-mail containing a URL will be sent to you at
the e-mail address on record. With this URL you can make changes to
your account (edit the content of your Consensus mailing, for example)
without endangering the security of your personal URL. If you'd like
to change your e-mail address or other information, or unsubscribe
to this newsletter, please visit your new URL as described above. If
you have any problems or questions, e-mail us at <consensusnwc.com>.
Missed an issue? You can find all back issues of
Security Alert Consensus (and Security Express) online.
http://archives.neohapsis.com/
Your opinion counts. We'd like to hear your thoughts on Security Alert
Consensus. E-mail any questions or comments to <consensusnwc.com>.
Copyright (c) 2001 Network Computing, a CMP Media LLC
publication. All Rights Reserved. Distributed by Network
Computing (http://www.networkcomputing.com) and The SANS Institute
(http://www.sans.org). Powered by Neohapsis Inc., a Chicago-based
security assessment and integration services consulting group
(infoneohapsis.com | http://www.neohapsis.com/).
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]