SecurityFocus Newsletter #193

SecurityFocus Newsletter #193

This Issue is Sponsored By: SpiDynamics

ALERT: Test and assess your Web Applications –FREE! Hackers are exploiting web apps with attacks such as; SQL Injection, XSS and Session Hijacking, all undetectable by Firewalls and IDS! Are you vulnerable? Run a FREE Test of your Web Apps via our FREE 15 Day Product Trial that delivers a comprehensive Vulnerability Report.

http://www.securityfocus.com/SPIDynamics-sf-news

I. FRONT AND CENTER

1. Statistical-Based Intrusion Detection
2. On Cures That Are Worse than the Disease
3. SecurityFocus DPP Program II. BUGTRAQ SUMMARY
4. Oracle E-Business Suite RRA/FNDFS Arbitrary File Disclosure...
5. SmartMax MailMax Password Field Buffer Overflow DOS...
6. SmartMax MailMax Undisclosed Buffer Overflow Vulnerability
7. Ocean12 ASP Guestbook Manager Information Disclosure Vulnerability
8. Microsoft Windows Active Directory Policy Bypass Vulnerability
9. Ocean12 ASP Guestbook Manager Code Injection Vulnerability
10. WebGUI HTTPProxy Denial Of Service Vulnerability
11. BitchX Trojan Horse Vulnerability
12. LPRng PSBanner Insecure Temporary File Creation Vulnerability
13. SheerDNS Information Disclosure Vulnerability
14. SheerDNS CNAME Buffer Overflow Vulnerability
15. GS-Common PS2Epsi Insecure Temporary File Vulnerability
16. FipsGuestbook New_Entry.ASP HTML Injection Vulnerability
17. InstaBoard Index.CFM SQL Injection Vulnerability
18. ActivCard Gold Cached Static Password Vulnerability
19. Web Wiz Site News Information Disclosure Vulnerability
20. IBM FTP Daemon Kerberos 5 Unspecified Administrative Access...
21. EZ Publish site.ini Information Disclosure Vulnerability
22. EZ Publish Multiple Cross Site Scripting Vulnerabilities
23. EZ Publish Multiple Path Disclosure Vulnerabilities
24. GTKHTML Malformed HTML Document Denial Of Service Vulnerability
25. Progress Database BINPATHX Environment Variable Buffer...
26. OSCommerce Product_Info.PHP Denial Of Service Vulnerability
27. Xoops Glossary Module Cross Site Scripting Vulnerability
28. 12Planet Chat Server Error Message Installation Path...
29. 12Planet Chat Server Administration Page Clear Text...
30. Python Documentation Server Error Page Cross-Site Scripting...
31. OSCommerce Authentication Bypass Vulnerability
32. Microsoft Windows EngTextOut Non-ASCII Character Denial Of...
33. Netcomm NB1300 Modem/Router Weak Default Configuration...
34. IkonBoard Lang Cookie Arbitrary Command Execution Vulnerability
35. Ashley Brown iWeb Server Directory Traversal Vulnerability
36. Mozilla Browser Cross Domain Violation Vulnerability
37. Novell Groupwise Mail Transport Agent Unspecified DOS...
38. Novell GroupWise WebAccess Information Disclosure Vulnerability III. SECURITYFOCUS NEWS ARTICLES
39. Use a Honeypot, Go to Prison?
40. Debate: Should You Hire a Hacker?
41. 'Super-DMCA' fears suppress security research
42. Security Agency Selects Privacy Watchdog IV. SECURITYFOCUS TOP 6 TOOLS
43. Iptables made easy v1.0
44. Amrita VPN v0.90 beta 2
45. Crypt Blowfish v0.4.5
46. Nast v0.1.7
47. LKL v0.0.2
48. DSPAM v2.0
49. SECURITYJOBS LIST SUMMARY
50. Enterprise Security Architect for N. NJ-Repost (Thread)
51. Symantec Enterprise Security Manager needed in Detroit, MI...
52. Enterprise Security Architect for N. NJ (Thread)
53. Cisco ID (Thread)
54. Pix & Checkpoint (Thread)
55. F/T Enterprise Security Architect for N. NJ (Thread)
56. Security advisor position in Madrid (Spain) European Union...
57. Senior Security Engineer - Nashville, TN (Thread)
58. CISSP / CISA, Sr. Security Architect looking for opportunity...
59. Microsoft Opportunity - Sr IT Auditor - Redmond, WA (Thread)
60. Sales Engineer - Chicago (Thread)
61. Searching a full time position in Wireless/Wired Security...
62. Internet Security Specialist /Tech Support (Thread)
63. Sr. Software Engineer - Security Response - Dublin, Ireland...
64. Senior Manager, SAP Security & Integrity. (Midlands, UK) (Thread)
65. Sr. Security Engineer (Thread)
66. Security Consultant - AUSTRALIA ! (Thread)
67. Security Manager -Cleveland, Ohio (Thread)
68. Security Architect - Cleveland, Ohio (Thread)
69. Access Management Coordinator/ in DC metro area (Thread)
70. Applied Watch Technologies Seeking SQL Administrator (Thread)
71. Applied Watch Technologies Seeking Seasoned Java Developer...
72. CISSP CISA looking for a senior InfoSec Management...
73. Sales Engineers (Thread)
74. Bus Dev in DC (Thread)
75. Information Security Architect (Thread)
76. CLAS Registered Information Security Consultant, UK (Thread)
77. Security Positions open at IdahoPower (Thread)
78. Experienced Solaris Administrator Seeking a new opportunity...
79. Seeking security architect/ consultant position in Toronto... VI. INCIDENTS LIST SUMMARY
80. port 5168 (Thread)
81. Port 6666 Scans (Thread)
82. Trojan found... (Thread)
83. Logging of connects to port 6346 (Thread)
84. Port 17300 probes? (Thread)
85. Intresting problem concerning libresolv.so.2 (Thread)
86. New trojan? Old trojan with new characteristics? Anyoneseenthis?
87. Port 3366 activity (Thread)
88. New trojan? Old trojan with new characteristics? Anyone... VII. VULN-DEV RESEARCH LIST SUMMARY
89. exploit code targeting OpenSSL and Mod_SSL ? (Thread)
90. 65 Oracle security papers, articles and presentations (Thread)
91. POC Heap based buffer overflow (Thread) VIII. MICROSOFT FOCUS LIST SUMMARY
92. Does In-Place Upgrade of Microsoft Exchange Create Open...
93. interoperability of VPN checkpoint FW1 to ISA (Thread)
94. Does In-Place Upgrade of Microsoft Exchange Create Open Relays?...
95. user level access problems: from CD (Thread)
96. Updating Non-Internet Connected Windows Hosts (Thread)
97. SecurityFocus Microsoft Newsletter #133 (Thread)
98. How to generate a report of inactive domain user accounts (Thread)
99. checking server status (Thread)
100. Central software update (Thread)
101. Network Load balancing software (Thread) IX. SUN FOCUS LIST SUMMARY
102. SecurityFocus Article Announcement (Thread)
103. distributed ssh key management (Thread)
104. Solaris 9 sftp-server (Thread)
105. LINUX FOCUS LIST SUMMARY
106. about ptrace vuln and patch (Thread)
107. PAM.d Syntax for Radius Auth (Thread)
108. SecurityFocus Article Announcement (Thread) XI. SPONSOR INFORMATION
109. FRONT AND CENTER

     ---

110. Statistical-Based Intrusion Detection By Jamil Farshchi

This article will examine statistical-based intrusion detection systems, which alert on anomalous network behaviour, thus providing better monitoring for zero-day exploits than traditional IDS.

http://www.securityfocus.com/infocus/1686

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. On Cures That Are Worse than the Disease By George Smith

In which your columnist ponders the question, which is worst for the Internet: computer viruses, spam that advertises anti-virus products, or clueless anti-spam solutions.

http://www.securityfocus.com/columnists/155

3. SecurityFocus DPP Program

Attention Universities!! Sign-up now for preferred pricing on the only global early-warning system for cyber attacks - SecurityFocus DeepSight Threat Management System.

Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml

II. BUGTRAQ SUMMARY

1. Oracle E-Business Suite RRA/FNDFS Arbitrary File Disclosure Vulnerability BugTraq ID: 7325 Remote: Yes Date Published: Apr 11 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7325 Summary:

The Oracle RRA/FNDFS server is used in usual circumstances, by oracle utilities, to retrieve and extract report data from Concurrent Manager server. The RRA is the Report Review Agent and is also known as the FND File Server(FNDS).

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Oracle E-Business suite FNDFS server has been reported prone to an arbitrary file disclosure vulnerability.

A vulnerability has been discovered in the communication protocol that is used by the FNDFS server. It has been reported that this vulnerability may be exploited by an attacker to bypass system, database and application based authentication mechanisms to reveal the contents of arbitrary files located on the Concurrent Manager server. It should be noted that an attacker may only disclose files that are readable by the 'oracle' or
'applmgr' user accounts. Direct SQL*Net access to the Concurrent Manager
server is also required in order to successfully exploit this vulnerability.

Sensitive information obtained in this manner may be used in further attacks launched against the vulnerable system.

2. SmartMax MailMax Password Field Buffer Overflow Denial Of Service Vulnerability BugTraq ID: 7326
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7326
Summary:

Smartmax MailMax is an email server for Microsoft Windows operating systems.

A buffer overflow vulnerability has been reported for MailMax that may result in a a denial of service condition. The vulnerability exists when users attempt to login to the IMAP server using an overly long password. This will trigger the overflow condition and will result in the IMAP server crashing thereby resulting in a denial of service condition.

Restarting the affected service is required to restore normal functionality. Although unconfirmed, exploitation of this vulnerability may result in the execution of malicious attacker-supplied code.

This vulnerability was reported for MailMax 5.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. SmartMax MailMax Undisclosed Buffer Overflow Vulnerability BugTraq ID: 7327
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7327
Summary:

Smartmax MailMax is an email server for Microsoft Windows operating systems.

A buffer overflow vulnerability has been reported for MailMax. Further details of this vulnerability are currently unknown and this BID will be updated as more information becomes available.

This vulnerability may have similar consequences as the issue described in BID 7326. 4. Ocean12 ASP Guestbook Manager Information Disclosure Vulnerability BugTraq ID: 7328
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7328
Summary:

The Ocean12 ASP Guestbook Manager is a full featured Guestbook Program. It is written entirely in ASP/VBScript, and utilizes an Access database for data storing.

Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability.

An attacker may make a request for and download the underlying Access database file 'o12guest.mdb' that is located in the 'guestbook/admin/' folder and is used by the Guestbook Manager. Guestbook administration credentials that are contained in the database and stored in plaintext format may be revealed to the attacker.

Information collected in this way may be used to aid in further attacks against the system.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. Microsoft Windows Active Directory Policy Bypass Vulnerability BugTraq ID: 7330
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7330
Summary:

A vulnerability has been reported for Microsoft Active Directory (AD) Domain Controllers (DC) that may allow for the modification of sensitive data.

The vulnerability is related to the way DCs handle the task of managing the Schema and Configuration partitions. Typically, an action performed on any DC is replicated to other DCs. However, the AD Schema and Configuration management is relegated to a single DC to be administered by certain user accounts.

Exploitation of this vulnerability will result in attackers being able to manipulate the Schema and Configuration partitions on other DCs. This has the potential to cause serious network problems for an existing Windows domain.

Each of the Schema and Configuration partitions exist in child DCs as read-only data. Malicious administrators for child DCs, through the use of weak permissions, are able to execute certain services under the SYSTEM context to manipulate the contents of these partitions.

6. Ocean12 ASP Guestbook Manager Code Injection Vulnerability BugTraq ID: 7329
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7329
Summary:

The Ocean12 ASP Guestbook Manager is a full featured Guestbook Program. It is written entirely in ASP/VBScript and utilizes an Access database for data storage.

Ocean12 ASP Guestbook Manager has been reported prone to a HTML Code injection vulnerability.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Due to a lack of sanitization performed on several Guestbook form fields, specifically the 'Name', 'E-Mail' and 'Message' fields, an attacker may inject arbitrary HTML code into dynamically generated Guestbook Manager pages.

The injected script code will execute in the security context of the Guestbook Manager site, potentially allowing an attacker to hijack web content or to steal cookie-based authentication credentials. It may also be possible to take arbitrary actions as the victim user, including posting or deleting content.

7. WebGUI HTTPProxy Denial Of Service Vulnerability BugTraq ID: 7331
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7331
Summary:

WebGUI is a content management framework built to allow average users to build and maintain complex Web sites.

WebGUI has been reported prone to Denial of Service vulnerability when handling malicious HttpProxy requests.

It has been reported that an attacker may make a malicious proxy request passed to the WebGUI HttpProxy function. This activity may trigger a persistant denial of service condition. If the attack is successful the WebGUI HttpProxy web object may fall into an infinate recursive loop attempting to proxy its own content.

This vulnerability has been reported to affect WebGUI version 5.2.3 altough uconfirmed previous versions may also be affected.

8. BitchX Trojan Horse Vulnerability
BugTraq ID: 7333
Remote: Yes
Date Published: Apr 13 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7333
Summary:

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

BitchX is a freely available, open source IRC client. It is available for Unix, Linux, and Microsoft operating systems.

It has been announced that the server hosting BitchX, www.bitchx.org, was compromised recently. It has been reported that the intruder made modifications to the source code of BitchX to include trojan horse code. Downloads of the source code of BitchX from www.bitchx.org, and mirrors, likely contain the trojan code.

Reports say that the trojan will run once upon compilation of BitchX. Once the trojan is executed, it attempts to connect to host 207.178.61.5 on port 6667.

The trojan horse modifications can be found in the configure script in BitchX 1.0c19.

Additionally, the trojan displays similarity to those found in irssi, fragroute, fragrouter, tcpdump, libpcap, OpenSSH, and Sendmail.

This BID will be updated as more information becomes available.

9. LPRng PSBanner Insecure Temporary File Creation Vulnerability BugTraq ID: 7334
Remote: No
Date Published: Apr 14 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7334
Summary:

LPRng psbanner is a printer filter utility that creates a PostScript format banner and is part of LPRng.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

psbanner filter has been reported prone to insecure temporary file creation vulnerability.

Under certain circumstances, specifically when psbanner is configured as a filter, psbanner creates temporary files for debugging purposes in an insecure manner.

It has been reported that psbanner does not check if a previous file exists or whether the file is symlinked to another location before using it for a specific action. The action taken on the file will be committed with the user id 'daemon'.

This vulnerability may lead to symbolic link attacks with in the context of the user running the vulnerable utility.

1. SheerDNS Information Disclosure Vulnerability BugTraq ID: 7336 Remote: Yes Date Published: Apr 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7336 Summary:

SheerDNS is a master DNS server implementation for Unix and Linux variants.

A vulnerability has been discovered in SheerDNS. Due to insufficient sanitization of user-supplied data within DNS requests, an attacker may be capable of viewing the contents of an arbitrary directory or file. Specifically, SheerDNS fails to filter directory traversal sequences (../) embedded in DNS queries.

As SheerDNS runs with root privileges, exploitation of this issue would allow an attacker to view the contents of all system directories.

This issue was discovered in SheerDNS version 1.0.0, however, earlier versions may also be affected.

1. SheerDNS CNAME Buffer Overflow Vulnerability BugTraq ID: 7335 Remote: No Date Published: Apr 13 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7335 Summary:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

SheerDNS is a master DNS server implementation for Unix and Linux variants.

SheerDNS is prone to a buffer overflow when constructing responses to CNAME queries. This is due to insufficient bounds checking of lookup information. Specifically, the static buffer for lookup results is much larger than the buffer for queries. The program does a strcpy() operation to copy the lookup results into the query buffer.

Lookup information which is fetched from local files. If an attacker can influence the contents of these files, then it will be possible to trigger this condition to corrupt adjacent regions of stack memory with malicious data.

Exploitation could lead to a denial of service or execution of malicious instructions.

This issue was discovered in SheerDNS version 1.0.0, however, earlier versions may also be affected.

1. GS-Common PS2Epsi Insecure Temporary File Vulnerability BugTraq ID: 7337 Remote: No Date Published: Apr 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7337 Summary:

gs-common is a set of common files for different Ghostscript releases.

The ps2espi script included with gs-common creates temporary files in an insecure manner when invoking Ghostscript. A malicious local user could exploit this condition to create a symbolic link that could corrupt any local file which is writeable by the user invoking the vulnerable script.

Exploitation may result in a denial of service if critical files are corrupted. Privilege elevation may also be possible if the local attacker can corrupt local files with custom data.

1. FipsGuestbook New_Entry.ASP HTML Injection Vulnerability BugTraq ID: 7339 Remote: Yes Date Published: Apr 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7339 Summary:

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

fipsGuestbook is web-based guestbook application. It is implemented in ASP and VBScript and available for Microsoft Windows operating systems.

fipsGuestbook does not sufficiently sanitize form data of HTML and script code. This issue exists in the 'new_entry.asp' script. Attackers may inject HTML and script code via the "Name" field of the guestbook. This code will be displayed and possibly interpreted when the guestbook is viewed by other users. Hostile code injected in this manner will be interpreted in the context of the site hosting the guestbook software.

Exploitation of this issue could allow for theft of cookie-based authentication credentials or other attacks.

This issue was reported in fipsGuestbook 1.12.7. Other versions may also be affected.

1. InstaBoard Index.CFM SQL Injection Vulnerability BugTraq ID: 7338 Remote: Yes Date Published: Apr 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7338 Summary:

InstaBoard is a multi-featured web-based discussion forum.

Multiple SQL injection vulnerabilities were reported to affect the
'index.cfm' page of InstaBoard. This is reportedly due to insufficient
sanitization of externally supplied data that is used to construct SQL queries. This data may be supplied via URI parameters in requests for certain functions. A remote attacker may take advantage of these issues to inject malicious data into SQL queries, possibly resulting in modification of query logic.

The consequences may vary depending on the particular database implementation and the nature of the specific queries. SQL injection also makes it possible, under some circumstances, to exploit latent vulnerabilities that may exist in the underlying database.

It should be noted that although this vulnerability has been reported to affect InstaBoard version 1.3 previous versions might also be affected.

1. ActivCard Gold Cached Static Password Vulnerability BugTraq ID: 7340 Remote: No Date Published: Apr 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7340 Summary:

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

ActivCard Gold is a smart card solution for Microsoft Windows and other operating systems.

ActivCard Gold is reported to cache static passwords in memory. Credentials are stored in the memory of the "scardsrv" process. These credentials will be disclosed if an attacker can cause the process to dump memory or can gain access to an existing memory dump.

Though unconfirmed, it has been alleged that static passwords will remain in memory after the smart card is removed. This issue apparently does not affect PKI private keys and dynamic password keys, which are reported to be stored in a more secure manner by ActivCard Gold.

1. Web Wiz Site News Information Disclosure Vulnerability BugTraq ID: 7341 Remote: Yes Date Published: Apr 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7341 Summary:

Web Wiz Site News is a freely distributed news management system implemented in ASP.

Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability.

An attacker may make a request for and download the underlying Access database file 'news.mdb' that is located in the 'news' folder and is used by the Site News application. Site News administration credentials that are contained in the database and stored in plaintext format may be revealed to the attacker.

Information collected in this way may be used to aid in further attacks against the system.

It should be noted that although this vulnerability has been reported to affect Site News version 3.06, previous versions might also be affected.

1. IBM FTP Daemon Kerberos 5 Unspecified Administrative Access Vulnerability BugTraq ID: 7346 Remote: Yes Date Published: Apr 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7346 Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

AIX is the commercially available UNIX operating system distributed by IBM. A problem in the operating system could make it possible for a remote user to gain unauthorized access.

It has been reported that a vulnerability exists with the ftpd implemented with AIX when Kerberos 5 is used for authentication. This could make it possible for a remote user to gain unauthorized remote access.

Few details are available about the nature of the problem. It is confirmed however that the FTP daemon distributed with AIX must be configured to use its native Kerberos 5 functionality as its authentication method. It is also confirmed that exploitation of this issue could lead to an attacker gaining administrative access to a vulnerable host.

1. EZ Publish site.ini Information Disclosure Vulnerability BugTraq ID: 7347 Remote: Yes Date Published: Apr 15 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7347 Summary:

eZ Publish is a web content management system for Microsoft Windows and Unix and Linux variants.

eZ Publish has been reported prone to sensitive information disclosure vulnerability.

An attacker may make a request for and download the underlying site.ini configuration file. The file contains eZ Publish administration credentials stored in plaintext format. Any HTTP requests for this file will reveal the contents of this file to remote attackers.

Information collected in this way may be used to aid in further attacks against the system.

This vulnerability was reported for eZ Publish 3.0. It is likely that earlier versions are affected by this vulnerability.

1. EZ Publish Multiple Cross Site Scripting Vulnerabilities BugTraq ID: 7348 Remote: Yes Date Published: Apr 15 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7348 Summary:

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

eZ Publish is a web content management system for Microsoft Windows and Unix and Linux variants.

Several cross site scripting vulnerabilities have been reported for eZ Publish. These vulnerabilities are due to insufficient sanitization of user-supplied data submitted to eZ Publish.

An attacker can exploit this vulnerability by creating malicious links to a site hosting the vulnerable software which contains hostile HTML and script code. If this link is visited, the attacker-supplied HTML and script code will be interpreted by their browser. This will occur in the context of the site hosting the vulnerable software.

Exploitation may allow theft of cookie-based authentication credentials or other attacks.

This issue was reported in eZ Publish 3.0. It is likely that earlier versions are affected.

20. EZ Publish Multiple Path Disclosure Vulnerabilities BugTraq ID: 7349
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7349
Summary:

eZ Publish is a web content management system for Microsoft Windows and Unix and Linux variants.

Several path disclosure vulnerabilities have been reported for eZ Publish. The vulnerabilities affect several PHP script files in the kernel/class and kernel/classes directory.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An attacker can exploit this vulnerability by making a HTTP request for any of the affected pages. This may result in a condition where path information is returned to the attacker. Information gathered in this way may be used in further attacks against the system.

This vulnerability affects eZ Publish 3.0. It is likely that earlier versions are also affected.

21. GTKHTML Malformed HTML Document Denial Of Service Vulnerability BugTraq ID: 7350
Remote: Yes
Date Published: Apr 14 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7350
Summary:

GtkHTML is a HTML rendering and editing engine for Gnome. It is embedded in many applications, such as Evolution personal and workgroup information management software.

It has been reported that GtkHTML is prone to a vulnerability that may be exploited to cause a denial of service. This issue is present in GtkHTML with Evolution. It is possible to crash the Evolution e-mail client with a malformed message due to this flaw in GtkHTML.

It is possible that this flaw may affect other applications that rely upon GtkHTML, though this has not been confirmed.

Further details are not available at this time. This BID will be updated as more details become available.

22. Progress Database BINPATHX Environment Variable Buffer Overflow Vulnerability BugTraq ID: 7352
Remote: No
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7352
Summary:

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Progress Database is a commercial database for Microsoft Windows and Unix systems.

A buffer overflow vulnerability has been discovered in Progress Database. The problem occurs due to insufficient bounds checking when processing the
'BINPATHX' environment variable.

The 'BINPATHX' variable is used to specify the location of shared libraries and other installation files however, placing approximately 240 bytes within the variable may trigger a buffer overflow. This may result in sensitive locations in memory being replaced with attacker-supplied values.

Exploitation of this issue may make it possible for an attacker to execute arbitrary code with the privileges of the Progress Database application

23. OSCommerce Product_Info.PHP Denial Of Service Vulnerability BugTraq ID: 7351
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7351
Summary:

osCommerce is an online shop e-commerce solution under on going development by the open source community.

It has been reported that a remote attacker may trigger a denial of service condition in the osCommerce application. If malicious URI parameters, for example, 'products_id' are passed to the
'product_info.php' page the mySQL and web server hosting osCommerce
reportedly becomes unstable. This action may be repeated continuously and could possibly result in a persistent denial of service condition.

It should be noted that although osCommerce version 2.2cvs was reported vulnerable, previous versions may also be affected.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

24. Xoops Glossary Module Cross Site Scripting Vulnerability BugTraq ID: 7356
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7356
Summary:

A cross site scripting vulnerability has been reported in Xoops.

It has been reported that user-supplied input to the 'glossaire-aff.php' page, as the 'lettre' URI parameter, is not sufficiently sanitized. This lack of sanitization provides an opportunity for an attacker to launch cross-site scripting attacks against the vulnerable site. It is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user.

Any attacker-supplied code will be executed within the context of the website running Xoops.

This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. The attacker may hijack the session of the legitimate by using cookie-based authentication credentials. Other attacks are also possible.

While this vulnerability has been reported to affect Xoops versions 1.3.8 and 1.3.9.

25. 12Planet Chat Server Error Message Installation Path Disclosure Vulnerability BugTraq ID: 7355
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7355
Summary:

12Planet Chat Server is web forum software that runs on Windows NT/2000/XP, Linux, Sun Solaris, IBM AIX, and HP UNIX.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

When certain malformed URL requests are received by the chat server, an error message is returned containing the full path of the chat server's installation. The URL must contain at least three '/qwe' sequences in order to generate this error message. ie. http://www.victim.com:8080/qwe/qwe/qwe/index.html

If the URL does not contain at least three '/qwe' sequences, a simple HTTP 500 error message will be returned to the remote user.

26. 12Planet Chat Server Administration Page Clear Text Authentication Vulnerability BugTraq ID: 7354
Remote: Yes
Date Published: Apr 11 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7354
Summary:

12Planet Chat Server is web forum software that runs on Windows NT/2000/XP, Linux, Sun Solaris, IBM AIX, and HP UNIX.

The login page of the administration site for the chat server sends usernames and passwords in clear text. This could allow a remote attacker to sniff the administrator's authentication information.

The interface that allows the administrator to change their passwords also transmits the new password in clear text.

27. Python Documentation Server Error Page Cross-Site Scripting Vulnerability BugTraq ID: 7353
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7353
Summary:

Python Documentation Server is a freely available server distributed with the Python software package. It is available for Unix, Linux, and Microsoft Operating Systems.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting vulnerability.

The problem is due to insufficient sanitization of HTML and script code from error output. When HTML and script code are passed to the vulnerable server in a URI, the code will be displayed in the server's error page. An attacker could exploit this issue by constructing a malicious link which contains hostile HTML and script code and then enticing web users to visit the link. When the error page is displayed, the attacker-supplied code may be rendered in the user's web browser. This will occur in the security context of the documentation server.

The server runs on port 7464 by default.

28. OSCommerce Authentication Bypass Vulnerability BugTraq ID: 7357
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7357
Summary:

osCommerce is an online shop e-commerce solution under on going development by the open source community.

osCommerce has been reported prone to authentication bypass vulnerability.

It has been reported that osCommerce uses HTTP header information as a part of its authentication mechanism. Reportedly an attacker may spoof the HTTP 'referrer' header information. If the attacker spoofs a localhost address as the referrer the authentication system used by osCommerce may be subverted.

This attack may be used in conjunction with other attacks to disclose, what may be sensitive information, to the attacker. Specifically product information may be disclosed and administration page access achieved.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It should be noted that although osCommerce version 2.2cvs was reported vulnerable, previous versions may also be affected.

29. Microsoft Windows EngTextOut Non-ASCII Character Denial Of Service Vulnerability BugTraq ID: 7358
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7358
Summary:

A vulnerability has been alleged in the EngTextOut function on some versions of the Microsoft Windows operating systems. The EngTextOut function uses GDI to display a set of glyphs at user-specified locations. Text may be passed to the function in a STROBJ structure.

If this function is passed non-ASCII characters, this will reportedly result in an operating system crash. The crash occurs in the 'win32k.sys' module. This issue may potentially be triggered through applications which use the vulnerable function.

30. Microsoft Windows 2000/XP Registry Editor Custom Permissions Weakness BugTraq ID: 7360
Remote: No
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7360
Summary:

Windows systems using the NTFS file system allow granular security permissions to be set on individual keys.

A problem exists when a registry key with custom permissions is renamed. The renamed key will lose any custom permissions that are set and instead inherit the permissions of its parent. This will occur regardless of whether the "Allow inheritable permissions from parent to propagate to this object" box is checked or not.

It has been speculated that this may occur because keys are not renamed in the traditional sense but are possibly deleted and recreated using the new name.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This weakness was reported to affect Windows 2000 and XP, however, Windows NT 4.0 may also be affected.

31. Netcomm NB1300 Modem/Router Weak Default Configuration Settings Vulnerability BugTraq ID: 7359
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7359
Summary:

Netcomm NB1300 modem/router is a device used to connect SOHO or Small Business networks to an ADSL service provider. The ADSL Router supports IP Packet routing and functions such as NAT and DHCP allowing users to have their IP address assigned automatically and share a single ISP account.

It has been reported that the Netcomm NB1300 modem/router ships with weak default configuration settings. The NB1300 has, by default, an FTP server (VxWorks 5.4.1) exposed on the WAN interface. The default username is set as 'admin' and the password is, by default, 'password'.

A remote user may connect to the FTP server and authenticate using default credentials if they have not been changed. The attacker may then download the router configuration information contained as plaintext in the
'config.reg' file. Other attacks may also be possible.

Information gathered in this may be used in further attacks launched against the victim host/network.

It should be noted that this vulnerability has been reported to affect all known releases of Netcomm NB1300 firmware.

32. IkonBoard Lang Cookie Arbitrary Command Execution Vulnerability BugTraq ID: 7361
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7361
Summary:

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

IkonBoard is a Web Bulletin Board Service (BBS) software package written in Perl that runs on several web server platforms.

It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied 'lang' cookie data.

Specifically a flaw has been reported in the pattern matching code implemented to sanitize user-supplied cookie data before it is interpolated into a string. An attacker may exploit this issue to execute arbitrary commands. If the attacker supplies a malicious cookie that contains illegal characters designed to break the sanitization functionality of IkonBoard, the data will get passed to a Perl eval() function. This circumstance could allow the attacker to have arbitrary Perl code evaluated. Therefore, using for example Perl system() calls as a conduit, arbitrary command execution may be possible in the security context of the web server hosting the vulnerable IkonBoard.

It should be noted that although this vulnerability was reported to affect IkonBoard version 3.1.1, previous versions might also be affected.

33. Ashley Brown iWeb Server Directory Traversal Vulnerability BugTraq ID: 7362
Remote: Yes
Date Published: Apr 15 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7362
Summary:

iWeb Server is a small HTTP server that is designed for internal use as part of a test environment. It has been announced that iWeb Server is vulnerable to a condition that may result in the disclosure of potentially sensitive information.

According to the report, iWeb Server does not perform correct access validation on client requested paths which include "../" character sequences. It is possible for attackers to obtain files and directories outside of the webroot by requesting their path relative to the current directory using such sequences.

This may be exploited by a remote attacker to gain sensitive information useful in other attacks.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The author has issued a new version that is not vulnerable to this attack.

34. Mozilla Browser Cross Domain Violation Vulnerability BugTraq ID: 7363
Remote: Yes
Date Published: Apr 16 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7363
Summary:

Mozilla is an open source web browser available for a number of platforms, including Microsoft Windows and Linux.

A problem has been reported in Mozilla that could allow access to information in other browser windows. The vulnerability exists because Mozilla does not properly sanitize links when transferring documents from one domain to another. Specifically, malicious HTML code is not sanitized from the 'onclick' property.

Upon the execution of code through the 'onclick' property, a violation in browser security zone policy would occur that allows the original web site to view the contents of web pages in other browser windows.

This problem would require a user visiting a web page that has been designed to present malicious dialog boxes. This type of attack would most commonly occur through social engineering.

Other browsers based on the Mozilla codebase are vulnerable to this issue.

35. Novell Groupwise Mail Transport Agent Unspecified Denial Of Service Vulnerability BugTraq ID: 7364
Remote: Yes
Date Published: Apr 14 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7364
Summary:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Novell GroupWise is an email, calendaring and collaborative application available from Novell. It is designed for use on Novell Netware platforms, and includes a web access component for use through a web browser. The GroupWise client application runs on Microsoft Windows platforms.

An unspecified vulnerability has been reported for the GroupWise MTA (Mail Transport Agent). The vulnerability exists due to the inclusion of a vulnerable version of OpenSSL.

Further details of this vulnerability are currently unknown. However, as further information becomes available this BID will be updated accordingly.

This vulnerability may be related to the issues described in BIDs 7101 or 7148.

36. Novell GroupWise WebAccess Information Disclosure Vulnerability BugTraq ID: 7366
Remote: Yes
Date Published: Apr 16 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7366
Summary:

Novell WebAccess is a Web based authentication component of GroupWise for Novell Netware.

It has been reported that Novell WebAccess may disclose sensitive information to other users in the form of URLs contained in the Internet history.

This vulnerability has been reported to present itself as an issue when Microsoft Internet explorer 5.0 is used to authenticate and retrieve messages, using WebAccess, that are stored on the GroupWise server.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported that URLs of the retrieved messages become part of the History cache and therefore can be perused by other users who also access the workstation.

Due to the nature of this vulnerability, the impact is far greater in a shared workstation environment.

III. SECURITYFOCUS NEWS AND COMMENTARY

1. Use a Honeypot, Go to Prison? By Kevin Poulsen, SecurityFocus

A Department of Justice computer crime specialist warns that under some circumstances deploying honeypots can be more illegal than hacking them.

http://www.securityfocus.com/news/4004

2. Debate: Should You Hire a Hacker?
By Deborah Radcliff, SecurityFocus

Kevin Mitnick squares off with his former prosecutor: can reformed hackers be trusted to guard the corporate henhouse?

http://www.securityfocus.com/news/3982

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. 'Super-DMCA' fears suppress security research By Kevin Poulsen, SecurityFocus

A University of Michigan graduate student noted for his research into steganography and honeypots -- techniques for concealing messages and detecting hackers, respectively -- says he's been forced to move his research papers and software offshore and prohibit U.S. residents from accessing it, in response to a controversial new state law that makes it a felony to possess software capable of concealing the existence or source of any electronic communication.

http://www.securityfocus.com/news/3912

4. Security Agency Selects Privacy Watchdog By Jonathan Krim, Washington Post

A fo