SecurityFocus Newsletter #195

SecurityFocus Newsletter #195

FREE Linksys Wireless Access Point When You Register for ANY Vigilar Security Course!

Why Train With Anyone Other Than Security Experts When Seeking Certification?
** Courses Offered Nationwide with 100% Satisfaction Guarantee.

• 30% Discount off select CISSP and Check Point Courses!
• Courses: CISSP, Security+, Ethical Hacking, CWP® (Certified Wireless Professional), CISCO Security & more!

Take Advantage of Vigilar's Pass Rate (95%) Today- The Highest in the Industry!

Visit us at: http://www.securityfocus.com/Vigilar-sf-news

I. FRONT AND CENTER

1. Honeypots: Simple, Cost-Effective Detection
2. Introduction to Simple Oracle Auditing
3. Madonna's Borderline MP3 Tactics
4. Auditing Web Site Authentication, Part Two II. BUGTRAQ SUMMARY
5. Truegalerie Unauthorized Administrative Access Vulnerability
6. SonicWALL Pro Large HTTP POST Denial of Service Vulnerability
7. Kerio Personal Firewall Firewall Filter Bypass Vulnerability
8. Xoops MyTextSanitizer HTML Injection Vulnerability
9. Linux-ATM LES Command Line Argument Buffer Overflow Vulnerability
10. Alt-N WebAdmin Remote File Viewing Vulnerability
11. Alt-N WebAdmin Remote File Disclosure Vulnerability
12. Invision Board Restricted Forum Plaintext Password Vulnerability
13. Onecenter Forum IMG Tag Script Injection Vulnerability
14. SGI IRIX Name Service Daemon LDAP UserPassword Bypass...
15. Macromedia ColdFusion MX Error Message Path Disclosure...
16. Mike Bobbit Album.PL Remote Command Execution Vulnerability
17. Alt-N MDaemon POP Server DELE Command Buffer Overflow...
18. Alt-N MDaemon IMAP Server Folder Creation Buffer Overflow...
19. Qualcomm Qpopper Poppassd Local Arbitrary Command Execution...
20. Apache Mod_Auth_Any Remote Command Execution Vulnerability
21. Opera JavaScript Console Single Quote Attribute Injection...
22. Opera 6/7 Remote Heap Corruption Vulnerability
23. 3D-FTP Client Buffer Overflow Vulnerability
24. HP Tru64 Installation Software Insecure File Creation...
25. Sun Solaris Lofiadm Kernel Memory Leak Denial Of Service...
26. Oracle Net Services Link Buffer Overflow Vulnerability
27. Netscape Navigator Directory Cross-Domain Scripting Vulnerability
28. Sun Solaris RPCbind Unspecified Denial of Service Vulnerability
29. Sun Ray Smart Card Removal Session Logout Failure Vulnerability
30. Auerswald COMsuite CTI Application Weak Default Password...
31. HP-UX RExec Remote Username Flag Local Buffer Overrun...
32. Worker Filemanager Directory Creation Race Condition... III. SECURITYFOCUS NEWS ARTICLES
33. RIAA messaging gambit faces countermeasures
34. Rise of the Spam Zombies
35. RIAA cashes in on file-swapping students
36. Computer crime sentences are 'not good enough' IV.SECURITYFOCUS TOP 6 TOOLS
37. SSHVnc v0.0.1 Alpha
38. msulogin v0.9
39. Jeb Perl Ping Stats v1.4.4
40. Prelude Library v0.8.5
41. dnsreflector v1.02
42. Epylog v0.9.0
43. SECURITYJOBS LIST SUMMARY
44. Newtork Security Engineers (Thread)
45. Security Officer (Thread)
46. Security Manager (Thread)
47. Senior Account Executive (Thread)
48. Inside Sales Reps Needed - Security Software (Thread)
49. RESUME - CSO / CTO / Sr. Security Eng. (Thread)
50. Manager, Development - Enterprise Security (Thread)
51. Security Manager Germany 200k Euros (Thread)
52. Information Security Consultant Needed Immediately - SF Bay...
53. Forensics Specialist (Thread)
54. Information Sytems Manager (3DP002) - Information Security...
55. Senior Associate - Secure Network Solutions Team (Thread)
56. Saleperson Needed in Maryland (Thread)
57. Job Offering: Singapore (Thread)
58. Senior Network Security Engineers - Amherst, NY (Thread)
59. searching for a junior computer security engineer position...
60. Seeking Security Archiect role in Toronto Canada (Repost)...
61. Position: IT Security Officer - Baltimore, MD (Thread)
62. Illinois- $90K-$110K - Script Kiddies..... (Thread)
63. Director of QA (Thread)
64. Security Consultant Available (Thread)
65. Information Security Technician - Richmond, VA (Thread)
66. Information Security Evangelist (Paris, France) (Thread)
67. bay area vulnerability researcher available (Thread)
68. Consultant available (Thread)
69. Security Training and Awareness Manager vacancy (Thread) VI. INCIDENTS LIST SUMMARY
70. Logs showing GET /.hash=... (Thread)
71. UDP packets towards port 38293 (NAV) (Thread)
72. New attack or old Vulnerability Scanner? (Thread)
73. Administrivia: SPAM control, vacation messages, and the like....
74. Odd IIS log entries (Thread)
75. New CodeRed strain? -- UPDATE (Thread)
76. undetected DDOS (Thread)
77. Anyone seen this UDP source port 7001 traffic? (Thread)
78. lots of port 0 scannings (Thread)
79. SMTP Scans (Thread)
80. New CodeRed strain? (Thread)
81. Scans on TCP port 9631 + other unknown ports (Thread)
82. msamba (Thread) VII. VULN-DEV RESEARCH LIST SUMMARY
83. Buffer overflow in Microsoft ftp.exe (Thread)
84. shellcode not executing if optimizations are on. (Thread)
85. Windows XP mmc.exe Crash (Thread)
86. smallftpd's version 1.0.2 Directory Transversal Vulnerability...
87. Latest MS SQL Server vulnerabilities revealed. (Thread)
88. Administrivia: Local Windows Overflows (Thread)
89. heap overflow under solaris sparc (Thread)
90. s0h: Remote/Local exploit and patch for regedit.exe. (Thread)
91. defacement stats (Thread) VIII. MICROSOFT FOCUS LIST SUMMARY
92. Outlook Security Settings removed (Thread)
93. AD Question (Thread)
94. SecurityFocus Microsoft Newsletter #135 (Thread)
95. Windows 2003 Security Guides (Thread) IX. SUN FOCUS LIST SUMMARY
96. .exrc file security risks (Thread)
97. LINUX FOCUS LIST SUMMARY
98. Martian Source (Thread)
99. SUMMARY: Linux Security Courses (Thread) XI. SPONSOR INFORMATION
100. FRONT AND CENTER

     ---

101. Honeypots: Simple, Cost-Effective Detection By Lance Spitzner

This is the fourth article in an ongoing series on honeypots. This article will examine the role of honeypots in detection.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/infocus/1690

2. Introduction to Simple Oracle Auditing by Pete Finnigan

This article will introduce the reader to the basics of auditing an Oracle database. Oracle's RDBMS is a functionally rich product and there are a number of auditing alternatives available to the reader. Because auditing Oracle is such a huge subject, doing all of it justice would take an entire book, so this paper will cover the basics of why, when and how to conduct an audit. It will also use a couple of good example cases to illustrate how useful Oracle audit can be to an organization.

http://www.securityfocus.com/infocus/1689

3. Madonna's Borderline MP3 Tactics
By Mark Rasch

The material girl's foul-mouthed revenge on music traders could be interpreted as a deceptive trade practice, or even outright fraud.

http://www.securityfocus.com/columnists/158

4. Auditing Web Site Authentication, Part Two By Mark Burnett

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This is the second part of a two-part series addressing both of those issues by establishing a standard audit procedure by which to measure your own security. This article will explore issues surrounding user privacy, session authentication, user security, and cookies.

http://www.securityfocus.com/infocus/1691

II. BUGTRAQ SUMMARY

1. Truegalerie Unauthorized Administrative Access Vulnerability BugTraq ID: 7427 Remote: Yes Date Published: Apr 25 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7427 Summary:

Truegalerie is web-based photo album software implemented in PHP and is available for a variety of platforms including Microsoft Windows and Linux variant systems.

A vulnerability has been reported for Truegalerie that may result in unauthorized administrative access. The vulnerability exists due to insufficient sanitization of some URI values. Specifically, the values for the URI parameter 'loggedin' are not properly verified.

An attacker can exploit this vulnerability by manipulating the 'loggedin' URI parameter to obtain administrative access to the site hosting Truegalerie.

This vulnerability was reported for Truegalerie 1.0.

2. SonicWALL Pro Large HTTP POST Denial of Service Vulnerability BugTraq ID: 7435
Remote: Yes
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7435
Summary:

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

SonicWALL Pro is a hardware firewall that performs stateful packet inspection. The device can also provide VPN service and NAT. It is primarily for use in small office/home office (SOHO) environments.

SonicWALL Pro is reported to be prone to a denial of service condition. This can be triggered by sending an unusually large HTTP POST to the device's internal interface. The device will reportedly enter a reset cycle approximately 20 seconds after receiving the POST data, resulting in a loss of device availability during this period.

This condition may be the result of a buffer in the device's firmware being overrun, however, this has not been confirmed.

This vulnerability was reported to affect SonicWALL Pro devices running firmware version 6.4.0.1 and ROM version 5.0.1.0.

It is important to note that a similar vulnerability was previously reported on SonicWALL devices (BID 2013). It is not known if this is the same issue that has been reintroduced into the firmware or a separate issue.

3. Kerio Personal Firewall Firewall Filter Bypass Vulnerability BugTraq ID: 7436
Remote: Yes
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7436
Summary:

Kerio Personal Firewall (KPF) is a desktop firewall solution that performs stateful packet inspection. It runs on Windows NT/2000/XP.

Reportedly KPF suffers from a vulnerability whereby the existing firewall filters may be bypassed. This vulnerability exists due to the fact that UDP traffic to and from port 53 (DNS) is allowed. It should be noted that DNS traffic is enabled so that name resolution will occur.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Allegedly, an attacker may craft a special packet with a source port of 53 and send this packet to a vulnerable system. KPF will allow this packet to proceed thus bypassing the firewall filters.

KPF implements stateful packet filtering for its firewall and as such, unsolicited traffic, as described above, is unlikely to get through the firewall.

This vulnerability has not been confirmed by the vendor.

4. Xoops MyTextSanitizer HTML Injection Vulnerability BugTraq ID: 7434
Remote: Yes
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7434
Summary:

Xoops is open-source, freely available web portal software written in object-oriented PHP. It is back-ended by a MySQL database and will run on most Unix and Linux distributions.

The MyTextSanitizer script is used by Xoops to filter unsupported and malicious characters. It is also capable of filtering malicious scripts.

A script code injection vulnerability has been discovered in the MyTextSanitizer script. The problem occurs due to insufficient filtering of script code embedded within HTML 'img' tags. As a result, an attacker may be capable of placing malicious HTML or script code within 'newbb' posts, private messages, and news posts.

Successful exploitation of this vulnerability may allow a malicious Xoops user to execute arbitrary HTML or script code within the browser of a legitimate user. This may allow for the theft of cookie-based authentication credentials that may escalate to session hijacking. Other attacks are also possible.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability affects Xoops releases prior to 1.3.10 and 2.0.1.

5. Linux-ATM LES Command Line Argument Buffer Overflow Vulnerability BugTraq ID: 7437
Remote: No
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7437
Summary:

Linux-atm is a set of drivers and tools designed to support ATM networking under Linux.

The linux-atm 'les' executable has been reported prone to a buffer overflow vulnerability.

This issue is due to a lack of sufficient bounds checking performed on data supplied via the '-f' command line argument to the 'les' executable. Excessive supplied data may overrun the bounds of an internal memory buffer (of approximately 244 bytes in size) and corrupt adjacent memory. Because adjacent memory may contain values that are crucial to the control of execution flow, arbitrary code execution is possible.

Although this vulnerability reportedly affects linux-atm 2.4.0, previous versions may also be affected.

It should be noted that it is not currently known whether this application requires elevated privileges to run. No distributions are currently known which install LES setuid.

6. Alt-N WebAdmin Remote File Viewing Vulnerability BugTraq ID: 7438
Remote: Yes
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7438
Summary:

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Alt-N WebAdmin is an optional component for MDaemon and RelayFax that allows remote administration.

It has been reported that a remote user is able to view files on the underlying system by submitting an HTTP request to the WebAdmin server. The user must have administrative privileges in WebAdmin in order to exploit this vulnerability.

If WebAdmin is installed under IIS, the attacker would only be able to access files to which the IWAM_MACHINENAME account has access. The path and name of the file to be viewed must also be known.

7. Alt-N WebAdmin Remote File Disclosure Vulnerability BugTraq ID: 7439
Remote: Yes
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7439
Summary:

Alt-N WebAdmin is an optional component for MDaemon and RelayFax that allows remote administration.

It has been reported that a remote user is able to discover the installation directory of certain software on the underlying system by submitting an HTTP request to the WebAdmin server. The user must have administrative privileges in WebAdmin in order to exploit this vulnerability.

The software affected is the MDaemon and RelayFax software. This could lead to an attacker gaining sensitive information about a vulnerable system, and potentially launching more organized attack against system resources.

8. Invision Board Restricted Forum Plaintext Password Vulnerability BugTraq ID: 7440
Remote: No
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7440
Summary:

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Invision Board is an online bulletin board designed to facilitate forum-based conversation.

Invision Board has been reported to store restricted forum credentials as plain text embedded in cookie data.

If the Invision Board admin 'pass protected' option is activated for a specific forum, on attempted access to the controlled area, the restricted forum password is reportedly stored as plaintext in a local cookie. The plaintext password may be recovered from the local cookie and used to bypass the authentication method used to restrict the private areas of the board.

It should be noted that although unconfirmed this vulnerability was reported to affect all versions of Invision Power Board.

9. Onecenter Forum IMG Tag Script Injection Vulnerability BugTraq ID: 7441
Remote: Yes
Date Published: Apr 25 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7441
Summary:

OneCenter ForumOne 4.0 is a full-featured, web-based group discussion forum.

A problem with Onecenter ForumOne could allow remote users to execute arbitrary code in the context of the web site hosting ForumOne. The problem occurs due to the lack of sanitization performed on data embedded within HTML tags.

Specifically, Onecenter ForumOne does not sanitize code embedded within HTML IMG tags. As a result, a malicious user may be able to submit a post to the site containing embedded script code. This code would be executed by a user's browser in the context of the site.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. The attacker may hijack the session of the legitimate by using cookie-based authentication credentials. Other attacks are also possible.

Altough this vulnerability was reported to affect OneCenter ForumOne version 4.0, previous version may also be affected.

1. SGI IRIX Name Service Daemon LDAP UserPassword Bypass Vulnerability BugTraq ID: 7442 Remote: No Date Published: Apr 25 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7442 Summary:

IRIX is a UNIX operating system variant distributed and maintained by SGI.

A problem in the software may make unauthorized access to systems possible.

It has been reported that the SGI IRIX implementation of LDAP does not properly handle some attributes from LDAP Servers. Because of this, it may be possible for a user to gain unauthorized access.

The problem is in the checking of the USERPASSWORD attribute. When the name service daemon (nsd) is enabled and using LDAP for authentication of users, it does not properly check the password database for the USERPASSWORD attribute. Although it is unclear how this problem may allow an attacker to gain access to the system, it has been reported that this issue could result in an unauthorized access.

1. Macromedia ColdFusion MX Error Message Path Disclosure Vulnerability BugTraq ID: 7443 Remote: Yes Date Published: Apr 26 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7443 Summary:

ColdFusion MX is the application server for developing and hosting infrastructure distributed by Macromedia. It is available as a standalone product for Unix, Linux, and Microsoft Operating Systems.

A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

When certain malformed URL requests are received by the server, an error message is returned containing the full path of the ColdFusion installation. Specifically, when a request for the /CFIDE/probe.cfm page is made on the server process on port 8500, an error message is returned which contains path information.

Information obtained in this manner may be used by an attacker to launch further attacks against a vulnerable system.

1. Mike Bobbit Album.PL Remote Command Execution Vulnerability BugTraq ID: 7444 Remote: Yes Date Published: Apr 26 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7444 Summary:

Mike Bobbit Album.pl is a web-based photo album implemented in Perl. It is available for a variety of platforms including Windows and Linux variant operating systems.

A remote command execution vulnerability has been reported for Album.pl. The vulnerability reportedly exists when alternate configuration files are used. Thus, it may be possible for a remote attacker to execute arbitrary commands in the context of the web server process.

A remote attacker may exploit this condition to gain local, interactive access to the underlying host.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

1. Alt-N MDaemon POP Server DELE Command Buffer Overflow Vulnerability BugTraq ID: 7445 Remote: Yes Date Published: Apr 26 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7445 Summary:

Alt-N MDaemon is a Microsoft Windows based mail server product.

A buffer overflow vulnerability has been reported for MDaemon. The vulnerability is due to inadequate bounds checking on the 'DELE' POP server command.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An attacker can exploit this vulnerability by submitting a very large value for the DELE command to the POP server. When the POP server receives this command, it will trigger the overflow condition and will cause MDaemon to crash.

Although unconfirmed, it may be possible for a remote attacker to exploit this issue to execute arbitrary system commands with the privileges of the MDaemon process.

This vulnerability was reported for MDaemon versions 6.0.7 and later.

This issue is very similar to the issue described in BID 6053.

1. Alt-N MDaemon IMAP Server Folder Creation Buffer Overflow Vulnerability BugTraq ID: 7446 Remote: Yes Date Published: Apr 26 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7446 Summary:

Alt-N MDaemon is a Microsoft Windows based mail server product.

A buffer overflow vulnerability has been reported for the MDaemon IMAP server. The vulnerability exists when IMAP folders are created. Specifically, MDaemon does not perform adequate bounds checks when processing the the CREATE command.

A malicious IMAP user is able to issue a CREATE command with an overly long value, consisting of greater than 2000 characters, to the vulnerable MDaemon server. Upon processing this malicious user-input, the buffer overflow condition will be triggered which may result in code execution with elevated privileges.

This vulnerability was reported to affect MDaemon 6.7.5 and later.

1. Qualcomm Qpopper Poppassd Local Arbitrary Command Execution Vulnerability BugTraq ID: 7447 Remote: No Date Published: Apr 28 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7447 Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Qualcomm Qpopper poppassd is a daemon that facilitates the modification of email account passwords.

Qualcomm Qpopper poppassd has been reported prone to a local arbitrary command execution vulnerability.

poppassd is installed with setUID root permissions set by default and is executable by all local system users. There has been an issue reported in poppassd that may allow a local user to execute arbitrary commands in the context of the root user. An attacker may specify a path to the 'smbpasswd' executable via the '-s' poppassd command line switch. A malicious executable may be supplied via the path to 'smbpasswd' option, for example '-s /tmp/smbpasswd' and the executable will be called as poppassd is run.

An attacker may exploit this condition to elevate privileges on the local system. Because poppassd is by default setUID root, privileges attained may be root.

1. Apache Mod_Auth_Any Remote Command Execution Vulnerability BugTraq ID: 7448 Remote: Yes Date Published: Apr 28 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7448 Summary:

mod_auth_any is an Apache module designed to carry out user authentication using any program via the command-line.

A vulnerability has been discovered in the mod_auth_any Apache module. When running commands which require user-supplied arguments, mod_auth_any fails to sufficiently escape various user-supplied data. As a result, it may be possible for a remote attacker to embed malicious shell metacharacters, such as (`) or (;) within command-line arguments. These metacharacters may result in the authentication procedure prematurely ending and may cause attacker-supplied commands to be executed.

Successful exploitation of this vulnerability could allow an attacker to gain access to a host using the vulnerable software with the privileges of the Apache HTTPD server.

1. Opera JavaScript Console Single Quote Attribute Injection Vulnerability BugTraq ID: 7449 Remote: Yes Date Published: Apr 28 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7449 Summary:

Opera is a web client available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A vulnerability has been reported for Opera 7 browsers for Microsoft Windows operating systems. The vulnerability exists in Opera's JavaScript console program. The console program consists of three HTML files, one of which is 'console.html'. Any unhandled exceptions thrown by any JavaScript are listed in the console and are converted into clickable links.

The vulnerability is present in the regular expressions used by 'console.html' to format exception messages. Specifically, exception messages are not parsed for quote characters. It is possible, by inserting of single quote (') characters, to add additional attributes to URIs that may make it possible to execute arbitrary attacker-supplied script code through the file:// URI handler. This may lead to disclosure of local file contents to remote attackers.

This issue is a variant of the vulnerability described in BID 6755, using single quote characters instead of double quotes. It is reported that this variant also affects patched versions of the browser. Opera 7.10 attempts to address this issue by sanitizing single quote characters, but is still prone to the issue if the hexadecimal code for the single quote HTML entity is used.

1. Opera 6/7 Remote Heap Corruption Vulnerability BugTraq ID: 7450 Remote: Yes Date Published: Apr 28 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7450 Summary:

Opera is a web browser available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

A vulnerability has been reported for Opera versions 7.10 and earlier, on the Microsoft Windows platform. The problem is said to occur due to insufficient bounds checking on filename extensions. As a result, it may be possible for an attacker to corrupt heap-based memory. This may allow for the execution of arbitrary code or a prolonged denial of service.

If this issue were exploited, Opera may continuously crash until the 'dcache4.url' file has been deleted. This is due to the malicious filename being stored within the cache-index.

1. 3D-FTP Client Buffer Overflow Vulnerability BugTraq ID: 7451 Remote: Yes Date Published: Apr 28 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7451 Summary:

3D-FTP is a lightweight FTP client application for Microsoft Windows.

It has been reported that 3D-FTP client may be prone to a buffer overflow condition. This issue is due to the client not implementing sufficient bounds checking on banner data copied into local memory buffers.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

When the FTP client receives a FTP banner that contains an excessive amount of data it becomes unstable. It has been reported that this vulnerability can be reproduced by sending an FTP banner of 8192 bytes or more to a vulnerable client. When the client reads in the banner, sensitive regions of memory may be corrupted with attacker-supplied values.

It may be possible for attackers to leverage this vulnerability to execute instructions. Any code executed would be in the security context of the FTP client process.

20. HP Tru64 Installation Software Insecure File Creation Vulnerability BugTraq ID: 7452
Remote: No
Date Published: Apr 28 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7452
Summary:

HP has reported a vulnerability in various Tru64 installation and updating software. The problem occurs in the 'dupatch' and 'setld' utilities and may allow an attacker to trigger a denial of service or possibly execute commands with elevated privileges.

The vulnerability lies in the method that the utilities use to create files, likely temporary files used during installation procedures. It is not currently known whether the problem is a result of a race condition during file creation, or the use of predictable temporary file names. However, it is known that a symbolic attack can be carried out against this vulnerability, making a variety of potential outcomes possible.

21. Sun Solaris Lofiadm Kernel Memory Leak Denial Of Service Vulnerability BugTraq ID: 7454
Remote: No
Date Published: Apr 28 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7454
Summary:

lofiadm is an application used to administer 'lofi', the loopback file driver. lofi allows a file to be associated with a block device. That file can then be accessed through the block device.

lofiadm has been reported prone to a DoS vulnerability. An unprivileged user may reportedly employ the lofiadm application to induce a kernel memory leak on Solaris 8. The kernel memory leak may consume system resources and result, over time, in system performance degradation or a critical exception. Requiring a server reboot.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An attacker may exploit this vulnerability to trigger a persistent denial of service condition on an affected server.

Further details of this vulnerability are currently unknown. This BID will be updated as further information becomes available.

22. Oracle Net Services Link Buffer Overflow Vulnerability BugTraq ID: 7453
Remote: Yes
Date Published: Apr 29 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7453
Summary:

Oracle has announced a buffer overflow vulnerability in Oracle Net Services for the Oracle Database Server.

The vulnerability exists due to insufficient boundary checks performed by the Oracle server for values supplied to the 'CREATE DATABASE LINK' query.

The 'CREATE DATABASE LINK' privileges are assigned to the CONNECT role thus low privileged accounts are able to create database links.

A malicious attacker with CONNECT privileges can exploit this vulnerability to create a specially crafted database link and then executing a select query from the link. Once the link is selected the buffer overflow condition will be triggered resulting in the corruption of sensitive stack memory. Successful exploitation will result in the execution of attacker-supplied code with the privileges of the database server. On Windows systems, the Oracle Database Server is executed with SYSTEM privileges and on Unix and Linux systems, the Database Server runs as the 'oracle' user.

23. Netscape Navigator Directory Cross-Domain Scripting Vulnerability BugTraq ID: 7456
Remote: Yes
Date Published: Apr 29 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7456
Summary:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Netscape is a web browser which is available for a number of platforms, including Microsoft Windows and Unix and Linux variants.

A vulnerability has been reported that could allow an attacker to fool Netscape into running script in a foreign domain. If a dot (.) is appended to the end of the hostname in a URI, Netscape may accept the directory name as the actual domain. This could permit a malicious web page to access the DOM (Document Object Model) of another foreign domain.

An attacker could exploit this by enticing a user to visit a malicious URI and then running malicious script code which can access the properties of a foreign domain. This could lead to theft of cookie-based authentication credentials, information disclosure or other attacks.

This issue was reported for Netscape Navigator 7.02. It is likely that other versions of Netscape are vulnerable to this issue. As well, browsers based on Mozilla may be vulnerable too.

24. Sun Solaris RPCbind Unspecified Denial of Service Vulnerability BugTraq ID: 7455
Remote: Yes
Date Published: Apr 28 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7455
Summary:

rpcbind is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine.

Sun Solaris rpcbind has been reported prone to an unspecified denial of service vulnerability.

The vulnerability has been reported to affect Solaris rpcbind implementations and could make it possible for remote users to deny service to legitimate users of RPC dependent services.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An attacker may exploit this vulnerability to remotely trigger a persistent denial of service condition on the affected rpcbind service.

Further details of this vulnerability are currently unknown. This BID will be updated as further information becomes available.

25. Sun Ray Smart Card Removal Session Logout Failure Vulnerability BugTraq ID: 7457
Remote: No
Date Published: Apr 29 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7457
Summary:

Sun Ray is a thin-client appliance meant to process all input and output for a user and to manage communication with the shared Sun Ray server. Sun Ray Server Software (SRSS) versions 1.3 and 2.0 are prone to an issue where a session may be left open after a Smart Card is quickly removed.

Sun Ray clients have a smart card reader that facilitates authentication against a Sun Ray server. A situation where a smart card is quickly removed, reinserted, and removed again will not log a user out of the Sun Ray client.

This vulnerability may cause a situation where an unauthorized individual may have access to a victim user's Sun Ray session.

26. Auerswald COMsuite CTI Application Weak Default Password Vulnerability BugTraq ID: 7458
Remote: Yes
Date Published: Apr 29 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7458
Summary:

Auerswald COMsuite is an application suite intended to integrate Telephone functionality into the Windows environment. The COMsuite CTI (Computer Telephony Integration) application is designed to automate many manual telephone functions.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Auerswald COMsuite CTI application has been reported prone to weak default password vulnerability.

It has been reported that, when installed, the CTI control center creates a user "runasositron" to enable operating system interaction. A problem exists in a low entropy password used to control access to the account. The password is easily guessed using readily available tools.

Once the password is retrieved the "runasositron" account can be used locally and remotely to access the Windows PC on which COMsuite is installed.

27. HP-UX RExec Remote Username Flag Local Buffer Overrun Vulnerability BugTraq ID: 7459
Remote: No
Date Published: Apr 29 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7459
Summary:

HP-UX is the Unix operating system variant maintained and distributed by HP.

It has been reported that a problem in the rexec program included with some versions of HP-UX may be vulnerable to a boundary condition error. It may be possible for a local user to exploit this vulnerability to gain elevated privileges on the system.

The rexec program does not properly check bounds in the remote username flag (-l). This results in a stack overrun that may be exploited by a malicious local user to execute arbitrary instructions. As the rexec program is typically a setuid program, exploitation could result in compromise of the administrative account on a vulnerable system.

This problem has been reported in version 10.20 of HP-UX, but may also affect other versions.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

28. Worker Filemanager Directory Creation Race Condition Vulnerability BugTraq ID: 7460
Remote: No
Date Published: Apr 29 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7460
Summary:

Worker is a file management utility for the Unix X windowing system. It is modeled after the Directory Opus 4 application and is available for Unix-based operating systems.

A vulnerability has been discovered in Worker Filemanager 2.7. The problem lies in a destination directory that is given world-readable and executable permissions during data transfer. As a result, during a specific time window, an attacker may be capable of modifying or accessing sensitive files located in the directory. Permissions are changed to a secure setting after the data transfer has completed.

Files located in this directory may contain sensitive data, which may aid an attacker in launching further attacks against a target system. Though unconfirmed, if these temporarily accessible files are writeable and later used by a user or some application to carry out an operation, an attacker may be capable of corrupting data or executing malicious commands. All actions carried out would be done with the privileges of the user running Worker Filemanager, possibly root.

III. SECURITYFOCUS NEWS AND COMMENTARY

1. RIAA messaging gambit faces countermeasures By Kevin Poulsen

Peer-to-peer techies use IP blacklists and specialty software to deal with copyright police.

http://www.securityfocus.com/news/4359

2. Rise of the Spam Zombies
By Kevin Poulsen

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Spammers are breaking into home computers and turning them into e-mail laundering machines.

http://www.securityfocus.com/news/4217

3. RIAA cashes in on file-swapping students By Ashlee Vance, The Register

The RIAA has tacked on $59,500 to the amount four college students must pay in addition to their student loans.

http://www.securityfocus.com/news/4403

4. Computer crime sentences are 'not good enough' By John Leyden, The Register May 2 2003 6:15AM

A senior policeman has called for higher sentences to combat hi-tech crime. Detective Superintendent Mick Deats, second in command of Britain's National High Tech Crime Unit, said that computer crime sentences are "not good enough".

http://www.securityfocus.com/news/4401

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

IV. SECURITYFOCUS TOP 6 TOOLS

1. SSHVnc v0.0.1 Alpha by Lee David Painter Relevant URL: http://www.sshtools.com Platforms: Os Independent Summary:

SSHVnc is a standalone Java VNC viewer that secures VNC a ccess by integrating the popular TightVNC viewer with the SSH Tools Java SSH API. It features a clean and easy to use interf ace.

2. msulogin v0.9
by Solar Designer
Relevant URL:
http://www.openwall.com/msulogin/
Platforms: Linux, POSIX, UNIX
Summary:

msulogin is the single-user mode login program used to force the console user to login under a root account before a shell is started. Unlike other implementations of sulogin, this one supports having multiple root accounts on a system. msulogin has been developed as a part of Openwall GNU/*/Linux and is being made available separately primarily for use by other distributions. Currently, msulogin supports only systems with shadow passwords and getspnam(3).

3. Jeb Perl Ping Stats v1.4.4
by Jean-Edouard BABIN Jeb@jeb.com.fr
Relevant URL:
http://www.jeb.be/codingstuff/
Platforms: N/A
Summary:

JPPS (Jeb Perl Ping Stats) is a Perl script which extracts statistics from the output generated by the 'ping' command.

4. Prelude Library v0.8.5
by yoann
Relevant URL:
http://www.prelude-ids.org/
Platforms: POSIX
Summary:

The Prelude Library is a collection of generic functions providing communication between the Prelude Hybrid IDS suite's components. It provides a convenient interface for sending alerts to Prelude Manager with transparent SSL, failover and replication support, asynchronous events and timer interfaces, an abstracted configuration API (hooking at the commandline, the configuration line, or wide configuration, available from the Manager), and a generic plugin API. It allows you to easily turn your favorite security program into a Prelude sensor.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. dnsreflector v1.02
by Armin Wolfermann
Relevant URL:
http://www.wolfermann.org/dnsreflector.html Platforms: OpenBSD
Summary:

The dnsreflector daemon listens for DNS queries on a local UDP port and answers with records pointing back to localhost. Combined with OpenBSD's packet filter pf(4), this works as a bandwidth efficient spamtrap.

6. Epylog v0.9.0
by Konstantin Riabitsev
Relevant URL:
http://linux.duke.edu/projects/epylog/
Platforms: UNIX
Summary:

Epylog is a log notifier and parser that periodically tails system logs on Unix systems, parses the output in order to present it in an easily readable format (parsing modules currently exist only for Linux), and mails the final report to the administrator. It can run daily or hourly. Epylog is written specifically for large clusters where many systems log to a single loghost using syslog or syslog-ng. Although Epylog can be used on standalone systems, other packages (like logwatch) are probably better suited for such purposes.

V. SECURITY JOBS SUMMARY

1. Newtork Security Engineers (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320121

2. Security Officer (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/320120

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. Security Manager (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/320117

4. Senior Account Executive (Thread)
Relevant URL:

http://www.securityfocus.com/archive/77/320118

5. Inside Sales Reps Needed - Security Software (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320116

6. RESUME - CSO / CTO / Sr. Security Eng. (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320084

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

7. Manager, Development - Enterprise Security (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320062

8. Security Manager Germany 200k Euros (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320066

9. Information Security Consultant Needed Immediately - SF Bay Area (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320065

1. Forensics Specialist (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320085

1. Information Sytems Manager (3DP002) - Information Security Officer (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320070

1. Senior Associate - Secure Network Solutions Team (Thread) Relevant URL:

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/archive/77/320076

1. Saleperson Needed in Maryland (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320083

1. Job Offering: Singapore (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320075

1. Senior Network Security Engineers - Amherst, NY (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320073

1. searching for a junior computer security engineer position (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320072

1. Seeking Security Archiect role in Toronto Canada (Repost) (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320080

1. Position: IT Security Officer - Baltimore, MD (Thread) Relevant URL: