|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Security Threat Watch 057
From: Security Threat Watch (NetworkComputing
update.networkcomputing.com)
Date: Mon Nov 29 2004 - 14:16:54 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 057
Monday, November 29, 2004
Created for you by Network Computing & Neohapsis
--- Security News ----------------------------------------------
Significant vulnerabilities were found in versions of the Sun Java JVM
that could allow malicious applets (hosted by Web sites) to bypass Java
sandbox security restrictions and execute arbitrary operations on the
victim's computer. If you have Sun's Java JVM installed, you should
check Sun's site for updated versions.
Other notable vulnerabilities this week include a remote overflow in
SecureCRT's telnet URL handler, various MySQL local server crashes (and
a possible remote overflow via DNS responses), multiple remote overflows
in the Cyrus IMAP server, and a bug during replication of the Windows
WINS service. All these items are reported in this issue. Keep in mind
that you will only see the selected items if you are subscribed to the
appropriate platform category.
Until next week,
- The Neohapsis Security Threat Watch Team
--- Security Pipeline -----------------------------------------------------
Got Spyware? Integrated Approach Is Key
As spyware continues to plague enterprise networks, security vendors are
moving to incorporate antispyware capabilities into their integrated
gateway appliances.
http://nwc.securitypipeline.com/54200212
Subscribe to the free weekly Security Pipeline newsletter for the latest
news, reviews and in-depth how-tos on protecting your network against
spam, phishing, spyware, hackers and other Fearsome Beestes.
http://securitypipeline.com/newsletter.jhtml
--- Advertisement -----------------------------------------------------
Evaluate SSL VPN for Most Secure Access from Anywhere
Now you can provide employees and partners access to email,
SharePoint, Citrix, PeopleSoft, SAP, shared files and all
applications from any web browser. Whale's remote access solutions
have earned numerous technology awards. The major industry
analysts have named Whale a leader and a visionary in its space.
Click here to evaluate Whale's SSL VPN in your own environment.
--- New Vulnerabilities -----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
SecureCRT <4.1.9: URL handler remote command execution
Sun Java JVM: applet/plugin sandbox bypass
**** Newly announced vulnerabilities this week ****
____Windows____
CMailServer WebMail 5.2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-11/0329.html
MailEnable IMAP service: large command remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-11/0349.html
Prevx Home IPS 1.0: local security restrictions bypass
http://archives.neohapsis.com/archives/bugtraq/2004-11/0277.html
http://archives.neohapsis.com/archives/bugtraq/2004-11/0330.html
SecureCRT <4.1.9: URL handler remote command execution
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0128.html
Soldier of Fortune II 1.03: malformed communication remote DoS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0295.html
Star Wars Battlefront 1.11: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0320.html
WeOnlyDo! FTP ActiveX Control: malicious server response remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-11/0269.html
Winamp: IN_CDDA.dll remote overflow
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0127.html
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0129.html
http://archives.neohapsis.com/archives/bugtraq/2004-11/0369.html
Windows WINS service: replication remote overflow
http://archives.neohapsis.com/archives/vuln-dev/2004-q4/0066.html
____Network Devices____
ZyXEL Prestige router: remote HTTP admin authentication bypass
http://archives.neohapsis.com/archives/bugtraq/2004-11/0274.html
http://archives.neohapsis.com/archives/bugtraq/2004-11/0313.html
____CGI____
EZshopper: remote file reading
http://archives.neohapsis.com/archives/bugtraq/2004-11/0342.html
Insite InShop/InMail: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0334.html
JSPWiki 2.1.120: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0325.html
KorWeblog 1.6.2: remote directory reading
http://archives.neohapsis.com/archives/bugtraq/2004-11/0314.html
PHPCMS 1.2.1: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0364.html
PHPKit 1.6.1: SQL tampering, XSS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0276.html
PnTresMailer Code Browser 6.03: remote file reading
http://archives.neohapsis.com/archives/bugtraq/2004-11/0367.html
ProZilla 1.3.6-r2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-11/0286.html
Zwiki 0.36.2: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0332.html
____Cross-Platform____
Atari800 emulator: local overflow
http://archives.neohapsis.com/archives/bugtraq/2004-11/0339.html
http://archives.neohapsis.com/archives/bugtraq/2004-11/0362.html
Cyrus IMAP Server 2.2.8: multiple remote vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-11/0280.html
Halo 1.05: malicious server response DoS
http://archives.neohapsis.com/archives/bugtraq/2004-11/0271.html
Jabberd 2.x: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-11/0352.html
MySQL: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-11/0341.html
OpenDc Hub 0.7.14: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-11/0353.html
Sun Java JVM: applet/plugin sandbox bypass
http://archives.neohapsis.com/archives/bugtraq/2004-11/0275.html
http://archives.neohapsis.com/archives/bugtraq/2004-11/0299.html
--- Patches and Updates -----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 595-1: bnc
http://archives.neohapsis.com/archives/vendor/2004-q4/0063.html
Debian > DSA 596-2: sudo
http://archives.neohapsis.com/archives/vendor/2004-q4/0067.html
Debian > DSA 597-1: cyrus-imapd
http://archives.neohapsis.com/archives/vendor/2004-q4/0068.html
Debian > DSA 598-1: yardradius
http://archives.neohapsis.com/archives/vendor/2004-q4/0069.html
Debian > DSA 599-1: tetex-bin
http://archives.neohapsis.com/archives/vendor/2004-q4/0070.html
Mandrake > MDKSA-2004:137: libxpm4
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0080.html
Mandrake > MDKSA-2004:138: XFree86
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0079.html
Mandrake > MDKSA-2004:139: cyrus-imapd
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0081.html
Mandrake > MDKSA-2004:140: a2ps
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0082.html
Mandrake > MDKSA-2004:141: zip
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0083.html
Trustix > TSLSA-2004-0061: multiple applications
http://archives.neohapsis.com/archives/bugtraq/2004-11/0268.html
--- Advertisement -----------------------------------------------------
Evaluate SSL VPN for Most Secure Access from Anywhere
Now you can provide employees and partners access to email,
SharePoint, Citrix, PeopleSoft, SAP, shared files and all
applications from any web browser. Whale's remote access solutions
have earned numerous technology awards. The major industry
analysts have named Whale a leader and a visionary in its space.
Click here to evaluate Whale's SSL VPN in your own environment.
--- Sign Off ----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
NetworkComputingupdate.networkcomputing.com
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2004 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]