SecurityFocus Newsletter #177

SecurityFocus Newsletter #177

This issue is sponsored by: Qualys

Strengthening Network Security: FREE Guide Network security is a constantly moving target - even proven solutions lose their punch over time. Find out how to get COMPLETE PROTECTION against ever-growing security threats with our FREE new Guide.

Get your copy today at: https://www.qualys.com/forms/nsguideh_376.php

I. FRONT AND CENTER

1. Securing Outlook, Part Two: Many Choices to Make
2. 'Twas the Night Before Christmas, 2002
3. SecurityFocus DPP Program
4. InfoSec World Conference and Expo/2003 (March 10-12, 2003,Orlando, FL) II. BUGTRAQ SUMMARY
5. PHP-Nuke CRLF Injection Vulnerability
6. Polycom ViewStation Plain Text Administrative Password...
7. nCipher PKCS#11 Implementation Access Control Vulnerability
8. Multiple Temporary File Monitoring Utility Vendor Stopped...
9. Tmpwatch Race Condition Vulnerability
10. Axis Embedded Device Authentication Buffer Overflow Vulnerability
11. RealNetworks Helix Universal Server RTSP Transport Buffer...
12. SPGPartenaires Multiple SQL Injection Vulnerabilities
13. RealNetworks Helix Universal Server RTSP Describe Buffer...
14. RealNetworks Helix Universal Server Long URI Dual HTTP Request...
15. STMPClean Race Condition Vulnerability
16. Oracle 9i Application Server Java Server Page Source Code...
17. Oracle 9i Application Server Insecure Default File Permissions...
18. Oracle 9i Application Server WEB-INF Folder Access Vulnerability
19. KDE Parameter Quoting Shell Command Execution Vulnerability
20. W-Agora EditForm.PHP PHP Include Vulnerability
21. W-Agora EditForm.PHP Cross-Site Scripting Vulnerability
22. PHP-Nuke Modules.PHP Denial Of Service Vulnerability
23. Apache printenv Sample Script Cross Site Scripting Vulnerability
24. Hyperion FTP Server Buffer Overflow Vulnerability
25. MATLAB Mex Local Command Execution Vulnerability
26. MATLAB Insecure Temporary Files Vulnerability
27. MATLAB Mex Insecure Temporary Files Vulnerability
28. Internet Junkbuster Proxy Unauthorized Connections Vulnerability
29. CHETCPASSWD Shadow File Disclosure Vulnerability
30. Xpdf/CUPS pdftops Integer Overflow Vulnerability
31. Melange Chat System msgText Remote Buffer Overflow Vulnerability
32. MHonArc m2h_text_html Filter Cross Site Scripting Vulnerability
33. ncftpd STAT File Globbing Remote Buffer Overflow Vulnerability III. SECURITYFOCUS NEWS ARTICLES
34. XP audio vuln shout goes out
35. Rebels embrace new technology in war against government
36. White House: Internet monitoring center wouldn't spy on e-mails IV. SECURITYFOCUS TOP 6 TOOLS
37. 5pstats v0.0.5
38. ACiD alpha
39. Advanced Net Tools (ANT) 2.7
40. Advisor v1.2.6-3
41. Airfart v.1a
42. AirSnort v0.0.9
43. SECURITYJOBS LIST SUMMARY
44. Holiday Break - Holiday Wishes (Thread)
45. SecurityJobs List Shutdown (Holidays) (Thread) VI. INCIDENTS LIST SUMMARY
46. RPAT - Realtime Proxy Abuse Triangulation (Thread)
47. Random unprivileged TCP ports below 5000 kind-of open for...
48. TsInternetUser priv. escalation; blank passwords; service...
49. strange traffic (Thread)
50. hpd, afb, sc, and sn (Thread)
51. Compromised System RH7.3-ICMP-STP-DoS (Thread)
52. port 3717/udp? (Thread) VII. VULN-DEV RESEARCH LIST SUMMARY
53. Release: Paketto Keiretsu 1.10 (Thread)
54. Unsubscribe DoS (Thread)
55. Cross site scripting explained (Thread)
56. Format string and other vulnerabilities on Win32 (Thread) VIII. MICROSOFT FOCUS LIST SUMMARY
57. Blank passwords, TsInternetUser added to Administrators (Thread)
58. SecurityFocus Microsoft Newsletter #118 (Thread)
59. How to kill OL2000 ability to render html mail (Thread)
60. Fw: How to kill OL2000 ability to render html mail (Thread)
61. AW: How to kill OL2000 ability to render html mail (Thread)
62. Logging Terminal Services Access? (Thread) IX. SUN FOCUS LIST SUMMARY
63. Solaris Security Toolkit v0.3.10 (Thread)
64. Crypt Setting (Thread)
65. LINUX FOCUS LIST SUMMARY
66. User?s and Shells (Thread)
67. re: quotas on Redhat 7.3 problem (Thread)
68. User´s and Shells (Thread) XI. SPONSOR INFORMATION
69. FRONT AND CENTER

    ---

70. Securing Outlook, Part Two: Many Choices to Make By Scott Granneman

This is the second of two articles focusing on ways to secure one of the world's most popular e-mail clients, Microsoft's Outlook. The first article offered a brief overview of Outlook, as well as some security issues. It also discussed configuring Outlook for optimal security. This article will look at some more things that Outlook users can do to secure their e-mail.

http://online.securityfocus.com/infocus/1652

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. 'Twas the Night Before Christmas, 2002 By Tim Mullen

'Twas the night before Christmas and all through the House,
Not a congressman was stirring-- and the Senate was soused. Freedom and Privacy-- the things we hold dear, Have been trampled by the 107th this year.

http://online.securityfocus.com/columnists/131

3. SecurityFocus DPP Program

Attention Universities!! Sign-up now for preferred pricing on the only global early-warning system for cyber attacks - SecurityFocus DeepSight Threat Management System.

Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml

4. InfoSec World Conference and Expo/2003 (March 10-12, 2003, Orlando, FL)

Optional Workshops March 8, 9, 12, 13, & 14 Vendor Expo March 10 & 11

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Solutions to today’s security concerns; hands-on experts; blockbuster vendor expo; the CISO Executive Summit; invaluable networking opportunities. InfoSec World has it all!

Go to: http://www.misti.com/10/os03nl37inf.html

II. BUGTRAQ SUMMARY

1. PHP-Nuke CRLF Injection Vulnerability BugTraq ID: 6446 Remote: Yes Date Published: Dec 20 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6446 Summary:

PHP-Nuke is a web-based portal system. Implemented in PHP, it is available for a range of systems, including Unix, Linux, and Microsoft Windows.

Throughout PHP-Nuke, the PHP mail() function is implemented to handle email through web-based intefaces for various purposes (for features such as "feedback", "send this to a friend", etc). There is no input validation performed on user data passed to this function. As a result, malicious users may embed CR/LF sequences to inject additional headers into outgoing messages.

Attackers may exploit this weakness to manipulate the structure of outgoing messages. For example, it may be possible for attackers to set the recipient to an arbitrary value. This could be leveraged by individuals to send mass unsolicited mail in a manner similar to how "formmail" is actively exploited (BID 3955).

2. Polycom ViewStation Plain Text Administrative Password Vulnerability BugTraq ID: 6447
Remote: Yes
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6447
Summary:

Polycom ViewStation is a series of video-conferencing products. The ViewStation devices ship with an on-board proprietary operating system which allows remote access via Telnet, FTP and HTTP.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The administrator and the software update passwords are stored in a HTML file on the device named a_security.htm in plain text. This file is accessible through the URI http://<target>/a_security.htm.

This could allow an attacker to make modifications to device settings and firmware.

3. nCipher PKCS#11 Implementation Access Control Vulnerability BugTraq ID: 6448
Remote: Unknown
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6448
Summary:

PKCS#11 (Cryptographic Token Interface Standard) is an API specification for devices which perform cryptographic operations. A vulnerability has been reported in the nCipher implementation of this standard.

Under certain circumstances, it is possible for plaintext keys to be exported from affected devices and components. This is due to a flaw in the access control component of the nCipher PKCS#11 library.

According to nCipher, if keys are "improperly secured" an attacker who is able to issue commands to any module in and obtain data from a Security World may also obtain plaintext key data from the target module. It is not currently known how keys must be "improperly secured" for this attack scenario to be possible.

A compromise of the system may result if keys are disclosed.

4. Multiple Temporary File Monitoring Utility Vendor Stopped Process Vulnerabilities BugTraq ID: 6451
Remote: No
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6451
Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Temporary file monitoring and cleaning utilities are commonplace on many UNIX systems. Popular tools are 'tmpwatch' and 'stmpclean'.

A weakness in the design of these tools has recently been published. During operation, some of these utilities delete temporary files that have not been accessed for a pre-specified amount of time. This is based on the access times stored in file inodes. This is an insecure design because the tools cannot determine whether the process that has created a temporary file has terminated or not. As a result, the state of processes which have not terminated may be corrupted or lost if their temporary files are deleted. In some circumstances, attackers can induce this condition by stopping a process with higher privileges (for example, setuid programs can be stopped with SIGSTOP).

The deletion of a process' temporary file may create exploitable conditions. For example, attackers may replace the deleted temporary file with a link or a file of their own if a process performs operations on the deleted temporary file using its filename.

One example follows:

Attackers may replace a deleted temporary file with a link to a target file, owned by the owner of the setuid target utility. The affected process may delete the file, potentially resulting in a loss of sensitive information.

5. Tmpwatch Race Condition Vulnerability BugTraq ID: 6453
Remote: No
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6453
Summary:

Tmpwatch is a utility written by Erik Troan that is meant to clean unused temporary files from /tmp.

It has been reported that a potentially exploitable race condition is present in tmpwatch. The flaw occurs when tmpwatch is deleting a temporary file. During this process, tmpwatch first issues the lstat() call on the file in question to obtain information from its inode. It then issues unlink() to remove it if it meets the deletion criteria.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A race condition exists during the time between the invocations of lstat() and unlink(). It may be possible for another process on the system that is scheduled between these two system calls to perform operations that interfere with tmpwatch. Theoretically, this can be an exploitable condition for malicious local users.

For example, a utility with higher privileges may exist that the attacker wishes to exploit. This utility stores state information in a temporary file, perhaps with a filename based on process-id and system time. An attacker may create a "decoy" temporary file with a guessed filename (anticipating running the utility in the near future). After tmpwatch runs 'lstat()' on the decoy, it is theoretically possible for attackers to delete it and run the target utility before 'unlink()' is called. If the filename was guessed correctly and the race is won, the state file of the target utility will be deleted by tmpwatch rather than the decoy. The attacker may then replace the deleted state file with one of their own, further exploiting any operations that the target utility may perform on the state file using its filename (rather than an open file descriptor).

6. Axis Embedded Device Authentication Buffer Overflow Vulnerability BugTraq ID: 6452
Remote: Yes
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6452
Summary:

Axis Network Cameras, Video Servers, and Network Digital Video Recorders contain a modified version of the Boa web server running on embedded Linux.

There is an unchecked buffer in the authentication code for the modified Boa web server. Successful exploitation of this vulnerability may lead to a denial of service or execution of arbitrary code. Since this issue exists in the authentication code, it may be possible for an attacker to exploit this vulnerability without being logged in.

This vulnerability only exists in this modified version of Boa and not the official Boa distribution version.

7. RealNetworks Helix Universal Server RTSP Transport Buffer Overflow Vulnerability BugTraq ID: 6454
Remote: Yes
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6454
Summary:

Helix Universal Server is a multiple type media server distributed and maintained by RealNetworks. It is available for Unix, Linux, and Microsoft Windows platforms.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A problem with Helix Universal Server could make it possible for a remote user to execute arbitrary code.

A buffer overflow has been reported in the Helix Universal Server. Due to insufficient bounds checking on the 'transport' field of a RTSP request, it is possible for a user to exploit a boundry condition error. This could lead to the remote execution of arbitrary code with the privileges of the Helix Universal Server process.

Due to this server running on TCP port 554 on most Windows systems, and the server being installed as a system service, exploitation of this vulnerability would yield SYSTEM privileges on a vulnerable host. Exploitation on Unix systems would yield the privileges of the Universal Server.

8. SPGPartenaires Multiple SQL Injection Vulnerabilities BugTraq ID: 6455
Remote: Yes
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6455
Summary:

SPGPartenaires is a partner management script written in PHP and that uses a SQL backend. It is available for the Linux, Unix, and Microsoft Windows operating systems.

Several vulnerabilities have been discovered in SPGPartenaires. These vulnerabilities are due to insufficient sanitization of variables used to construct SQL queries in various scripts, including 'indent.php',
'index2.php', and 'delete.php'. Specifically, the 'pass' and 'SPGP'
variables are not sanitized of malicious SQL input. It is possible to modify the logic of SQL queries through malformed query strings in requests for the vulnerable script.

By injecting SQL code into the 'pass' or 'SPGP' variable, it may be possible for an attacker to corrupt member information. It may also be possible for attackers to perform more advanced attacks on the underlying database.

9. RealNetworks Helix Universal Server RTSP Describe Buffer Overflow Vulnerability BugTraq ID: 6456
Remote: Yes
Date Published: Dec 20 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6456
Summary:

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Helix Universal Server is a multiple type media server distributed and maintained by RealNetworks. It is available for Unix, Linux, and Microsoft Windows platforms.

A problem with Helix Universal Server could make it possible for a remote user to execute arbitrary code.

A buffer overflow has been reported in the Helix Universal Server. Due to insufficient bounds checking on the 'describe' field of a RTSP request, it is possible for a user to exploit a boundry condition error. This could lead to the remote execution of arbitrary code with the privileges of the Helix Universal Server process.

Due to this server running on TCP port 554 on most Windows systems, and the server being installed as a system service, exploitation of this vulnerability would yield SYSTEM privileges on a vulnerable host. Exploitation on Unix systems would yield the privileges of the Universal Server.

1. RealNetworks Helix Universal Server Long URI Dual HTTP Request Buffer Overflow Vulnerability BugTraq ID: 6458 Remote: Yes Date Published: Dec 20 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6458 Summary:

Helix Universal Server is a multiple type media server distributed and maintained by RealNetworks. It is available for Unix, Linux, and Microsoft Windows platforms.

A problem with Helix Universal Server could make it possible for a remote user to execute arbitrary code.

A buffer overflow has been reported in the Helix Universal Server. Due to insufficient bounds checking, when a long URI is requested via the HTTP server in two separate connections, a boundry condition error occurs. This could lead to the remote execution of arbitrary code with the privileges of the Helix Universal Server process.

Exploitation of this vulnerability would yield SYSTEM privileges on a vulnerable host. Exploitation on Unix systems would yield the privileges of the Universal Server.

1. STMPClean Race Condition Vulnerability BugTraq ID: 6457 Remote: No Date Published: Dec 20 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6457 Summary:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Stmpclean is a utility meant for automatically removing temporary files that are not in use. It is developed by Stanislav Shalunov.

It has been reported that a race condition is present in stmpclean in certain circumstances. Though the conditions are unlikely, the vulnerability is theoretically exploitable. The flaw occurs when there are two stmpclean processes running concurrently and operating on the same file.

The steps taken by stmpclean to identify and delete temporary files are as follows:

Stmpclean first calls lstat() on the file to be removed If the file is owned by root, it is not removed Stmpclean then sets its uid to the owner of the file Stmpclean then attempts to unlink() the file

A race condition between two stmpclean processes is present and may be exploited by using "hard links". If successful, attackers may cause the state file of a non-root process to be deleted. This may create opportunities for further attack.

1. Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability BugTraq ID: 6459 Remote: Yes Date Published: Dec 21 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6459 Summary:

9i Application Server (9iAS) is the web application server infrastructure distributed by Oracle.

A problem with 9iAS may make it possible for a remote user to gain access to sensitive information.

A vulnerability has been reported in 9iAS that results in information disclosure. Under some circumstances, it is possible to for a remote user to create a condition that results in the disclosure of Java Server Page source code. This could allow an attacker to gain access to information that could be used in a more directed attack.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The precise technical details of this vulnerability have not been made available. Through exploitation of this vulnerability, an attacker could gain access to information such as server and database design, as well as passwords.

1. Oracle 9i Application Server Insecure Default File Permissions Vulnerability BugTraq ID: 6460 Remote: No Date Published: Dec 21 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6460 Summary:

9i Application Server (9iAS) is the web application server infrastructure distributed by Oracle.

A problem with Oracle 9iAS may make it possible for a local user to gain access to sensitive information.

It has been reported that Oracle 9iAS does not install with secure default permissions. The default installation of Oracle 9iAS allows users with local access to the system to access some contents of the 9iAS installation. A user with local access may also modify or remove files affected by this vulnerability. It should be noted that this only affects 9iAS installed on Microsoft Windows NT and 2000 systems.

This vulnerability could result in a local user accessing potentially sensitive information. A user with local access could also modify or destroy affected files.

1. Oracle 9i Application Server WEB-INF Folder Access Vulnerability BugTraq ID: 6461 Remote: Yes Date Published: Dec 21 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6461 Summary:

9i Application Server (9iAS) is the web application server infrastructure distributed by Oracle.

A problem with Oracle 9iAS may make it possible for a local user to gain access to sensitive information.

It has been reported that a problem exists in Oracle 9iAS with the WEB-INF directory. Under some circumstances, it may be possible for a remote user to gain access to the contents of the WEB-INF directory. In doing so, a remote user could potentially gain access to source code of web applications, and potentially other sensitive information.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability could lead to an information gathering attack. In some situations, this vulnerability could also lead to password disclosure.

1. KDE Parameter Quoting Shell Command Execution Vulnerability BugTraq ID: 6462 Remote: Yes Date Published: Dec 22 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6462 Summary:

KDE is a freely available, open source X Desktop Manager. It has application features to make systems user-friendly, and is designed for Unix and Linux operating systems.

A problem with KDE could lead to arbitrary command execution.

It has been discovered that KDE insecurely handles some types of input. Under some circumstances, KDE does not properly quote parameters of commands passed to the command shell. By creating a custom, malicious string in an attacker-controlled medium of delivery, it would be possible execute commands with the privileges of the user receiving the malicious string.

This vulnerability could be exploited through one of several mediums, such as email, webpages, or files on a network file system. This vulnerability additional has the potential to give the attacker remote access with the privileges of the user receiving the malicious string.

1. W-Agora EditForm.PHP PHP Include Vulnerability BugTraq ID: 6463 Remote: No Date Published: Dec 22 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6463 Summary:

W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems.

A problem with W-Agora may make possible the execution of arbitrary commands.

It has been reported that W-Agora has a vulnerability in the handling of PHP includes. By placing a file on a local system, a user could cause the execution of commands in the file to be carried out in the context of the web server process. This would require an administrator clicking a link after having logged into to access the editform.php page.

1. W-Agora EditForm.PHP Cross-Site Scripting Vulnerability BugTraq ID: 6464 Remote: Yes Date Published: Dec 22 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6464 Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems.

A problem with W-Agora may make cross-site scripting attacks possible.

It has been reported that W-Agora has a vulnerability in the handling of script code. It is possible to format a malicious link containing arbitrary script code or HTML that when clicked on would execute in the security context of the vulnerable site. This would result in a browser security violation, and could lead to the theft of authentication cookies of administrators.

1. PHP-Nuke Modules.PHP Denial Of Service Vulnerability BugTraq ID: 6465 Remote: Yes Date Published: Dec 23 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6465 Summary:

PHP-Nuke is a web-based portal system. Implemented in PHP, it is available for a range of systems, including Unix, Linux, and Microsoft Windows.

A denial of service vulnerability has been reported for the modules.php script used by PHP-Nuke. The vulnerability occurs because the modules.php script does not properly validate URI parameters.

An attacker can exploit this vulnerability by modifying the 'name' parameter when making a request for modules.php. This will prevent visitors to the site hosting PHP-Nuke from creating a new account thereby leading to a denial of service condition.

This vulnerability was reported for PHP-Nuke 6.0. It is not known whether earlier versions are affected.

1. Apache printenv Sample Script Cross Site Scripting Vulnerability BugTraq ID: 6466 Remote: Yes Date Published: Dec 23 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6466 Summary:

Apache is a freely available webserver for Unix and Linux variants, as well as Microsoft operating systems.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A cross site scripting vulnerability has been reported in a sample script included with Apache. The vulnerability exists in the 'printenv' sample script, which is typically installed in the 'cgi-bin' directory.

Due to insufficient sanitization of user-supplied input it is possible for an attacker to construct a malicious link which contains arbitrary HTML and script code. Attacker-supplied HTML and script code may be executed on a web client visiting the malicious link in the context of the vulnerable server.

This may be exploited to steal cookie-based authentication credentials.

It should be noted that this script is not installed as an executable script and any output is generated as plain text. However, some browsers may not properly interpret the TEXT/PLAIN MIME header and may render any output messages in HTML.

20. Hyperion FTP Server Buffer Overflow Vulnerability BugTraq ID: 6467
Remote: Yes
Date Published: Dec 23 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6467
Summary:

MollenSoft Hyperion FTP Server is a server that supports basic FTP functionality and more. It is available for the Microsoft Windows operating systems.

A vulnerability has been discovered in Hyperion FTP Server. It is possible for a remote attacker to trigger this vulnerability by passing an FTP parameter of excessive length.

By exploiting this issue to overwrite a functions instruction pointer it may be possible to redirect the servers flow of execution to malicious shellcode. Successful exploitation will result in arbitrary commands being executed with the privileges of the vulnerable server.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It should be noted that this vulnerability was discovered in version 2.8.11 of Hyperion FTP Server. It is not yet known whether this issue affects earlier versions.

This vulnerability is very similar to the issue described in BID 6345.

21. MATLAB Mex Local Command Execution Vulnerability BugTraq ID: 6470
Remote: No
Date Published: Dec 23 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6470
Summary:

MATLAB is a language and technical computing environment. It is available for a number of platforms, including Linux and Unix variants and Microsoft Windows.

MATLAB is prone to an issue which may allow local attackers to execute arbitrary commands with elevated privileges.

The MATLAB Mex script creates temporary files which are later executed to perform various actions. If an attacker can anticipate the name of a temporary file created by the Mex script, it is possible to create a malicious file in the place of the temporary file. The Mex script will then reportedly execute the malicious file.

Successful exploitation will result in arbitrary command execution with the privileges of the user running the Mex script.

This issue is compounded by the fact that Mex uses predictable names when creating temporary files, as described in BID 6469 "MATLAB Mex Insecure Temporary Files Vulnerability".

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

22. MATLAB Insecure Temporary Files Vulnerability BugTraq ID: 6468
Remote: No
Date Published: Dec 23 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6468
Summary:

MATLAB is a language and technical computing environment. It is available for a number of platforms, including Linux and Unix variants and Microsoft Windows.

MATLAB is prone to an issue which may allow local attackers to corrupt files.

MATLAB uses the process ID (PID) when naming temporary files. If an attacker can anticipate the name of temporary files created by MATLAB, then the attacker can place a malicious symbolic link in place of the temporary files. If the symbolic link points to a file which is writeable by the user running the program, then they will be corrupted when MATLAB performs any actions on temporary files.

This may result in critical files being overwritten. If an attacker can cause files to be overwritten with custom data, then it may be possible to elevate privileges.

23. MATLAB Mex Insecure Temporary Files Vulnerability BugTraq ID: 6469
Remote: No
Date Published: Dec 23 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6469
Summary:

MATLAB is a language and technical computing environment. It is available for a number of platforms, including Linux and Unix variants and Microsoft Windows.

MATLAB is prone to an issue which may allow local attackers to corrupt files.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The MATLAB Mex script uses the process ID (PID) when naming temporary files. If an attacker can anticipate the name of temporary files created by Mex, then the attacker can place a malicious symbolic link in place of the temporary files. If the symbolic link points to a file which is writeable by the user running the program, then they will be corrupted when the Mex script performs any actions on temporary files.

This may result in critical files being overwritten. If an attacker can cause files to be overwritten with custom data, then it may be possible to elevate privileges.

24. Internet Junkbuster Proxy Unauthorized Connections Vulnerability BugTraq ID: 6471
Remote: Yes
Date Published: Dec 23 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6471
Summary:

Internet Junkbuster is a utility that prevents a web browser from displaying advertisement images.

A vulnerability in Junkbuster may allow remote attackers to abuse the proxy to make unauthorized connections to arbitrary ports on any hosts that the proxy may access.

It is possible to exploit this issue using the CONNECT method to proxy an unauthorized connection to an arbitrary port on any host the proxy may access. The affected product does not appear to have a mechanism for restricting which ports can be connected to using the CONNECT method.

This vulnerability has been reported for Junkbuster 2.01. Junkbuster is installed as part of RedHat Linux's complete installation.

25. CHETCPASSWD Shadow File Disclosure Vulnerability BugTraq ID: 6472
Remote: Yes
Date Published: Dec 22 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6472
Summary:

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

CHETCPASSWD is a web-based utility which allows users to change their system passwords remotely. It is available for Unix and Linux variants.

CHETCPASSWD is prone to a vulnerability that may potentially cause the tail end of the local shadow file to be disclosed to a remote attacker.

It is possible to exploit this issue by sending an overly long string (120+ characters) as a value for the 'user' URI parameter in a request to the 'chetcpasswd.cgi'.

The type of information disclosed may aid the attacker in mounting further attacks against the system hosting the vulnerable software.

26. KDE smbview Readable Command Line Password Argument BugTraq ID: 6474
Remote: No
Date Published: Dec 23 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6474
Summary:

A vulnerability has been discovered in smbview shipped with the K Desktop Environment (KDE). It has been reported that smbview takes a user's password as a command-line argument. This presents a security risk as information passed via the command line may be viewable by other local users.

A malicious local attacker may take advantage of this issue to steal another legitimate user's SMB password. This may aid the attacker in launching further attacks against a target user.

27. Xpdf/CUPS pdftops Integer Overflow Vulnerability BugTraq ID: 6475
Remote: No
Date Published: Dec 23 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6475
Summary:

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The Xpdf pdftops filter is a utility for converting PDF files to PostScript. The pdftops filter also ships with CUPS.

The pdftops filter is prone to an integer overflow. As a result, it may be possible to corrupt memory (such as function pointers) with attacker-supplied data and cause arbitrary code to be executed. This condition may occur when the filter is supplied an oversized integer value as the number of elements for ColorSpace. It is also been reported that it is possible to trigger the integer overflow through other means.

The method of exploitation may vary. If an attacker can entice a user to print a malformed file from the command line using the vulnerable filter, it may be possible to execute code with the privileges of that user. Local exploitation may result in the attacker gaining the elevated privileges of the 'lp' user if the utility is installed setuid.

28. Melange Chat System msgText Remote Buffer Overflow Vulnerability BugTraq ID: 6477
Remote: Yes
Date Published: Dec 24 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6477
Summary:

Melange Chat System is a chat application developed by Christian Walter. Support for this program is no longer available.

A buffer overflow vulnerability has been identified for Melange Chat System 1.10. The vulnerability occurs in the 'interpret.c' source file in the 'chat_InterpretData()' function. Specifically, the overflow condition occurs in the msgText buffer.

An attacker can exploit this vulnerability to overwrite the vulnerable functions stack frame pointer, as well as part of the instruction pointer. Successful exploitation of this issue could make it possible for an attacker to execute arbitrary code as the server process. However, sending random data could cause the application to crash.

29. MHonArc m2h_text_html Filter Cross Site Scripting Vulnerability BugTraq ID: 6479
Remote: Yes
Date Published: Dec 21 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6479
Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

MHonArc is a Perl program designed to automatically parse email into a HTML based archive format.

A cross site scripting vulnerability has been reported for MHonArc.

A specially crafted HTML mail messages may be able to bypass existing HTML filtering techniques imposed by MHonArc. Any MHonArc archives that allow HTML content are vulnerable to this issue.

It has been reported that the vulnerability exists in the m2h_text_html::filter. Reportedly, the filter does not adequately remove, or strip, malicious HTML code from email messages.

This vulnerability has been reported to affect all versions of MHonArc 2.5.13 and earlier.

30. ncftpd STAT File Globbing Remote Buffer Overflow Vulnerability BugTraq ID: 6478
Remote: Yes
Date Published: Dec 24 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6478
Summary:

NcFTPd is a File Transfer Protocol (FTP) server for UNIX systems, designed for high-traffic sites and internet service providers.

A vulnerability has been reported for ncftpd. A buffer overflow exists in the STAT function when used in conjunction with file globbing. The issue likely occurs due to insufficient bounds checking of expanded character requests.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It is possible to trigger the overflow by passing a malicious STAT request containing recursive calls to a directory name of excessive length referenced using file globbing characters. When the request is expanded by the server the malicious request will overwrite sensitive memory. Successful exploitation of this vulnerability will allow an attacker to execute arbitrary commands with the privileges of the vulnerable ncftpd process.

It should be noted that this vulnerability has been reported to exist in version 2.7.1. Symantec has not yet been able to verify the existence of this bug.

III. SECURITYFOCUS NEWS AND COMMENTARY

1. XP audio vuln shout goes out By John Leyden, The Register

XP users were warned last week of a critical buffer overflow flaw in Windows Shell that can be used to run arbitrary code on victims' PCs.

http://online.securityfocus.com/news/1919

2. Rebels embrace new technology in war against government By Vanessa Arrington, The Associated Press

Tucked inside a small room in a downtown apartment building, an illiterate but mechanically brilliant rebel operates a remote control device.

http://online.securityfocus.com/news/1912

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. White House: Internet monitoring center wouldn't spy on e-mails By Ted Bridis, The Associated Press

The White House is proposing an Internet-wide monitoring center to detect and defend against major cyber-attacks, but the Bush administration sought Friday to ease worries it might scrutinize individual users' e-mails along with other data traffic.

http://online.securityfocus.com/news/1902

IV. SECURITYFOCUS TOP 6 TOOLS

1. 5pstats v0.0.5 by Jan Windischmann Relevant URL: http://www.windischmann.de/ Platforms: Linux Summary:

5pstats generates statistics about the pppd usage. It captures information about the amount of transferred bytes and the time you spent online and stores it in a MySQL database. It then generates HTML pages with several statistics.

2. ACiD alpha
by Roberto Larcher
Relevant URL:
http://webteca.port5.com/ACiD.htm
Platforms: FreeBSD, OpenBSD, Windows 2000, Windows NT, Windows XP Summary:

ACiD (ARP Change intrusion Detection) is a network monitoring tool that detects anomalies in IP to MAC pairs.

ACiD has been designed to evidence the anomalies that are due to active attacks on the network. For example is possible to detect arpspoof-like attacks.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. Advanced Net Tools (ANT) 2.7
by Mikersoft
Relevant URL:
http://www.mikersoft.com/ant/anttrial.zip Platforms: Windows 2000, Windows 95/98
Summary:

Share Scanner can scan any network for a list of shared drives. ARP Configuration allows you to add/remove ARP entries and view the ARP table all from a Windows GUI. Route Configuration allows you to add/remove Routing entries and view the route table all from a Windows GUI. Adapter Configuration allows you to view all adapters and add remove IP addresses of individual adapters using a Windows GUI. IP Configuration shows you all of the configuration information for all of the adapters on your system. Net Stats shows all of the current connections on your PC and their current state. It also shows what ports applications are listening on. You can set the refresh rate at any speed you wish. TraceRoute tells you how many hops (routers) are between your PC and another destination. It will also show you the slowest connection point. Network Scanner can scan any class A, B or C network for any list of open ports. Network Scanner takes advantage of multi-threading. You can use many threads to scan at the same time for quick results. You can save your port list to a text file. You can also save your list of found connections to a text file. Port Scanner can scan any computer for a list, or range of open ports. Set your speed of finding open ports by setting the timeout variable. Ping Utility allows you to change the size of the packets, the timeout, and the number of packets to ping. Advanced DNS Utility shows you extended information on a given hostname or IP address. You can also lookup the mail exchange servers, or domain name servers for a specific domain. Query types available: A, ANY, NS, MX, SOA. Command Test, a utility for connecting to an open port and testing commands. Works like a telnet client but you can send 1 line at a time. Whois Client where you can configure the whois server for multiple DNS name types. With ANT you don't even need to use the main GUI interface, all menus are accessible from the system tray icon.

4. Advisor v1.2.6-3
by miron
Relevant URL:
http://www.niftybox.com/download.php
Platforms: Linux
Summary:

Advisor monitors a security advisory database and sends alerts whenever an advisory affects an installed software package. For example, if there is a security advisory regarding Apache, and you have Apache installed, a notification will be sent out. Currently, RedHat and Mandrake are supported.

5. Airfart v.1a
by Michael Golden
Relevant URL:
http://airfart.sf.net
Platforms: Linux, POSIX
Summary:

Airfart is a wireless tool created to detect wireless devices, calculate their signal strengths, and present them to the user in an easy-to-understand fashion. It supports all wireless network cards supported by the linux-wlan-ng Prism2 driver that provide hardware signal strength information in the "raw signal" format (ssi_type 3).

6. AirSnort v0.0.9
by Jeremy Bruestle and Blake Hegerle laertes@melvin.net Relevant URL:
http://airsnort.sourceforge.net/
Platforms: Linux, POSIX
Summary:

AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

V. SECURITY JOBS SUMMARY

1. Holiday Break - Holiday Wishes (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/304122

2. SecurityJobs List Shutdown (Holidays) (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/304112

VI. INCIDENTS LIST SUMMARY

1. RPAT - Realtime Proxy Abuse Triangulation (Thread) Relevant URL:

http://online.securityfocus.com/archive/75/304434

2. Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second (Thread) Relevant URL:

http://online.securityfocus.com/archive/75/304432

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. TsInternetUser priv. escalation; blank passwords; service passwords (Thread) Relevant URL:

http://online.securityfocus.com/archive/75/304334

4. strange traffic (Thread)
Relevant URL:

http://online.securityfocus.com/archive/75/304348

5. hpd, afb, sc, and sn (Thread)
Relevant URL:

http://online.securityfocus.com/archive/75/304338

6. Compromised System RH7.3-ICMP-STP-DoS (Thread) Relevant URL:

http://online.securityfocus.com/archive/75/304214

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

7. port 3717/udp? (Thread)
Relevant URL:

http://online.securityfocus.com/archive/75/304213