SecurityFocus Newsletter #194

SecurityFocus Newsletter #194

This issue is sponsored by: FastTrain

FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT.

Log onto http://www.fasttraincamp.com.

I. FRONT AND CENTER

1. Auditing Web Site Authentication
2. Anti-Virus Defence In Depth
3. Al-Jazeera, the First Amendment, and Security Professionals
4. Secure by Default
5. SecurityFocus DPP Program II. BUGTRAQ SUMMARY
6. Xinetd Rejected Connection Memory Leakage Denial Of Service...
7. Central Command Vexira Antivirus Buffer Overflow Vulnerability
8. Microsoft Internet Explorer CLASSID Variant Denial Of Service...
9. Microsoft Windows SMB NTLM Authentication Interception...
10. Microsoft Windows Service Control Manager Race Condition...
11. Working Resources BadBlue Ext.DLL Command Execution Vulnerability
12. MPCSoftWeb Guest Book HTML Injection Vulnerability
13. MPCSoftWeb Database Disclosure Vulnerability
14. 360 Degree Web PlatinumKey Access Control Bypass Information...
15. 360 Degree Web PlatinumKey Access Control Bypass Application...
16. Mod_NTLM Authorization Heap Overflow Vulnerability
17. Mod_NTLM Authorization Format String Vulnerability
18. PT News Unauthorized Administrative Access Vulnerability
19. AN HTTPD Count.pl Directory Traversal Vulnerability
20. Xeneo Web Server Denial Of Service Vulnerability
21. HP TruCluster Server Cluster Alias/NFS Denial of Service...
22. YaBB SE Language Remote File Include Vulnerability
23. Microsoft Shlwapi.dll Malformed HTML Form Tag DOS...
24. OpenBB Index.PHP Remote SQL Injection Vulnerability
25. OpenBB Board.PHP Remote SQL Injection Vulnerability
26. OpenBB Member.PHP Remote SQL Injection Vulnerability
27. MIME-Support Package Insecure Temporary File Creation...
28. XMB Forum Members.PHP SQL Injection Vulnerability
29. SAP Database Development Tools INSTDBMSRV INSTROOT Environment...
30. SAP Database Development Tools INSTLSERVER INSTROOT... III. SECURITYFOCUS NEWS ARTICLES
31. DirecTV Mole to Plead Guilty
32. Verizon loses RIAA piracy case
33. Judge rejects constitutional challenge over Internet...
34. Trojan defence clears man on child porn charges IV. SECURITYFOCUS TOP 6 TOOLS
35. Crash Core Analysis Suite v3.3
36. In Memory Core Dump v3.1.4
37. cosign v1.0.0
38. FloodGuard Alert v2_2p3
39. heartbeat v0.1
40. fwsnort v0.1
41. SECURITYJOBS LIST SUMMARY
42. Development Manager Needed - Symantec in Redwood City CA (Thread)
43. Application Security Consultant - VA/DC $75K - $100K base...
44. Information Security Manager - Seattle, WA - up to 90K base...
45. Fw: Intrusion / security engineer needed in DC (Thread)
46. Security Engineer/Data Mining Specialist (Thread)
47. Senior Network Security Engineer needed for Ft. Monmouth...
48. Junior Security Administrator (Thread)
49. Looking for entry level INFOSEC position in New York Metro...
50. Opportunity for cleared Network Security Analyst/Engineer...
51. Consulting Manager, Cyber Operations Center - Albany, NY, USA...
52. Application Security Consultant VA/DC $75K-$100K base (Thread)
53. Sr Security Architect Needed--Ohio (Thread)
54. Security Engineer available for Hire (Thread)
55. 2003 Summer Internship (Thread)
56. Position Sought -- Computer Forensic Analyst (Thread)
57. Sr. Product Manager - Redwood City CA (Thread)
58. Sr Security Architect Needed - Ohio (Thread)
59. Program Manager Needed at Symantec, Redwood City, CA (Thread)
60. Chief Security Officer (Chicago based fortune 100 company)...
61. Chicago Information Security Manager (Thread)
62. Sr. Manager Development / Lead Security Analyst Team, Tokyo...
63. Sr. Security Researcher / Principal Software Engineer, Tokyo...
64. NetScreen Certified Professional Required **ASAP** (Thread)
65. wanted: Jr. Security Consultant/ Security Engineer position... VI. INCIDENTS LIST SUMMARY
66. Trojan found... (Thread)
67. IP Spoofs in the log - not sure what to do next (Thread)
68. SMTP Scans (Thread)
69. protocol watcher (Thread)
70. POP3 logon attempts (Thread)
71. Company being War Dialed (Thread)
72. msamba (Thread)
73. FW: IP Spoofs in the log - not sure what to do next (Thread)
74. Tracking proxies on port 1180/1182 (Thread)
75. port 139 syn-fin scans (Thread)
76. Strange, scary, subtle trojan (Thread)
77. Intresting problem concerning libresolv.so.2 (Thread)
78. Mo'Logs (Thread)
79. re: port 5168 (Thread) VII. VULN-DEV RESEARCH LIST SUMMARY
80. Article Announcement: Auditing Web Site Authentication (Thread)
81. Jump back to shellcode Windows overflow (Thread)
82. MSIE crash-"feature" (Thread)
83. cipher.exe overflow (Thread)
84. defacement stats (Thread) VIII. MICROSOFT FOCUS LIST SUMMARY
85. Article Announcement: Auditing Web Site Authentication (Thread)
86. Files in system 32 directory (Thread)
87. interoperability of VPN checkpoint FW1 to ISA (Thread)
88. Article Announcement: Anti-Virus Defence In Depth (Thread)
89. Auditing a reboot (Thread)
90. SecurityFocus Microsoft Newsletter #134 (Thread)
91. Does In-Place Upgrade of Microsoft Exchange Create Open...
92. Article Announcement: Statistical-Based Intrusion Detection...
93. checking server status (Thread)
94. Does In-Place Upgrade of Microsoft Exchange Create Open... IX. SUN FOCUS LIST SUMMARY
95. New release of Solaris secuirity module Papillo (Thread)
96. New release of Solaris secuirity module Papillon (Thread)
97. Unable to su on firewall (Thread)
98. distributed ssh key management (Thread)
99. Expanded Solaris Security (Thread)
100. LINUX FOCUS LIST SUMMARY
101. Linux Security Courses (Thread) XI. SPONSOR INFORMATION
102. FRONT AND CENTER

     ---

103. Auditing Web Site Authentication By Mark Burnett

This is the first part of a two-part article discussing a standard audit procedure consisting of a list of questions to test Web site authentication schemes.

http://www.securityfocus.com/infocus/1688

2. Anti-Virus Defence In Depth
by Ken Bechtel

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Lately it seems I can't open my inbox with out seeing a new article on defence in depth. This is fine: defence in depth is crucial to anti-virus protection. Unfortunately, most of the articles are missing two crucial components. To understand what is being missed, we need to look at what is meant by defence in depth as it applies in the malicious software world. For the purpose of this paper, when referring to defence in depth, we will be specifically talking about the utilization of anti-virus software, and other methods to provide a multi-layered anti-malware defence in a corporate environment.

http://www.securityfocus.com/infocus/1687

3. Al-Jazeera, the First Amendment, and Security Professionals By Scott Granneman

While attempts to disrupt Web broadcasts of Al-Jazeera may seem like a distant concern, they reflect the problems that should concern security professionals everywhere.

http://www.securityfocus.com/columnists/156

4. Secure by Default
By Tim Mullen

With Windows Server 2003, Microsoft has finally produced an operating system that isn't begging to be hacked on the first boot.

http://www.securityfocus.com/columnists/157

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. SecurityFocus DPP Program

Attention Universities!! Sign-up now for preferred pricing on the only global early-warning system for cyber attacks - SecurityFocus DeepSight Threat Management System.

Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml

II. BUGTRAQ SUMMARY

1. Xinetd Rejected Connection Memory Leakage Denial Of Service Vulnerability BugTraq ID: 7382 Remote: Yes Date Published: Apr 18 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7382 Summary:

Xinetd is intended as a secure replacement for inetd. It is designed for use with Linux and Unix variant operating environments.

A denial of service vulnerability has been reported for Xinetd. The vulnerability exists due to memory leaks occuring when connections are rejected. This issue was reported to occur in the svc_request() function of the service.c source file where some allocated memory is not properly freed when a connection is rejected.

An attacker can exploit this vulnerability by repeatedly connecting to a Xinetd server and having the connection rejected. This will result in a memory exhaustion issue that will result in a denial of service condition.

This vulnerability was reported for Xinted prior to 2.3.11.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. Central Command Vexira Antivirus Buffer Overflow Vulnerability BugTraq ID: 7383
Remote: No
Date Published: Apr 18 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7383
Summary:

Vexira Antivirus is an antivirus solution for Linux variant systems distributed by Central Command.

A buffer overflow vulnerability has been reported for Vexira Antivirus which may result in privilege escalation.

A local attacker can exploit this vulnerability by supplying an overly long commandline argument to the /usr/lib/Vexira/vexira binary, consisting of at least 280 characters. When the binary attempts to process this input, it will trigger the buffer overflow condition and cause the application to crash.

Although unconfirmed, it may be possible to exploit this vulnerability to execute malicious attacker-supplied code.

This vulnerability was reported for Vexira Antivirus 2.1.7 for Linux.

3. Microsoft Internet Explorer CLASSID Variant Denial Of Service Vulnerability BugTraq ID: 7384
Remote: Yes
Date Published: Apr 18 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7384
Summary:

Microsoft Internet Explorer contains a vulnerability that may allow for malicious webmasters to cause a victim user's web browser to stop responding.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A CLASSID is a unique identifier that provides information to the default COM handler. It is possible to include a CLASSID value as part of an OBJECT tag under some versions of Internet Explorer.

If a web page contains a specific CLASSID value and an IE user attempts to view the page, IE has been reported to crash. The reported offending CLASSID is CLSID:0CF32AA1-7571-11D0-93C4-00AA00A3DDEA, however there may be other CLASSID values which could exploit this issue.

This issue has been reported to occur when vulnerable versions of Internet Explorer are running under Windows 2000 or XP. It is not currently known if this issue is related to properties of the underlying operating system.

This vulnerability has been reported to affect Internet Explorer 6.0 SP1.

4. Microsoft Windows SMB NTLM Authentication Interception Weakness BugTraq ID: 7385
Remote: Yes
Date Published: Apr 19 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7385
Summary:

Microsoft Windows uses the SMB protocol to authenticate against other Microsoft systems on a network.

A weakness has been reported whereby an attacker may be able to intercept SMB communications to access a vulnerable SMB client.

This weakness exists due to the way SMB connections are initiated. An attack would proceed by tricking a victim user to connect to an attacker-controlled server. The attacker's server would then send a request to an attacker-controlled client which initiates a request to a legitimate SMB server. The responses generated by the legitimate server would be relayed through the attacker-controlled systems to eventually gain control of the victim client.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Exploitation of this issue involves many specific scenarios and would be difficult. It has been reported that this issue is very similar to an attack described by DilDog presented at DefCon 2000.

5. Microsoft Windows Service Control Manager Race Condition Vulnerability BugTraq ID: 7386
Remote: No
Date Published: Apr 20 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7386
Summary:

A race condition error has been reported in the Microsoft Service Control Manager (SCM). The SCM manages and keeps track of installed services.

When the system is shutdown, the SCM may send a SERVICE_CONTROL_SHUTDOWN control code to service applications that are required to clean up before the system shutdown. The SCM will wait for service applications to shutdown for a specified time limit before continuing with the system shutdown. This condition could occur during system shutdown if services do not successfully shutdown within the specified time limit.

The race condition could cause random cached data to be included in files that are still open when the time limit expires for the service shutdown. In the worst case scenario, random sensitive data from administrative services could be included in output files for lower privileged services. This could expose sensitive data to local users with access to these output files. To exploit this condition, a malicious local user would need to monitor the output files after a reboot.

6. Working Resources BadBlue Ext.DLL Command Execution Vulnerability BugTraq ID: 7387
Remote: Yes
Date Published: Apr 20 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7387
Summary:

BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems.

BadBlue is prone to a vulnerability that could allow remote attackers to gain unauthorized access. BadBlue includes a server-side scripting language which uses '.htx' and '.hts' files. The '.hts' extension represents files that are only intended to be requested and executed by the local host.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported that by inserting certain characters into a request for an '.hts' file, it is possible for a remote user to cause the '.hts' file to be interpreted by the server. This is due to an input validation error in the 'ext.dll' component, which is responsible for verifying the source of requests for '.hts' files. Exploitation could lead to unauthorized execution of administrative or restricted commands.

7. MPCSoftWeb Guest Book HTML Injection Vulnerability BugTraq ID: 7389
Remote: Yes
Date Published: Apr 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7389
Summary:

MPCSoftWeb Guest Book is a web application for Microsoft Windows operating systems.

MPCSoftWeb Guest Book is prone to a vulnerability that could allow remote attackers to inject hostile HTML and script code into the guestbook system. The issue exists in the 'insertguest.asp' script. This is due to insufficient sanitization of guestbook form fields such as "Name",
"location" and "comment". HTML and script code that is injected in this
manner may be interpreted in the web browser of users who visit the guestbook site. This will occur in the security context of the site hosting the guestbook software.

Successful exploitation may allow for theft of cookie-based authentication credentials or other attacks.

8. MPCSoftWeb Database Disclosure Vulnerability BugTraq ID: 7390
Remote: Yes
Date Published: Apr 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7390
Summary:

MPCSoftWeb Guest Book is a web application for Microsoft Windows operating systems. It is backended by a Microsoft Access database.

MPCSoftWeb does not sufficiently secure the database file. This issue is due to lack of access controls to prevent remote users from requesting the database file. It is possible for remote attackers to request the database file and gain access to sensitive information such as administrative credentials for the guestbook.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

9. 360 Degree Web PlatinumKey Access Control Bypass Information Disclosure Vulnerability BugTraq ID: 7391
Remote: No
Date Published: Apr 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7391
Summary:

PlatinumKey is a smart card security application distributed by 360 Degree Web. It is available for some laptops that use Microsoft Windows operating systems.

It has been reported that PlatinumKey does not properly restrict access to the desktop when smart card access control is enabled. Because of this, an attacker may be able to gain access to potentially sensitive information.

The problem is in the handling of certain key sequences. When the key sequence Control-Escape is pressed, the Windows task bar is displayed. An attacker could abuse this to gain information about recently run applications and recently accessed documents.

This problem has been reported to occur on the Acer Travelmate 600 and 800 series laptops. It may additionally affect other laptops using the same software with similar configurations.

1. 360 Degree Web PlatinumKey Access Control Bypass Application Execution Vulnerability BugTraq ID: 7392 Remote: No Date Published: Apr 21 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7392 Summary:

PlatinumKey is a smart card security application distributed by 360 Degree Web. It is available for some laptops that use Microsoft Windows operating systems.

It has been reported that PlatinumKey does not properly restrict access to the desktop when smart card access control is enabled. Because of this, an attacker may be able to gain access to the task bar and potentially execute applications.

The problem is in the handling of certain key sequences. When the key sequence Control-Escape is pressed, the Windows task bar is displayed. An attacker could abuse this to gain access to the icons of recently run applications. By clicking on one of the applications stored in the frequently access applications menu, an attacker could execute the application.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It is unclear what privileges the application will be executed with during exploitation of this vulnerability. It is likely that the application will be executed with the privileges of the user whose session is locked.

This problem has been reported to occur on the Acer Travelmate 600 and 800 series laptops. It may additionally affect other laptops using the same software with similar configurations.

1. Mod_NTLM Authorization Heap Overflow Vulnerability BugTraq ID: 7388 Remote: Yes Date Published: Apr 21 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7388 Summary:

mod_ntlm is an Apache module, which implements NLTM authentication. It is available for Apache 2.0.x and 1.3.x on the Linux operating system.

The mod_ntlm Apache module has been reported prone to a heap overflow vulnerability.

The vulnerability is due to a lack of sufficient bounds checking performed on user-supplied data, stored in a 2048 byte buffer within heap memory.

Specifically, an insecure 'vsprintf()' function call is made within the mod_ntlm 'log()' function. The call to 'vsprintf()' copies user-supplied authorization data without carrying out sufficient bounds checking. As a result, excessive data may be copied into the 2048 byte buffer, resulting in the corruption of sensitive memory management information.

By modifying an adjacent malloc header to contain malicious values, it may be possible for an attacker to overwrite sensitive locations in memory when a subsequent call to free() is made. As a result, it may be possible for an attacker to execute arbitrary instructions, with the privileges of the Apache server.

This vulnerability is reported to affect mod_ntlm v0.4 for Apache 1.3 and mod_ntlmv2 version 0.1 for Apache 2.0. Although unconfirmed, previous versions may also be affected.

1. Mod_NTLM Authorization Format String Vulnerability BugTraq ID: 7393 Remote: Yes Date Published: Apr 21 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7393 Summary:

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

mod_ntlm is an Apache module which implements NLTM authentication. It is available for Apache 2.0.x and 1.3.x on the Linux operating system.

A format string vulnerability has been discovered in the mod_ntlm Apache module. The issue occurs when processing authorization information located in HTTP headers.

The problem occurs in a call to ap_log_rerror(), by the log() function, without including format specifier arguments. As a result, it may be possible for a remote attacker to embed their own specifiers within authorization data. This may allow for an attacker to write to sensitive locations in memory.

It should be noted that the exploitability of this issue to execute arbitrary code may be hindered by various system specific limitations. As a result, exploitation may only result in a denial of service.

This vulnerability was reported in mod_ntlm <= 0.4 and mod_ntlm2 0.1.

1. PT News Unauthorized Administrative Access Vulnerability BugTraq ID: 7394 Remote: Yes Date Published: Apr 21 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7394 Summary:

PT News is a web based news system. It is implemented in PHP and available for Microsoft Windows operating systems and Linux/Unix variants.

PT News does not adequately prevent remote users from gaining unauthorized access to administrative functions. The source of this issue is that the 'index.php' script includes the 'news.inc' file, which contains various administrative functions for PT News. Remote users may access the administrative functions of 'news.inc' through the 'index.php' script.

Exploitation could allow remote attackers to manipulate content.

1. AN HTTPD Count.pl Directory Traversal Vulnerability BugTraq ID: 7397 Remote: Yes Date Published: Apr 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7397 Summary:

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

AN HTTPD is a Web server designed for use on Microsoft Windows operating systems.

AN HTTPd contains a sample script named count.pl that may be used as a web counter. The script may accept a path and file name as arguments to store the numerical value of the counter.

This script does not perform adequate input validation on user-supplied paths containing directory traversal (../) character seqences. The vulnerable script may be used to overwrite any file on the system to which the 'CGI' user has write privileges, by supplying the file name and path in an HTTP request.

The 'CGI' user typically has System level privileges by default. As a result, an attacker may be capable of corrupting arbitrary system files.

1. Xeneo Web Server Denial Of Service Vulnerability BugTraq ID: 7398 Remote: Yes Date Published: Apr 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7398 Summary:

Xeneo Web Server is a web server for Microsoft Windows platforms that supports ASP, PHP, ColdFusion, Perl, CGI and ISAPI.

Xeneo web server has been reported prone to Denial of Service vulnerability.

It has been reported that a malicious HTTP GET request containing over 4096 bytes of data will trigger this vulnerability. Specifically, an attacker may initiate a HTTP GET request including a "?" character followed by approximately 4096 bytes of data. This action will result in a denial of service condition triggered in the Xeneo web server.

Although absolutely unconfirmed, due to the nature of this vulnerability, memory corruption or arbitrary code execution may be possible.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It should also be noted, that although this vulnerability has been reported to affect Xeneo web server version 2.2.9.0 previous versions may also be vulnerable.

1. HP TruCluster Server Cluster Alias/NFS Denial of Service Vulnerability BugTraq ID: 7400 Remote: Yes Date Published: Apr 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7400 Summary:

HP has reported a denial of service vulnerability in Tru64 Unix/TruCluster Cluster Alias/NFS services. The problem appears to lie in the way Cluster Alias/NFS services included with TruCluster systems handle malicious network traffic.

Successful exploitation of this issue may allow a remote attacker to crash a vulnerable server. It may also result in malicious network traffic being transmitted undetected.

The precise details regarding the exploitation of this issue are not currently known. This BID will be updated as further information is made available.

1. YaBB SE Language Remote File Include Vulnerability BugTraq ID: 7399 Remote: Yes Date Published: Apr 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7399 Summary:

YaBB SE is a freely available, open source port of Yet Another Bulletin Board (YaBB). It is available for a number of platforms include Unix, Linux, and Microsoft Windows operating systems.

YaBB may allow malicious bulletin board users to influence the include path for language files. Registered users may influence the include path of language files through the "Change Profile" option. A malicious user could set an include path that points to a malicious PHP script on an external host. This could result in execution of commands in the context of the web server.

1. Microsoft Shlwapi.dll Malformed HTML Form Tag Denial of Service Vulnerability BugTraq ID: 7402 Remote: Yes Date Published: Apr 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7402 Summary:

The 'shlwapi.dll' is a dynamic link library that exports several shell functions. Several applications, such as Internet Explorer and Front Page use functions from this library when rendering HTML content.

When an HTML page containing a specifically malformed tag is rendered by an application that exports functions from 'shlwapi.dll', the host application will fail. It has been reported that this vulnerability could not be exploited to cause code execution.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The problem appears to be caused by an attempt to perform a case-insensitive comparison of two strings. Due to the malformed tag, one of these strings will be a null pointer. The result of this is that the comparison attempt causes an exception.

It has also been reported that an HTML page containing the malformed tag located on the local file system may cause explorer.exe to fail if the
"Enable Web content in folders" option is selected.

1. OpenBB Index.PHP Remote SQL Injection Vulnerability BugTraq ID: 7401 Remote: Yes Date Published: Apr 22 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7401 Summary:

OpenBB is a freely available, open source bulletin board software package. It is available for Unix, Linux, and Microsoft Windows operating systems.

A problem with the software may make it possible for remote users to modify database query logic.

It has been reported that OpenBB does not properly check input passed via the 'index.php' script. Because of this, it may be possible for a remote user to inject malicious arbitrary SQL queries in the context of the database user for the bulletin board software. The consequences of successful exploitation will vary depending on the underyling database implementation, but may allow for disclosure of sensitive information or remote compromise of the bulletin board or database itself.

This vulnerability has been reported in OpenBB version 1.1.0. The currently available version reported by the vendor is 1.0.5. This vulnerability may affect the reported version, and previous versions of the affected software.

20. OpenBB Board.PHP Remote SQL Injection Vulnerability BugTraq ID: 7404
Remote: Yes
Date Published: Apr 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7404
Summary:

OpenBB is a freely available, open source bulletin board software package. It is available for Unix, Linux, and Microsoft Windows operating systems.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A problem with the software may make it possible for remote users to modify database query logic.

It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, it may be possible for a remote user to inject malicious arbitrary SQL queries in the context of the database user for the bulletin board software. The consequences of successful exploitation will vary depending on the underyling database implementation, but may allow for disclosure of sensitive information or remote compromise of the bulletin board or database itself.

This vulnerability has been reported in OpenBB version 1.1.0. The currently available version reported by the vendor is 1.0.5. This vulnerability may affect the reported version, and previous versions of the affected software.

21. OpenBB Member.PHP Remote SQL Injection Vulnerability BugTraq ID: 7405
Remote: Yes
Date Published: Apr 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7405
Summary:

OpenBB is a freely available, open source bulletin board software package. It is available for Unix, Linux, and Microsoft Windows operating systems.

A problem with the software may make it possible for remote users to modify database query logic.

It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, it may be possible for a remote user to inject malicious arbitrary SQL queries in the context of the database user for the bulletin board software. The consequences of successful exploitation will vary depending on the underyling database implementation, but may allow for disclosure of sensitive information or remote compromise of the bulletin board or database itself.

This vulnerability has been reported in OpenBB version 1.1.0. The currently available version reported by the vendor is 1.0.5. This vulnerability may affect the reported version, and previous versions of the affected software.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

22. MIME-Support Package Insecure Temporary File Creation Vulnerability BugTraq ID: 7403
Remote: No
Date Published: Apr 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7403
Summary:

The mime-support package contains a variety of MIME applications and tools. It is available for the Linux operating system.

A vulnerability has been discovered in the run-mailcap application included with mime-support. The problem occurs due to invalid sanity checks when creating temporary files.

By populating the /tmp directory with symbolic links which point to sensitive system files, it may be possible for an unprivileged user to corrupt arbitrary files. As a result, an unprivileged user may be capable of rendering a target system unusable or possibly gain elevated privileges.

This vulnerability affects run-mailcap included in mime-support verison 3.21 and earlier.

23. XMB Forum Members.PHP SQL Injection Vulnerability BugTraq ID: 7406
Remote: Yes
Date Published: Apr 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7406
Summary:

XMB Forum is a web based discussion forum implemented in PHP.

An SQL injection vulnerability has been reported to affect the 'members.php' page of XMB Forum. The vulnerability may be exploited if the web server hosting XMB has activated 'register_globals' in the php.ini configuration file.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The condition is reportedly due to insufficient sanitization of externally supplied data that is used to construct SQL queries. This data may be supplied via the '$email1' and '$email2' URI parameters during the registration process. A remote attacker may take advantage of this issue to inject malicious data into SQL queries, possibly resulting in modification of query logic.

The consequences may vary depending on the particular database implementation and the nature of the specific queries. One scenario reported was revealing registered users password hashes. SQL injection also makes it possible, under some circumstances, to exploit latent vulnerabilities that may exist in the underlying database.

It should be noted that although this vulnerability has been reported to affect XMB Forum version 1.8 previous versions might also be affected.

24. SAP Database Development Tools INSTDBMSRV INSTROOT Environment Variable Vulnerability BugTraq ID: 7407
Remote: No
Date Published: Apr 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7407
Summary:

SAP DB is a free database software package for Unix, Linux, and Microsoft Operating Systems.

It has been reported that a vulnerability exists in the SAP Database program instdbmsrv. Because of this, a local attacker may be able to gain elevated privileges.

The problem is in the handling of input from untrusted sources. When executed, the instdbmsrv program checks the INSTROOT environment variable for the location of the pgm/dbmsrv program. The permissions of the dbmsrv program are changed to give the program setuid root privileges when the instdbmsrv is executed. An attacker could modify the INSTROOT environment variable locally to point to an arbitrary directory. When the instdbmsrv program is executed, an attacker-supplied version of the dbmsrv program would be changed to setuid root.

This could result in an attacker gaining local administrative privileges.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

25. SAP Database Development Tools INSTLSERVER INSTROOT Environment Variable Vulnerability BugTraq ID: 7408
Remote: No
Date Published: Apr 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7408
Summary:

SAP DB is a free database software package for Unix, Linux, and Microsoft Operating Systems.

It has been reported that a vulnerability exists in the SAP Database program instlserver. Because of this, a local attacker may be able to gain elevated privileges.

The problem is in the handling of input from untrusted sources. When executed, the instlserver program checks the INSTROOT environment variable for the location of the pgm/lserver program. The permissions of the lserver program are changed to give the program setuid root privileges when the instlserver is executed. An attacker could modify the INSTROOT environment variable locally to point to an arbitrary directory. When the instlserver program is executed, an attacker-supplied version of the lserver program would be changed to setuid root.

This could result in an attacker gaining local administrative privileges.

26. Web Protector Trivial Encryption Weakness BugTraq ID: 7409
Remote: Yes
Date Published: Apr 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7409
Summary:

Web Protector is software that is designed to protect Web pages from unauthorized cloning or Internet theft. Protection includes HTML code, JavaScript, VBscript, text, links, and graphics.

Web protector has been reported prone to a trivial encryption weakness.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported that the method used to obfuscate and protect the HTML source of web pages implementing Web Protector is flawed and may be easily reversed. Reportedly the Java script decode method used to decode and render the original plaintext HTML source is embedded in the obfuscated document as escaped characters. The decode method may easily be extracted and used to decode the rest of the page contents.

This weakness may be exploited to disclose sensitive information contained in HMTL source or to reveal the HTML source itself. Due to the nature of web-based obfuscation, sensitive information should never be included in the source of an obfuscated document.

Administrators may be relying on a false sense of security by implementing the protection supplied by Web protector.

It should be noted that although this weakness has been reported to affect Web Protector version 2.0, previous versions are most likely also affected.

III. SECURITYFOCUS NEWS AND COMMENTARY

1. DirecTV Mole to Plead Guilty By Kevin Poulsen

A plea agreement is reached in the case of the college student who knew too much, while elsewhere DirecTV lawyers move against a message board poster for giving hacking advice to satellite pirates.

http://www.securityfocus.com/news/4173

2. Verizon loses RIAA piracy case
By Tim Richardson, The Register

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Verizon has vowed to continue its fight to refuse to reveal the identity of one of its punters accused of pirating music, claming the matter could have a "chilling effect" on Internet users.

http://www.securityfocus.com/news/4210

3. Judge rejects constitutional challenge over Internet music downloading By Ted Bridis, The Associated Press

A 19-year-old University of Chicago student accused of leaking the secrets of DirectTV's most advanced anti-piracy technology to hacker websites has agreed to plead guilty to violating the rarely used 1996 Economic Espionage Act.

http://www.securityfocus.com/news/4188

4. Trojan defence clears man on child porn charges By John Leyden, The Register

A man was cleared of possession of child porn this week after experts testified that a Trojan horse infection on his PC could have downloaded 14 depraved images without his knowledge.

http://www.securityfocus.com/news/4179

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

IV. SECURITYFOCUS TOP 6 TOOLS

1. Crash Core Analysis Suite v3.3 by Mission Critical Linux webmaster@missioncriticallinux.com Relevant URL: http://oss.missioncriticallinux.com/projects/crash/ Platforms: Linux, POSIX Summary:

The Crash Core Analysis Suite utility is a self-contained tool, loosely based on the SVR4 crash command but completely merged with gdb, thereby combining the kernel-specific nature of crash with the source level debugging capabilities of gdb. The utility can be used to investigate live systems, kernel core dumps created from the Kernel Core Dump patch offered by Mission Critical Linux, and kernel core dumps created from the Linux Kernel Crash Dumps (LKCD) patch offered by SGI.

2. In Memory Core Dump v3.1.4
by Mission Critical Linux webmaster@missioncriticallinux.com Relevant URL:
http://oss.missioncriticallinux.com/projects/mcore/ Platforms: Linux, POSIX
Summary:

In Memory Core Dump uses system memory to save crash information. On a subsequent reboot of the system, the crash information can be recovered.

3. cosign v1.0.0
by UMich Web Team
Relevant URL:
http://weblogin.org/
Platforms: UNIX, Windows 2000, Windows NT Summary:

cosign is a Web single sign on system that allows users to authenticate once per session and access any protected Web resources at the institution. If used, passwords are sent only to a single, central URL. Sessions have both idle and hard timeouts, and users can logout of all protected services by visiting a single URL. The use of public key cryptography ensures that a compromise of a protected Web server has no impact on the security of other participating servers.

4. FloodGuard Alert v2_2p3
by Reactive Network Solutions, Inc. jagan@reactivenetwork.com Relevant uRL:
http://www.reactivenetwork.com/downloads/ Platforms: Linux, POSIX
Summary:

FloodGuard Alert is designed to detect all forms of flooding and bandwidth attacks, including DDoSes and worms. The software initially trains on ingress traffic directed at your protection domain that it uses to statistically identify anomalous traffic. It also suggests initial mitigation steps (ACLs/filters) that can be taken to stop the attack while letting legitimate traffic through. It comes with a comprehensive Java-based GUI that facilitates traffic visualization, configuration, control, analysis, report generation, and SYSLOG- and email-based communications.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. heartbeat v0.1
by Tyler Lane tlane@lyrical.net
Relevant URL:
http://www.nolongervalid.com/heartbeat/
Platforms: Python
Summary:

Heartbeat is a server and service monitoring program written in PyGTK, featuring XML configuration and support for unlimited servers and services.

6. fwsnort v0.1
by Michael Rash
Relevant URL:
http://www.cipherdyne.com/fwsnort/
Platforms: Linux
Summary:

fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy.

V. SECURITY JOBS SUMMARY

1. Development Manager Needed - Symantec in Redwood City CA (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319686

2. Application Security Consultant - VA/DC $75K - $100K base (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319685

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. Information Security Manager - Seattle, WA - up to 90K base (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319646

4. Fw: Intrusion / security engineer needed in DC (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319647

5. Security Engineer/Data Mining Specialist (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319648

6. Senior Network Security Engineer needed for Ft. Monmouth, New Jersey (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319649

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

7. Junior Security Administrator (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319650

8. Looking for entry level INFOSEC position in New York Metro area (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319651

9. Opportunity for cleared Network Security Analyst/Engineer for DC area (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319652

1. Consulting Manager, Cyber Operations Center - Albany, NY, USA (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319660

1. Application Security Consultant VA/DC $75K-$100K base (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319653

1. Sr Security Architect Needed--Ohio (Thread) Relevant URL:

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/archive/77/319657

1. Security Engineer available for Hire (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319658

1. 2003 Summer Internship (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319654

1. Position Sought -- Computer Forensic Analyst (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319655

1. Sr. Product Manager - Redwood City CA (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319656

1. Sr Security Architect Needed - Ohio (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319678

1. Program Manager Needed at Symantec, Redwood City, CA (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319661

1. Chief Security Officer (Chicago based fortune 100 company) (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/319670

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews