New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!
· Ian T's (AR 22)
· Marcia's (CO8)
· Bill G's (CO10)
· Paul's (AR 5)
· Robin's (AR 2)
· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Search (Topics)
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?
$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 828
Comments: 19
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
image cybsec: Advisories!: Latest Advisories (10/08/03) image
Cyber Security
Latest Advisories
2003-10-08
Secunia
Security Tracker
Security Focus
Symantec

Secunia
Secunia Highlights:
Microsoft Internet Explorer Update fixes the Object Data Vulnerability

Microsoft has released a new cumulative patch for Internet Explorer. This fixes the Object Data vulnerability, which was inadequatedly addressed in MS03-32.

OpenSSL Multiple Vulnerabilities in Client Certificate Handling

Multiple vulnerabilities have been identified in OpenSSL possibly allowing malicious people to cause a Denial of Service or to gain system access.

Microsoft Windows Unauthorised Thread Termination

A vulnerability has been reported in Windows, which can be exploited by malicious, local users to terminate certain privileged programs.

Latest 15 Secunia Security Advisories:

2003-10-08
- SuSE Linux SuSEconfig.susewm Privilege Escalation

- SuSE Linux SuSEconfig.javarunt Privilege Escalation

- slocate User Database Privilege Escalation Vulnerability

- JBoss HSQLDB Database Vulnerability

- Sun Cobalt RaQ 550 message.cgi Cross Site Scripting


2003-10-07
- PrimeBase SQL Database Server Insecure File Permissions

- File-Sharing for NET Message Forum Cross-Site Scripting

- Sun Linux / Cobalt update for OpenSSH

- Sun Linux update for Pine

- Sun Linux / Cobalt update for Sendmail

- Microsoft Windows Media Player DHTML Local Zone Access

- Conectiva update for mplayer

- Nuke Upload and Execution of Arbitrary Code

- EternalMart Mailing List Manager Inclusion of Arbitrary Files

- EternalMart Guestbook Inclusion of Arbitrary Files

More Advisories

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Microsoft Windows Media Player DHTML Local Zone Access

- Microsoft Internet Explorer Update fixes the Object Data Vulnerability

- Microsoft Internet Explorer Multiple Vulnerabilities

- Nuke Upload and Execution of Arbitrary Code

- OpenBSD Packet Filter Denial of Service Vulnerability

Security Tracker
Special Alerts - OpenSSL ASN.1 decoding flaws may result in remote code execution.
Various applications using OpenSSL may be affected.


Pidentd Can Be Crashed By Remote Users Sending Large Requests

A denial of service vulnerability was reported in Pidentd. A remote user can cause the daemon to crash.

Impact: Denial of service via network

slocate Buffer Management Error May Let Local Users Gain Elevated Privileges

A buffer management vulnerability was reported in slocate. A local user may be able to gain elevated privileges on the target system.

Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, User access via local system


JBoss Java Server 'hsqldb' Service Default Configuration Lets Remote Users Execute Arbitrary Code

A vulnerability was reported in the JBoss Java server. A remote user can execute arbitrary commands on the target system.

Impact: Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network


PHP-Nuke mailattach.php Input Validation Flaw Lets Remote Users Upload Arbitrary Files and Execute Them

A vulnerability was reported in PHP-Nuke when operating on Windows-based systems. A remote user can upload arbitrary files to the system, which can then be executed.

Impact: Execution of arbitrary code via network, Modification of user information, User access via network



EternalMart Guestbook Include File Validation Flaw Lets Remote Users Execute Arbitrary Code

An include file vulnerability was reported in the EternalMart Guestbook. A remote user can execute arbitrary PHP code on the target system.

Impact: Execution of arbitrary code via network, User access via network


SecurityFocus BugTraq
SecurityFocus Vulnerabilities
10/07/2003 Re: Weaknesses in LEAP Challenge/Response Sharad Ahlawat
10/07/2003 [RHSA-2003:278-01] Updated SANE packages fix remote vulnerabilities bugzilla redhat com
10/07/2003 Medieval Total War 1.1 broadcast crash Luigi Auriemma
10/07/2003 Medieval Total War 1.1 broadcast Connection expired Luigi Auriemma
10/07/2003 PeopleSoft Grid Option Vulnerability info i-assure com
10/07/2003 Adobe SVG Viewer Cross Domain and Zone Access (GM#004-MC) GreyMagic Software
10/07/2003 Adobe SVG Viewer Local and Remote File Reading (GM#003-MC) GreyMagic Software
10/07/2003 Adobe SVG Viewer Active Scripting Bypass (GM#002-MC) GreyMagic Software
10/07/2003 IE 6 XML Patch Bypass Mindwarper *
10/07/2003 Re: The joys of impurity (was: MOSDEF, InlineEgg) dave immunitysec com
10/06/2003 ZH2003-3SP (security patch): multiple vulnerabilities in mod_gzip 1.3.x debug mode Astharot
10/06/2003 New FAQ on worm/worm containment Stuart Staniford
10/06/2003 The joys of impurity (was: MOSDEF, InlineEgg) Alexander E. Cuttergo
10/06/2003 Update JBoss 308 & 321: Remote Command Injection Marc Schoenefeld
10/06/2003 JS/HTML code injection in File-Sharing for NET v1.5 and Forums Web Server v1.5 nimber
10/06/2003 Re: Local root exploit in SuSE Linux 8.2Pro Roman Drahtmueller
10/06/2003 SA-20031006 slocate vulnerability Patrik Hornik
10/06/2003 [CLA-2003:760] Conectiva Security Announcement - mplayer Conectiva Updates
10/06/2003 Local root exploit in SuSE Linux 8.2Pro Stefan Nordhausen
10/06/2003 Local root exploit in SuSE Linux 7.3Pro Stefan Nordhausen
10/06/2003 Weaknesses in LEAP Challenge/Response Joshua Wright
10/06/2003 [PAPER] Juggling with packets: floating data storage Wojciech
2003-10-04: EternalMart Multiple Remote File Include Vulnerabilities
2003-10-04: Microsoft Internet Explorer Absolute Position Block Denial Of Service Vulnerability
2003-10-04: PHP-Nuke mailattach.php Remote File Upload Vulnerability
2003-10-04: Microsoft Windows Media Player IE Zone Access Control Bypass Vulnerability
2003-10-04: Cisco CatOS Password Prompt Unauthorized Remote Command Execution Vulnerability
2003-10-04: Microsoft Internet Explorer Browser Popup Window Object Type Validation Vulnerability
2003-10-04: Multiple Vendor C Library realpath() Off-By-One Buffer Overflow Vulnerability


Symantec SSR
Backdoor.SDBot.Q October 7, 2003 October 8, 2003
W32.IRCBot.B
Win32.SdBot.18976 [CA], Troj/Ircbot-M [Sophos], Backdoor.IRCBot.gen [KAV], W32/Sdbot.worm.gen [McAfee] October 7, 2003 October 7, 2003
Backdoor.Smokodoor
Backdoor:Win32/Smokodoor [RAV], BackDoor-APO [McAfee], BackDoor-APO.dll [McAfee] October 6, 2003 October 7, 2003
Posted on Wednesday, 08 October 2003 @ 08:48:55 EDT by phoenix22
image

 
Login
Nickname

Password
· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· Linux.com
· PHP HomePage
· Red Hat
· Microsoft
· Microsoft
· PHP-Nuke
· SuSE
· HotScripts
· W3 Consortium
· More about Cyber Security
· News by phoenix22
Most read story about Cyber Security:
Booby Trapped software!

image
Article Rating
Average Score: 4
Votes: 1

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent

image
Options

Printer Friendly Page  Printer Friendly Page
image
"Login" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 743 pages served in previous 5 minutes. Page Generation: 0.307 seconds.