OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Network Computing and The SANS Institute (sans+ZZ85611012638983775_at_sans.org)
Date: Thu Jul 18 2002 - 13:42:28 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


    Re: Your personalized newsletter

                      -- Security Alert Consensus --
                            Number 028 (02.28)
                         Thursday, July 18, 2002
                            Created for you by
                 Network Computing and the SANS Institute
                            Powered by Neohapsis

    ----------------------------------------------------------------------

    Welcome to the latest edition of Security Alert Consensus! Below
    you should find information pertaining only to the categories you
    requested. Information on how to manage your subscription can be found
    at the bottom of the newsletter. If you have any problems or questions,
    please e-mail us at <consensusnwc.com>.

    ----------------------------------------------------------------------

    Tech Library White Paper Spotlight: SAFE VPN: IPSec VPNs in Depth Read
    Cisco's best practice information for designing and implementing
    enterprise IPSec (IP security) VPNs (virtual private networks).
    http://techlibrary.networkcomputing.com/data/detail?id=1014669748_545&type=RES&x=7571703

    ----------------------------------------------------------------------

    Microsoft released patches for a bulk of MS SQL Server vulnerabilities
    this week (items {02.28.006} and {02.28.007} in the Windows
    category). The CDE-equipped Unix camps need to worry about the latest
    rpc.ttdbserver vulnerability (item {02.28.011} in the Cross-Platform
    category). Historically, other CDE ttdb bugs have been exploited to
    a large degree, so affected shops should consider upgrading sooner
    rather than later.

    Until next week,
    --Security Alert Consensus Team

    ************************************************************************

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    TABLE OF CONTENTS:

    {02.28.003} Win - Carello CGI arbitrary app execution
    {02.28.005} Win - PGP Outlook plugin decryption overflow
    {02.28.006} Win - MS02-034: Cumulative Patch for SQL Server
    {02.28.007} Win - MS02-035: SQL Server setup.iss log file exposes
                passwords
    {02.28.015} Win - RealONE/RealJukebox RJS skin.ini overflow
    {02.28.023} Win - Adobe Library eBook DoS vulnerabilities
    {02.28.026} Win - Lil'HTTP pbcgi CGI e-mail parameter CSS vulnerability
    {02.28.027} Win - Popcorn e-mail client multiple vulnerabilities
    {02.28.029} Win - BadBlue Web server multiple vulnerabilities
    {02.28.032} Win - Norton Personal Internet Firewall HTTP proxy overflow
    {02.28.034} Win - Oddsock Playlist Generator CGI multiple DoS
    {02.28.008} Linux - Update {02.26.002}: DNS libresolve/resolver buffer
                overflow
    {02.28.014} Linux - Update {02.27.004}: Squid 2.4.STABLE7 released,
                with security fixes
    {02.28.018} Linux - Update {02.26.003}: Apache mod_ssl off by one
                configuration directive overflow
    {02.28.009} BSD - Update {01.30.001}: tcpdump AFS parsing overflow (2)
    {02.28.010} BSD - ktrace suid app access to privileged information
    {02.28.025} Sol - Sun iRunbook CGIs file access
    {02.28.033} HPUX - Update {02.26.023}: HP/Sharity cifslogin multiple
                command-line parameter overflows
    {02.28.012} SCO - timed remote DoS
    {02.28.013} SCO - uux long status file name overflow
    {02.28.016} Other - Update {02.27.012}: MacOSX SoftwareUpdate
                unauthenticated downloads
    {02.28.021} Other - Tru64 inetd service flood DoS
    {02.28.022} Other - Tru64 ipcs local buffer overflow
    {02.28.024} Other - Pingtel xpressa SIP phone multiple vulnerabilities
    {02.28.001} Cross - GoAhead Web server directive traversal and CSS
                vulnerabilities
    {02.28.002} Cross - Apache Tomcat invoker servlet CSS vulnerability
    {02.28.004} Cross - Fluid Dynamics search CGI 'Rank' parameter CSS
                vulnerability
    {02.28.011} Cross - CDE rpc.ttdbserver two vulnerabilities
    {02.28.017} Cross - Double Choco Latte CGI multiple vulnerabilities
    {02.28.019} Cross - atphttpd multiple vulnerabilities
    {02.28.020} Cross - Novell Netmail/NIMS multiple vulnerabilities
    {02.28.028} Cross - CARE 2002 CGI file reading
    {02.28.030} Cross - Tivoli TMR Endpoint HTTP request DoS
    {02.28.031} Cross - Tivoli TMR ManagedNodes HTTP overflow

    - --- Windows News -------------------------------------------------------

    *** {02.28.003} Win - Carello CGI arbitrary app execution

    The Carello shopping cart CGI suite version 1.3 allows a remote
    attacker to execute arbitrary programs on the system by submitting
    a particular VBEXE URL parameter.

    The advisory indicates confirmation by the vendor, which fixed the
    problem in the next available version.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0015.html

    *** {02.28.005} Win - PGP Outlook plugin decryption overflow

    The PGP Outlook plugin included with PGP Desktop, Personal and Freeware
    versions 7.0.4 and prior contains a buffer overflow in the decryption
    of malformed e-mail messages. This allows a remote attacker to execute
    arbitrary code on users' systems as soon as they view the malformed
    e-mail. It is said that PGP Corporate Desktop users are not vulnerable.

    The vendor confirmed this vulnerability and
    released a patch, which is available at:
    http://www.nai.com/naicommon/download/upgrade/patches/patch-pgphotfix.asp

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0016.html

    *** {02.28.006} Win - MS02-034: Cumulative Patch for SQL Server

    Microsoft released MS02-034 ("Cumulative Patch for SQL Server"). MS
    SQL Server and MSDE installations have three new vulnerabilities:
    a buffer overflow in the bulk insert procedure; a buffer overflow in
    the password encryption procedure; and insecure permissions on the
    SQL service account registry key. The buffer overflows allow attackers
    capable of running arbitrary SQL statements to elevate their SQL user
    privileges and potentially execute arbitrary code.

    FAQ and patch:
    http://www.microsoft.com/technet/security/bulletin/MS02-034.asp

    Source: Microsoft (NTBugtraq)
    http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0012.html

    *** {02.28.007} Win - MS02-035: SQL Server setup.iss log file exposes
                    passwords

    Microsoft released MS02-035 ("SQL Server setup.iss log file
    exposes passwords"). It's possible to create a precomputed
    set-up file (setup.iss) in MS SQL Server to use for unattended
    installations. However, installations that use the setup.iss
    file produce installation log files afterwards, which include any
    SQL-server-related passwords in plain text.

    FAQ and patch:
    http://www.microsoft.com/technet/security/bulletin/MS02-035.asp

    Source: Microsoft (NTBugtraq)
    http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0009.html

    *** {02.28.015} Win - RealONE/RealJukebox RJS skin.ini overflow

    The RealONE and RealJukebox clients contain a buffer overflow in the
    parsing of custom skin files, potentially allowing a malformed skin
    file to execute arbitrary code on the user's system. In addition, it
    may be possible for a malicious Web site to force the download of a
    skin file. Skin files also can potentially contain active scripting,
    which is executed in the Local System zone.

    The vendor confirmed this problem; updates are listed at:
    http://service.real.com/help/faq/security/bufferoverrun07092002.html

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0127.html
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0130.html

    *** {02.28.023} Win - Adobe Library eBook DoS vulnerabilities

    The Adobe Library eBook virtual library suite contains multiple denial
    of service attacks that could allow a malicious attacker to check out
    all available books for large periods of time, regardless of settings.

    These vulnerabilities are not confirmed.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0020.html

    *** {02.28.026} Win - Lil'HTTP pbcgi CGI e-mail parameter CSS
                    vulnerability

    The pbcgi CGI included with Lil'HTTP contains a cross-site scripting
    vulnerability in the handling of the e-mail URL parameter.

    This vulnerability is not confirmed.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0112.html

    *** {02.28.027} Win - Popcorn e-mail client multiple vulnerabilities

    The popcorn e-mail client versions 1.20 and prior contain multiple
    vulnerabilities: a buffer overflow in the Subject e-mail header and
    two denial of service attacks that lead to resource consumption or
    application crashing.

    These vulnerabilities are not confirmed.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0117.html

    *** {02.28.029} Win - BadBlue Web server multiple vulnerabilities

    The BadBlue Web server reportedly contains three vulnerabilities:
    a denial of service attack when submitting a malformed HTTP request;
    disclosure of source code and other file contents regardless of
    settings; and weak storage of the administrative password.

    These vulnerabilities are not confirmed.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html

    *** {02.28.032} Win - Norton Personal Internet Firewall HTTP proxy
                    overflow

    Norton Personal Internet Firewall version 3.0.4.91 (version 2001)
    contains a buffer overflow in the handling of large HTTP proxy
    requests. As a result, an internal/local attacker can execute arbitrary
    code on the system.

    The vendor confirmed this vulnerability and released a patch.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0026.html
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0027.html

    *** {02.28.034} Win - Oddsock Playlist Generator CGI multiple DoS

    The Oddsock Playlist Generator CGI contains multiple overflows that
    lead to denial of service situations. A remote attacker can trigger
    these vulnerabilities.

    These vulnerabilities are not confirmed.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0175.html

    - --- Linux News ---------------------------------------------------------

    *** {02.28.008} Linux - Update {02.26.002}: DNS libresolve/resolver
                    buffer overflow

    Conectiva and Mandrake released updated bind packages, which fix
    the vulnerability discussed in {02.26.002} ("DNS libresolve/resolver
    buffer overflow").

    Updated Conectiva RPMs:
    http://archives.neohapsis.com/archives/linux/conectiva/2002-q3/0004.html

    Updated Mandrake RPMs:
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0180.html

    Source: Conectiva, Mandrake (SF Bugtraq)
    http://archives.neohapsis.com/archives/linux/conectiva/2002-q3/0004.html
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0180.html

    *** {02.28.014} Linux - Update {02.27.004}: Squid 2.4.STABLE7 released,
                    with security fixes

    Trustix released updated squid packages, which fix the vulnerability
    discussed in {02.27.004} ("Squid 2.4.STABLE7 released, with security
    fixes").

    Updated RPMs are listed at:
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0154.html

    Source: Trustix (SF Bugtraq)
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0154.html

    *** {02.28.018} Linux - Update {02.26.003}: Apache mod_ssl off by one
                    configuration directive overflow

    Red Hat and Caldera released updated modssl packages, which fix the
    vulnerability discussed in {02.26.003} ("Apache mod_ssl off by one
    configuration directive overflow").

    Updated Red Hat RPMs:
    http://archives.neohapsis.com/archives/linux/redhat/2002-q3/0008.html

    Updated Caldera RPMs:
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0183.html

    Source: Red Hat, Caldera (SF Bugtraq)
    http://archives.neohapsis.com/archives/linux/redhat/2002-q3/0008.html
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0183.html

    - --- BSD News -----------------------------------------------------------

    *** {02.28.009} BSD - Update {01.30.001}: tcpdump AFS parsing overflow
                    (2)

    FreeBSD committed updated tcpdump packages to CVS, which fix the
    vulnerability discussed in {01.30.001} ("tcpdump AFS parsing overflow
    (2)").

    The RELENG branches as of July 12th contain the updated versions.

    Source: FreeBSD
    http://archives.neohapsis.com/archives/freebsd/2002-07/0242.html

    *** {02.28.010} BSD - ktrace suid app access to privileged information

    FreeBSD released an advisory that indicates the potential for local
    attackers to ktrace setuid/setgid applications, potentially allowing
    them to access/view information that is privileged (and retained
    after the privileges rights are dropped).

    FreeBSD RELENG branches as of July 11th contain the appropriate fix.

    Source: FreeBSD
    http://archives.neohapsis.com/archives/freebsd/2002-07/0243.html

    - --- Solaris News -------------------------------------------------------

    *** {02.28.025} Sol - Sun iRunbook CGIs file access

    The iRunbook Explorer CGI suite allows a remote attacker to access
    arbitrary files readable by the Web server by submitting a request
    with a variant of reverse directory traversal ('..') notation.

    This vulnerability is not confirmed.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0107.html

    - --- HP-UX News ---------------------------------------------------------

    *** {02.28.033} HPUX - Update {02.26.023}: HP/Sharity cifslogin
                    multiple command-line parameter overflows

    HP released updated CIFS/9000 packages, which fix the vulnerability
    discussed in {02.26.023} ("HP/Sharity cifslogin multiple command-line
    parameter overflows").

    Install CIFS/9000 client version A.01.07 or later.

    Source: HP/Compaq
    http://archives.neohapsis.com/archives/hp/2002-q3/0016.html

    - --- SCO News -----------------------------------------------------------

    *** {02.28.012} SCO - timed remote DoS

    Caldera/SCO released an advisory indicating that the timed daemon
    does not properly check certain incoming data, potentially resulting
    in a denial of service situation.

    Updated binaries are available at:
    ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.33

    Source: Caldera/SCO
    http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0003.html

    *** {02.28.013} SCO - uux long status file name overflow

    Caldera/SCO released an advisory indicating that the uux utility
    is vulnerable to a local buffer overflow in the handling of long
    file-name parameters. This could allow a local attacker to execute
    arbitrary code with elevated privileges.

    Updated binaries are available at:
    ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.34

    Source: Caldera/SCO
    http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0004.html

    - --- Other News ---------------------------------------------------------

    *** {02.28.016} Other - Update {02.27.012}: MacOSX SoftwareUpdate
                    unauthenticated downloads

    Apple released a patch that fixes the vulnerability discussed in
    {02.27.012} ("MacOSX SoftwareUpdate unauthenticated downloads").

    The patch is available at:
    http://download.info.apple.com/Mac_OS_X/061-0074.20020712/2z/SecurityUpdate7-12-02.dmg.bin

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0146.html

    *** {02.28.021} Other - Tru64 inetd service flood DoS

    Compaq/HP released an advisory indicating the potential for a denial
    of service attack whereby a remote attacker floods inetd.

    The vendor confirmed this vulnerability and released an early-release
    patch. Further information is available at the reference URL below.

    Source: Compaq/HP
    http://archives.neohapsis.com/archives/compaq/2002-q3/0011.html

    *** {02.28.022} Other - Tru64 ipcs local buffer overflow

    Compaq/HP released an advisory indicating the ipcs utility contains a
    buffer overflow that would allow a local attacker to execute arbitrary
    code with elevated privileges.

    A full list of updated patches is available at the reference URL below.

    Source: Compaq/HP
    http://archives.neohapsis.com/archives/compaq/2002-q3/0009.html

    *** {02.28.024} Other - Pingtel xpressa SIP phone multiple
                    vulnerabilities

    Pingtel xpressa SIP phones with firmware versions 1.2.7.4 and prior
    contain a few vulnerabilities: a default administrative password;
    non-admin-authenticated users can perform a denial of service attack
    by changing system settings; and attackers with physical access can
    reset the administrative password.

    The advisory indicates confirmation by the vendor, which released a
    'best practices' deployment guide:
    http://www.pingtel.com/docs/best_practices_20x.txt

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0019.html

    - --- Cross-Platform News ------------------------------------------------

    *** {02.28.001} Cross - GoAhead Web server directive traversal and CSS
                    vulnerabilities

    GoAhead Web server version 2.1 reportedly contains two vulnerabilities:
    a directory traversal problem that allows remote attackers to access
    files outside the Web root and a cross-site scripting vulnerability
    in the handling of HTTP 404 responses.

    These vulnerabilities are not confirmed.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0013.html

    *** {02.28.002} Cross - Apache Tomcat invoker servlet CSS vulnerability

    The invoker servlet included with Apache Tomcat version 4.0.3 is
    vulnerable to cross-site scripting in the handling of URLs for
    particular servlets.

    This vulnerability is not confirmed.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0014.html

    *** {02.28.004} Cross - Fluid Dynamics search CGI 'Rank' parameter CSS
                    vulnerability

    The Fluid Dynamics search CGI prior to version 2.0.0.0055 contains
    a cross-site scripting bug in the handling of the 'Rank' URL parameter.

    The vendor confirmed this vulnerability and released version
    2.0.0.0055.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0096.html
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0094.html

    *** {02.28.011} Cross - CDE rpc.ttdbserver two vulnerabilities

    The CDE rpc.ttdbserver contains two vulnerabilities that would allow
    a remote attacker to execute arbitrary code as well as delete or
    overwrite arbitrary files.

    IBM released APARs IY32368 (4.3.3) and IY32370 (5.1.0).

    Caldera/SCO released updated binaries, which are available at:
    ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28

    HP released a temporary workaround, which is detailed at:
    http://archives.neohapsis.com/archives/hp/2002-q3/0011.html

    Source: CERT, IBM, Caldera/SCO, HP
    http://archives.neohapsis.com/archives/cc/2002-q3/0000.html
    http://archives.neohapsis.com/archives/aix/2002-q3/0002.html
    http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0002.html
    http://archives.neohapsis.com/archives/hp/2002-q3/0011.html

    *** {02.28.017} Cross - Double Choco Latte CGI multiple vulnerabilities

    The Double Choco Latte CGI suite prior to version 20020706 allows a
    remote attacker to trick the server into downloading arbitrary files
    readable by the Web server. The CGI suite also contains multiple
    cross-site scripting errors.

    The vendor confirmed these vulnerabilities and released version
    20020706.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html

    *** {02.28.019} Cross - atphttpd multiple vulnerabilities

    The atphttpd Web server version 0.4b contains multiple buffer
    overflows, which allow a remote attacker to execute arbitrary code
    under the privileges of the Web server.

    This vulnerability is not confirmed.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0134.html

    *** {02.28.020} Cross - Novell Netmail/NIMS multiple vulnerabilities

    Novell released patches for various buffer overflows found in the
    Netmail/NIMS package prior to version 3.0.3b. The buffer overflows
    exist in the Web interface and the IMAP service, and they could
    potentially allow the remote execution of arbitrary code.

    A full list of patches is available at:
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0153.html
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0152.html

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0153.html
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0152.html

    *** {02.28.028} Cross - CARE 2002 CGI file reading

    Under certain configurations, the CARE 2002 CGI suite allows a remote
    attacker to read arbitrary files readable by the Web server. The
    vulnerability depends on the PHP 'magic_quotes_gpc' directive being
    turned off.

    This vulnerability is not confirmed.

    Source: SecurityFocus Bugtraq
    http://archives.neohapsis.com/archives/bugtraq/2002-07/0128.html

    *** {02.28.030} Cross - Tivoli TMR Endpoint HTTP request DoS

    The Web server included with IBM Tivoli TMR Endpoints version 3.7.1
    contains a buffer overflow in the handling of very large GET requests,
    resulting in a denial of service attack.

    The vendor confirmed this vulnerability, which is fixed in FixPack 2.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html

    *** {02.28.031} Cross - Tivoli TMR ManagedNodes HTTP overflow

    The Web server included with IBM Tivoli TMR ManagedNodes version
    3.7.1 contains a buffer overflow in the handling of very large GET
    requests. As a result, a remote attacker can execute arbitrary code.

    The vendor confirmed this vulnerability.

    Source: VulnWatch
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0024.html

    ************************************************************************

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (BSD/OS)
    Comment: For info see http://www.gnupg.org

    iD8DBQE9Nwn4+LUG5KFpTkYRAiLYAJsEffRpqBXOU0NNk7FQPBkE7RoowQCbBVyT
    nFPuZfwNejc1L8tG8QE35v0=
    =fsJF
    -----END PGP SIGNATURE-----
    ------------------------------------------------------------------------

    Tech Library White Paper Spotlight: SAFE VPN: IPSec VPNs in Depth Read
    Cisco's best practice information for designing and implementing
    enterprise IPSec (IP security) VPNs (virtual private networks).
    http://techlibrary.networkcomputing.com/data/detail?id=1014669748_545&type=RES&x=7571703

    ----------------------------------------------------------------------

    Become a Security Alert Consensus member! If this e-mail was passed
    to you and you would like to begin receiving our security e-mail
    newsletter on a weekly basis, we invite you to subscribe today.
    http://www.networkcomputing.com/consensus/.

    We are signing the Consensus newsletter with PGP. The new SANS PGP key
    is posted at:
    http://www.pgp.net:11371/pks/lookup?op=get&search=0xA1694E46
    and can also be accessed from the SANS Web site (http://www.sans.org).

    Special Note: To better secure your confidential information, we will
    no longer include personal URLs in our Consensus newsletter mailings.
    Instead, we have created a new form (http://www.sans.org/sansurl). On
    this form you can enter the SD number located near your name at the
    top of the newsletter. When you submit this form, an e-mail containing
    a URL will be sent to you at the e-mail address on record. With this
    URL you can make changes to your account (edit the content of your
    Consensus mailing, for example) without endangering the security of
    your personal URL. If you'd like to change your e-mail address or
    other information, please visit your new URL as described above. If
    you have any problems or questions, e-mail us at <consensusnwc.com>.

    If you would like to unsubscribe from this newsletter, grab your SD
    number (next to your name at the top of this message) and visit the
    URL below. You will be sent a personal URL via E-mail, from which
    you can unsubscribe. http://www.sans.org/sansurl

    Missed an issue? You can find all back issues of Security Alert
    Consensus (and Security Express) online.
    http://archives.neohapsis.com/

    Your opinion counts. We'd like to hear your thoughts on Security Alert
    Consensus. E-mail any questions or comments to <consensusnwc.com>.

    Copyright (c) 2002 Network Computing, a CMP Media LLC
    publication. All Rights Reserved. Distributed by Network
    Computing (http://www.networkcomputing.com) and The SANS Institute
    (http://www.sans.org). Powered by Neohapsis Inc., a Chicago-based
    security assessment and integration services consulting group
    (infoneohapsis.com | http://www.neohapsis.com/).