|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Security Threat Watch 121
From: Security Threat Watch Newsletter (NetworkComputing
update.networkcomputing.com)
Date: Mon Mar 06 2006 - 13:02:03 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 121
Monday, March 6, 2006
Created for you by Network Computing & Neohapsis
Last week, Apple released its first security update package of 2006.
This update covers some interesting applications. The IPSec package
update fixes an incorrect error handling condition, where it can cause
a DoS. The LibSystem package update fixes a remote overflow and a DoS
condition. The biggest update is for the Safari package. By creating a
specially crafted JavaScript, an attacker can trigger an overflow that
can lead to code execution. More details are included in this issue
under the Mac OS category.
Another interesting news story last week was the Associated Press' report
that CheckPoint's acquisition of Sourcefire is currently under
investigation by the same administrative panel that approved the ports
deal involving the United Arab Emirates. According to the AP article,
"The 45-day investigation into the Israeli deal still under way is only
the 26th ever conducted in 1,600 business transactions reviewed by the
Committee on Foreign Investments in the United States." The article goes
on to report that "The objections by the FBI and Pentagon were partly over
specialized intrusion detection software known as 'Snort,' which guards
some classified U.S. military and intelligence computers." We definitely
live in interesting times!
Read the full article here:
http://www.forbes.com/entrepreneurs/feeds/ap/2006/03/02/ap2564113.html
Until next issue,
- The Neohapsis Security Threat Watch Team
--- Advertisement
-----------------------------------------------------
This issue is sponsored by Software 2006 - April 4 & 5
Keynotes - Ray Lane,CK Prahalad and leaders from EMC, Microsoft,
Oracle, SAP, Symantec & TCS. Interactive breakout sessions for
CEOs, CFOs, CTOs, VPs of Sales, Marketing, Engineering and Svcs
Invaluable networking with 2,500 industry execs - Register now!
--- InformationWeek's 9th Annual National IT Salary Survey
-----------------------------------------------
Do you deserve a raise? Is your career on track? The editors of
InformationWeek magazine invite you to participate in their 9th annual
National IT Salary Survey. Here's why you should participate: It's
fast. It's convenient. It's confidential. It compares your salary and
job satisfaction responses to those of your peers in a 30+ page
report. It compares salaries regionally and nationally (for free).
http://cmp.inquisiteasp.com/cgi-bin/qwebcorporate.dll?idx=QRM3M9&campaign=24
--- New Vulnerabilities
-----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Apple Mac OS X: multiple vulnerabilities
**** Newly announced vulnerabilities this week ****
____Windows____
AVG 7: insecure file permissions
http://archives.neohapsis.com/archives/bugtraq/2006-02/0631.html
ArGoSoft FTP 1.4.3.5: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-02/0479.html
DirectContact 0.3b: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-02/0516.html
EMC Dantz Retrospect 7 Backup: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0619.html
HP System Management Homepage 2.1.4: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-02/0541.html
Lighttpd 1.4.10: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-02/0561.html
Mail Transport System Professional: spoofed mail relaying
http://archives.neohapsis.com/archives/bugtraq/2006-02/0505.html
Visual Studio 6.0: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-02/0642.html
____Mac OS____
Apple Mac OS X: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0580.html
http://archives.neohapsis.com/archives/bugtraq/2006-02/0613.html
http://archives.neohapsis.com/archives/bugtraq/2006-02/0618.html
____Network Devices____
Multiple router vendors: IRC DCC send command remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0632.html
Netgear WGT624 Wireless DSL router: default passwords enabled
http://archives.neohapsis.com/archives/bugtraq/2006-02/0520.html
http://archives.neohapsis.com/archives/bugtraq/2006-02/0521.html
____CGI____
4images 1.7.1: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-02/0571.html
AZTEK forums 4.0: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0624.html
ArGoSoft Mail Server Pro 1.8.8.5: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0511.html
Archangel Weblog 0.90.02: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0503.html
Archive_Zip 1.1: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-02/0499.html
CGI Calendar 2.7: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0509.html
CuteNews1.4.1: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0638.html
DCI-Taskeen 1.03: SQL injection
http://archives.neohapsis.com/archives/bugtraq/2006-02/0482.html
Dawaween 1.03: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0616.html
E-Blah Platinum 9.7: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0608.html
EJ3 TOPo 2.2.178: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0535.html
Easy Forum 2.5: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0634.html
Fantastic News 2.1.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0508.html
FarsiNews 2.5Pro: information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-02/0534.html
Gallery 2.0.2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0621.html
Gregarius 0.5.2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0622.html
ICQmail.com & Mail2World.com: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0593.html
JOOMLA CMS 1.0.7: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0601.html
Knowledgebases: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2006-02/0512.html
Leif M. Wrights Blog 3.5: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0558.html
Limbo CMS 1.x: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2006-02/0553.html
MyBB 1.04: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0615.html
MyBB 1.04: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0620.html
NetworkActiv Web Server 3.5.15: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-02/0577.html
Noah Classifieds 1.3: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0557.html
PEHEPE Membership Management System 3: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0545.html
PHP imap 2004: restriction bypass
http://archives.neohapsis.com/archives/bugtraq/2006-02/0538.html
PHP mb_send_mail: restriction bypass
http://archives.neohapsis.com/archives/bugtraq/2006-02/0539.html
PHP-Stats 0.1.9.1: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0635.html
Pentacle In-Out Board 6.03: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0472.html
http://archives.neohapsis.com/archives/bugtraq/2006-02/0473.html
PerlBlog 1.09: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0518.html
Pixel Post 1.4.3: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0637.html
PluggedOut Nexus 0.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0604.html
PwsPHP: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0481.html
Quirex 2.0.2 2.0: arbitrary file reading
http://archives.neohapsis.com/archives/bugtraq/2006-02/0504.html
QwikiWiki 1.4: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0537.html
SMBlog 1.2: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2006-02/0582.html
SPiD 1.3.1: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-02/0471.html
Simplog 1.0.2: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0644.html
Skate Board 0.9: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0623.html
Sourceforge: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0530.html
SquirrelMail 1.2.7 IMAP/SMTP tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0513.html
Thomson SpeedTouch 500: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0502.html
TopSites Script 0.x: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2006-02/0515.html
TotalECommerce 1.0: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0640.html
Website Generator 3.3: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2006-02/0475.html
Wbb 2.3.4: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0641.html
Woltlab Burning Board 2.x: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0610.html
WordPress 2.0.1: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0528.html
bttlxeForum 2.x: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0548.html
d3jeeb 3: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0514.html
eZ publish 3.7.3: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0474.html
phpArcadeScript 2.0: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0630.html
phpBB 2.0.19: multiple DoS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0636.html
phpNuke 7.8: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-02/0480.html
phpRPC Library 0.7: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-02/0507.html
vBulletin 3.5.3: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0614.html
____Cross-Platform____
Kaspersky 5.5.3: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-02/0628.html
Mozilla Thunderbird 1.5: multiple information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-02/0540.html
NCP VPN/PKI Client 8.11: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-02/0579.html
SAP Web Application Server 7.00: information exposure
http://archives.neohapsis.com/archives/bugtraq/2006-02/0563.html
--- Patches and Updates
-----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 980-1: tutos
http://archives.neohapsis.com/archives/vendor/2006-q1/0081.html
Debian > DSA 981-1: bmv
http://archives.neohapsis.com/archives/vendor/2006-q1/0082.html
Debian > DSA 982-1: gpdf
http://archives.neohapsis.com/archives/vendor/2006-q1/0078.html
Debian > DSA 983-1: pdftohtml
http://archives.neohapsis.com/archives/vendor/2006-q1/0079.html
Debian > DSA 984-1: xpdf
http://archives.neohapsis.com/archives/vendor/2006-q1/0083.html
Fedora > FLSA-2006:138098: nfs-utils
http://archives.neohapsis.com/archives/bugtraq/2006-02/0476.html
Fedora > FLSA-2006:157366: PostgreSQL
http://archives.neohapsis.com/archives/bugtraq/2006-02/0527.html
Fedora > FLSA-2006:158543: gaim
http://archives.neohapsis.com/archives/bugtraq/2006-02/0477.html
Fedora > FLSA-2006:175818: udev
http://archives.neohapsis.com/archives/bugtraq/2006-02/0529.html
Fedora > FLSA-2006:176731: Perl
http://archives.neohapsis.com/archives/bugtraq/2006-02/0478.html
Fedora > FLSA-2006:177326: mod_auth_pgsql
http://archives.neohapsis.com/archives/bugtraq/2006-02/0523.html
Fedora > FLSA-2006:177694: auth_ldap
http://archives.neohapsis.com/archives/bugtraq/2006-02/0525.html
Fedora > FLSA-2006:178989: Perl-DBI
http://archives.neohapsis.com/archives/bugtraq/2006-02/0595.html
Fedora > FLSA-2006:181014: gnutls
http://archives.neohapsis.com/archives/bugtraq/2006-02/0533.html
Gentoo > GLSA200602-13: GraphicsMagick
http://archives.neohapsis.com/archives/bugtraq/2006-02/0496.html
Gentoo > GLSA200602-14: noweb
http://archives.neohapsis.com/archives/bugtraq/2006-02/0497.html
Gentoo > GLSA200603-01: WordPress
http://archives.neohapsis.com/archives/bugtraq/2006-02/0633.html
Gentoo > GLSA200603-02: teTeX, pTeX, CSTeX
http://archives.neohapsis.com/archives/bugtraq/2006-02/0629.html
Mandriva > MDKSA-2005:048: mplayer
http://archives.neohapsis.com/archives/linux/mandrake/2006-q1/0068.html
Mandriva > MDKSA-2005:050: unzip
http://archives.neohapsis.com/archives/linux/mandrake/2006-q1/0070.html
Mandriva > MDKSA-2006:049: squirrelmail
http://archives.neohapsis.com/archives/linux/mandrake/2006-q1/0069.html
Mandriva > MDKSA-2006:051: gettext
http://archives.neohapsis.com/archives/linux/mandrake/2006-q1/0071.html
Mandriva > MDKSA-2006:052: Mozilla-Thunderbird
http://archives.neohapsis.com/archives/linux/mandrake/2006-q1/0072.html
SUSE > SUSE-SA:2006:012: kernel
http://archives.neohapsis.com/archives/linux/suse/2006-q1/0145.html
SUSE > SUSE-SA:2006:013: gpg, liby2util
http://archives.neohapsis.com/archives/linux/suse/2006-q1/0159.html
Ubuntu > USN-258-1: PostgreSQL
http://archives.neohapsis.com/archives/bugtraq/2006-02/0498.html
Ubuntu > USN-259-1: irssi
http://archives.neohapsis.com/archives/bugtraq/2006-02/0594.html
____BSD____
FreeBSD > FreeBSD-SA-06:09: OpenSSH
http://archives.neohapsis.com/archives/bugtraq/2006-02/0556.html
FreeBSD > FreeBSD-SA-06:10: nfs
http://archives.neohapsis.com/archives/bugtraq/2006-02/0555.html
____Network Devices____
Cisco > 68840: IOS 12.0
http://archives.neohapsis.com/archives/cisco/2006-q1/0010.html
--- Advertisement
-----------------------------------------------------
This issue is sponsored by Software 2006 - April 4 & 5
Keynotes - Ray Lane,CK Prahalad and leaders from EMC, Microsoft,
Oracle, SAP, Symantec & TCS. Interactive breakout sessions for
CEOs, CFOs, CTOs, VPs of Sales, Marketing, Engineering and Svcs
Invaluable networking with 2,500 industry execs - Register now!
--- Sign Off
----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
NetworkComputingupdate.networkcomputing.com
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html
Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html
Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html
Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/
ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2006 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]