|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Critical Apache module vulnerability; control of the Internet's root DNS servers; and all this week's patches and vulnerabilities
From: Security Threat Watch Newsletter (NetworkComputing
update.networkcomputing.com)
Date: Mon Jul 31 2006 - 13:01:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 142
Monday, July 31, 2006
Created for you by Network Computing & Neohapsis
This past week brought publication of a new critical vulnerability in a
module within Apache, the most popular (yet open-source) Web server used
worldwide. The affected module, mod_rewrite, is vulnerable to an
off-by-one buffer overflow under certain configuration rules for
rewritten LDAP URLs. (Merely having the module enabled does not leave
users vulnerable.) The impact of this vulnerability is variable, with
exploitability ranging from denial-of-service to potential remote code
execution. Fortunately, the immediate availability for patches, as well
as public notification, has kept exploitation of the previously zero-day
vulnerability to a minimum.
This week also brought big news regarding the U.S. Government's control
and management of the Internet's root DNS servers. In a meeting held in
Washington D.C., U.S. officials agreed to concede control over to ICANN,
the Internet Corporation for Assigned Names and Numbers, pending the end
of a contractual agreement this coming September. The security
implications of the handoff to ICANN are tremendous, as the root DNS
servers are considered to be the paradigm, high-prized target of
malicious hackers. The impact of an attacker successfully compromising
any of the 13 root DNS servers would be crippling, to say the least.
Department of Commerce Assistant Secretary John Kneuer stated that,
despite handing over the management aspects of the root DNS servers, the
U.S. still intends to retain control of the root zone file (and in turn
still have a major foot hold in maintaining the security of the root
DNS servers).
Until next issue,
- The Neohapsis Security Threat Watch Team
We Need Your Input
Once again, Network Computing is examining the issues surrounding the
role of Network Admission Control solutions in enterprise security
strategies. For the purposes of this survey, the term "Network Admission
Control" or "NAC" refers to a broad set of solutions that address the
security issues related to devices connecting to a corporate network.
Specifically, NAC solutions generally solve one or more of the following
problems: preconnect host posture assessment; violating host quarantine;
violating host remediation; post-connect posture monitoring; and
post-connect policy enforcement (with optional real-time network
threat analysis).
Please take a few moments to share your opinions on Network Admission
Control solutions in general and within your organization. Your opinion
is valuable to us.
http://www.surveymonkey.com/s.asp?u=67362382412
--- Advertisement
-----------------------------------------------------
ALERT: “How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!”
White Paper: The newest web app vulnerability… Blind SQL Injection! Even
if your web application does not return error messages, it may still be open
to a Blind SQL Injection Attack. Blind SQL Injection can deliver total control
of your server to a hacker giving them the ability to read, write and
manipulate all data stored in your backend systems! Download this *FREE*
white paper from SPI Dynamics for a complete guide to protection!
--- TechCareers: The Job Hunt And Age Discrimination
-----------------------------------------------
By Rusty DAversa, TechCareers.com
Fighting discrimination is all about proving your value to the hiring
manager, says a career expert.
http://www.techcareers.com/content/article.asp?articleid=185303267
--- Advertisement
-----------------------------------------------------
NWC Podcasts
Listen to Network Computing's editors talk about today's most pressing
enterprise challenges with some of the IT industry's leading experts.
Tune in as we cover topics including security, collaboration,
convergence and more.
http://www.networkcomputing.com/podcasts
--- New Vulnerabilities
-----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Apache 2.2.3 (2.0.59, 1.3.37): mod_rewrite remote overflow
**** Newly announced vulnerabilities this week ****
____Windows____
AGEphone 1.38.1: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0442.html
AIM Triton 1.0.4: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0495.html
AutoVue SolidModel Professional 19.1 build5993: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0450.html
DynaZip Max 5.0.0.7/6.0.0.4: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0440.html
FileCOPA 1.01: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0473.html
Password Safe 3.0BETA1: critical information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-07/0432.html
PowerArchiver 9.62.03: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0471.html
TurboZIP 6.0 build 002021004: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0441.html
Windows Gdiplus.dll: local DoS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0539.html
Winlpd 1.26: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0484.html
____Linux____
Midirecord2: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0470.html
____Solaris____
Kernel syscall: local overflow
http://archives.neohapsis.com/archives/vulnwatch/2006-q3/0014.html
____Network Devices____
Check Point R55W: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-07/0419.html
Cisco VPN 30xx series Concentrators: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0467.html
Siemens SpeedStream Wireless Router: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0431.html
TippingPoint 2.2.3.6514: detection bypass
http://archives.neohapsis.com/archives/bugtraq/2006-07/0413.html
Tumbleweed Email Firewall: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0522.html
____CGI____
AWBS: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0529.html
Coppermine Photo Gallery 1.2.2b-Nuke: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0528.html
DotClear: Full path disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-07/0408.html
Dr.Jr7 Gallery 3.2 RC1: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0509.html
Etomite CMS 0.6.1: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2006-07/0469.html
EzUpload Pro 2.2.0: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-07/0453.html
GeoClassifieds Enterprise 2.0.5.2: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0480.html
Guestbook Mambo Module 1.3.0: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0517.html
LinksCaffe 3.0: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-07/0443.html
Mambo Gallery Manager 095.r3: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0533.html
MoSpray: local PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0410.html
MttKe-php 2.6: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0494.html
MusicBox 2.3.4: XSS, SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-07/0421.html
MyBB: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0532.html
OpenCMS 6.0.4: authentication bypass
http://archives.neohapsis.com/archives/bugtraq/2006-07/0454.html
PHP Live! 3.2: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0416.html
PHP ip2long(): input validation
http://archives.neohapsis.com/archives/bugtraq/2006-07/0527.html
PHP-Auction: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-07/0459.html
PHP-Nuke INP: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0516.html
Phorum 5.1.14: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-07/0483.html
Phpprobid 5.24: XSS, SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html
Portail PHP 1.7: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0506.html
PrinceClan Chess 0.8: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0524.html
Professional Home Page Tools: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0462.html
SQuery 4.5: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0427.html
TP-Book 1.00: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0460.html
TWiki4.0.4: arbitrary command execution
http://archives.neohapsis.com/archives/vulnwatch/2006-q3/0017.html
Vanilla CMS 1.0.1: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0411.html
Woltlab Burning Board: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-07/0426.html
Zyxel Prestige 660H-61 Router: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0458.html
a6mambohelpdesk 18RC1: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0478.html
artlinks: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0537.html
mambatstaff: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-07/0535.html
wwwThreads: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-07/0457.html
xGuestBook 1.02: full path disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-07/0448.html
____Cross Platform____
Apache 2.2.3 (2.0.59, 1.3.37): mod_rewrite remote overflow
http://archives.neohapsis.com/archives/apache/2006/0005.html
http://archives.neohapsis.com/archives/bugtraq/2006-07/0514.html
Cheese Tracker 0.9.9: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0414.html
Freeciv 2.1.0-beta1: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0436.html
ISS RealSecure/BlackICE: remote DoS
http://archives.neohapsis.com/archives/vulnwatch/2006-q3/0015.html
Mozilla Firefox 1.5.0.4: remote code execution
http://archives.neohapsis.com/archives/bugtraq/2006-07/0492.html
http://archives.neohapsis.com/archives/bugtraq/2006-07/0490.html
MySQL 4.1.21: MyISAM
http://archives.neohapsis.com/archives/mysql/2006-q3/0842.html
Opsware NAS 6.0: password disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-07/0433.html
VMWare products: file permissions
http://archives.neohapsis.com/archives/bugtraq/2006-07/0439.html
Warzone 2.0.3: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0434.html
eIQNetworks products: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0461.html
libmikmod 3.2.2: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-07/0429.html
--- Patches and Updates
-----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 1111-2: kernel
http://archives.neohapsis.com/archives/vendor/2006-q3/0030.html
Debian > DSA 1120-1: Firefox
http://archives.neohapsis.com/archives/vendor/2006-q3/0024.html
Debian > DSA 1121-1: postgrey
http://archives.neohapsis.com/archives/vendor/2006-q3/0025.html
Debian > DSA 1122-1: perl-Net-Server
http://archives.neohapsis.com/archives/vendor/2006-q3/0026.html
Debian > DSA 1123-1: libdumb
http://archives.neohapsis.com/archives/vendor/2006-q3/0027.html
Debian > DSA 1124-1: fbi
http://archives.neohapsis.com/archives/vendor/2006-q3/0028.html
Debian > DSA 1125-1: drupal
http://archives.neohapsis.com/archives/vendor/2006-q3/0031.html
Debian > DSA 1125-2: drupal
http://archives.neohapsis.com/archives/vendor/2006-q3/0033.html
Debian > DSA 1126-1: Asterisk
http://archives.neohapsis.com/archives/vendor/2006-q3/0032.html
Debian > DSA 1127-1: ethereal
http://archives.neohapsis.com/archives/vendor/2006-q3/0034.html
Debian > DSA 1128-1: heartbeat
http://archives.neohapsis.com/archives/vendor/2006-q3/0035.html
Debian > DSA 1129-1: osiris
http://archives.neohapsis.com/archives/vendor/2006-q3/0038.html
Fedora > FLSA-2006:175040: PHP
http://archives.neohapsis.com/archives/bugtraq/2006-07/0501.html
Gentoo > GLSA200607-08: gimp
http://archives.neohapsis.com/archives/bugtraq/2006-07/0412.html
Gentoo > GLSA200607-09: Wireshark
http://archives.neohapsis.com/archives/bugtraq/2006-07/0437.html
Gentoo > GLSA200607-10: Samba
http://archives.neohapsis.com/archives/bugtraq/2006-07/0444.html
Gentoo > GLSA200607-11: TunePimp
http://archives.neohapsis.com/archives/bugtraq/2006-07/0542.html
Gentoo > GLSA200607-12: OpenOffice.org
http://archives.neohapsis.com/archives/bugtraq/2006-07/0536.html
Gentoo > GLSA200607-13: Audacious
http://archives.neohapsis.com/archives/bugtraq/2006-07/0541.html
Mandriva > MDKSA-2006:131: perl-Net-Server
http://archives.neohapsis.com/archives/linux/mandrake/2006-q3/0029.html
Mandriva > MDKSA-2006:132: libwmf
http://archives.neohapsis.com/archives/linux/mandrake/2006-q3/0030.html
Mandriva > MDKSA-2006:133: Apache
http://archives.neohapsis.com/archives/linux/mandrake/2006-q3/0031.html
Mandriva > MDKSA-2006:134: ruby
http://archives.neohapsis.com/archives/linux/mandrake/2006-q3/0032.html
OpenPKG > OpenPKG-SA-2006.014: shiela
http://archives.neohapsis.com/archives/bugtraq/2006-07/0472.html
OpenPKG > OpenPKG-SA-2006.015: Apache
http://archives.neohapsis.com/archives/bugtraq/2006-07/0504.html
OpenPKG > OpenPKG-SA-2006.016: ruby
http://archives.neohapsis.com/archives/bugtraq/2006-07/0523.html
OpenPKG > OpenPKG-SA-2006.017: freetype
http://archives.neohapsis.com/archives/bugtraq/2006-07/0508.html
SuSe > SUSE-SA:2006:042: kernel
http://archives.neohapsis.com/archives/vendor/2006-q3/0029.html
SuSe > SUSE-SA:2006:043: Apache mod_rewrite
http://archives.neohapsis.com/archives/vendor/2006-q3/0037.html
SuSe > SUSE-SR:2006:018: gpg2, Firefox
http://archives.neohapsis.com/archives/vendor/2006-q3/0036.html
Ubuntu > USN-296-2: Firefox
http://archives.neohapsis.com/archives/bugtraq/2006-07/0438.html
Ubuntu > USN-297-3: Thunderbird
http://archives.neohapsis.com/archives/bugtraq/2006-07/0451.html
Ubuntu > USN-320-2: php4 regression
http://archives.neohapsis.com/archives/bugtraq/2006-07/0452.html
Ubuntu > USN-322-1: Konqueror
http://archives.neohapsis.com/archives/bugtraq/2006-07/0420.html
Ubuntu > USN-323-1: Mozilla
http://archives.neohapsis.com/archives/bugtraq/2006-07/0468.html
Ubuntu > USN-324-1: freetype
http://archives.neohapsis.com/archives/bugtraq/2006-07/0486.html
Ubuntu > USN-325-1: ruby1.8
http://archives.neohapsis.com/archives/bugtraq/2006-07/0487.html
Ubuntu > USN-326-1: heartbeat
http://archives.neohapsis.com/archives/bugtraq/2006-07/0488.html
Ubuntu > USN-327-1: Firefox
http://archives.neohapsis.com/archives/bugtraq/2006-07/0498.html
Ubuntu > USN-328-1: Apache
http://archives.neohapsis.com/archives/bugtraq/2006-07/0500.html
Ubuntu > USN-329-1: Thunderbird
http://archives.neohapsis.com/archives/bugtraq/2006-07/0526.html
rPath > rPSA-2006-0135-1: gimp
http://archives.neohapsis.com/archives/bugtraq/2006-07/0430.html
rPath > rPSA-2006-0137-1: Firefox
http://archives.neohapsis.com/archives/bugtraq/2006-07/0493.html
rPath > rPSA-2006-0139-1: httpd
http://archives.neohapsis.com/archives/bugtraq/2006-07/0525.html
--- Advertisement
-----------------------------------------------------
Join InformationWeek for a FREE, on-demand TechWebCast
and hear industry experts Larry Shoup and Kunal Mehta
as they discuss how to implement a phased approach to
creating a successful Software Asset Management strategy;
greatly reducing cost and risks.
Register and view today!
--- Sign Off
----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
NetworkComputingupdate.networkcomputing.com
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html
Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html
Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html
Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/
ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2006 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]