|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Security Threat Watch 032
From: Security Threat Watch (NetworkComputing
update.networkcomputing.com)
Date: Mon Jun 07 2004 - 13:01:34 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 032
Monday, June 7, 2004
Created for you by Network Computing & Neohapsis
--- Security News ----------------------------------------------
The most notable vulnerability this week involves a bug in mod_ssl, the
SSL library powering Apache. Under certain configurations, it's possible
for a remote attacker to cause a buffer overflow via large client
certificate values.
Also, Russ Cooper posted an interesting e-mail to NTBugtraq about the
various vulnerabilities found in different generations of Windows
operating systems. The resulting thread offers a number of perspectives
on the shortcomings and mis-directions of current patching practices as
well as on the trends in marketing to use vulnerability counts as a
metric for overall security. For those interested, the thread is at:
http://archives.neohapsis.com/archives/ntbugtraq/2004-q2/thread.html#63
Until next week,
- The Neohapsis Security Threat Watch Team
--- Advertisement -----------------------------------------------------
Join InformationWeek for a FREE, on-demand TechWebCast on
Best Practices...Best Providers. Join us to hear first-hand
from Sun and its 2004 iForce Partner Excellence Awards
winners. Learn how these "best in breed" providers are
helping their customers achieve best-practice status.
Register to view now or at your convenience:
--- New Vulnerabilities -----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Oracle E-Business Suite: multiple SQL tampering vulnerabilities
mod_ssl: ssl_util_uuencode_binary overflow
**** Newly announced vulnerabilities this week ****
____Windows____
Colin McRae Rally 04 1.0: client DoS
http://archives.neohapsis.com/archives/bugtraq/2004-06/0064.html
Mollensoft FTP Server 3.6: CWD command remote overflow
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0028.html
Orenosv 0.6.0: malformed HTTP request DoS
http://archives.neohapsis.com/archives/bugtraq/2004-06/0035.html
Windows 2000: eight-character domain name allows expired passwords to be accepted
http://archives.neohapsis.com/archives/bugtraq/2004-05/0307.html
____Linux____
gatos/xatitv: local command execution
http://archives.neohapsis.com/archives/vendor/2004-q2/0070.html
jftpgw: log() format string vulnerability
http://archives.neohapsis.com/archives/vendor/2004-q2/0071.html
____Network Devices____
Linksys routers: multiple DoS vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-06/0033.html
____CGI____
Crafy Syntax Live Help 2.7.3: XSS vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-06/0054.html
JPortal: print.inc.php SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2004-05/0294.html
LDU: image tag XSS vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-05/0299.html
Mail Manage EX 3.1.8: PHP remote file include code execution
http://archives.neohapsis.com/archives/bugtraq/2004-06/0037.html
Nuke Cops betaNC: authentication bypass
http://archives.neohapsis.com/archives/bugtraq/2004-06/0005.html
OSC2Nuke: authentication bypass
http://archives.neohapsis.com/archives/bugtraq/2004-06/0006.html
Openwebmail 2.3.2: XSS vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-06/0050.html
PHPNuke 7.3: authentication bypass
http://archives.neohapsis.com/archives/bugtraq/2004-06/0007.html
SquirrelMail 1.5.1: XSS vulnerability
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0027.html
____Cross-Platform____
Firebird 1.0: database name remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-05/0321.html.0
Isoqlog: multiple local overflows
http://archives.neohapsis.com/archives/bugtraq/2004-05/0298.html
MIT Kerberos 1.3.3: krb5_aname_to_localname local overflow
http://archives.neohapsis.com/archives/bugtraq/2004-06/0044.html
Oracle E-Business Suite: multiple SQL tampering vulnerabilities
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0032.html
Spamguard 1.6: multiple remote overflows
http://archives.neohapsis.com/archives/bugtraq/2004-05/0298.html
Tripwire: reports sent via sendmail can trigger overflow
http://archives.neohapsis.com/archives/bugtraq/2004-06/0032.html
http://archives.neohapsis.com/archives/bugtraq/2004-06/0043.html
l2tpd: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-06/0071.html
mod_ssl: ssl_util_uuencode_binary overflow
http://archives.neohapsis.com/archives/linux/mandrake/2004-q2/0214.html
____Other Platforms____
Unix 7th edition: mkdir local overflow
http://archives.neohapsis.com/archives/bugtraq/2004-06/0028.html
--- Patches and Updates -----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 499-2: rsync
http://archives.neohapsis.com/archives/vendor/2004-q2/0074.html
Debian > DSA 511-1: ethereal
http://archives.neohapsis.com/archives/bugtraq/2004-05/0310.html
Debian > DSA 512-1: gallery
http://archives.neohapsis.com/archives/vendor/2004-q2/0073.html
Debian > DSA 513-1: log2mail
http://archives.neohapsis.com/archives/bugtraq/2004-06/0038.html
Debian > DSA 514-1: kernel
http://archives.neohapsis.com/archives/vendor/2004-q2/0076.html
Debian > DSA 515-1: lha
http://archives.neohapsis.com/archives/vendor/2004-q2/0077.html
Debian > DSA 516-1: odbc-postgresql
http://archives.neohapsis.com/archives/vendor/2004-q2/0078.html
Fedora > FLSA-2004:1620: CVS
http://archives.neohapsis.com/archives/bugtraq/2004-06/0051.html
Mandrake > MDKSA-2004:053: xpcd
http://archives.neohapsis.com/archives/linux/mandrake/2004-q2/0213.html
Mandrake > MDKSA-2004:055: Apache2
http://archives.neohapsis.com/archives/linux/mandrake/2004-q2/0212.html
Mandrake > MDKSA-2004:056: krb5
http://archives.neohapsis.com/archives/linux/mandrake/2004-q2/0221.html
Trustix > TSLSA-2004-0031: Apache
http://archives.neohapsis.com/archives/bugtraq/2004-06/0018.html
Trustix > TSLSA-2004-0032: kerberos
http://archives.neohapsis.com/archives/bugtraq/2004-06/0016.html
____BSD____
NetBSD > 2004-008: CVS
http://archives.neohapsis.com/archives/netbsd/2004-q2/0129.html
--- Advertisement -----------------------------------------------------
Join InformationWeek for a FREE, on-demand TechWebCast on
Best Practices...Best Providers. Join us to hear first-hand
from Sun and its 2004 iForce Partner Excellence Awards
winners. Learn how these "best in breed" providers are
helping their customers achieve best-practice status.
Register to view now or at your convenience:
--- Sign Off ----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2004 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]