From: Security Threat Watch Newsletter (NetworkComputingupdate.networkcomputing.com)
Date: Mon Oct 09 2006 - 13:01:55 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Security Threat Watch
    Number 152
    Monday, October 9, 2006
    Created for you by Network Computing & Neohapsis

Propelled by the recent high-profile ID spoofing cases, The House Energy
and Commerce Committee approved the "Truth in Caller ID Act." The new
legislation targets "caller ID spoofing," a tactic scammers can use to
disguise phone numbers that appears on a recipient's caller ID. Armed
with misleading or erroneous information, a scammer can pretend to be a
representative of a credit-card company or bank to obtain sensitive
information such as a social security number for identity theft.

You can read more about the legislation here:
http://www.govtrack.us/data/us/bills.text/109/s/s2630.pdf

So what does the bill do? It protects consumers from "caller ID
spoofing," making it illegal for callers to manipulate names or numbers.
The measure includes calls using any type of telecommunications,
including VoIP. It also gives the Federal Communications Commission
jurisdiction over identity spoofing and authorizes the agency to impose
fines per violation.

A recent survey by the Council of Better Business Bureaus and Javelin
Strategy and Research says 8.9 million Americans were victims of
identity theft in 2005. For consumers, this bill is a cause for
celebration, as it will make it much easier for prosecutors to go after
identity thieves.

Laws by themselves do not deter criminals; enforcement and penalties do.
It will be interesting to see how the bill plays out, as it does not
directly require Telco or VoIP providers to do anything or be liable for
infractions. Moreover, will the new bill be as effective as the
Telephone Consumer Protection Act, a law that allows consumers to
request their name be placed on a "do-not-call" list?

Even if Congress outlaws caller ID spoofing, consumers must be vigilant
and protect themselves by not giving out personal information over the
telephone.

Until next issue,
- The Neohapsis Security Threat Watch Team

--- Advertisement
-----------------------------------------------------

This issue sponsored by EC-Council’s CEH Certification.
Certified Ethical Hacker is the most practical security
certification you can give your staff. Hire a Certified Ethical
Hacker, or send your staff to earn the certification. For a free
copy of “The 7 Habits of a Highly Malicious Hacker” visit:

--- TechCareers: The Job Hunt And Age Discrimination
-----------------------------------------------

By Rusty DAversa, TechCareers.com
Fighting discrimination is all about proving your value to the hiring
manager, says a career expert.
http://www.techcareers.com/content/article.asp?articleid=185303267

-----------------------------------------------

NWC Podcasts
Listen to Network Computing's editors talk about today's most pressing
enterprise challenges with some of the IT industry's leading experts.
Tune in as we cover topics including security, collaboration,
convergence and more.
http://www.networkcomputing.com/podcasts

--- New Vulnerabilities
-----------------------------------------------

Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.

**** Highlighted critical vulnerabilities ****

Microsoft Internet Information Services: XSS (MS06-053/920685)

Microsoft PowerPoint: remote code execution

**** Newly announced vulnerabilities this week ****

____Windows____

FreeWPS: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2006-10/0081.html

Microsoft Internet Information Services: XSS (MS06-053/920685)
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0001.html
http://archives.neohapsis.com/archives/bugtraq/2006-10/0022.html
http://www.microsoft.com/technet/security/Bulletin/MS06-053.mspx

Microsoft PowerPoint: remote code execution
http://archives.neohapsis.com/archives/bugtraq/2006-10/0061.html
http://www.microsoft.com/technet/security/advisory/925984.mspx

Multiple Computer Associates Products: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-10/0079.html
http://archives.neohapsis.com/archives/bugtraq/2006-10/0076.html
http://archives.neohapsis.com/archives/bugtraq/2006-10/0075.html
http://archives.neohapsis.com/archives/bugtraq/2006-10/0073.html
http://archives.neohapsis.com/archives/bugtraq/2006-10/0072.html

Sunbelt Kerio Personal Firewall 4.3.268: local DoS
http://archives.neohapsis.com/archives/bugtraq/2006-10/0010.html

Symantec AntiVirus IOCTL Kernel: local privilege escalation
http://archives.neohapsis.com/archives/bugtraq/2006-10/0059.html
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0003.html

Symantec AntiVirus Scan Engine 4.3: local privilege escalation
http://archives.neohapsis.com/archives/bugtraq/2006-10/0074.html

Trendmicro OfficeScan Corporate Edition 7.3: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-10/0007.html

____Mac OS____

Multiple Apple Products: multiple vulnerabilities
http://archives.neohapsis.com/archives/cc/2006-q4/0001.html

____CGI____

Dayfox Blog 2.0: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-10/0013.html

EasyBannerFree: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-10/0008.html

Hazir Site 2.0: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-10/0062.html

Invision Power Board 2.1.7: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-10/0050.html

Pebble 2.0.0: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-10/0011.html

Torrentflux 2.1: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-10/0066.html

WikyBlog 1.4: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-10/0056.html

Yener Haber Script 2.0: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-10/0044.html

ackerTodo 4.2: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-10/0071.html

digishop 4.0.0: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-10/0015.html

phpMyAdmin 2.9.0: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-10/0002.html

phpMyProfiler: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-10/0038.html

phpMyTeam 2.0: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-10/0070.html

phpMyWebmin 1.0: remote PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-10/0004.html

____Cross Platform____

CA WSDM 3.1: file system info disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-10/0039.html

Goop Gallery 2.0.2: directory traversal
http://archives.neohapsis.com/archives/bugtraq/2006-10/0043.html

IBM Informix Dynamic Server 10.0: privilege escalation
http://archives.neohapsis.com/archives/bugtraq/2006-10/0009.html

Novell GroupWise Messenger: remote DoS
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0002.html
http://archives.neohapsis.com/archives/bugtraq/2006-10/0037.html

PHP: insecure temp file handling
http://archives.neohapsis.com/archives/bugtraq/2006-10/0040.html

--- Patches and Updates
-----------------------------------------------

The following contains a list of vendor patches and updates released
this week.

____Linux____

Debian > DSA 1185-2: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2006-10/0028.html

Debian > DSA 1188-1: mailman
http://archives.neohapsis.com/archives/bugtraq/2006-10/0042.html

Debian > DSA 1189-1: OpenSSH-krb5
http://archives.neohapsis.com/archives/bugtraq/2006-10/0052.html

Debian > DSA 1190-1: maxdb-7.5.00
http://archives.neohapsis.com/archives/bugtraq/2006-10/0053.html

Debian > DSA 1191-1: Mozilla Thunderbird
http://archives.neohapsis.com/archives/bugtraq/2006-10/0058.html

Debian > DSA 1192-1: Mozilla
http://archives.neohapsis.com/archives/bugtraq/2006-10/0064.html

FreeBSD > FreeBSD-SA-06:22: OpenSSH
http://archives.neohapsis.com/archives/bugtraq/2006-10/0026.html

Gentoo > GLSA200610-01: Mozilla Thunderbird
http://archives.neohapsis.com/archives/bugtraq/2006-10/0051.html

Gentoo > GLSA200610-02: Adobe Flash Player
http://archives.neohapsis.com/archives/bugtraq/2006-10/0054.html

Mandriva > MDKSA-2006:172-1: OpenSSL
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0009.html

Mandriva > MDKSA-2006:177: MySQL
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0010.html

Mandriva > MDKSA-2006:178: ntp
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0011.html

Mandriva > MDKSA-2006:179: OpenSSH
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0014.html

Mandriva > MDKSA-2006:180: PHP
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0022.html

OpenPKG > OpenPKG-SA-2006.022: OpenSSH
http://archives.neohapsis.com/archives/bugtraq/2006-10/0005.html

SUSE > SUSE-SR:2006:024: numerous packages
http://archives.neohapsis.com/archives/linux/suse/2006-q4/0006.html

Trustix > TSLSA-2006-0055: numerous packages
http://archives.neohapsis.com/archives/bugtraq/2006-10/0065.html

Ubuntu > USN-353-2: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2006-10/0048.html

Ubuntu > USN-354-1: Mozilla Firefox
http://archives.neohapsis.com/archives/bugtraq/2006-10/0020.html

Ubuntu > USN-355-1: OpenSSH
http://archives.neohapsis.com/archives/bugtraq/2006-10/0017.html

Ubuntu > USN-356-1: gdb
http://archives.neohapsis.com/archives/bugtraq/2006-10/0018.html

Ubuntu > USN-357-1: Mono vulnerability
http://archives.neohapsis.com/archives/bugtraq/2006-10/0049.html

Ubuntu > USN-358-1: ffmpeg, xine-lib
http://archives.neohapsis.com/archives/bugtraq/2006-10/0047.html

Ubuntu > USN-359-1: python
http://archives.neohapsis.com/archives/bugtraq/2006-10/0068.html

rPath > rPSA-2006-0182-1: PHP, PHP-MySQL, PHP-pgsql
http://archives.neohapsis.com/archives/bugtraq/2006-10/0080.html

rPath > rPSA-2006-0183-1: nss_ldap
http://archives.neohapsis.com/archives/bugtraq/2006-10/0077.html

rPath > rPSA-2006-0185-1: gnome-ssh-askpass, OpenSSH, OpenSSH-client
http://archives.neohapsis.com/archives/bugtraq/2006-10/0078.html

____HP-UX____

SSRT061149: SLP
http://archives.neohapsis.com/archives/bugtraq/2006-10/0027.html

SSRT061220: Ignite-UX Ser
http://archives.neohapsis.com/archives/bugtraq/2006-10/0014.html

--- Advertisement
-----------------------------------------------------

Focus on... e-Commerce Solutions
Want to learn more about e-Commerce Solutions?
Check out these sponsored links from Internap.
Performance enhancing technology for gaming:
Build player loyalty bordering on fanaticism:

--- Sign Off
----------------------------------------------------------

If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml

To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp

Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:

NetworkComputingupdate.networkcomputing.com

needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.

Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030

Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html

Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html

Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html

Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/

ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.

Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/

Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy

We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).

To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].

Copyright (c) 2006 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).

This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]