|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Security Threat Watch 101
From: Security Threat Watch Newsletter (NetworkComputing
update.networkcomputing.com)
Date: Mon Oct 10 2005 - 13:01:11 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 101
Monday, October 10, 2005
Created for you by Network Computing & Neohapsis
Last week proved interesting on the Oracle front. Besides having
multiple minor security issues disclosed, David Litchfield made a
pretty significant commentary. In his commentary, Litchfield--a
notable researcher well-known for his Oracle security
research--questioned Oracle's commitment to security based on its
failure to fix reported vulnerabilities in timeframes longer than a
year as well as incorrect fixes that only prevented specific
proof-of-concept exploits rather than general exploitation. Litchfield
has repeatedly proven that, when it comes to security, Oracle's
"unbreakable" product can definitely be broken, and yet Oracle
continues to be "all talk and no fix." This appears to be leading to
tension in the security research community; there are hints of
researchers desiring to disclose Oracle vulnerabilities without
informing Oracle first in an attempt to publicly flog the company into
action. Those interested in the commentary and follow-up discussion
can read the "Opinion: Complete failure of Oracle security response
and utter neglect of their responsibility to their customers" thread
at:
http://archives.neohapsis.com/archives/bugtraq/2005-10/thread.html#50
Until next issue,
- The Neohapsis Security Threat Watch Team
--- Advertisement
-----------------------------------------------------
Focus on... Secure Remote Support
Want to learn more about Secure Remote Support?
Check out these sponsored links from Webex Communications.
Secure remote support with WebEx. Try it Free:
Secure remote support with WebEx. Buy Now:
--- Secure Enterprise Survey
-----------------------------------------------
How many passwords did your help desk reset last month? If you're like
most, the answer is, "Too many!" To help streamline this process
Secure Enterprise will publish an article on password administration
and management early in 2006; we'll cover password synchronization,
self-service password reset and assisted password reset--all of which
can save your IT staff time, and your company money. Your brief
involvement will help us gain independent, unbiased information about
this important topic. We'll share the complete, aggregated results
with all readers in our upcoming coverage.
Please take a moment to help make the results as inclusive as
possible. We will share the results in Secure Enterprise and in an
upcoming Network Computing issue.
http://surveymonkey.com/s.asp?u=36051376342
--- New Vulnerabilities
-----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Oracle: multiple vulnerabilities
Sun Directory Server 5.2p3: unspecified remote vulnerability
**** Newly announced vulnerabilities this week ****
____Windows____
ALZip: malicious archives multiple overflows
http://archives.neohapsis.com/archives/bugtraq/2005-10/0039.html
Symantec AV Scan Engine 4.0: admin Web service remote overflow
http://archives.neohapsis.com/archives/vulnwatch/2005-q4/0002.html
Webroot Desktop 1.3.0b43: local privilege elevation
http://archives.neohapsis.com/archives/bugtraq/2005-10/0045.html
Windows XP: wireless security key exposure
http://archives.neohapsis.com/archives/bugtraq/2005-10/0016.html
____Network Devices____
Planet Technology FGSW2402RS switch: default password
http://archives.neohapsis.com/archives/bugtraq/2005-10/0046.html
____CGI____
Aenovo products: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2005-10/0080.html
AspReady: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-10/0049.html
Cyphor 0.19: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2005-10/0093.html
PHP-Fusion 6.00.109: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-10/0044.html
Utopia News Pro 1.1.3: SQL tampering, XSS
http://archives.neohapsis.com/archives/bugtraq/2005-10/0084.html
____Cross-Platform____
Berkeley MPEG Tools: insecure temp file handling
http://archives.neohapsis.com/archives/bugtraq/2005-10/0021.html
HP Openview: unspecified vulnerabilities
http://archives.neohapsis.com/archives/vulnwatch/2005-q4/0004.html
Kaspersky Antivirus: malicious .CAB file overflow
http://archives.neohapsis.com/archives/bugtraq/2005-10/0007.html
Multiple AV products: scanner bypass
http://archives.neohapsis.com/archives/bugtraq/2005-10/0099.html
Oracle: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2005-10/0065.html
http://archives.neohapsis.com/archives/bugtraq/2005-10/0066.html
http://archives.neohapsis.com/archives/bugtraq/2005-10/0067.html
http://archives.neohapsis.com/archives/bugtraq/2005-10/0068.html
http://archives.neohapsis.com/archives/bugtraq/2005-10/0069.html
http://archives.neohapsis.com/archives/bugtraq/2005-10/0070.html
Ruby 1.8.3: safe level security bypass
http://archives.neohapsis.com/archives/bugtraq/2005-10/0055.html
Sun Directory Server 5.2p3: unspecified remote vulnerability
http://archives.neohapsis.com/archives/bugtraq/2005-10/0052.html
Texinfo 4.8r1: insecure temp file handling
http://archives.neohapsis.com/archives/bugtraq/2005-10/0030.html
UW-IMAP 2004-c1: remote overflow
http://archives.neohapsis.com/archives/vulnwatch/2005-q4/0001.html
Uim 0.4.9.1: local privilege elevation
http://archives.neohapsis.com/archives/bugtraq/2005-10/0024.html
Weex 2.6.1.5-r1: remote format string overflow
http://archives.neohapsis.com/archives/bugtraq/2005-10/0088.html
dia: malicious .SVG file overflow
http://archives.neohapsis.com/archives/bugtraq/2005-10/0020.html
gtkdiskfree 1.9.3r1: insecure temp file handling
http://archives.neohapsis.com/archives/bugtraq/2005-10/0018.html
xine-lib: CDDB response format string overflow
http://archives.neohapsis.com/archives/bugtraq/2005-10/0089.html
xloadimage 4.1.x: multiple local overflows
http://archives.neohapsis.com/archives/bugtraq/2005-10/0058.html
--- Patches and Updates
-----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 833-2: mysql-dfsg-4.1
http://archives.neohapsis.com/archives/vendor/2005-q4/0008.html
Debian > DSA 839-1: apachetop
http://archives.neohapsis.com/archives/vendor/2005-q4/0003.html
Debian > DSA 840-1: drupal
http://archives.neohapsis.com/archives/vendor/2005-q4/0004.html
Debian > DSA 841-1: mailutils
http://archives.neohapsis.com/archives/vendor/2005-q4/0006.html
Debian > DSA 842-1: egroupware
http://archives.neohapsis.com/archives/vendor/2005-q4/0007.html
Debian > DSA 843-1: arc
http://archives.neohapsis.com/archives/vendor/2005-q4/0009.html
Debian > DSA 844-1: mod-auth-shadow
http://archives.neohapsis.com/archives/vendor/2005-q4/0010.html
Debian > DSA 845-1: mason
http://archives.neohapsis.com/archives/vendor/2005-q4/0011.html
Debian > DSA 846-1: cpio
http://archives.neohapsis.com/archives/vendor/2005-q4/0013.html
Debian > DSA 847-1: dia
http://archives.neohapsis.com/archives/vendor/2005-q4/0014.html
Debian > DSA 848-1: masqmail
http://archives.neohapsis.com/archives/vendor/2005-q4/0015.html
Debian > DSA 849-1: shorewall
http://archives.neohapsis.com/archives/vendor/2005-q4/0016.html
Debian > DSA 850-1: tcpdump
http://archives.neohapsis.com/archives/vendor/2005-q4/0017.html
Debian > DSA 851-1: openvpn
http://archives.neohapsis.com/archives/vendor/2005-q4/0018.html
Debian > DSA 852-1: up-imapproxy
http://archives.neohapsis.com/archives/vendor/2005-q4/0019.html
Debian > DSA 853-1: ethereal
http://archives.neohapsis.com/archives/vendor/2005-q4/0020.html
Debian > DSA 854-1: tcpdump
http://archives.neohapsis.com/archives/vendor/2005-q4/0021.html
Mandriva > MDKSA-2005:171: kernel
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0001.html
Mandriva > MDKSA-2005:172: OpenSSH
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0007.html
Mandriva > MDKSA-2005:173: Mozilla Firefox
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0008.html
Mandriva > MDKSA-2005:174: Mozilla Thunderbird
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0009.html
Mandriva > MDKSA-2005:175: texinfo
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0010.html
Mandriva > MDKSA-2005:176: webmin
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0011.html
Mandriva > MDKSA-2005:177: hylafax
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0012.html
____HP-UX____
SSRT051040: Mozilla
http://archives.neohapsis.com/archives/bugtraq/2005-10/0026.html
SSRT051041: Mozilla
http://archives.neohapsis.com/archives/bugtraq/2005-10/0022.html
SSRT051043: Apache
http://archives.neohapsis.com/archives/bugtraq/2005-10/0063.html
--- Advertisement
-----------------------------------------------------
Focus on... Secure Remote Support
Want to learn more about Secure Remote Support?
Check out these sponsored links from Webex Communications.
Secure remote support with WebEx. Try it Free:
Secure remote support with WebEx. Buy Now:
--- Sign Off
----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
NetworkComputingupdate.networkcomputing.com
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html
Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html
Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html
Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/
ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2005 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]