|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Security Threat Watch 027
From: Security Threat Watch (NetworkComputing
update.networkcomputing.com)
Date: Mon May 03 2004 - 13:03:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 027
Monday, May 3, 2004
Created for you by Network Computing & Neohapsis
--- Security News ----------------------------------------------
A worm that takes advantage of the LSASS vulnerability fixed in the
recently released MS04-011 patch rollup appears to be roving about. The
W32/Sasser worm uses the regular SMB ports to infect the system, so as
long as you're filtering them, you should be OK from external infection.
But, as we all know, you need to be aware of that unsuspecting laptop
user who introduces it into the middle of your enterprise.
http://archives.neohapsis.com/archives/ntbugtraq/2004-q2/0036.html
Until next week,
- The Neohapsis Security Threat Watch Team
--- Advertisement -----------------------------------------------------
Free Microsoft Security Summit in 20 cities April-June
Learn how to make your infrastructure and applications more secure.
The free Microsoft Security Summits feature keynote speakers,
Ask the Experts panel discussions, and intensive training tracks for
IT Professionals and Developers. Space is limited. Register today.
--- New Vulnerabilities -----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
McAfee VirusScan: insecure ActiveX control functions
Windows Explorer and IE: long share name remote overflow
**** Newly announced vulnerabilities this week ****
____Windows____
Citrix Metaframe: malicious admin can access user's local drives
http://archives.neohapsis.com/archives/bugtraq/2004-04/0347.html
Dameware 4.2: weak use of encryption
http://archives.neohapsis.com/archives/bugtraq/2004-04/0362.html
McAfee VirusScan: insecure ActiveX control functions
http://archives.neohapsis.com/archives/ntbugtraq/2004-q2/0026.html
Windows Explorer and IE: long share name remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-04/0305.html
http://archives.neohapsis.com/archives/bugtraq/2004-04/0312.html
____Network Devices____
Samsung SS6215S switch: admin login bypass
http://archives.neohapsis.com/archives/bugtraq/2004-04/0295.html
____CGI____
Moodle 1.2: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-04/0357.html
OpenBB 1.0.6: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-04/0302.html
PHP-Nuke Video Gallery 0.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2004-04/0311.html
Props 0.6.1: XSS, file reading
http://archives.neohapsis.com/archives/bugtraq/2004-04/0383.html
SquirrelMail 1.4.2: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-04/0354.html
paFileDB 3.1: XSS, info disclosure
http://archives.neohapsis.com/archives/bugtraq/2004-04/0317.html
____Cross-Platform____
HP Web JetAdmin: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-04/0306.html
http://archives.neohapsis.com/archives/bugtraq/2004-04/0359.html
LHa 1.14i: multiple local vulnerabilities
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0093.html
QuickTime 6.5.0: malformed MOV file overflow (APPLE-SA-2004-04-30)
http://archives.neohapsis.com/archives/bugtraq/2004-04/0376.html
eXtremail 1.5.9: logging routines remote format string vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-04/0304.html
--- Patches and Updates -----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 496-1: eterm
http://archives.neohapsis.com/archives/bugtraq/2004-04/0338.html
Debian > DSA 497-1: mc
http://archives.neohapsis.com/archives/bugtraq/2004-04/0348.html
Debian > DSA 498-1: libpng
http://archives.neohapsis.com/archives/bugtraq/2004-04/0355.html
Debian > DSA 499-1: rsync
http://archives.neohapsis.com/archives/vendor/2004-q2/0046.html
Debian > DSA 500-1: flim
http://archives.neohapsis.com/archives/vendor/2004-q2/0047.html
EnGarde > ESA-20040428-004: kernel
http://archives.neohapsis.com/archives/bugtraq/2004-04/0324.html
Mandrake > MDKSA-2004:037: kernel
http://archives.neohapsis.com/archives/bugtraq/2004-04/0315.html
Mandrake > MDKSA-2004:038: sysklogd
http://archives.neohapsis.com/archives/bugtraq/2004-04/0329.html
Mandrake > MDKSA-2004:039: mc
http://archives.neohapsis.com/archives/bugtraq/2004-04/0358.html
Mandrake > MDKSA-2004:040: libpng
http://archives.neohapsis.com/archives/bugtraq/2004-04/0346.html
Mandrake > MDKSA-2004:041: ProFTPD
http://archives.neohapsis.com/archives/bugtraq/2004-04/0378.html
Red Hat > RHSA-2004:163-01: OpenOffice
http://archives.neohapsis.com/archives/bugtraq/2004-04/0365.html
Red Hat > RHSA-2004:173-01: mc
http://archives.neohapsis.com/archives/linux/redhat/2004-q2/0012.html
Red Hat > RHSA-2004:175-01: utempter
http://archives.neohapsis.com/archives/bugtraq/2004-04/0375.html
Red Hat > RHSA-2004:177-01: xchat
http://archives.neohapsis.com/archives/bugtraq/2004-04/0356.html
Red Hat > RHSA-2004:179-01: LHa
http://archives.neohapsis.com/archives/bugtraq/2004-04/0361.html
Red Hat > RHSA-2004:181-01: libpng
http://archives.neohapsis.com/archives/bugtraq/2004-04/0370.html
Red Hat > RHSA-2004:182-01: httpd
http://archives.neohapsis.com/archives/linux/redhat/2004-q2/0008.html
Slackware > SSA:2004-119-01: kernel
http://archives.neohapsis.com/archives/bugtraq/2004-04/0332.html
Trustix > TSLSA-2004-0024: rsync
http://archives.neohapsis.com/archives/bugtraq/2004-04/0360.html
Trustix > TSLSA-2004-0025: libpng, proftpd
http://archives.neohapsis.com/archives/bugtraq/2004-04/0350.html
--- Advertisement -----------------------------------------------------
Free Microsoft Security Summit in 20 cities April-June
Learn how to make your infrastructure and applications more secure.
The free Microsoft Security Summits feature keynote speakers,
Ask the Experts panel discussions, and intensive training tracks for
IT Professionals and Developers. Space is limited. Register today.
--- Sign Off ----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2004 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]