SecurityFocus Newsletter #196

SecurityFocus Newsletter #196

This is issue is sponsored by: AirDefense

• Wireless LAN Policies for Security & Management - NEW White Paper ***

Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

Click here to request your FREE white paper: www.airdefense.net/securityfocus/policies.shtm

1. Starting from Scratch: Formatting and Reinstalling after...
2. U.S. Information Security Law, Part 3
3. The Nowhere Men
4. Security's Failed Past and Risky Future II. BUGTRAQ SUMMARY
5. KDE Konqueror Malformed HTML Page Denial of Service Vulnerability
6. HP-UX RWrite Buffer Overflow Vulnerability
7. WebcamXP Message Field HTML Code Injection Vulnerability
8. Ethereal Multiple Dissector One Byte Buffer Overflow...
9. Ethereal Mount Dissector Integer Overflow Vulnerability
10. Ethereal PPP Dissector Integer Overflow Vulnerability
11. Microsoft MN-500 Plaintext Password Disclosure Weakness
12. FlashFXP User Password Encryption Weakness
13. Mod_Survey SYSBASE Disk Resource Consumption DOS...
14. GNU Privacy Guard Insecure Trust Path To User ID Weakness
15. MySQL Weak Password Encryption Vulnerability
16. CommuniGate Pro Webmail Session Hijacking Vulnerability
17. Mirabilis ICQ POP3 Client UIDL Command Format String...
18. Mirabilis ICQ POP3 Client Subject Field Signed Integer...
19. Mirabilis ICQ Features On Demand Remote Command Execution...
20. Mirabilis ICQ GIF Parsing Denial Of Service Vulnerability
21. Mirabilis ICQ Message Session Window Denial Of Service...
22. Mirabilis ICQ POP3 Client Date Field Signed Integer Overflow...
23. Microsoft Internet Explorer DHTML AnchorClick Partial Denial...
24. Youbin HOME Buffer Overflow Vulnerability
25. Leksbot Multiple Unspecified Vulnerabilities
26. Siemens Mobile Phones %IMG_NAME Denial Of Service Vulnerability
27. Floosietek FTGate PRO SMTP MAIL FROM Buffer Overflow...
28. Floosietek FTGate PRO SMTP RCPT TO Buffer Overflow Vulnerability III. SECURITYFOCUS NEWS ARTICLES
29. 'Banned' Xbox Hacking Book Selling Fast
30. Report: Too Many Watch Lists
31. Senate broadens powerful U.S. terror surveillance law
32. Microsoft admits Passport identity service was vulnerable IV. SECURITYFOCUS TOP 6 TOOLS
33. Data Thief v1.0
34. DISCO v1.0
35. linux-identd v1.3
36. mod_protection v0.0.2
37. pcInternet Patrol
38. Active Spam Killer v2.3 beta2
39. SECURITYJOBS LIST SUMMARY
40. Sr. Software Security Engineer, Washington DC area (Thread)
41. Information Security Officer required - Charlotte, NC (Thread)
42. Security Engineer/Policy Developer/ needed in MD (columbia...
43. Web Security Research Engineer (Thread)
44. Information Security Programme Manager (UK) (Thread)
45. Seeking information security position (Thread)
46. Security Job w/Fortune 500 Company (Thread)
47. AVAYA Consultative Services Sales Associates (Thread)
48. Looking for Network and System Security administrators in India...
49. Enterprise Mobility Security Architect (Thread)
50. Security Architect Manager - Cleveland, Ohio (Thread)
51. IT Security Engineer required - Hampshire, South Coast, UK...
52. Looking for a job in Networking/ Security (Thread)
53. Senior Network Security Engineer - San Diego Contract - 6...
54. Security Engineer - DITSCAP - San Diego Contract - 6 Months+...
55. Network Security Engineer - San Diego Contract - 6 Months+...
56. Infosec Engineer - CISSP for San Diego 6-month Contract (Job...
57. CISSP Security consultant seeking position in NYC (Thread)
58. Experienced Consultant Desires Information Security Project...
59. Director of Marketing for Latin American Security Company - Fl...
60. IT Security Manager Essex UK (Thread)
61. INFOSEC Engineer in NYC seeks opportunities (Thread)
62. AVAIL: 20-yr International Security Consultant Expert (Thread)
63. Neoteris is hiring!!! - Sales Engineer - Ohio Valley (Thread)
64. Neoteris is hiring!!! - Technical Support Engineer - Mt. View...
65. Security Engineering position in NYC/Norther NJ wanted (Thread)
66. Security consultants needed in Asia (Thread)
67. Neoteris is hiring!!! - Senior Technical Trainer - Mt. View...
68. Seeking RACF Consulting Project (Thread)
69. Information Security Engineer, looking for a position... (Thread)
70. CyberCorp Student Looking for Federal Employment in...
71. Wanted - Telephony Engineer (Thread)
72. Wanted - Internet Investigations Analyst (Thread)
73. Junior - Computer Forensic Analyst (Thread)
74. Wanted - Mid Level Computer Forensic Analyst (Thread)
75. Wanted - Computer Forensic Analyst Senior (Thread)
76. Sr. Security Sales Engineer-DC (Thread)
77. Director of SQA/Release-CA, Bay Area (Thread)
78. SWE-CA, bay area (Thread)
79. Sales Engineer for New York Metro Area (Thread)
80. IT security consultant position in NYC needed (Thread) VI. INCIDENTS LIST SUMMARY
81. Folllow-up to the Hotmail/MSN password reset problems (Thread)
82. more iis-kabom New attack or old Vulnerability Scanner?...
83. Attack attempts from 195.86.128.45 (Thread)
84. Attack attempts from 195.86.128.45 (Thread)
85. [csl@sublevel3.org: Attack attempts from 195.86.128.45] (Thread)
86. followup to the MSN hotmail and .Net passport change post (Thread)
87. [Full-Disclosure] Hotmail & Passport (.NET Accounts)...
88. Healthcare incidents? (Thread)
89. Healthcare Incidents: SUMMARY (Thread)
90. DNS Injection Problem (Thread)
91. OT:Healthcare incidents? (Thread)
92. smsx.exe? (Thread)
93. Administrivia: Logs showing GET /.hash=... (Thread)
94. Logs showing GET /.hash=... (Thread) VII. VULN-DEV RESEARCH LIST SUMMARY
95. s0h: Kerio Personal Firewall and Tiny Personal Firewall remote...
96. Buffer overflow in Explorer.exe (Thread)
97. nokia calendar memory errors (Thread)
98. NetBIOS could be used as network flood amplier (Thread)
99. Microsoft Biztalk Server DTA vulnerable to SQL injection (Thread)
100. Microsoft Biztalk Server ISAPI HTTP Receive function buffer...
101. Domino security contact (Thread)
102. TOORCON 2003 CALL FOR PAPERS (Thread) VIII. MICROSOFT FOCUS LIST SUMMARY
103. (prevent + detect Arp spoofing) + Securing Terminal Services...
104. (prevent + detect Arp spoofing) + Securing Terminal Services...
105. Article Announcement: Starting from Scratch: Formatting and...
106. IPSEC through Ms ISA Server (Thread)
107. p2p and ISA (Thread)
108. Timbuktu, etc. (Thread)
109. SuS update's (Thread)
110. Article Announcement: Madonna's Borderline MP3 Tactics (Thread)
111. Article Announcement: Auditing Web Site Authentication, Part...
112. SecurityFocus Microsoft Newsletter #135 (Thread)
113. Microsoft and Bluetooth (Thread)
114. Outlook Security Settings removed (Thread)
115. AD Question (Thread) IX. SUN FOCUS LIST SUMMARY
116. .exrc file security risks (Thread)
117. LINUX FOCUS LIST SUMMARY
118. Martian Source (Thread) XI. SPONSOR INFORMATION
119. FRONT AND CENTER

     ---

120. Starting from Scratch: Formatting and Reinstalling after a Security Incident By Matthew Tanase

This article will examine the process of starting over, and more specifically, reinstalling after a security incident.

http://www.securityfocus.com/infocus/1692

2. U.S. Information Security Law, Part 3 By Steven Robinson

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This is the third part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In this installment, we will look at the basics of the criminal information security law.

http://www.securityfocus.com/infocus/1693

3. The Nowhere Men
By George Smith

Unemployed virus writers take heart: the recording industry is hiring cyber miscreants to attack its own customers. And we thought you'd never amount to anything.

http://www.securityfocus.com/columnists/160

4. Security's Failed Past and Risky Future By Jon Lasser

Final grumblings from SecurityFocus columnist Jon Lasser, as he bids farewell to the computer security world and moves to Colorado.

http://www.securityfocus.com/columnists/159

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

II. BUGTRAQ SUMMARY

1. KDE Konqueror Malformed HTML Page Denial of Service Vulnerability BugTraq ID: 7486 Remote: Yes Date Published: May 02 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7486 Summary:

Konqueror is an Open Source web browser, shipped with the KDE desktop. It is available on Linux platforms.

KDE Konqueror has been reported prone to a denial of service vulnerability when rendering a HTML page that contains malformed data. Specifically when the Konqueror browser attempts to render a page containing 30000 bytes of repeating '\xFF\xFE\r\r\n' sequences, it will fail dumping a core file in the process.

An attacker may exploit this vulnerability to trigger a denial of service condition in a remote user's Konqueror web session.

Although unconfirmed, this vulnerability may be exploited to execute attacker-supplied code.

The precise technical details of this vulnerability are currently unknown. This BID will be updated, as further information is available.

2. HP-UX RWrite Buffer Overflow Vulnerability BugTraq ID: 7489
Remote: No
Date Published: May 02 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7489
Summary:

HP-UX /usr/lbin/rwrite utility has been reported prone to a buffer overflow vulnerability. Although unconfirmed code execution with elevated privileges may be possible.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The condition presents itself when excessive data, consisting of more than 14628 bytes, is supplied as part of an argument passed to the vulnerable utility. When the rwrite application parses the argument it will segfault. The segfault is likely due to lack of sufficient bounds checking performed on the data before it is copied into an internal memory buffer. Excessive data may overrun the boundary of the buffer and adjacent memory containing values crucial to program flow or execution management may be corrupted. Although unconfirmed, because of the nature of this vulnerability, arbitrary code execution may be possible. Code execution, in a default install, would take place in the context of the root user.

The precise technical details of this vulnerability are currently unknown. This BID will be updated, as further information is available.

It should be noted that although this vulnerability has been reported to affect HP-UX version 11.00 other versions might also be affected.

3. WebcamXP Message Field HTML Code Injection Vulnerability BugTraq ID: 7490
Remote: Yes
Date Published: May 02 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7490
Summary:

WebcamXP is a webcam utility with an integrated http server designed to operate on windows platforms.

A problem with WebcamXP Chat page could allow remote users to execute arbitrary script code in the context of the web site running WebcamXP Chat. The problem occurs due to the lack of sanitization performed on user-supplied input submitted via the site 'message' field.

As a result, a malicious user may have the ability to submit a post to the site containing embedded HTML code. This code would be executed by a user's browser in the context of the vulnerable site.

This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. Other attacks are also possible, including a prolonged denial of service attack. The consequences of the attack may vary depending on the users browser.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It should be noted that although this vulnerability has been reported to affect WebcamXP version 1.02.432 and 1.02.535.4.0, previous versions might also be affected.

4. Ethereal Multiple Dissector One Byte Buffer Overflow Vulnerabilities BugTraq ID: 7493
Remote: Yes
Date Published: May 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7493
Summary:

Ethereal is a freely available, open source network traffic analysis tool. It is maintained by the Ethereal Project and is available for most Unix and Linux variants as well as Microsoft Windows operating systems.

Several dissectors included with Ethereal are vulnerable to buffer overflow conditions. Specifically, the dissectors were using the tvb_get_nstringz() and tvb_get_nstringz0() functions in an unsafe manner. Exploitation of this issue will allow an attacker to overflow memory buffers by one byte. The AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB, SMPP, and TSP dissectors are vulnerable to this issue.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

An attacker may be able to exploit this vulnerability by crafting a specially formed packet and sending it to a system using the vulnerable dissectors or by convincing a victim user to use Ethereal to read a malformed packet trace file.

Due to the nature of this vulnerability, it may be possible for an attacker to create a situation in which sensitive memory could be overwritten. If successful this may allow for the execution of arbitrary code with the privileges of the Ethereal process.

This vulnerability affects Ethereal 0.9.11 and earlier.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. Ethereal Mount Dissector Integer Overflow Vulnerability BugTraq ID: 7494
Remote: Yes
Date Published: May 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7494
Summary:

Ethereal is a freely available, open source network traffic analysis tool. It is maintained by the Ethereal Project and is available for most Unix and Linux variants as well as Microsoft Windows operating systems.

The Mount dissector of Ethereal is prone to an integer overflow vulnerability.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

An attacker may be able to exploit this vulnerability by crafting a specially formed packet and sending it to a system using the Mount dissector or by convincing a victim user to use Ethereal to read a malformed packet trace file.

Due to the nature of this vulnerability it may be possible for an attacker to create a situation in which sensitive memory could be corrupted. If successful, this may cause Ethereal to behave in an unpredictable manner.

This vulnerability affects Ethereal 0.9.11 and earlier.

6. Ethereal PPP Dissector Integer Overflow Vulnerability BugTraq ID: 7495
Remote: Yes
Date Published: May 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7495
Summary:

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Ethereal is a freely available, open source network traffic analysis tool. It is maintained by the Ethereal Project and is available for most Unix and Linux variants as well as Microsoft Windows operating systems.

The PPP dissector of Ethereal is prone to an integer overflow vulnerability.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

An attacker may be able to exploit this vulnerability by crafting a specially formed packet and sending it to a system using the PPP dissector or by convincing a victim user to use Ethereal to read a malformed packet trace file.

Due to the nature of this vulnerability it may be possible for an attacker to create a situation in which sensitive memory could be corrupted. If successful, this may cause Ethereal to behave in an unpredictable manner.

This vulnerability affects Ethereal 0.9.11 and earlier.

7. Microsoft MN-500 Plaintext Password Disclosure Weakness BugTraq ID: 7496
Remote: Yes
Date Published: May 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7496
Summary:

The MN-500 Wireless Base Station provides a wireless networking solution to home and business networks.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A weakness has been reported for the MN-500 device that may result in the disclosure of administrative credentials to remote attackers. Reportedly, the issue exists due to backup configuration files storing administrative passwords in a plaintext format.

An attacker who is able to obtain the backup configuration file is able to obtain the administrative password.

8. FlashFXP User Password Encryption Weakness BugTraq ID: 7499
Remote: No
Date Published: May 05 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7499
Summary:

FlashFXP is a FTP implementation that allows client-server file transfers in addition to site-to-site file transfers. It is available for Microsoft Windows.

FlashFXP uses a trivially reversible algorithm to encode FTP user credentials. FTP user passwords are encrypted using XOR with a weak key. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for remote sites.

If credentials are used for multiple services or sites, it may permit attackers to gain unauthorized access to those services as well.

9. Mod_Survey SYSBASE Disk Resource Consumption Denial of Service Vulnerability BugTraq ID: 7498
Remote: Yes
Date Published: May 05 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7498
Summary:

Mod_Survey is an Apache module designed to process and display XML-based questionnaires and surveys. It is available for the Linux, Unix, and Microsoft Windows operating systems.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The SYSBASE variable is used by Mod_Survey when accessing requests survey files. The value of SYSBASE is initialized to the location of the survey file and is used to create a subdirectory for the storage of various survey related files including cache files and questionnaire response data. The subdirectory is placed within the central data repository, typically /usr/local/mod_survey/data.

A vulnerability has been discovered in Mod_Survey when handling requests for nonexistent surveys. Before verifying the existence of a requested survey file the SYSBASE variable is initialized, triggering the creation of an unneeded directory. The validity of the requested survey file is subsequently verified.

Exploitation of this vulnerability may allow an attacker to carry out a denial of service attack, designed to consume available hard disk space or inodes. The consumption of resources may cause a target server to crash.

This vulnerability affects Mod_Survey versions prior to 3.0.15.

1. GNU Privacy Guard Insecure Trust Path To User ID Weakness BugTraq ID: 7497 Remote: No Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7497 Summary:

GNU Privacy Guard is a free opensource multi-platform replacement for PGP.

GNU Privacy Guard has been reported prone to a weakness involving the validity of multiple user IDs. It has been reported that GNUPG does not sufficiently differentiate between the validity given to individual IDs on a public key that has multiple user IDs linked to it. The amount of validity given is reportedly the same for all IDs as given to the most valid ID on the key.

This may result in an untrusted user ID, linked to a key that contains a trusted ID as the most valid ID, being accepted as valid. Data will be encrypted to the untrusted ID without any warning. This may result in the leakage of data presumed destined to a trusted user; other attacks may also be possible.

1. MySQL Weak Password Encryption Vulnerability BugTraq ID: 7500 Remote: No Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7500 Summary:

MySQL is an open source relational database project. It is available for the Microsoft Windows, Linux, and Unix operating systems.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

MySQL has been reported prone to a weak password encryption algorithm. It has been reported that the MySQL function used to encrypt MySQL passwords makes just one pass over the password and employs a weak left shift based cipher. The output of this function results in a password hash of low entropy. Due to the base complexity of the algorithm used to create the MySQL password hash, the hash may be cracked in little time using a bruteforce method to create an identical hash and thereby guess the clear text password.

An attacker may use information recovered in this way to aid in further attacks launched against the underlying system.

1. CommuniGate Pro Webmail Session Hijacking Vulnerability BugTraq ID: 7501 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7501 Summary:

CommuniGate Pro is an internet messaging server. CommuniGate Pro includes a webmail service to allow access to mailboxes via HTTP. It is available for a number of platforms including Unix and Linux variants and Microsoft Windows operating systems.

CommuniGate Pro Webmail has been reported prone to a session hijacking vulnerability. The vulnerability presents itself when the victim views an image or similar resource embedded in a HTML web-mail. Specifically the current session ID used in CommuniGate Pro Webmail is sent, as the 'referrer' field, in the HTTP header of a request made for an image embedded in a malicious e-mail.

The attacker may intercept the HTTP header and extract the URL data contained in the 'referrer' field. The attacker may then follow the URL to hijack the current user session.

1. Mirabilis ICQ POP3 Client UIDL Command Format String Vulnerability BugTraq ID: 7461 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7461 Summary:

Mirabilis ICQ is an instant messenger client for a number of platforms including Microsoft Windows, MacOS and Palm systems. ICQ provides an integrated POP3 client that is used to communicate via e-mail. The POP3 client is a COM object embedded in the POP3.dll library.

Each message generated by the POP3 client is given a unique identification number (UIDL), which is determined by the server. This id consists of up to 70 bytes of data from a limited character set.

A format string vulnerability has been discovered in the ICQ POP3 client when handling the identification string. It is likely that the problem presents itself due to a programming error in a function used to handle UIDL command server response strings.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

By impersonating a valid POP3 server, an attacker may send malicious format string specifiers, embedded in the unique id of an e-mail message destined for the ICQ POP3 Client. When the message header is processed the malicious format string specifiers may be interpreted. As a result, it may be possible for sensitive locations in memory to be corrupted. This may ultimately result in the execution of attacker-supplied code.

1. Mirabilis ICQ POP3 Client Subject Field Signed Integer Overflow Vulnerability BugTraq ID: 7462 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7462 Summary:

Mirabilis ICQ is an instant messenger client for a number of platforms including Microsoft Windows, MacOS and Palm systems. ICQ provides an integrated POP3 client that is used to communicate via e-mail. The POP3 client is a COM object embedded in the POP3.dll library.

A vulnerability has been reported for the POP3 client of ICQ that may result in the execution of arbitrary attacker-supplied commands.

The vulnerability exists due to insufficient boundary checks performed by the integrated POP3 mail client when verifying the length of certain e-mail header fields. Specifically, the length of the 'Subject' header is stored within a 16 bit signed integer. As a result, by supplying excessive data within the 'Subject' field it may be possible to wrap the signed integer, resulting in a negative value.

An attacker can exploit this vulnerability by crafting an e-mail with an overly long Subject field, consisting of at least 33000 characters, and sending it to a victim user. This will effectively result in an unexpected miscalculation by the application.

Successful exploitation of this issue may allow an attacker to overwrite sensitive memory with malicious values which will result in the client throwing an unhandled exception and crashing.

Exploitation of this issue may also result in the execution of attacker-supplied code.

This vulnerability was reported for Mirabilis ICQ 2003a and earlier.

1. Mirabilis ICQ Features On Demand Remote Command Execution Vulnerability BugTraq ID: 7464 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7464 Summary:

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

ICQ is an instant messenger client for a number of platforms including Microsoft Windows.

The ICQ Features on Demand allows users to download and install ICQ add-on client software such as ICQ Phone and ICQ Web Search.

Features on Demand uses a hardcoded URL from which it retrieves add-on installation packages. The DataURL value is found in the 'Packages.ini' file under the heading '[General]'.

When Features on Demand is invoked, it connects to this URL in order to download the appropriate packages, but it does not verify the authenticity of the package in any way. This could allow a malicious user to impersonate the package repository service through some other attack, such as DNS poisoning. Any malicious package supplied to ICQ will be executed with the permissions of the user running ICQ.

Features on Demand was introduced in ICQ 2002a and is available in subsequent versions.

1. Mirabilis ICQ GIF Parsing Denial Of Service Vulnerability BugTraq ID: 7466 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7466 Summary:

ICQ is an instant messenger client for a number of platforms including Microsoft Windows systems.

ICQ is prone to a denial of service condition when parsing GIF89a headers. This condition exists in 'icqateimg32.dll', which is the native ICQ GIF parsing/rendering library.

This issue is due to a flaw in how 'icqateimg32.dll' decodes GIF files. The library expects either an existing GCT (Global Color Table) or an LCT (Local Color Table) in the header when attempting to decode a GIF file. If none of these tables exist in the header, the library will fail when attempting to render the GIF file. This will cause ICQ to crash, leading to a denial of service.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An attacker will be able to exploit this issue by passing a GIF with a specially crafted header for processing by the GIF parsing/rendering library.

1. Mirabilis ICQ Message Session Window Denial Of Service Vulnerability BugTraq ID: 7465 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7465 Summary:

Mirabilis ICQ is an instant messenger client for a number of platforms including Microsoft Windows, MacOS and Palm systems.

Each ICQ message window (message session) contains an advertisement that the client requests from an ADS server. This advertisement is obtained by making a specially crafted HTTP request to the ADS server for a randomized HTML file. Aside from the randomized file name, the request is made to a static location.

No authentication is performed between the ICQ client and the ADS server during this transaction.

A denial of service vulnerability has been discovered in HTML rendering library used by Mirabilis ICQ to process advertisement code. The problem occurs due to the library failing to handle specific malformed HTML table tag attributes. Specifically, a table tag containing a 'width' attribute with a value of '-1' will trigger a denial of service. The affected client program will freeze the systems CPU utilization will rise to 100%.

An attacker may be capable of exploiting this vulnerability due to the lack of authentication while obtaining the advertisement. By impersonating the ADS server it may be possible for ICQ client requests to be made to an attacker-controlled server. This may result in malicious HTML advertisements being rendered within a message session.

1. Mirabilis ICQ POP3 Client Date Field Signed Integer Overflow Vulnerability BugTraq ID: 7463 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7463 Summary:

Mirabilis ICQ is an instant messenger client for a number of platforms including Microsoft Windows, MacOS and Palm systems. ICQ provides an integrated POP3 client that is used to communicate via e-mail. The POP3 client is a COM object embedded in the POP3.dll library.

A vulnerability has been reported for the POP3 client of ICQ that may result in the execution of arbitrary attacker-supplied commands.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The vulnerability exists due to insufficient boundary checks performed by the integrated POP3 mail client when verifying the length of certain e-mail header fields. Specifically, the length of the 'Date' header is stored within a 16 bit signed integer. As a result, by supplying excessive data within the 'Date' field it may be possible to wrap the signed integer, resulting in a negative value.

An attacker can exploit this vulnerability by crafting an e-mail with an overly long 'Date' field, consisting of at least 32000 bytes of data, and sending it to a victim user. This will effectively overflow the sign of an internally stored variable and result in an unexpected miscalculation by the application.

Successful exploitation of this issue may allow an attacker to overwrite sensitive memory with malicious values, which will result in the client throwing an unhandled exception and crashing.

Exploitation of this issue may also result in the execution of attacker-supplied code.

This vulnerability was reported for Mirabilis ICQ 2003a and earlier.

1. Microsoft Internet Explorer DHTML AnchorClick Partial Denial Of Service Vulnerability BugTraq ID: 7502 Remote: Yes Date Published: May 05 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7502 Summary:

Microsoft Internet Explorer has been reported prone to a denial of service condition when handling certain DHTML objects.

It has been reported that, while using the DHTML 'A' 'AnchorClick' object, an attacker may specify a folder instead of a HREF style URL link. While the latter is within normal specifications of the DHTML language, if the attacker leaves this field blank and supplies the link to an unsuspecting user, upon following the malicious link, Internet Explorer will fail. This issue is believed to be as a result of an illegal exception thrown while attempting to access a null pointer.

This issue will only affect the active Internet Explorer window, inactive Internet Explorer windows are not affected.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It should be noted that, although this vulnerability has been reported to affect Internet Explorer version 6.0 SP1, previous versions might also be affected.

20. Youbin HOME Buffer Overflow Vulnerability BugTraq ID: 7503
Remote: No
Date Published: May 06 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7503
Summary:

youbin is a network based mail arrival notification service designed to replace biff.

It has been reported that youbin is vulnerable to a locally exploitable buffer overflow vulnerability. The vulnerability is related to the handling of the HOME environment variable.

Specifically, an internal memory buffer may be overrun while handling a HOME environment variable containing excessive data. This condition may be exploited by attackers to corrupt memory adjacent to the affected buffer.

Because adjacent memory may contain values, which are crucial to the control of program execution flow, an attacker may be capable of executing arbitrary instructions with the privileges of the youbin process, typically root.

It should be noted that although this vulnerability has been reported to affect youbin version 3.4, previous versions might also be affected.

21. Leksbot Multiple Unspecified Vulnerabilities BugTraq ID: 7505
Remote: No
Date Published: May 06 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7505
Summary:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Leksbot is a freely available dictionary of botanical terms. It is available for a variety of platforms including Microsoft Windows and Linux systems.

Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated privileges.

Reportedly, in some installations of Leksbot, the /usr/bin/KATAXWR is unnecessarily configured to be a setuid root binary. Systems configured in this manner may be prone to a security risk, as an attacker may be capable of gaining root privileges.

These vulnerabilities have been confirmed to affect Debian installations of Leksbot. Although unconfirmed, Leksbot installations on other systems may also be prone to this issue.

This BID will be updated as further information is available.

22. Siemens Mobile Phones %IMG_NAME Denial Of Service Vulnerability BugTraq ID: 7507
Remote: Yes
Date Published: May 06 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7507
Summary:

Siemens Mobile Phones are prone to a denial of service when handling malformed image attachments in SMS messages. This is reportedly due to a boundary condition error.

The correct syntax for image attachments is "%IMG_NAME", where IMG_NAME is the name of the image to be attached. This condition will occur if the value for the IMG_NAME is 157 characters in length. A denial of service may occur when such the malformed SMS is received, causing the phone to disconnect. It has also been reported that the user will not be able to access their INBOX. It should be noted that this condition could also occur if a user sends the malformed message from a vulnerable Siemens mobile phone.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability was reported in Siemens *45 Series phones, but other phones may also be affected.

23. Floosietek FTGate PRO SMTP MAIL FROM Buffer Overflow Vulnerability BugTraq ID: 7506
Remote: Yes
Date Published: May 06 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7506
Summary:

Floosietek FTGate PRO is a mail server for the Microsoft Windows operating system.

A buffer overflow vulnerability has been reported for FTGate PRO mail server. The vulnerability exists when the mail server attempts to process overly long SMTP 'Mail From' arguments. Specifically, when the mail server processes a malicious 'Mail From' e-mail address consisting of more than 2017 characters, the mail server will crash. This is reportedly due to the exception handler being corrupted. Although unconfirmed, due to the nature of this vulnerability the condition may be exploited to execute attacker-supplied arbitrary code with the privileges of the SYSTEM user.

This vulnerability was reported for FTGate PRO 1.22 Hotfix(1328). It is likely that previous versions are also affected.

24. Floosietek FTGate PRO SMTP RCPT TO Buffer Overflow Vulnerability BugTraq ID: 7508
Remote: Yes
Date Published: May 06 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7508
Summary:

Floosietek FTGate PRO is a mail server for the Microsoft Windows operating system.

A buffer overflow vulnerability has been reported for FTGate PRO mail server. The vulnerability exists when the mail server attempts to process overly long SMTP 'Rcpt To' arguments. Specifically, when the mail server processes a malicious 'Rcpt To' e-mail address consisting of more than 2017 characters, the mail server will crash. This is reportedly due to the exception handler being corrupted. Although unconfirmed, due to the nature of this vulnerability the condition may be exploited to execute attacker-supplied arbitrary code with the privileges of the SYSTEM user.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability was reported for FTGate PRO 1.22 Hotfix(1328). It is likely that previous versions are also affected.

III. SECURITYFOCUS NEWS AND COMMENTARY

1. 'Banned' Xbox Hacking Book Selling Fast By Kevin Poulsen

Too hot for tech publishers, Andrew Huang self-published his comprehensive guide to hacking Microsoft's game console. Weeks before publication, he's already pre-sold half of his initial print run.

http://www.securityfocus.com/news/4580

2. Report: Too Many Watch Lists
By Kevin Poulsen

Congressional investigators urge the government to combine twelve different surveillance databases into one.

http://www.securityfocus.com/news/4419

3. Senate broadens powerful U.S. terror surveillance law By Ted Bridis, The Associated Press

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The Senate easily passed a measure Thursday expanding a powerful surveillance law, used in spy and terrorism investigations, to allow U.S. agents to wiretap lone foreigners who can't be linked to a terror organization or government.

http://www.securityfocus.com/news/4590

4. Microsoft admits Passport identity service was vulnerable By Ted Bridis, The Associated Press

A computer researcher in Pakistan discovered how to breach Microsoft Corp.'s security procedures for its popular Internet Passport service, designed to protect customers visiting some retail Web sites, sending e-mails and in some cases making credit-card purchases.

http://www.securityfocus.com/news/4575

IV. SECURITYFOCUS TOP 6 TOOLS

1. Data Thief v1.0 by Application Security, Inc Relevant URL: http://www.appsecinc.com/resources/freetools/ Platforms: Linux, UNIX Summary:

Data Thief is a "proof-on-concept" tool used to demonstrate to web administrators and developers how easy it is to steal data from a web application that is vulnerable to SQL Injection. Data Thief is designed to retrieve the data from a Microsoft SQL Server back-end behind a web application with a SQL Injection vulnerability. Once a SQL Injection vulnerability is identified, Data Thief does all the work of listing the linked severs, laying out the database schema, and actually selecting the data from a table in the application.

2. DISCO v1.0
by P
Relevant URL:
http://www.altmode.com/disco/
Platforms: FreeBSD, Linux, NetBSD, OpenBSD Summary:

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

DISCO is a passive IP discovery utility designed to sit on segments throughout a network to discover unique IPs and passively fingerprint TCP SYN packets.

3. linux-identd v1.3
by Per Liden per@fukt.bth.se
Relevant URL:
http://www.fukt.bth.se/~per/identd/
Platforms: Linux
Summary:

linux-identd is a user identification daemon for Linux, which implements the Identification Protocol (RFC1413). This protocol is used to identify active TCP connections. The daemon listens to TCP port 113 (auth), and can be run either as a stand-alone daemon, or through inetd.

4. mod_protection v0.0.2
by Pierpaolo Giacomin
Relevant URL:
http://www.twlc.net/download.php?op=viewsdownload&sid=20 Platforms: UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP Summary:

mod_protection is an Apache module that integrates the basic function of an IDS (Intrusion Detection System) and a firewall. When a malicious client sends a request that matches a rule, the administrator will be warned and the client gets an error message.

5. pcInternet Patrol
by Internet Security Alliance
Relevant URL:
http://www.isa-llc.com/downloads/pcip.php Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP Summary:

pcInternet Patrol maximizes protection with minimum user involvement This product finds 6 times more potentially dangerous programs/modules than other leading personal firewalls. Other features are:
- Stops all intruder programs both known and unknown;

• Users always have the latest programs definition without the need for an update;
• Keeps you and your computer out of harms way, without getting in your way;
• Cannot be disabled by an intruder without alerting user or administrator;
• Activates Intruder tracking to trace IP address of intruder for possible apprehension;
• Continuously monitors the state of the NETBIOS ports, the first entry target for intruders;
• Help with security issues in real time! 6. Active Spam Killer v2.3 beta2 by Marco Paganini paganin@paganini.net Relevant URL: http://www.paganini.net/ask/ Platforms: Python Summary:

Active Spam Killer (ASK) protects your email account against spam by confirming the sender's email address before actual delivery takes place. The confirmation happens by means of a "confirmation message" that is automatically sent to all "unknown" users. Once the sender replies to that message (a simple reply will do), future emails from that person will be delivered immediately. You can also specify (regexp) addresses to be immediately accepted, rejected (with a nastygram) or ignored. The package also includes a utility to scan your old mailboxes and generate a list of emails to be accepted automatically.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

V. SECURITY JOBS SUMMARY

1. Sr. Software Security Engineer, Washington DC area (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320906

2. Information Security Officer required - Charlotte, NC (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320888

3. Security Engineer/Policy Developer/ needed in MD (columbia- baltimore area) (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320887

4. Web Security Research Engineer (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320873

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. Information Security Programme Manager (UK) (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320876

6. Seeking information security position (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320868

7. Security Job w/Fortune 500 Company (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320869

8. AVAYA Consultative Services Sales Associates (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320877

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

9. Looking for Network and System Security administrators in India (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320867

1. Enterprise Mobility Security Architect (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320866

1. Security Architect Manager - Cleveland, Ohio (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320865

1. IT Security Engineer required - Hampshire, South Coast, UK (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320864

1. Looking for a job in Networking/ Security (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320863

1. Senior Network Security Engineer - San Diego Contract - 6 Months+ (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320862

1. Security Engineer - DITSCAP - San Diego Contract - 6 Months+ (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320861

1. Network Security Engineer - San Diego Contract - 6 Months+ (Thread) Relevant URL:

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

http://www.securityfocus.com/archive/77/320860

1. Infosec Engineer - CISSP for San Diego 6-month Contract (Job #944) (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320859

1. CISSP Security consultant seeking position in NYC (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320858

1. Experienced Consultant Desires Information Security Project (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320857

20. Director of Marketing for Latin American Security Company - Fl - #762JA (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320856

21. IT Security Manager Essex UK (Thread) Relevant URL:

http://www.securityfocus.com/archive/77/320567

Can we help you?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih