SecurityFocus Microsoft Newsletter #137

SecurityFocus Microsoft Newsletter #137

This Issue is Sponsored By: SpiDynamics

ALERT: Top 10 Web Application Attack Techniques and Methods to Combat them Learn why 70% of today's successful hacks involve Web Application attacks such as: SQL Injection, XSS, Cookie Manipulation, and Parameter Manipulation.

All undetectable by Firewalls and IDS!

Download *FREE* white paper from SPI Dynamics for a complete guide to protection!

Visit us at: http://www.spidynamics.com/mktg/webappsecurity102

I. FRONT AND CENTER

1. Security Tools: From Mermaids to Suckling Pigs
2. Malware Myths and Misinformation, Part One
3. Securing Apache: Step-by-Step
4. U.S. Information Security Law, Part 3
5. Relax, It Was a Honeypot II. MICROSOFT VULNERABILITY SUMMARY
6. BitchX Mode Change Denial Of Service Vulnerability
7. PHPNuke Web_Links Module Remote SQL Injection Vulnerability
8. Microsoft SQL Server Unspecified Vulnerability
9. Netbus Authentication Bypass Vulnerability
10. EType EServ Resource Exhaustion Denial Of Service Vulnerability
11. Cerberus FTP Server Plaintext User Password Weakness
12. Youngzsoft CMailServer MAIL FROM Buffer Overflow Vulnerability
13. Internet Explorer file:// Request Zone Bypass Vulnerability
14. Best Practical Solutions RT HTML Injection Vulnerability
15. Snitz Forums 2000 Register.ASP SQL Injection Vulnerability
16. PHP-Nuke Modules.PHP Username URI Parameter Cross Site...
17. Youngzsoft CMailServer RCPT TO Buffer Overflow Vulnerability
18. PHP-Nuke Multiple Downloads Module SQL Injection Vulnerabilities
19. Netscape Navigator False URL Information Vulnerability
20. vBulletin Private Message HTML Injection Vulnerability
21. Inktomi Traffic Server Cross-Site Scripting Vulnerability III. MICROSOFT FOCUS LIST SUMMARY
22. Article Announcement: Security Tools: From Mermaids to Suckling...
23. Article Announcement: U.S. Information Security Law, Part 3...
24. Harden ASP.NET Configuration (Thread)
25. Share Point? (Thread)
26. SecurityFocus Microsoft Newsletter #136 (Thread)
27. Timbuktu, etc. (Thread)
28. (prevent + detect Arp spoofing) + Securing Terminal Services...
29. IPSEC through Ms ISA Server (Thread) IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
30. Abtrusion Protector
31. Kerio Personal Firewall
32. Symantec's Norton Internet Security 2003
33. NEW TOOLS FOR MICROSOFT PLATFORMS
34. NoTrax v1.3
35. RainPortal v1.0
36. Glub Tech Secure FTP v2.0.4 VI. SPONSOR INFORMATION
37. FRONT AND CENTER

    ---

38. Security Tools: From Mermaids to Suckling Pigs By Scott Granneman

The recent Nmap-hackers survey provides a glimpse of what security professionals are packing in their tool-belts these days.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/columnists/161

2. Malware Myths and Misinformation, Part One By David Harley

This article is the first of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection. The fallacies we address here tend to begin with the words "I'm safe from viruses because..."

http://www.securityfocus.com/infocus/1695

3. Securing Apache: Step-by-Step
By Artur Maj

This article shows in a step-by-step fashion, how to install and configure the Apache 1.3.x Web server in order to mitigate or avoid successful break-in when new vulnerabilities in this software are found.

4. U.S. Information Security Law, Part 3 By Steven Robinson

This is the third part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In this installment, we will look at the basics of the criminal information security law.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/infocus/1693

5. Relax, It Was a Honeypot
By Tim Mullen

A security company cleverly tricks hackers into compromising one of its distribution sites. Really.

http://www.securityfocus.com/columnists/162

II. BUGTRAQ SUMMARY

1. BitchX Mode Change Denial Of Service Vulnerability BugTraq ID: 7551 Remote: Yes Date Published: May 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7551 Summary:

BitchX is a freely available, open source IRC client. It is available for Unix, Linux, and Microsoft operating systems.

A denial of service vulnerability has been reported for BitchX. It is possible to cause BitchX to crash when certain mode changes are made.

The vulnerability exists in the names.c source file where a check is not made for any arguments provided with a mode change.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The precise details of this vulnerability are currently unknown. This BID will be updated as more information becomes available.

This vulnerability affects BitchX cvs versions prior to 05/09/2003.

2. PHPNuke Web_Links Module Remote SQL Injection Vulnerability BugTraq ID: 7558
Remote: Yes
Date Published: May 12 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7558
Summary:

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

It has been reported that multiple input validation bugs exist in the Web_Links module used by PHPNuke.

The problem is in the sanitizing of data passed to construct database queries. Insufficient sanity checks are performed by the Web_Links module, making it possible to inject SQL code into the database behind PHPNuke. This issue could be exploited to gain access to potentially sensitive information contained in the database with the privileges of the web application. Compromise of the web forums may also be possible. Consequences could vary depending on the the queries involved and the capabilities of the underlying database implementation.

These issues could be especially dangerous for databases that support the UNION function, allowing for execution of multiple queries. It should also be noted that an additional 20 instances of SQL injection vulnerabilities exist in this module.

3. Microsoft SQL Server Unspecified Vulnerability BugTraq ID: 7541
Remote: Unknown
Date Published: May 09 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7541
Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A reliable source has reported an unspecified vulnerability in Microsoft SQL Server. SQL Server versions 7 and 2000, as well as the MSDE are said to be affected by this vulnerability.

The report indicates that this vulnerability involves the Microsoft Jet OLE DB provider. This component is not enabled by default and should be disabled until a fix is available if it is not needed. Linked servers using the OLE DB provider are also reported to be vulnerable.

Though unconfirmed, exploitation of this vulnerability by remote attackers may result in the compromise of affected hosts.

This is a preliminary alert. This record will be updated when further details become available.

• Reports suggest that this issue may be a variant of the vulnerability described in BID 5057. This however, has not been confirmed. 4. Netbus Authentication Bypass Vulnerability BugTraq ID: 7538 Remote: Yes Date Published: May 09 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7538 Summary:

Netbus is a backdoor program that allows remote administration of a compromised system. It is available for Microsoft Windows operating systems.

Netbus can be configured to require a password for backdoor server access.

A vulnerability in Netbus may permit remote users to bypass authentication. If a connection is made to a Netbus server from a host, further connections from that IP address may not need to authenticate with the server.

This could allow unauthorized access to the Netbus server.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. EType EServ Resource Exhaustion Denial Of Service Vulnerability BugTraq ID: 7552
Remote: Yes
Date Published: May 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7552
Summary:

EServ is a proxy software package distributed by EType. It is available for Microsoft Windows operating systems.

A denial of service vulnerability has been reported for EServ. The vulnerability exists due to the way the server handles connections. Specifically, when EServ receives a connection, the server allocates a specific block of heap memory. Reportedly, when a connection is disconnected, the allocated memory is not adequately freed.

This vulnerability exists due to a delayed response time, upwards of up to two minutes, when de-allocating memory from closed connections.

An attacker can exploit this vulnerability by making numerous connections to the vulnerable server. For every connection, a small amount of memory is not properly freed from heap memory. Many connections to the vulnerable server will eventually result in a consumption of all available memory resources which may cause the system to become unstable.

This vulnerability affects EServ 2.92 to 2.99.

6. Cerberus FTP Server Plaintext User Password Weakness BugTraq ID: 7556
Remote: No
Date Published: May 12 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7556
Summary:

Cerberus is an FTP Server for Microsoft Windows operating systems.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Cerberus FTP Server stores authentication credentials for the FTP service on the local system in plaintext. These credentials are stored in the 'users.pro' file in the program directory. Local users with access to this file may gain unauthorized access to the server as a result.

Exposure of authentication credentials may also lead to compromise of other services/resources if the same credentials are commonly used.

7. Youngzsoft CMailServer MAIL FROM Buffer Overflow Vulnerability BugTraq ID: 7547
Remote: Yes
Date Published: May 10 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7547
Summary:

CMailServer is a e-mail server designed for use with Microsoft Windows operating environments.

A buffer overflow vulnerability has been reported for CMailServer. The vulnerability exists due to insufficient bounds checking when parsing e-mail headers. Specifically, an overly long MAIL FROM e-mail header will cause CMailServer to crash and corrupt sensitive memory.

An attacker can exploit this vulnerability by crafting a malicious e-mail with an overly long MAIL FROM header field, consisting of at least 2000 bytes, to a vulnerable system. This will trigger the buffer overflow condition when CMailServer is used to process the e-mail and will result in the corruption of sensitive memory. It may also be possible for an attacker to cause CMailServer to execute malicious attacker-supplied instructions.

8. Internet Explorer file:// Request Zone Bypass Vulnerability BugTraq ID: 7539
Remote: Yes
Date Published: May 09 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7539
Summary:

Internet Explorer uses zones in order to limit the scope of execution of code depending on the zone it originates from.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A vulnerability has been reported that could allegedly allow an executable from the Internet to be run in the Local Computer zone.

It has been alleged that if Internet Explorer attempts to open a web page containing more than 200 Iframes containing 'file://' requests for the same executable file, the file will eventually be executed in the Local Computer zone. This file would have to reside on the remote website serving the HTML document.

A reliable source has reported that this vulnerability may be due to some form of resource exhaustion. It is unclear how resource exhaustion would allow the Iframe to violate the Internet Explorer security zone. This record will be updated if more information becomes available.

9. Best Practical Solutions RT HTML Injection Vulnerability BugTraq ID: 7509
Remote: Yes
Date Published: May 08 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7509
Summary:

RT (Request Tracker) is a ticketing system implemented in Perl. It is distributed by Best Practical Solutions and is available for a variety of platforms including Microsoft Windows and Linux variant systems.

A vulnerability has been discovered in RT which may make it prone to HTML injection attacks.

The vulnerability exists due to insufficient sanitization of user-supplied values. Specifically, the content included in message bodies is not properly sanitized of malicious HTML code.

This lack of sanitization provides an opportunity for an attacker to launch HTML injection attacks against the vulnerable site hosting RT. It is possible for a remote attacker to create a malicious ticket containing script code that will be executed in the browser of a legitimate user.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Any attacker-supplied code will be executed within the context of the website running RT.

This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. The attacker may hijack the session of the legitimate by using cookie-based authentication credentials. Other attacks are also possible.

This vulnerability was reported for RT 1.0.7 and earlier.

1. Snitz Forums 2000 Register.ASP SQL Injection Vulnerability BugTraq ID: 7549 Remote: Yes Date Published: May 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7549 Summary:

Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL.

It is possible for a remote attacker to inject SQL into queries made by the register.asp script. Specifically, the 'email' variable is not properly sanitized of malicious SQL instructions.

It is possible for a remote attacker to inject SQL into queries made by the register.asp script. This may be exploited to manipulate the logic of a query made by the script.

Depending on the database implementation used, this may possibly result in sensitive information in the database being disclosed to the attacker or may enable the attacker to modify data. There is also the possibility that this issue may be leveraged to exploit vulnerabilities that may exist in the underlying database.

The attacker would have to pass properly formatted SQL to the vulnerable script to exploit this issue.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability was reported for Snitz Forum 2000 3.3.03. It is likely that earlier versions are affected.

1. PHP-Nuke Modules.PHP Username URI Parameter Cross Site Scripting Vulnerability BugTraq ID: 7570 Remote: Yes Date Published: May 13 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7570 Summary:

PHP-Nuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

A cross site scripting vulnerability has been reported for PHP-Nuke. Specifically, PHP-Nuke does not sufficiently sanitize user-supplied input for the 'username' URI parameter to the modules.php script.

As a result of this deficiency, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user. Specifically the attacker can pass malicious HTML code as a value for the 'username' URI parameter supplied to the 'modules.php' page. All code will be executed within the context of the website running PHP-Nuke.

This may allow for theft of cookie-based authentication credentials and other attacks.

This vulnerability was reported to affect PHP-Nuke version 6.5.

1. Youngzsoft CMailServer RCPT TO Buffer Overflow Vulnerability BugTraq ID: 7548 Remote: Yes Date Published: May 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7548 Summary:

CMailServer is a e-mail server designed for use with Microsoft Windows operating environments.

A buffer overflow vulnerability has been reported for CMailServer. The vulnerability exists due to insufficient bounds checking when parsing e-mail headers. Specifically, an overly long RCPT TO e-mail header will cause CMailServer to crash and corrupt sensitive memory.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An attacker can exploit this vulnerability by crafting a malicious e-mail with an overly long RCPT TO header field, consisting of at least 2000 bytes, to a vulnerable system. This will trigger the buffer overflow condition when CMailServer is used to process the e-mail and will result in the corruption of sensitive memory. It may also be possible for an attacker to cause CMailServer to execute malicious attacker-supplied instructions.

1. PHP-Nuke Multiple Downloads Module SQL Injection Vulnerabilities BugTraq ID: 7588 Remote: Yes Date Published: May 13 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7588 Summary:

PHP-Nuke is a web-based portal system. Implemented in PHP, it is available for a range of systems, including Unix, Linux, and Microsoft Windows.

PHP-Nuke is reportedly prone to multiple SQL injection vulnerabilities in the Downloads. User-supplied input is included in SQL queries made by the module without being sanitized.

Exploitation could allow for injection of malicious SQL syntax, resulting in modification of SQL query logic or other attacks. Consequences will vary depending on the specific queries and the capabilities of the underlying database implementation. At the very minimum it may be possible to gain access to sensitive information that is stored in the database.

1. Netscape Navigator False URL Information Vulnerability BugTraq ID: 7564 Remote: Yes Date Published: May 13 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7564 Summary:

Netscape is a web browser that is available for a number of platforms, including Microsoft Windows and Unix and Linux variants.

An issue has been reported for Netscape Navigator that may result in a false sense of security for a user.

Due to the way Netscape handles the history.back() function, the URL displayed on the 'location bar' will not correspond to the actual URL of the site displayed in the browser window. As a result, a malicious attacker can exploit this issue to entice a user to visit a web site and make them believe they are at known or trusted page.

This vulnerability was reported for Netscape Navigator 7.02 for Windows operating systems.

1. vBulletin Private Message HTML Injection Vulnerability BugTraq ID: 7594 Remote: Yes Date Published: May 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7594 Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

vBulletin is commercial web forum software written in PHP and back-ended by a MySQL database. It will run on most Linux and Unix variants, as well as Microsoft operating systems.

A vulnerability has been reported for vBulletin 3.0.0. beta 2 which may make it prone to HTML injection attacks. The problem is said to occur while previewing private messages.

Specifically, private messages may not be sufficiently sanitized of malicious content. This may make it possible for an attacker to place HTML or script code within a private message for another user. When the legitimate forum user attempts to preview the message the malicious code will be interpreted by their browser.

Attackers may potentially exploit this issue to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.

1. Inktomi Traffic Server Cross-Site Scripting Vulnerability BugTraq ID: 7596 Remote: Yes Date Published: May 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7596 Summary:

Inktomi Traffic Server is a transparent web caching application. It is designed for use with Unix and Linux variants as well as Microsoft Windows operating environments.

Inktomi Traffic Server is prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of input passed to the proxy, which will be echoed back in error pages under some circumstances.

It has been reported that Inktomi Traffic Server will generate errors when an open port other than 80/http is requested. The connection will time out when the request port on the remote system is closed, which will not generate an error. There is one reported exception to this. The proxy server will generate an error for requests to port 443/https regardless of whether the port is open or whether the requested host exists.

A malicious attacker could exploit this issue by creating a link which contains hostile HTML and script code and then enticing users of the proxy to visit the link. When the link is visited via the proxy, attacker-supplied script may be interpreted in the user's browser.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Exploitation could permit HTML and script code to access properties of the domain that is requested through the proxy. This could permit theft of cookie-based authentication credentials from arbitrary domains or other attacks.

III. MICROSOFT FOCUS LIST SUMMARY

1. Article Announcement: Security Tools: From Mermaids to Suckling Pigs (Thread) Relevant URL:

http://www.securityfocus.com/archive/88/321655

2. Article Announcement: U.S. Information Security Law, Part 3 (Thread) Relevant URL:

http://www.securityfocus.com/archive/88/321459

3. Harden ASP.NET Configuration (Thread) Relevant URL:

http://www.securityfocus.com/archive/88/321353

4. Share Point? (Thread)
Relevant URL:

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/archive/88/321276

5. SecurityFocus Microsoft Newsletter #136 (Thread) Relevant URL:

http://www.securityfocus.com/archive/88/321196

6. Timbuktu, etc. (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/321050

7. (prevent + detect Arp spoofing) + Securing Terminal Services (Thread) Relevant URL:

http://www.securityfocus.com/archive/88/320976

8. IPSEC through Ms ISA Server (Thread)
Relevant URL:

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/archive/88/320975

IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS

1. Abtrusion Protector by Abtrusion Security AB Platforms: Windows 2000, Windows NT, Windows XP Relevant URL: http://www.abtrusion.com/abtrusion_protector_ps.asp Summary:

Abtrusion Protector prevents Windows from loading unrecognized or unknown software. Only software that you have safely installed or explicitly allowed can be loaded into memory. Contrary to typical anti-virus scanners, Abtrusion Protector is not dependent on frequent virus definition updates.

2. Kerio Personal Firewall
by Kerio Technologies Inc.
Platforms: Windows 2000, Windows 95/98, Windows NT Relevant URL:
http://www.kerio.com/us/kpf_home.html
Summary:

Kerio Personal Firewall represents smart, easy-to-use personal security technology that fully protects personal computers against hackers and internal misuse.

3. Symantec's Norton Internet Security 2003 by Symantec
Platforms: Windows 2000, Windows 95/98, Windows XP Relevant URL:
http://www.symantec.com/sabu/nis/nis_pe/ Summary:

Symantec's Norton Internet Security 2003 provides essential protection from viruses, hackers, and privacy threats. Included are full versions of Norton AntiVirus and Norton Personal Firewall, which efficiently defend your PC from the most common Internet dangers. You also get Norton Spam Alert to block unwanted email, and Norton Parental Control to protect your children online.

V. NEW TOOLS FOR MICROSOFT PLATFORMS

1. NoTrax v1.3 by Heidi Computers Ltd Relevant URL: http://www.heidi.ie/notrax/ Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP Summary:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Are You Concerned?

• that browsing the Internet has left traces of sites you've visited, all over your hard drive i.e. in the Registry, Cache etc.
• that a website you are browsing may install Spyware or Viruses on your PC?
• that your Credit Card details are being tracked by your browser while purchasing online?
• that eliminator-type programs have not really cleaned your Registry properly?
• that your laptop is lost or stolen with all the sensitive information still stored in the history and cache of your browser?
• that unauthorised personnel may take a look at your PC, while you were not around? Or that Hackers are probing your PC?
• that a company or individual is interested in tracking your online habits for marketing or other more dangerous purposes?
• NoTrax PREVENTS this. 2. RainPortal v1.0 by Florent DEFONTIS Relevant URL: http://www.securesphere.net/html/projects_rainp.php Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP Summary:

RainPortal was designed to secure your private messages while talking on IRC networks. As long as you have RainPortal running and the person you are talking to also, all your private messages will be strongly encrypted while passing on the server.

3. Glub Tech Secure FTP v2.0.4
by glub
Relevant URL:
http://secureftp.glub.com
Platforms: MacOS, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:

Glub Tech Secure FTP is a command-line utility that allows FTP connections to be made using SSL.

VI. SPONSOR INFORMATION

ALERT: Top 10 Web Application Attack Techniques and Methods to Combat them Learn why 70% of today's successful hacks involve Web Application attacks such as: SQL Injection, XSS, Cookie Manipulation, and Parameter Manipulation.

All undetectable by Firewalls and IDS!

Download *FREE* white paper from SPI Dynamics for a complete guide to protection!

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Visit us at: http://www.spidynamics.com/mktg/webappsecurity102

• Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-focus-ms