SecurityFocus Newsletter #190

SecurityFocus Newsletter #190

This Issue is Sponsored by: CipherTrust

CHOKING ON SPAM? Stop spam! -- Learn the TOP 10 Techniques To Control Spam.

Reclaim your mail server(s).  PROTECT YOUR EMAIL SYSTEM against spam and other threats before they reach the mail infrastructure.  White Paper shows you how!

http://www.ciphertrust.com/article/securityfocus_0331_01.htm

I. FRONT AND CENTER

1. Incident Response Tools For Unix, Part One: System Tools
2. Virus Hoaxes and the Real Dangers They Pose
3. Too Cool For Secure Code
4. Uncle Roger's Folly
5. SecurityFocus DPP Program II. BUGTRAQ SUMMARY
6. Check Point FW-1 Syslog Daemon Unfiltered Escape Sequence...
7. Mozilla Bonsai Parameters Page Unauthenticated Access Weakness
8. Mozilla Bonsai Remote Command Execution Vulnerability
9. eDonkey Clients Multiple Chat Dialog Resource Consumption...
10. Netgear ProSafe VPN Firewall Web Interface Login Denial Of...
11. Planetmoon Guestbook Clear Text Password Retrieval Vulnerability
12. ProtWare HTML Guardian Encryption Weakness
13. Simple Chat User Information Disclosure Vulnerability
14. PHPNuke Banners.PHP Banner Manager Password Disclosure...
15. Advanced Poll Remote Information Disclosure Vulnerability
16. PHPNuke News Module Article.PHP SQL Injection Vulnerability
17. PHPNuke News Module Index.PHP SQL Injection Vulnerability
18. Adobe Acrobat Plug-In Forged Digital Signature Vulnerability
19. 3Com SuperStack II RAS 1500 Malicious IP Header Denial of...
20. 3Com SuperStack II RAS 1500 Unauthorized Access Vulnerability
21. PAFileDB PAFileDB.PHP SQL Injection Vulnerability
22. PHP socket_iovec_alloc() Integer Overflow Vulnerability
23. Emule Empty Nickname Chat Request Denial Of Service...
24. Web Chat Manager HTML Code Injection Vulnerability
25. VChat Message Disclosure Vulnerability
26. VChat Long Message Denial Of Service Vulnerability
27. PHPNuke Viewpage.PHP File Disclosure Vulnerability
28. Joel Palmius Mod_Survey Data Injection Vulnerability
29. PHPNuke Forum Module Viewtopic.php SQL Injection Vulnerability
30. PHPNuke Forum Module Viewforum.PHP SQL Injection Vulnerability
31. Symantec Enterprise Firewall HTTP Pattern Matching Evasion...
32. PHP socket_recv() Signed Integer Memory Corruption Vulnerability
33. PHP socket_recvfrom() Signed Integer Memory Corruption...
34. PHP emalloc() Unspecified Integer Overflow Memory Corruption... III. SECURITYFOCUS NEWS ARTICLES
35. FBI seeks Internet telephony surveillance
36. States Seen As Lax on Database Security
37. Wartime Internet Security Is 'Business as Usual'
38. Hackers replace Al-Jazeera Web site with American flag IV. SECURITYFOCUS TOP 6 TOOLS
39. Web of Trust Statistics and Pathfinder v0.5
40. FTimes v3.2.1
41. Glub Tech Secure FTP v2.0.3
42. screen-scraper v0.8.6b
43. qmail-masq v0.6
44. ShoStats v1.1.1
45. SECURITYJOBS LIST SUMMARY
46. Senior Software/Security Engineer (White Hat Hacker) Redwood...
47. Security Infrastructure/ Architect needed in Northern, VA...
48. AEs and SEs needed in DC and Chicago (Thread)
49. Senior Software/Security Engineer (Redwood City, California)...
50. U.S. Navy Network Analyst with Focas on Security - looking for...
51. V.P of Engineering needed for netForensics (Thread)
52. Computer Forensics Investigation Manager, Hamburg, Germany...
53. Information Security Analyst (Thread)
54. Tivoli Access Manager Expert needed for contract in Florida...
55. IT Auditor: Atlanta, GA (Thread)
56. Pre-Sales Enterprise Management/Security Consultant for...
57. Sunny Florida - Software Security Architect (Thread)
58. Senior Fraud Investigation Consultant, London UK (Thread)
59. IT Auditor - Perm Post in Toronto w/ Travel (Thread)
60. Sr. Security Compliance and Reporting Consultant - Cleveland...
61. Information Security Manager - Cleveland, Ohio (Thread)
62. Resume to work as Network Security Analyst (Brazil) (Thread)
63. 20 Year Global Veteran Seeks Leadership Role (Thread)
64. Administrator skilled in Tivoli Access Manager (Thread)
65. Risk Assessment Professional - 1yr contract in Chicago (Thread)
66. Secure Network Operations, Inc. Seeking Sales Rep (Thread)
67. Business Development Manager - New York, NY (Thread)
68. Business Practice, Business Development Manager-UK (Thread)
69. Sr Security Engineer (Thread)
70. PKI Systems Engineer San Antonio Texas (Thread)
71. Intermediate-Senior Security Consultant, Southern California...
72. Bloomington, IL Unix Security Analyst opportunity (Thread)
73. IT Security Lead Consultant, London, UK (Thread) VI. INCIDENTS LIST SUMMARY
74. SecurityFocus Article Announcement: Incident Response Tools...
75. strange DNS behavior over the last 2 days (Thread)
76. FTimes 3.2.1 Release (Includes Dig, HashDig, and Map Tools)...
77. Dead Thread: California State Bill SB1386 (Thread)
78. [Fwd: FW: California State Bill SB1386] (Thread)
79. California State Bill SB1386 (Thread)
80. AW: Chinese source: some web attack tool (Thread)
81. Trojan attacking our switches (Thread)
82. Chinese source: some web attack tool (Thread) VII. VULN-DEV RESEARCH LIST SUMMARY
83. TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit...
84. Entercept - detection of return-to-libc (Thread)
85. Automatic discovery of shellcode address (Thread)
86. Backup Agents (Thread)
87. ptrace in linux kernel (Thread)
88. Article Announcement: Why the Dogs of Cyberwar Stay Leashed...
89. library/executable image (Thread)
90. Detecting abnormal behaviour (Thread)
91. NSLOOKUP.EXE (Thread)
92. Vulnerability (critical): Digital signature for Adobe...
93. mpg123 segfault (Thread)
94. RES: NSLOOKUP.EXE (Thread)
95. DEF CON Announcement: CFP, Media now on line! (Thread) VIII. MICROSOFT FOCUS LIST SUMMARY
96. USB Tokens (Thread)
97. Expire accounts from Active Directory after a period of...
98. SMB Brute Force (Thread)
99. MS03-007 Round-up (Thread)
100. SecurityFocus Microsoft Newsletter #130 (Thread)
101. Article Announcement: Why the Dogs of Cyberwar Stay Leashed...
102. Anyone have hard evidence of problems with Windows Automatic...
103. Anyone have hard evidence of problems with WindowsAutomatic...
104. Anyone have hard evidence of problems with Windows Automatic...
105. Anyone have hard evidence of problems with Windows Automatic... IX. SUN FOCUS LIST SUMMARY
106. SecurityFocus Article Announcement (Thread)
107. Better Syslog server (Thread)
108. PAM authentication problem (Thread)
109. LINUX FOCUS LIST SUMMARY
110. SecurityFocus Article Announcement (Thread)
111. Live Upgrade for Linux (Thread)
112. Seeing who has su-ed (Thread)
113. latest ptrace hole patch? (Thread)
114. How to custom sulog? (Thread) XI. SPONSOR INFORMATION
115. FRONT AND CENTER

     ---

116. Incident Response Tools For Unix, Part One: System Tools By Holt Sorenson

This article is the first in a three-part series on tools that are useful during incident response and investigation after a compromise has occurred on a OpenBSD, Linux, or Solaris system. This installment will focus on system tools, the second part will discuss file-system tools, and the concluding article will look at network tools.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/infocus/1679

2. Virus Hoaxes and the Real Dangers They Pose by Scott Granneman

Jerry Bryan immediately knew there was something wrong at his church. He knew it the second he opened up the email from the pastor. As a highly respected member of his church and a known technophile, Jerry was often consulted by the pastor concerning technical matters. In this case, however, the pastor was passing along a serious warning.

http://www.securityfocus.com/infocus/1678

3. Too Cool For Secure Code
By Jon Lasser

Until Unix and Linux programmers get over their macho love for low-level programming languages, the security holes will continue to flow freely.

http://www.securityfocus.com/columnists/150

4. Uncle Roger's Folly
By George Smith

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The Ganda virus shows why the Internet isn't the best source for reliable war news, and malicious code isn't a good medium for anything.

http://www.securityfocus.com/columnists/151

5. SecurityFocus DPP Program

Attention Universities!! Sign-up now for preferred pricing on the only global early-warning system for cyber attacks - SecurityFocus DeepSight Threat Management System.

Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml

II. BUGTRAQ SUMMARY

1. Check Point FW-1 Syslog Daemon Unfiltered Escape Sequence Vulnerability BugTraq ID: 7161 Remote: Yes Date Published: Mar 21 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7161 Summary:

Check Point Firewall-1 is a popular firewall package available from Checkpoint Software Technologies.

An issue has been discovered in Check Point FW-1 syslog daemon when attempting to process a malicious, remotely supplied, syslog message. Specifically, the syslog service does not properly filter out messages that include escape sequences.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This issue may be exploitable by a remote attacker to cause the Check Point syslog service to behave in an unpredictable manner. As well, exploitation of this vulnerability will result in a remote attacker being able to arbitrarily add syslog entries. This will ensure that any Check Point syslog entries on the firewall host would be suspect.

It should be noted that this issue exists only when an administrator attempts to view Check Point syslog messages via the console.

The technical details regarding this issue are currently unknown. This BID will be updated when further information becomes available.

2. Mozilla Bonsai Parameters Page Unauthenticated Access Weakness BugTraq ID: 7163
Remote: Yes
Date Published: Mar 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7163
Summary:

Mozilla Bonsai is a tool that allows a user to perform queries on the contents of a CVS archive.

A weakness has been reported for Bonsai that may allow remote attackers to obtain unauthorized access to the parameters page. This page is accessed through the editparams.cgi.

The parameters page is used by Bonsai to set several options for the tool. Users by default are able to view this page but are unable to change any parameters unless a password is entered.

Any information obtained in this manner may be used by an attacker to launch further attacks against a system using Bonsai.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability has been reported for Mozilla Bonsai 1.3 (including all current and CVS versions).

3. Mozilla Bonsai Remote Command Execution Vulnerability BugTraq ID: 7162
Remote: Yes
Date Published: Mar 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7162
Summary:

Mozilla Bonsai is a tool that allows a user to perform queries on the contents of a CVS archive.

A vulnerability has been discovered in Mozilla Bonsai. This issue is reported to affect all current and CVS versions of the utility.

Exploitation of this issue may allow an attacker to remotely execute arbitrary commands with 'www-data' privileges.

The details regarding this vulnerability are currently unknown. This BID will be updated as further information becomes available.

4. eDonkey Clients Multiple Chat Dialog Resource Consumption Vulnerability BugTraq ID: 7164
Remote: Yes
Date Published: Mar 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7164
Summary:

eDonkey 2000 is a peer to peer file sharing network. It is similar to KaZaa and Morpheus. Clients of eDonkey 2000 are built for Windows, Mac and Linux operating systems.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A vulnerability has been reported for eDonkey clients for Windows that will result in a denial of service condition.

The vulnerability occurs when numerous chat dialog boxes are opened by the eDonkey or Overnet clients. Every open chat dialog box will consume a small amount of memory and CPU cycles.

An attacker can exploit this vulnerability by connecting to a vulnerable eDonkey user and issuing numerous chat requests. This will cause the victim user's system to consume all available memory and CPU cycles thus resulting in a denial of service condition.

This vulnerability was reported for eDonkey and Overnet clients prior to 0.46.

5. Netgear ProSafe VPN Firewall Web Interface Login Denial Of Service Vulnerability BugTraq ID: 7166
Remote: Yes
Date Published: Mar 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7166
Summary:

The ProSafe VPN Firewall is a home and small office firewall and virtual private network device distributed by Netgear.

A problem with the device could make it possible for a remote user to deny service.

It has been reported that some ProSafe VPN Firewall devices do not properly handle some types of input. Because of this, a remote user could potentially send malicious input to the device that would result in a crash, and potential denial of service.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The problem is in the handling of authentication information of excessive length. When a user passes both a username and password to the web administration interface of the device, the system can be caused to crash.

It is likely that this issue is a memory corruption vulnerability, and potentially an exploitable boundary condition error. There is no confirmation of this. However, if this issue does prove to be an exploitable boundary condition error, an attacker could potentially execute arbitrary code on the vulnerable device with the privileges of the web interface.

It should also be noted that this vulnerability is likely only exploitable via the internal interface of the device, though this also is not confirmed.

6. Planetmoon Guestbook Clear Text Password Retrieval Vulnerability BugTraq ID: 7167
Remote: Yes
Date Published: Mar 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7167
Summary:

A vulnerability has been reported in Planetmoon Guestbook. It has been reported that remote users may be able to retrieve clear text password lists. The file can be obtained by making a request for the 'passwd.txt' file located in the 'files' directory.

Access to this data may allow an attacker to carry out further attacks against a target user.

7. ProtWare HTML Guardian Encryption Weakness BugTraq ID: 7169
Remote: Yes
Date Published: Mar 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7169
Summary:

ProtWare HTML Guardian is an application designed to encrypt sensitive HTML and script code. It's functionality also includes image protection and various other web based security procedures. It is available for the Microsoft Windows operating system.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A weakness has been reported in the encryption scheme used by ProtWare HTML Guardian.

Specifically, the encryption scheme merely obfuscates data using a simple bit shifting technique. This may make it trivial for attackers to reverse the protected data. As an example, supplying HTML Guardian with "abcdefgh" will return "acegbdfh" as the encrypted text.

Administrators may be relying on a false sense of security by implementing the protection supplied by HTML Guardian.

Although it has not been confirmed, it is possible that this issue affects the latest release of HTML Guardian. Earlier versions may also be affected.

8. Simple Chat User Information Disclosure Vulnerability BugTraq ID: 7168
Remote: Yes
Date Published: Mar 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7168
Summary:

Simple Chat! is a freely available, open source chat board written in PHP.

A problem with the script could make it possible for a remote user to gain access to sensitive information.

Simple Chat! does not restrict access to sensitive information by default. An attacker could use this information to launch attacks against other users.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The problem is in the configuration of the data directory. A remote user can gain access to the directory via the web, which may reveal sensitive details about chat users.

9. PHPNuke Banners.PHP Banner Manager Password Disclosure Vulnerability BugTraq ID: 7170
Remote: Yes
Date Published: Mar 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7170
Summary:

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

A problem with the software could allow a remote user to gain access to sensitive information.

It has been reported that an input validation error exists in the banners.php file included with PHPNuke. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to manipulate the database, and potentially access sensitive information, then download it via the web.

This problem requires that the configuration variable magic_quotes_gpc be turned off. Once this has been done, an attacker can inject limited SQL statements into the database through the banners.php file. Doing so permits the attacker to gain access to credentials for the banner manager.

1. Advanced Poll Remote Information Disclosure Vulnerability BugTraq ID: 7171 Remote: Yes Date Published: Mar 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7171 Summary:

Advanced Poll is a freely available, open source PHP script. It is available for the UNIX, Linux, and Microsoft Operating Systems.

A problem with the program could reveal sensitive information.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported that an information disclosure vulnerability exists in Advanced Poll. Because of this, a remote user to potentially access privileged information that could lead to further attack against the host and it's users.

The problem is in the default installation. By installing the program according to specifications, it is possible for a remote user to traverse the installation directory, and potentially gain access to sensitive information about the Advanced Poll implementation.

1. PHPNuke News Module Article.PHP SQL Injection Vulnerability BugTraq ID: 7172 Remote: Yes Date Published: Mar 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7172 Summary:

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

A problem with the software could allow a remote user to change user credentials.

It has been reported that an input validation error exists in the article.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to manipulate the database, and gain unauthorized access to user accounts.

This problem requires that the configuration variable magic_quotes_gpc be turned off. Once this has been done, an attacker can inject limited SQL statements into the database through the article.php file. Doing so permits the attacker to submit information into the nuke_users table which could be used to gain unauthorized access to the PHPNuke board.

An attacker could use this attack to modify a user's password or user level.

1. PHPNuke News Module Index.PHP SQL Injection Vulnerability BugTraq ID: 7173 Remote: Yes Date Published: Mar 23 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7173 Summary:

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A problem with the software could allow a remote user to change article information.

It has been reported that an input validation error exists in the index.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to manipulate the database and alter information on articles posted on the site.

This problem requires that the configuration variable magic_quotes_gpc be turned off, although it may also be present with limited impact when the variable is turned on. Once this has been done, an attacker can inject limited SQL statements into the database through the index.php file. Doing so permits the attacker to submit information into the nuke_stories table, which could be used to alter the title, intro, article, and author information.

1. Adobe Acrobat Plug-In Forged Digital Signature Vulnerability BugTraq ID: 7174 Remote: No Date Published: Mar 24 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7174 Summary:

Adobe Acrobat and Acrobat Reader are applications that allow .pdf documents to be viewed.

Both Acrobat and Acrobat Reader allow the installation of various plug-in modules to extend functionality. Plug-ins can only be loaded if they are signed with the "Reader Integration Key", or, in some cases, only if they are certified as trusted. In order to be certified as trusted, the plug-in must be signed by Adobe.

The certificate validating algorithm used by Acrobat only verifies information contained within the portable executable header of the plug-in. This could allow changes to be made to the plug-in that do not affect the PE header to retain a valid signature.

This could allow blocks of code within the plug-in to be modified to perform malicious actions, or the plug-in could be modified to call another untrusted plug-in and pass control to it.

1. 3Com SuperStack II RAS 1500 Malicious IP Header Denial of Service Vulnerability BugTraq ID: 7175 Remote: Yes Date Published: Mar 24 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7175 Summary:

3com SuperStack II Remote Access System (RAS) 1500 is a routing device designed to service dialup users.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported that RAS 1500 routers are prone to a vulnerability that may cause a denial of service. The problem occurs when processing packets with malformed IP headers. Specifically, an IP header with a 'len' field of 0 may crash an affected device, causing it to reboot.

An attacker effectively denying service to legitimate users of the device could exploit this vulnerability.

1. 3Com SuperStack II RAS 1500 Unauthorized Access Vulnerability BugTraq ID: 7176 Remote: Yes Date Published: Mar 24 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7176 Summary:

3com SuperStack II Remote Access System (RAS) 1500 is a routing device designed to service dialup users.

A vulnerability has been reported in 3Com RAS 1500 router that may allow attackers to access sensitive data. Specifically, RAS 1500 devices do not carry out sufficient authentication of users requesting files via the web interface.

Successful exploitation of this vulnerability may allow an attacker to obtain sensitive configuration files. Access to this information may make it possible for an attacker to carry out further attacks on a target system or device.

1. PAFileDB PAFileDB.PHP SQL Injection Vulnerability BugTraq ID: 7183 Remote: Yes Date Published: Mar 24 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7183 Summary:

PHP Arena paFileDB is a web-based application implemented using PHP and designed to allow webmasters to have a database of files for download on their site.

PHP Arenas' paFileDB has been reported prone to an SQL injection vulnerability.

This vulnerability is reportedly caused by a lack of sufficient sanitization of user-supplied data contained in URI parameters supplied to paFileDB. Specifically an attacker may inject SQL database commands by embedding malicious SQL commands within either the 'id' or 'rating' URI parameters, supplied to the paFileDB.php script.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Successful exploitation may allow for modification of the structure of SQL queries, resulting in information disclosure, or database corruption. The consequences depend on the nature of specific queries. This issue may allow the attacker to exploit latent vulnerabilities in the underlying database.

1. PHP socket_iovec_alloc() Integer Overflow Vulnerability BugTraq ID: 7187 Remote: No Date Published: Mar 25 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7187 Summary:

PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems.

A vulnerability has been reported in PHP version 4.3.1 and earlier. The problem occurs in the socket_iovec_alloc() and may allow an attacker to corrupt memory.

The affected function fails to carry out sanity checks on values passed as the 'sockets' argument. As a result, an attacker capable of passing a large integer as an argument, causing an integer used in a later calculation to overflow.

If this integer overflows and is later used for memory allocation or data writing, the procedure could occur at an unanticipated location. This could be exploited to corrupt sensitive locations in process memory.

This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.

It should be noted that socket functionality is only included in PHP if compiled with the "--enable-sockets" option.

1. Emule Empty Nickname Chat Request Denial Of Service Vulnerability BugTraq ID: 7189 Remote: Yes Date Published: Mar 25 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7189 Summary:

Emule is a freely available open source peer-to-peer file sharing application. Emule uses the eDonkey file sharing protocol.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A denial of service vulnerability has been reported for Emule. The vulnerability occurs when a Emule client recieves a chat request without a nickname. This will cause the vulnerable Emule client to crash when it attempts to reference a NULL nickname.

This vulnerability was reported for Emule clients prior to 0.27c.

1. Web Chat Manager HTML Code Injection Vulnerability BugTraq ID: 7190 Remote: Yes Date Published: Mar 25 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7190 Summary:

The PHP Web Chat Manager is a web-based chat system implemented in PHP.

It has been reported that Web Chat Manager is prone to HTML injection attacks. This problem occurs due to insufficient sanitization of user-supplied input.

An attacker may inject HTML code using the 'email' form field or URI parameter of the Web Chat Manager user registration page 'register.php'.

The HTML code will get executed whenever a page containing the malicious e-mail address is displayed. Specifically when the user profile is viewed
'profile.php', or when password retrieval is attempted 'login.php'. When
another user views one of these pages, the attacker-supplied code will be interpreted in their web browser in the security context of the site hosting the software.

It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks are also possible.

This vulnerability was reported for Web Chat 2.0. It is not known whether other versions are affected.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

20. VChat Message Disclosure Vulnerability BugTraq ID: 7186
Remote: Yes
Date Published: Mar 23 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7186
Summary:

VChat is a web-based chat system. It is implemented in PHP.

VChat fails to protect chat session logs from being disclosed to remote users. A remote web-based attacker may request the chat session logs, which are stored in an ordinary text file in a web-accessible directory in the default installation.

This could lead to disclosure of private or confidential information contained in chat session logs.

21. VChat Long Message Denial Of Service Vulnerability BugTraq ID: 7188
Remote: Yes
Date Published: Mar 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7188
Summary:

VChat is a web-based chat system. It is implemented in PHP.

VChat will fail to reload if a message of 326 kilobytes or more is sent. This may be exploited to deny availability of the chat service to chat users. The message will be logged to 'msg.txt', and if it is too large, VChat will not be able to reload the chat window.

22. PHPNuke Viewpage.PHP File Disclosure Vulnerability BugTraq ID: 7191
Remote: Yes
Date Published: Mar 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7191
Summary:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

PHPNuke has been reported prone to a file disclosure vulnerability.

It has been reported that PHPNuke may disclose arbitrary web server readable files if the requested file is supplied as the 'file' URI parameter to the 'viewpage.php' script.

This may allow an attacker to obtain sensitive system information which may aid in launching future attacks.

It should be noted that this issue reportedly affects PHPNuke version 6.5 when running a specific configuration, however other versions may also be affected.

23. Joel Palmius Mod_Survey Data Injection Vulnerability BugTraq ID: 7192
Remote: Yes
Date Published: Mar 23 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7192
Summary:

Mod_Survey is a mod_perl module for Apache which allows web users to create online questionaires. It is maintained by Joel Palmius and will run on Linux and Unix variants as well as Microsoft Windows.

Mod_Survey does not sufficiently sanitize data supplied via ENV tags. ENV tags are a feature included with Mod_Survey to import values supplied from environment variables into the data repository.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported by the vendor that this may allow for injection of malicious data, including delimiter characters, into the data repository. Exploitation may allow for manipulation of environment variables or the possibility of executing database commands through injection of SQL syntax. Other attacks may also be possible.

This is only an issue with surveys that use ENV tags. This issues occurs with ENV tags which import data from environment variables that may be potentially specified or influenced by a remote user (such as
'HTTP_USER_AGENT').
The consequences of exploitation could depend on the underlying database implementation and configuration or other factors.

24. PHPNuke Forum Module Viewtopic.php SQL Injection Vulnerability BugTraq ID: 7193
Remote: Yes
Date Published: Mar 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7193
Summary:

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

A problem with PHPNuke could allow a remote user to change article information.

It has been reported that an input validation error exists in the
'viewtopic.php' file included with PHPNuke as part of the Forum module.
Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to inject SQL commands and queries into the SQL database used by PHPNuke.

Successful exploitation may allow for modification of the structure of SQL queries, resulting in information disclosure, or database corruption. The consequences depend on the nature of specific queries. This issue may allow the attacker to exploit latent vulnerabilities in the underlying database.

25. PHPNuke Forum Module Viewforum.PHP SQL Injection Vulnerability BugTraq ID: 7194
Remote: Yes
Date Published: Mar 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7194
Summary:

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

A problem with PHPNuke could allow a remote user to change article information.

It has been reported that an input validation error exists in the
'viewforum.php' file included with PHPNuke as part of the Forum module.
Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to inject SQL commands and queries into the SQL database used by PHPNuke.

Successful exploitation may allow for modification of the structure of SQL queries, resulting in information disclosure, or database corruption. The consequences depend on the nature of specific queries. This issue may allow the attacker to exploit latent vulnerabilities in the underlying database.

26. Symantec Enterprise Firewall HTTP Pattern Matching Evasion Weakness BugTraq ID: 7196
Remote: Yes
Date Published: Mar 26 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7196
Summary:

Raptor Firewall is an enterprise level firewall originally developed by Axent Technologies and is maintained and distributed by Symantec. Symantec Enterprise Firewall is formerly known as Raptor firewall. It is available for Microsoft Windows and Unix operating systems.

The Symantec Enterprise Firewall allows the blocking of HTTP requests with URLs containing certain patterns. When a user inside the network protected by the Enterprise Firewall makes an HTTP request containing a pattern matching a 'urlpattern' rule, it will be blocked and the user will receive a "403 Forbidden" error.

An internal user can bypass the URL pattern blocking by simply encoding the blocked pattern using escaped characters, Unicode, or UTF-8 encoding. Thus an HTTP request that normally would have been blocked by the Enterprise Firewall's pattern blocking will pass through successfully.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

27. PHP socket_recv() Signed Integer Memory Corruption Vulnerability BugTraq ID: 7197
Remote: No
Date Published: Mar 26 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7197
Summary:

PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems.

A vulnerability has been reported in PHP version 4.3.1 and earlier. The problem occurs in the socket_recv() and may allow an attacker to corrupt memory.

The affected function fails to carry out sanity checks on values passed as the 'len' argument. As a result, an attacker capable of passing a negative integer as an argument, causing an integer used in a later calculation to overflow.

If this integer overflows and is later used for memory allocation or data writing, the procedure could occur at an unanticipated location. This could be exploited to corrupt sensitive locations in process memory.

This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.

It should be noted that socket functionality is only included in PHP if compiled with the "--enable-sockets" option.

28. PHP socket_recvfrom() Signed Integer Memory Corruption Vulnerability BugTraq ID: 7198
Remote: No
Date Published: Mar 26 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7198
Summary:

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems.

A vulnerability has been reported in PHP version 4.3.1 and earlier. The problem occurs in the socket_recvfrom() and may allow an attacker to corrupt memory.

The affected function fails to carry out sanity checks on values passed as the 'len' argument. As a result, an attacker capable of passing a negative integer as an argument, causing an integer used in a later calculation to overflow.

If this integer overflows and is later used for memory allocation or data writing, the procedure could occur at an unanticipated location. This could be exploited to corrupt sensitive locations in process memory.

This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.

It should be noted that socket functionality is only included in PHP if compiled with the "--enable-sockets" option.

29. PHP emalloc() Unspecified Integer Overflow Memory Corruption Vulnerability BugTraq ID: 7199
Remote: No
Date Published: Mar 26 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7199
Summary:

PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A vulnerability has been reported in PHP version 4.3.1 and earlier. The problem occurs in the emalloc() function and may allow an attacker to corrupt memory.

The affected function reportedly fails to ensure that proper boundary checks are performed on values supplied by a malicious user. This may result in an integer overflow when emalloc() attempts to allocate memory.

This may make it possible for an attacker to trigger a condition which could cause the PHP interpreter to crash.

Further details of this vulnerability are currently unknown. This BID will be updated as more information becomes available.

III. SECURITYFOCUS NEWS AND COMMENTARY

1. FBI seeks Internet telephony surveillance By Kevin Poulsen

The Justice Department and the FBI ask regulators for expanded technical capabilities to intercept Voice Over IP communications... and anything else that uses broadband.

http://www.securityfocus.com/news/3466

2. States Seen As Lax on Database Security By Jonathan Krim, Washington Post

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An overwhelming majority of states have failed to require insurance companies to protect their computerized data from hacking and other attacks, according to a study that raises questions about how aggressively states are tackling cybersecurity overall.

http://www.securityfocus.com/news/3512

3. Wartime Internet Security Is 'Business as Usual' By Robert MacMillan, Washington Post

Federal officials last week warned that the Iraq war may prompt hackers to attack data systems and critical networks. But for the most part, Internet security firms aren't changing their standard procedures to accommodate the higher threat level -- because for them, vigilance is par for the course.

http://www.securityfocus.com/news/3511

4. Hackers replace Al-Jazeera Web site with American flag By Ted Bridis, The Associated Press

Hackers on Thursday replaced the English-language Web site for Arab satellite television network Al-Jazeera with a U.S. flag and the message "Let Freedom Ring."

http://www.securityfocus.com/news/3487

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

IV. SECURITYFOCUS TOP 6 TOOLS

1. Web of Trust Statistics and Pathfinder v0.5 by Jörgen Cederlöf Relevant URL: http://www.lysator.liu.se/~jc/wotsap/ Platforms: Python Summary:

Web of Trust Statistics and Pathfinder (Wotsap) is a program for graphing all the shortest paths between two keys in the OpenPGP Web of Trust. These paths can be presented as text or as PNG images. Additionally, it can generate statistics about keys and the whole strongly-connected set.

2. FTimes v3.2.1
by Klayton Monroe
Relevant URL:
http://ftimes.sourceforge.net/FTimes/
Platforms: AIX, FreeBSD, Linux, MacOS, POSIX, Solaris, SunOS, Windows 2000, Windows NT
Summary:

FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop information about specified directories and files in a manner conducive to intrusion analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.

3. Glub Tech Secure FTP v2.0.3
by glub
Relevant URL:
http://secureftp.glub.com
Platforms: MacOS, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:

Glub Tech Secure FTP is a command-line utility that allows FTP connections to be made using SSL.

4. screen-scraper v0.8.6b
by ekiwi
Relevant URL:
http://www.screen-scraper.com/screen-scraper/ Platforms: Os Independent
Summary:

screen-scraper is a tool for extracting data from Web sites. It consists of a proxy server that allows the contents of HTTP and HTTPS requests to be viewed, and an engine that can be configured to extract information from Web sites using special patterns and regular expressions. It handes authentication, redirects, and cookies, and contains an embedded scripting engine that allows extracted data to be manipulated, written out to a file, or inserted into a database. It can be used with PHP, Java, or any COM-friendly language such as Visual Basic or Active Server Pages.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. qmail-masq v0.6
by Davide Giunchi
Relevant URL:
http://www.folug.linux.it/qmail-masq.html Platforms: UNIX
Summary:

qmail-masq is a Perl program that works with qmail. It masquerades the internal mail user's address as an external one when sending email from local users to the outside world.

6. ShoStats v1.1.1
by yikiru
Relevant URL:
http://www.gnodde.org/projects/shostats.php Platforms: Linux, OpenBSD, POSIX
Summary:

ShoStats is a reimplementation of phpSysInfo in Perl, useful for running from crontab and outputting the stats to a PHP include file, which can then be displayed on a hosting account. It is also more modular and configurable, including modules to support both Linux and OpenBSD, an output module for PHP include files, and transfer modules for output to stdout (which can be redirected or piped) and uploading to an FTP server.

V. SECURITY JOBS SUMMARY

1. Senior Software/Security Engineer (White Hat Hacker) Redwood City, California (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/316570

2. Security Infrastructure/ Architect needed in Northern, VA (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/316569

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. AEs and SEs needed in DC and Chicago (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/316548

4. Senior Software/Security Engineer (Redwood City, California) (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/316544

5. U.S. Navy Network Analyst with Focas on Security - looking for full time position. (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/316543

6. V.P of Engineering needed for netForensics (Thread) Relevant URL:

http://online.securityfocus.com/archive/77/3165