SecurityFocus Newsletter #188

SecurityFocus Newsletter #188

This Issue is Sponsored By: NetIQ

Need security policies? Don't start from scratch..."Information Security Policies Made Easy" is the best security policy resource guide you can buy with 1300+ ready-to-use security policies that can be quickly customized for any company. Build best practice security policies in half the time and expense. Also check out "Information Security Roles & Responsibilities Made Easy. "

Download a free policy now at http://www.netiq.com/order/publications.asp

I. FRONT AND CENTER

1. Open Source Honeypots, Part Two: Deploying Honeyd in the Wild
2. IP Spoofing: An Introduction
3. Iraqi Cyberwar: an Ageless Joke
4. SecurityFocus DPP Program II. BUGTRAQ SUMMARY
5. DBTools DBManager Professional Information Disclosure Weakness
6. MySQL Control Center Insecure Default File Permission...
7. NetScreen ScreenOS Loss of Configuration Vulnerability
8. Wordit Logbook Logbook.pl Remote Command Execution Vulnerability
9. Clearswift MailSweeper Malformed MIME Attachment Filter Bypass...
10. SimpleBBS Users.php Insecure File Permissions Vulnerability
11. Microsoft Windows XP Safe Mode Policy Bypass Weakness
12. PostNuke Phoenix Member_List Module SQL Injection Vulnerability
13. PostNuke Phoenix Theme Handling Remote Code Execution...
14. Ethereal SOCKS Dissector Format String Vulnerability
15. Ethereal NTLMSSP Dissector Heap Corruption Vulnerability
16. Upload Lite Arbitrary File Upload Vulnerability
17. MySQL mysqld Privilege Escalation Vulnerability
18. PeopleSoft PeopleTools SchedulerTransfer Remote Command
19. GreyMatter WebLog Remote Command Execution Vulnerability
20. Microsoft Internet Explorer .MHT File Buffer Overflow...
21. DeleGate HTTP Proxy Robot.TXT User-Agent: Buffer Overflow...
22. Opera Long Filename Download Buffer Overrun Vulnerability
23. Qpopper Remote Memory Corruption Vulnerability
24. SMC Router Backup Tool Plaintext Password Weakness
25. LXR Cross-Referencer Arbitrary File Disclosure Vulnerability
26. Multiple PHP-Nuke Forums/Private_Messages SQL Injection...
27. VPOPMail vpopmail.php Remote Command Execution Vulnerability
28. HP VVOS 11.04 HFS Unauthorized Access Vulnerability
29. Sun SUNWlldap Library Hostname Buffer Overflow Vulnerability
30. Man Program Unsafe Return Value Command Execution Vulnerability
31. Multitech RouteFinder Remote Memory Corruption Vulnerability
32. SaveMyModem Statusbar_Set_Text Buffer Overflow Vulnerability
33. HP J6038A JetDirect 310x Print Server For Fast Ethernet... III. SECURITYFOCUS NEWS ARTICLES
34. Hi-Tech Surveillance Firm Prospers
35. Homeland Cybersecurity Efforts Doubted
36. RSA and Verisign beat SSL patent infringement rap
37. For sale: memory stick plus cancer patient records IV.SECURITYFOCUS TOP 6 TOOLS
38. KisMAC v0.04a
39. psmon v1.0.0
40. eXtended Allow - Deny list for PAM v0.4
41. C-Kermit v8.0.208
42. trafcalc v1.0
43. Ish v1.5.1
44. SECURITYJOBS LIST SUMMARY
45. Looking for Disaster Recovery Analyst for Los Angeles CA (Thread)
46. Any hints for Australia? (Thread)
47. Experienced Security Professional looking for Bay Area...
48. Experienced Security Software consultant, CISSP (Thread)
49. INFOSEC Systems Engineer (Thread)
50. FW: IT Security Evangelist for Italy (Thread)
51. Senior Security Engineer/Analyst (Thread)
52. Senior Engineering Manager-Security (Thread)
53. Systems Engineer-Chicago, Minneapolis, Houston and St. Louis...
54. Information Security Manager, UK (Thread)
55. Security Engineer (Thread)
56. Security Awareness & Training Manager vacancy (Thread)
57. Account Executive (Thread)
58. Looking for a job in England (Thread)
59. Sales Engineer, APac (Thread)
60. Senior Level Security Consultant needed in DC (Thread)
61. RACF Project Sought - 20 Year Veteran Supporting RACF DB2...
62. PFR Thread (Thread) VI. INCIDENTS LIST SUMMARY
63. CodeRed Observations. (Thread)
64. New article announcement: Open Source Honeypots, Part Two...
65. unidentified DOS "bad traffic" (Thread)
66. Defaced website listing... (Thread)
67. Windows Rootkits/API Hooking (Thread)
68. [unisog] Re: Port 109 Mystery (Thread)
69. FW: CodeRed Observations. (Thread)
70. CANADA.EXE Findings (Thread)
71. tcp/25 (smtp) and tcp/24942 (unk) (Thread)
72. Port 109 Mystery (Thread)
73. [unisog] Port 109 Mystery (Thread)
74. The Return of Code Red II? (Thread)
75. Hosts File "Girlnextdoor_" (Thread)
76. DeLoder technical analysis (Thread)
77. against illegal arp update (Thread)
78. Solved !! "Girlnextdoor_" TCP Ports 1025/1028 (Thread)
79. FW: Alert: New Code Red F worming its way through the 'net...
80. SV: The Return of Code Red II? (Thread)
81. Possibly Unknown Virus? (Thread)
82. CANADA.EXE program (Thread)
83. [Snort-sigs] Snort Signatures for LSD-PL.NET Exploit (Thread)
84. Unknown attack, possible trojan? (Thread)
85. [Full-Disclosure] Bypassing Black Ice PC protection? (Thread)
86. worm/Trojans are taking advantage of default path of Windows...
87. Real-world attacks on sendmail CA-2003-07 seen (Thread)
88. Port 3335 (Thread)
89. W2K Compromise - PipeCmdSrv (Thread)
90. UPDATE: Possibly Unknown Virus? Care to help me analyze?!?...
91. Possibly Unknown Virus? Care to help me analyze?!? (Thread)
92. sendmail exploit or ill formatted spam (Thread)
93. Snort Signatures for LSD-PL.NET Exploit (Thread)
94. Increase in Scans of Port 445? (Thread)
95. New virus outbreak. (Thread)
96. Solved !! "Girlnextdoor_" TCP Ports 1025/1028 (Thread)
97. Bypassing Black Ice PC protection? (Thread)
98. new ddos client? (Thread)
99. New virus outbreak? (Thread)
100. Open mail relay surge (Thread) VII. VULN-DEV RESEARCH LIST SUMMARY
101. Outlook HTML crash (Thread)
102. su core dumped with signal 3. BSD/OS 3.0, 3.1 (Thread)
103. Win32hlp exploit for : ":LINK overflow" (Thread)
104. Apache 2.x leaked descriptors (Thread)
105. gtali Segmentation fault (Thread)
106. FW: Outlook HTML crash (Thread)
107. Mordred Security Labs now online (Thread)
108. xscreensaver exploit for Redhat 7.3 (Thread)
109. Windows Shellcode - Using Detached_Process flag (Thread)
110. Why SUID Binary exploit does not yield root shell? (Thread)
111. /usr/sbin/sendmail (Thread)
112. Fwd: Kazaa file corruption (Thread) VIII. MICROSOFT FOCUS LIST SUMMARY
113. SQL Service Pack doesn't upgrade SQL Server (Thread)
114. Exchange/MAPI/RPC (Thread)
115. DisableIPSourceRouting registry key (Thread)
116. SecurityFocus Microsoft Newsletter #128 (Thread)
117. AW: Exchange/MAPI/RPC (Thread)
118. SV: DisableIPSourceRouting registry key (Thread)
119. Worm.Dvldr analysis report (Thread)
120. Article Announcement: Cryptographic Filesystems: Design and...
121. Free SQL chapter available on www.SpecialOpsSecurity.com (Thread)
122. AD replication - IP site to site encryption? (Thread)
123. User rights on Terminal Services (Thread) IX. SUN FOCUS LIST SUMMARY
124. Solaris disk wipe utilitiy? (Thread)
125. Sun Security Admin Beta Exam.... (Thread)
126. SecurityFocus Article Announcement - Cryptographic Filesystems...
127. Kernel modules (Thread)
128. Administrivia (Thread)
129. LINUX FOCUS LIST SUMMARY
130. Port 113 security (Thread)
131. Traffic Shaping. (Thread)
132. SecurityFocus Article Announcement (Thread) XI. SPONSOR INFORMATION
133. FRONT AND CENTER

     ---

134. Open Source Honeypots, Part Two: Deploying Honeyd in the Wild By Lance Spitzner

This is the second part of a three-part series looking at Honeyd, the open source honeypot. In this paper we we will deploy Honeyd on the Internet for one week and watch what happens. The intent is to test Honeyd by letting real bad guys interact with and attack it. We will then analyze how the honeypot performed and what it discovered

http://www.securityfocus.com/infocus/1675

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. IP Spoofing: An Introduction
by Matthew Tanase

Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking. It should come as no surprise then, that criminals who conduct their nefarious activities on networks and computers should employ such techniques. IP spoofing is one of the most common forms of on-line camouflage. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine by spoofing” the IP address of that machine. In this article, we will examine the concepts of IP spoofing: why it is possible, how it works, what it is used for and how to defend against it.

http://www.securityfocus.com/infocus/1674

3. Iraqi Cyberwar: an Ageless Joke
By George Smith

Did U.S. infowar commandos smuggle a deadly computer virus into Iraq inside a printer? Of course not. So why does it keep getting reported?

http://www.securityfocus.com/columnists/147

4. SecurityFocus DPP Program

Attention Universities!! Sign-up now for preferred pricing on the only global early-warning system for cyber attacks - SecurityFocus DeepSight Threat Management System.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml

II. BUGTRAQ SUMMARY

1. DBTools DBManager Professional Information Disclosure Weakness BugTraq ID: 7040 Remote: No Date Published: Mar 07 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7040 Summary:

DBManager Professional is database management software for MySQL and PostgreSQL. It is available for Microsoft Windows operating systems.

Sensitive DBManager Professional configuration information, including authentication credentials, is stored in plaintext on the system hosting the software. This information is typically stored in the "catalog.mdb" in the "DATA" directory of the program folder.

It has been reported that this information may also be readable by other local users in the default installation of the software. As a result, sensitive information which is sufficient to compromise the database may be exposed to malicious local users.

2. MySQL Control Center Insecure Default File Permission Vulnerability BugTraq ID: 7041
Remote: No
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7041
Summary:

MySQL Control Center (MySQLCC) is a visual administration interface for MySQL database servers and is available for multiple platforms.

A vulnerability has been discovered in MySQLCC. The problem lies in the permissions set on various files used by MySQLCC. Specifically, configuration and connection files used by the application are set world-readable. This may allow a malicious local user to obtain access to sensitive information regarding various MySQL configuration settings.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Access to these files may allow an attacker to obtain information required to carry out further attacks against a target system.

This issue has been addressed in MySQLCC 0.8.9.

3. NetScreen ScreenOS Loss of Configuration Vulnerability BugTraq ID: 7042
Remote: Yes
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7042
Summary:

NetScreen is a line of Internet security appliances integrating firewall, VPN and traffic management features. ScreenOS is the software used to manage and configure the firewall. NetScreen supports Microsoft Windows 95, 98, ME, NT and 2000 clients.

Under certain circumstances, the device may lose its configuration during periods of heavy load.

When the configuration is lost, the device will revert to its factory configuration settings, which rejects all inbound traffic on the untrusted interface. At the same time, the device will NAT all traffic on the trusted interface to the untrusted interface. The external network will not be accessible to the internal network since the device no longer has a default route defined. This results in a denial of service to external hosts requiring access to resources behind the device and internal hosts requiring access to resources on the external network.

In addition, if the default settings are considered insecure, this condition may result in an exposure.

4. Wordit Logbook Logbook.pl Remote Command Execution Vulnerability BugTraq ID: 7043
Remote: Yes
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7043
Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Wordit Logbook is a web-based journal implemented in Perl.

Wordit Logbook is prone to a remote command execution vulnerability. This issue is present in the 'logbook.pl' script.

Logbook does not sufficiently sanitize user-supplied input. Data supplied via the 'file' URI parameter will be passed to a Perl open() call. As a result, it may be possible for a remote attacker to execute arbitrary commands in the context of the web server process.

A remote attacker may exploit this condition to gain local, interactive access to the underlying host.

This vulnerability was reported to affect Wordit Logbook version 098b3 previous versions may also be affected.

5. Clearswift MailSweeper Malformed MIME Attachment Filter Bypass Vulnerability BugTraq ID: 7044
Remote: Yes
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7044
Summary:

ClearSwift MailSweeper is an SMTP gateway email filtering product. It allows filtering based on email content, source, destination and attachments.

MailSweeper fails to filter certain types of malformed MIME attachments, allowing potentially malicious attachments through.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

RFC 2045 states that if a MIME-Version field is absent, the receiving mail agent may choose to interpret the body of the message in order to determine the content since it cannot be assumed that all non-MIME messages are in US-ASCII plain text.

If an executable attachment does not contain a MIME-Version field, MailSweeper does not attempt to interpret the content type of the MIME attachment. MailSweeper then fails to identify the attachment as being an executable file type and allows it through the filter. This could result in a malicious executable attachment bypassing the filter and being executed by the recipient.

Other file types may be allowed through the filter in this way, however, this has not been confirmed.

The discoverer of this vulnerability states that the vendor has released an advisory, however, the vendor has not made any public confirmation.

6. SimpleBBS Users.php Insecure File Permissions Vulnerability BugTraq ID: 7045
Remote: Yes
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7045
Summary:

SimpleBBS is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems.

SimpleBBS reportedly creates the user database 'users.php' with world-readable permissions in the SimpleBBS web root. User credentials are stored in plain text format. As a result anyone who may have access to the SimpleBBS website may view stored user information contained in the SimpleBBS user database.

This vulnerability was reported for SimpleBBS 1.0.6. It is not known if earlier versions are affected by this vulnerability.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

7. Microsoft Windows XP Safe Mode Policy Bypass Weakness BugTraq ID: 7046
Remote: No
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7046
Summary:

Microsoft Windows allows users to start the operating system in "Safe Mode" to allow troubleshooting of configuration settings and device driver conflicts.

The Microsoft Knowledgebase states that only members of the local Administrators group are able to log in to a system that has been started in Safe Mode.

When the Windows XP "Welcome Screen" is enabled, it is possible for unprivileged users to log into the system when it is started in Safe Mode. Normally in Safe Mode with the Welcome Screen enabled, only the names of administrative accounts are visible. If the user holds down the left CTRL and ALT keys and presses delete twice, the normal login prompt will be displayed. At this point, an unprivileged user can log in to the system in Safe Mode.

8. PostNuke Phoenix Member_List Module SQL Injection Vulnerability BugTraq ID: 7047
Remote: Yes
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7047
Summary:

A vulnerability has been discovered in PostNuke Phoenix v0.723 and earlier. Specifically, the Members_List module fails to sufficiently sanitize user-supplied input, making it prone to SQL injection attacks.

Exploitation may allow for modification of SQL queries, resulting in information disclosure, or database corruption. The consequences depend on the nature of specific queries. This issue may allow the attacker to exploit latent vulnerabilities in the underlying database.

It should be noted that the precise technical details regarding this vulnerability are currently unknown. This BID will be updated as more information is made available.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

9. PostNuke Phoenix Theme Handling Remote Code Execution Vulnerability BugTraq ID: 7048
Remote: Yes
Date Published: Mar 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7048
Summary:

A vulnerability has been discovered in PostNuke Phoenix 0.723 and earlier. The problem occurs in the theme handling engine and may be triggered through the use of directory traversal sequences.

Although unconfirmed, it may be possible to exploit this issue to execute arbitrary commands on a target server with the privileges of the webserver.

The precise technical details regarding this issue are currently unknown. This BID will be updated as more information is made available.

1. Ethereal SOCKS Dissector Format String Vulnerability BugTraq ID: 7049 Remote: Yes Date Published: Mar 08 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7049 Summary:

Ethereal is a freely available, open source network traffic analysis tool. It is maintained by the Ethereal Project and is available for most Unix and Linux variants as well as Microsoft Windows operating systems.

The Ethereal SOCKS dissector is a mechanism for decoding the SOCKS protocol. A format string vulnerability has been reported in some versions of this dissector. The vulnerability exists in the packet-socks.c source file.

An attacker can exploit this vulnerability by connecting to a vulnerable SOCKS server and sending malicious format string specifiers to the SOCKS server. If Ethereal is being used as a security tool to monitor network packets, it is possible that sensitive memory may be corrupted.

This has been confirmed to result in a denial of service condition. Additionally, it may be possible to cause Ethereal to execute malicious attacker-supplied code.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability affects Ethereal 0.9.9 and earlier.

1. Ethereal NTLMSSP Dissector Heap Corruption Vulnerability BugTraq ID: 7050 Remote: Yes Date Published: Mar 08 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7050 Summary:

Ethereal is a freely available, open source network traffic analysis tool. It is maintained by the Ethereal Project and is available for most Unix and Linux variants as well as Microsoft Windows operating systems.

The NTLMSSP (NTLM Security Support Provider) dissector is a mechanism for evaluating packets that use the NTLM protocol. A heap corruption vulnerability has been reported for some versions of the dissector.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

An attacker may be able to exploit this vulnerability by crafting a specially formed packet and sending it to a system using the NTLMSSP dissector or by convincing a victim user to use Ethereal to read a malformed packet trace file.

Due to the nature of this vulnerability it may be possible for an attacker to create a situation in which sensitive memory could be overwritten. If successful this may allow for the execution of arbitrary code with the privileges of the Ethereal process.

This vulnerability affects Ethereal 0.9.9 and earlier.

1. Upload Lite Arbitrary File Upload Vulnerability BugTraq ID: 7051 Remote: Yes Date Published: Mar 08 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7051 Summary:

Upload Lite is a Perl CGI script designed to allow remote users to upload files to a server.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A vulnerability has been reported for Upload Lite that may allow remote attackers to upload arbitrary files.

Specifically, the script only checks to see whether the file to be uploaded has a certain extension. As such, any file that includes the allowed extensions may be uploaded. Any uploaded files will be stored in the specified folder.

Given the ability to upload arbitrary files to the host, an attacker can exploit this vulnerability to upload malicious applications to the vulnerable system or use the system for the storage of files.

This vulnerability was reported for Upload Lite 3.22.

1. MySQL mysqld Privilege Escalation Vulnerability BugTraq ID: 7052 Remote: Yes Date Published: Mar 08 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7052 Summary:

MySQL is an open source relational database project. It is available for the Microsoft Windows, Linux, and Unix operating systems.

A vulnerability has been discovered for MySQL that may allow the mysqld service to start with elevated privileges.

MySQL uses a series of configuration files to set the privileges of the service. The configuration files are typically stored in /etc/my.cnf, DATADIR/my.cnf and ~/.my.cnf. When executed, the mysqld service reads configuration information from /etc/my.cnf first, then DATADIR/my.cnf and finally ~/.my.cnf.

An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line 'user=root' under the '[mysqld]' option section. Furthermore, the ~/.my.cnf file must not exist.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

When the mysqld service is executed, it will run as the root user instead of the default user.

This may allow an attacker to obtain elevated privileges on a compromised system.

This vulnerability was reported for MySQL 3.23.55.

1. PeopleSoft PeopleTools SchedulerTransfer Remote Command Execution Vulnerability BugTraq ID: 7053 Remote: Yes Date Published: Mar 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7053 Summary:

PeopleTools is a runtime architecture and integrated development environment for PeopleSoft financial management software.

A remote command execution vulnerability exists in the PeopleSoft PeopleTools "SchedulerTransfer" servlet. This servlet facilitates migration of reports.

This issue occurs because the servlet does not sufficiently validate externally supplied data. Exploitation may allow malicious files to be written to the system hosting the software and executed with the privileges of the web server.

It is possible to overwrite existing Java servlet with malicious data by submitting a request that contains directory traversal sequences, though this is only one possible attack.

The servlet is installed by default in many PeopleSoft installations and also permits access by unauthenticated remote users by default.

1. GreyMatter WebLog Remote Command Execution Vulnerability BugTraq ID: 7055 Remote: Yes Date Published: Mar 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7055 Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

GreyMatter WebLog is an open source weblog software package available for the Unix and Linux operating systems.

A problem in the software may allow unauthorized access to systems using the vulnerable software.

It has been reported that a problem in GreyMatter weblog may allow unauthorized access to systems. Due to improper sanitization of untrusted input, it may be possible for a remote user to execute commands on the local system.

The problem is in the handling of user comments by the weblog software. Due to improper sanitization of the input passed through the weblog comments fields, an attacker could potentially insert specially crafted commands such as <?php system(echo($cmd)) ?>. This would in turn result in the execution of these commands with the privileges of the web server process.

1. Microsoft Internet Explorer .MHT File Buffer Overflow Vulnerability BugTraq ID: 7057 Remote: Yes Date Published: Mar 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7057 Summary:

Microsoft Internet Explorer allows a web page and all content embedded within to be saved in a Web Archive format using Multipurpose Internet Mail Extension HTML (MHTML) format. This format saves the entire page and all the embedded content as a single .mht file.

The .mht files are encoded and decoded by the inetcomm.dll component. This component does not appear to perform sufficient bounds checking on the .mht files.

If encoded data within the .mht file is designated as executable or the Content-Type is not defined and has a single word 'MZP' encoded within, a buffer will be overrun and Internet Explorer will fail. If the encoded content begins with 'TvPQ' it will be interpreted by Internet Explorer as a Win32 executable file, but inetcomm.dll will decode it as plain text data and assign a small buffer to the data.

Internet Explorer creates a stream for the executable file with a smaller buffer than is required by the Base64 decoder. This results in the buffer being overrun and Internet Explorer failing. The EIP register may also be overwritten, potentially allowing for execution of arbitrary code within the security context of Internet Explorer.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The Web Archive feature was introduced in Internet Explorer 5, therefore earlier versions are not affected. Outlook Express must be installed in order to obtain the Web Archive functionality through Internet Explorer.

Applications that use Internet Explorer to render HTML content, such as Outlook and Outlook Express, may also be indirectly vulnerable. An HTML email message containing a malicious .mht file would be executed by Internet Explorer.

1. DeleGate HTTP Proxy Robot.TXT User-Agent: Buffer Overflow Vulnerability BugTraq ID: 7054 Remote: Yes Date Published: Mar 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7054 Summary:

DeleGate is an open source proxy server developed by Yutaka Sato. DeleGate allows for proxying of several application protocols, including HTTP. It is available for multiple platforms, including Microsoft Windows and Unix and Linux variants.

The DeleGate HTTP Proxy component is prone to a remotely exploitable buffer overflow vulnerability. This is due to insufficient bounds checking of User-Agent: fields in remote 'robot.txt' files. It is reported that it is possible to trigger this issue by specifying multiple lines of User-Agent: data in the file, which will cause an internal array of pointers to be overflowed with attacker-supplied data. This will occur when a malicious 'robot.txt' file is retrieved via the proxy.

Successful exploitation may result in execution of malicious code in the security context of the DeleGate proxy server.

This issue was reported in DeleGate versions 8.3.4 and 8.4.0. Other versions may also be affected.

1. Opera Long Filename Download Buffer Overrun Vulnerability BugTraq ID: 7056 Remote: Yes Date Published: Mar 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7056 Summary:

Opera is a web browser available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

A vulnerability has been discovered in various versions of Opera on the Microsoft Windows platform.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

When specific types of files are downloaded by Opera, the transfer is displayed within a 'Download Dialog'. Due to insufficient bounds checking when processing the requested filename, it may be possible for memory to be corrupted.

Specifically, when a filename is to be displayed within the 'Download Dialog' the type of file must be verified. When this occurs, the filename in question is copied into a static buffer on the stack.

By hosting a downloadable file containing a name of excessive length, it may be possible for an attacker to overwrite sensitive memory locations within Opera. Successful exploitation of this issue would result in the execution of arbitrary attacker-supplied commands.

It should be noted that this issue affects Opera versions 6 and 7 on the Microsoft Windows platform.

1. Qpopper Remote Memory Corruption Vulnerability BugTraq ID: 7058 Remote: Yes Date Published: Mar 10 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7058 Summary:

Qpopper is a POP3 mail server available for Linux and Unix based systems. A vulnerability has been discovered when calling the 'mdef' command. The issue presents itself due to the incorrect assumption of the Qvsnprintf() function. The function is meant to be a replacement for the C function vsnprintf() but, unlike the latter function, Qvsnprintf() fails to NULL terminate buffers.

A memory corruption vulnerability has been discovered in Qpopper when processing a malicious 'mdef' command, as a result of the lack of NULL termination by Qvsnprintf(). The vulnerability specifically occurs in the pop_msg() function when filling the 'message' buffer with a user-supplied macro name. The pop_msg() function incorrectly assumes that the 'message' buffer will be null terminated after being filled via the Qvsnprintf() function. A CRLF sequence and null terminator (CRLF+N) is later appended to the data which may overwrite memory at a location adjacent to the buffer.

By exploiting this to overwrite the LSB of a saved frame pointer, it is possible to influence the program in such a way that attacker-supplied instructions can be executed.

This vulnerability affects Qpopper versions 4.0.4 and earlier. It should be noted that the exploitability of this issue is highly dependant on the memory layout, which will likely be influenced by compiler optimization.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

20. SMC Router Backup Tool Plaintext Password Weakness BugTraq ID: 7059
Remote: No
Date Published: Mar 10 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7059
Summary:

SMC SMC7004VWBR is a wireless Cable/DSL broadband router with integrated wireless access point and SPI firewall.

It has been reported that the SMC router backup tool stores router administration credentials in plaintext format. The router administration password is stored in the file 'backup_config.exe'. Furthermore, the password is prefixed by the word 'root' making it easily identifiable by an attacker.

This weakness may result in unauthorised users disclosing sensitive router configuration information from the router backup file.

This vulnerability has been reported to affect SMC SMC7004VWBR devices, however other products may also be affected.

21. LXR Cross-Referencer Arbitrary File Disclosure Vulnerability BugTraq ID: 7062
Remote: Yes
Date Published: Mar 10 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7062
Summary:

LXR Cross-Referencer is a general purpose source code indexer and cross-referencer that provides web-based browsing of source code.

It has been reported that LXR Cross-Referencer does not sufficiently sanitize user-supplied input submitted via URI parameters. Specifically data supplied via the 'v' variable to the 'source' script is not sufficiently stripped of directory traversal (../) sequences.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Allegedly, the exploitation of this vulnerability may result in the disclosure of arbitrary web server readable files.

Successful exploitation may permit the attacker to gain access to sensitive information that may aid in mounting further attacks against the system hosting the software.

22. Multiple PHP-Nuke Forums/Private_Messages SQL Injection Vulnerabilities BugTraq ID: 7060
Remote: Yes
Date Published: Mar 10 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7060
Summary:

PHP-Nuke is a web-based portal system. Implemented in PHP, it is available for a range of systems, including Unix, Linux, and Microsoft Windows.

Multiple SQL injection vulnerabilities were reported in the Forums scripts and 'Private_Messages' module of PHP-Nuke. This is due to insufficient sanitization of externally supplied data which is used to construct SQL queries. This data may be supplied via URI parameters in requests for certain functions. A remote attacker may take advantage of these issues to inject malicious data into SQL queries, possibly resulting in modification of query logic.

The consequences may vary depending on the particular database implementation and the nature of the specific queries. At the very least, it is possible to compromise the PHP-Nuke web portal. SQL injection also makes it possible, under some circumstances, to exploit vulnerabilities that may exist in the database implementation.

This BID will be divided into separate BIDs for each distinct issue and retired when further analysis of these vulnerabilities is complete.

23. VPOPMail vpopmail.php Remote Command Execution Vulnerability BugTraq ID: 7063
Remote: Yes
Date Published: Mar 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7063
Summary:

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

VPOPMail is a plugin designed for use with SquirrelMail. It is implemented in PHP and allows a user to manage a qmail system with virtual domains.

A vulnerability has been reported for VPOPMail that may allow attackers to execute arbitrary commands on a vulnerable system. The vulnerability exists due to insufficient sanitization of user-supplied input.

As the vpopmail.php script does not properly sanitize the values for the '$vpasswd', '$username' and '$pwd' variables, it is possible for an attacker to include malicious system commands by manipulating URI parameters. This will result in the execution of the attacker-supplied commands with the privileges of the web server.

This vulnerability was reported for VPOPMail 0.97 and earlier.

24. HP VVOS 11.04 HFS Unauthorized Access Vulnerability BugTraq ID: 7065
Remote: No
Date Published: Mar 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7065
Summary:

Virtual Vault Operating System (VVOS) is a commercially-available operating system distributed by HP.

HP has announced a vulnerability in the HP VVOS HFS file system that may result in unauthorized file access by malicious parties. Unauthorized access to files may allow for disclosure of sensitive information or other consequences.

HP has not released further technical details about the nature of this vulnerability. If further details do become available, this BID will be updated.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

25. Sun SUNWlldap Library Hostname Buffer Overflow Vulnerability BugTraq ID: 7064
Remote: Yes
Date Published: Mar 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7064
Summary:

The SUNWlldap package, available for Sun Solaris x86, includes various LDAP clients and an LDAP client library used to provide programmatic access to the LDAP protocol.

The SUNWlldap package has been reported vulnerable to a buffer overflow condition.

Reportedly if LDAP is enabled in the '/etc/nsswitch.conf' system file, an application that is linked to the LDAP shared library may be affected by this vulnerability.

Using an affected application to resolve a malicious hostname of excessive length can trigger the overflow. This condition is likely due to insufficient bounds checking, when the hostname is processed a buffer will be overrun and sensitive locations in memory will be overwritten.

Exploitation of this vulnerability may lead to arbitrary code execution within the context of the application utilizing the vulnerable LDAP library.

It should be noted that, although it has not been confirmed, the vulnerability might occur in the getbyname() function.

This vulnerability has been reported to affect 'SUNWlldap 11.8.0' previous versions may also be affected.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

26. Man Program Unsafe Return Value Command Execution Vulnerability BugTraq ID: 7066
Remote: No
Date Published: Mar 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7066
Summary:

Man is a freely available, open source manual page program. It is available mainly for Linux operating systems, though it can be used on other UNIX operating system variants.

A problem with the program may make it possible to launch local attacks on users through malicious man pages.

It has been reported that the man program does not properly handle some types of input. When a man page is processed that could pose a potential security risk, the program reacts in a way that may open a window of opportunity for an attacker to execute arbitrary commands.

The problem is in the value returned by the man program when a potentially dangerous man page is processed. The man program returns the string 'unsafe' which is in turn passed to a system() call. If a program located in the user's path was named 'unsafe' the program would be executed with the privileges of the man program user.

27. Multitech RouteFinder Remote Memory Corruption Vulnerability BugTraq ID: 7067
Remote: Yes
Date Published: Mar 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7067
Summary:

A vulnerability has been discovered in Multitech RouteFinder 550 VPN firmware release 4.63 and earlier. The problem occurs due to insufficient bounds checking of data supplied in HTTP GET requests. Specifically, it is possible to trigger the condition by sending a GET /OPTIONS request to a vulnerable device, containing at least 10001 bytes of data.

Passing excessive data to the device may make it possible for a remote attacker to corrupt memory.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Successful exploitation of this bug may result in a denial of service, causing the device to crash. A manual restart would be required to restore functionality.

Although it has not been confirmed, it may also be possible for an attacker to exploit this issue to execute arbitrary commands.

28. SaveMyModem Statusbar_Set_Text Buffer Overflow Vulnerability BugTraq ID: 7068
Remote: Yes
Date Published: Mar 10 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7068
Summary:

SaveMyModem is mail filtering software. It is available for Microsoft Windows and Unix and Linux platforms.

SaveMyModem is prone to a buffer overflow in the 'statusbar_set_text' function. In some instances, this function will be called with externally supplied data, such as when messages are processed. The vulnerable function includes a call to vsnprintf(), specifying a source buffer that is much larger than the destination buffer.

When the vulnerable function is called with externally supplied data, it may be possible to corrupt sensitive regions of data. This may potentially occur if a message is processed with an excessively long subject.

Successful exploitation will result in code execution in the context of the SaveMyModem process.

29. HP J6038A JetDirect 310x Print Server For Fast Ethernet Unspecified Vulnerabilities BugTraq ID: 7070
Remote: Yes
Date Published: Mar 12 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7070
Summary:

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The HP JetDirect 310x is a series of network print servers.

Unspecified vulnerabilities have been reported by HP in J6038A JetDirect 310x Print Servers running version Q.24.06 firmware. Unauthorized access to print servers may result from successful exploitation. A potential for denial of service attacks has also been reported by the vendor.

HP has released a firmware upgrade in response.

This BID will be updated if further technical details become available.

III. SECURITYFOCUS NEWS AND COMMENTARY

1. Hi-Tech Surveillance Firm Prospers By Kevin Poulsen

If you're under FBI surveillance, there's a good chance your phone calls and Internet traffic are traveling over the equipment of Verint Systems -- a company that's doing very well these days.

http://www.securityfocus.com/news/3115

2. Homeland Cybersecurity Efforts Doubted By Michael Fitzgerald

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

As the new Department of Homeland Security swallows nearly every cybersecurity office in the U.S. government, high-profile leaders are jumping ship, and analysts worry that only meager funding and muddled goals remain.

http://www.securityfocus.com/news/3043

3. RSA and Verisign beat SSL patent infringement rap By John Leyden, The Register

An American jury has rejected claims by a retired Florida engineer that RSA Security and VeriSign infringed his encryption patent.

http://www.securityfocus.com/news/3130

4. For sale: memory stick plus cancer patient records By John Leyden, The Register

Health bosses in Lancashire are facing awkward questions after confidential medical records of 13 cancer patients found there way onto a portable memory stick, which was repackaged and sold as new to a Crewe estate agent.

http://www.securityfocus.com/news/3129

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

IV. SECURITYFOCUS TOP 6 TOOLS

1. KisMAC v0.04a by mick Relevant URL: http://kismac.binaervarianz.de/ Platforms: MacOS Summary:

KisMAC is a stumbler application for Mac OS X that puts your card into monitor mode. Unlike most other applications for OS X, it is completely invisible and sends no probe requests.

2. psmon v1.0.0
by perlguy
Relevant URL:
http://psmon.perlguy.org.uk/
Platforms: UNIX
Summary:

psmon is a Perl script which can be run as a stand-alone program or a fully functional background daemon, capable of logging to syslog with customisable email notification facilities. The user defines a set of rules in an Apache-style plain text configuration file. These rules describe what processes should always be running on the system, and any limitations on concurrent instances, TTL, and maximum CPU/memory usage of processes. psmon scans the UNIX process table and, using the set of rules defined in the configuration file, will respawn any dead processes, and slay or "deal with" any aggressive or illegal processes.

3. eXtended Allow - Deny list for PAM v0.4 by Adrian Ber beradrian@yahoo.com
Relevant URL:
http://www.geocities.com/beradrian/soft/xad/index.html Platforms: Linux, POSIX
Summary:

XAD is a very easy to configure PAM module. Through a very easy language you can allow/deny access to users.

4. C-Kermit v8.0.208
by Frank da Cruz
Relevant URL:
http://www.columbia.edu/kermit/ckermit.html Platforms: AIX, FreeBSD, HP-UX, Linux, MacOS, NetBSD, OpenBSD, SCO, Solaris, SunOS
Summary:

C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. trafcalc v1.0
by cyberny
Relevant URL:
http://trafcalc.sourceforge.net/
Platforms: Linux, POSIX
Summary:

Trafcalc calculates the size of the TCP-payload on a system via packet capturing and connection tracking at the user level instead of the IP level.

6. Ish v1.5.1
by Niels Möller
Relevant URL:
http://www.lysator.liu.se/~nisse/lsh/
Platforms: POSIX
Summary:

Ish is a GNU GPL-licensed implementation of the SSH (version 2) protocol. It includes a server, a client, and some utility programs.

V. SECURITY JOBS SUMMARY

1. Looking for Disaster Recovery Analyst for Los Angeles CA (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/314955

2. Any hints for Australia? (Thread)
Relevant URL:

http://online.securityfocus.com/archive/77/314961

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other