New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!
· Ian T's (AR 23)
· Marcia's (CO8)
· Bill G's (CO11)
· Paul's (AR 5)
· Robin's (AR 2)
· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?
$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 1013
Comments: 21
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
image cybsec: Weekly Summaries: US-CERT image
Cyber Security

National Cyber Alert System (US-Cert)







Summary of Security Items from March 3 through March 16, 2004

US-CERT will begin to incorporate some of the information from
CyberNotes into Cyber Security Bulletins. CyberNotes were previously
compiled for the Department of Homeland Security and posted to the


NIPC web site. During the transition of the information into the Cyber
Security Bulletin, we are offering a PDF version of the most recent
version of CyberNotes on the US-CERT web site.




Publications by US-CERT

Microsoft Outlook mailto URL Handling Vulnerability

A vulnerability in the way Outlook 2002 interprets a mailto: URL
could allow an attacker to execute arbitrary code of their choosing
on the system running the vulnerable version of Outlook.

* TA04-070A: Microsoft Outlook mailto URL Handling Vulnerability



* VU#305206: Microsoft Outlook fails to properly filter parameters
passed via mailto: URL



US-CERT Vulnerability Notes

VU#114070: NetScreen Instant Virtual Extranet (IVE) platform
contains cross-site scripting vulnerability in delhomepage.cgi



NetScreen Instant Virtual Extranet (IVE) platform contains a
cross-site scripting vulnerability in the row parameter of
delhomepage.cgi, which could allow an attacker to mount a
cross-site scripting attack.

VU#197318: IBM Net.Data db2www CGI interpreter fails to properly
validate requested macro filenames



IBM Net.Data fails to properly validate user input passed to the
db2www CGI interpreter which could allow an attacker to mount a
cross-site scripting attack against a vulnerable system.

VU#363374: Cisco CSS 11000 Series Content Services Switch
vulnerable to DoS via malformed UDP packets



Several models of the Cisco Content Services Switch contain a
vulnerability in their management interface that allows an attacker
to restart the switch, resulting in a denial of service attack.

VU#395670: FreeBSD fails to limit number of TCP segments held in
reassembly queue



FreeBSD fails to limit the number of TCP segments held in a
reassembly queue which could allow an attacker to exhaust all
available memory buffers (mbufs) on the destination system
resulting in a denial-of-service condition.

VU#412566: Solaris conv_fix insecure file handling vulnerability



A vulnerability in a program supplied with the Solaris printing
system could allow a local attacker to gain elevated privileges on
the system.

VU#490620: Linux kernel do_mremap() call creates virtual memory
area of 0 bytes in length



There is a vulnerability in the Linux kernel memory management
routines that allows local users to gain superuser privileges.

VU#493966: Libxml2 URI parsing errors in nanohttp and nanoftp



Libxml is the XML parser for Gnome, a desktop suite and development
platform for Linux systems. Libxml2, the latest version of the
library as of this writing, has a buffer overflow vulnerability
which may allow execution of arbitrary code.

VU#584606: NTP service vulnerable to internal overflow if date /
time offset is greater than 34 years



NTP (Network TIme Protocol) contains an integer overflow
vulnerability that may lead to clients receiving an incorrect
date/time offset.

VU#688094: Microsoft MSN Messenger fails to properly validate file
requests



Microsoft MSN Messenger fails to properly validate file requests
which could allow an attacker to view the contents of files on the
victim's system.

VU#694782: Sun Solaris passwd command allows for privilege
escalation



Sun Solaris contains a vulnerability in the passwd(1) command which
could allow for privilege escalation.

VU#831534: cPanel fails to verify input passed to the user
parameter



A remotely exploitable vulnerability in CPanel's password reset and
login scripts may allow a remote attacker to gain control of the
vulnerable system.

VU#878526: Apple Mac OS X cd9660.util buffer overflow



A component utility in Apple's Mac OS X operating system suffers
from a buffer overflow vulnerability in its handling of
command-line arguments. This vulnerability could allow a local
attacker to gain elevated privileges on the vulnerable system.

VU#902374: Apple Mac OS X TruBlueEnvironment vulnerable to buffer
overflow



Apple Mac OS X contains a buffer overflow in TruBlueEnvironment
which could allow a local, authenticated attacker to execute
arbitrary code with root privileges.

VU#981222: Linux kernel mremap(2) system call does not properly
check return value from do_munmap() function



A vulnerability in the Linux mremap(2) system call could allow an
authenticated, local attacker to execute arbitrary code with root
privileges.

VU#982630: Microsoft Windows Media Services fails to properly
validate TCP requests



Microsoft Windows Media Services fails to properly validate TCP
requests which could allow a remote, unauthenticated attacker to
cause the services to refuse new TCP connections.


Publications by Vendors

Apache Software Foundation

* mod_ssl memory leak (03-08-04)


Cisco

* Cisco Security Advisory: Cisco CSS 11000 Series Content Services
Switches Malformed UDP Packet Vulnerability (03-04-04)


Debian

* DSA-464 gdk-pixbuf (03-16-04)


* DSA-463 samba - privilege escalation (03-12-04)


* DSA-462 xitalk - missing privilege release (03-12-04)


* DSA-461 calife - buffer overflow (03-11-04)


* DSA-460 sysstat - insecure temporary file (03-10-04)


* DSA-459 kdelibs - cookie path traversal (03-10-04)


* DSA-458 python2.2 - buffer overflow (03-09-04)


* DSA-457 wu-ftpd - several vulnerabilities (03-08-04)


* DSA-456 linux-kernel-2.2.19-arm - failing function and TLB flush
(03-06-04)


* DSA-455 libxml - buffer overflows (03-03-04)


Fedora

* Fedora Core 1 Update: coreutils-5.0-34.1 (03-10-04)


* Fedora Core 1 Update: less-382-1.1 (03-09-04)


* mailman 2.1.4 available, also resolves security CAN-2003-0992
(03-05-04)


* Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1 (03-04-04)


Gentoo

* Linux kernel do_mremap local privilege escalation (03-06-04)


* Libxml2 URI Parsing Buffer Overflow Vulnerabilities (03-06-04)


Hewlett Packard

* HPSBUX0310-290 SSRT3622 rev.2 Bind v920 (03-15-04)


* HPSBMA01003 SSRT4679 - HP Web-enabled Management Software
certificate compromise using HP HTTP Server (03-11-04)


* HPSBTU01000 SSRT3674 Tru64 UNIX IPsec/IKE Potential Remote
Unauthorized Access (03-03-04)


Macromedia

* MPSB04-04 Security Patch available for ColdFusion MX and JRun 4.0
Web Services DoS (03-15-04)


* MPSB04-03 Potential Security Risk with Macromedia E-Licensing
Client Activation Code (03-12-04)


Mandrake

* MDKSA-2004:022 - kdelibs (03-10-04)


* MDKSA-2004:021 - mozilla (03-10-04)


* MDKSA-2004:020 - gdk-pixbuf (03-10-04)


* MDKSA-2004:019 - python (03-09-04)


* MDKSA-2004:018 - libxml2 (03-03-04)


* MDKSA-2004:017 - pwlib (03-03-04)


Microsoft

* MS04-010: Security Update for MSN Messenger (03-09-04)


* MS04-009: Security Update for Microsoft Office (03-09-04)


* MS04-008 Vulnerability in Windows Media Services Could Allow a
Denial of Service (03-09-04)


OpenBSD

* Bug in the parsing of Allow/Deny rules for httpd('s access
module (03-13-04)


Oracle

* Security Vulnerabilities in Oracle Application Server Web Cache
(03-12-04)


* Security Vulnerability in Oracle9i Application and Database
Servers (03-12-04)


Red Hat

* Updated kdelibs packages resolve cookie security issue (03-10-04)


* Updated sysstat packages fix security vulnerabilities (03-10-04)


* Updated gdk-pixbuf packages fix denial of service vulnerability
(03-10-04)


* Updated libxml2 packages fix security vulnerability (03-03-04)


SCO

* OpenLinux: cups denial of service vulnerability (03-03-04)


SGI

* SGI Advanced Linux Environment security update #14 (03-12-04)


* SGI Advanced Linux Environment security update #13 (03-03-04)


Sun Microsystems

* Potential SSL Vulnerabilities in Sun Products (03-16-04)


* Sun Java System Application Server Denial-of-Service Vulnerability
(03-15-04)


* ASN.1 Parsing Issue May Lead to Denial-of-Service Condition in Sun
Java System Web Server and Sun Java System Application Server
(03-15-04)


* Sun ONE Web Server Buffer Overflow Vulnerability May Result in
Denial of Service (DoS) (03-15-04)


* Security Vulnerability With Loading Arbitrary Kernel Modules in
Solaris Kernel (03-15-04)


* SunPlex (Sun Cluster) Multiple Security Vulnerabilities in OpenSSL
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
Protocols (03-15-04)


* Solaris 9 patches 114332-08 and 114929-06 are WITHDRAWN - Patches
Disable the Auditing Functionality on Basic Security Module (BSM)
Enabled Systems (03-11-04)


* Security Vulnerability Involving the passwd(1) Command (03-08-04)


* Multiple Buffer Overflows in /usr/bin/uucp May Allow
Unauthorized uucp(1C) User ID Access (03-03-04)


Back to top

Publications by Third Parties

AusCERT

* Macromedia Security Bulletin -- Security Patch available for
ColdFusion MX and JRun 4.0 Web Services DoS (03-16-04)


* iDEFENSE Security Advisory 03.09.04 *UPDATE* -- Microsoft Outlook
mailto: Parameter Passing Vulnerability (03-16-04)


* Macromedia Security Bulletin -- Potential Security Risk with
Macromedia E-Licensing Client Activation Code (03-16-04)


* NGSSoftware Insight Security Research Advisory -- IBM DB2 Remote
Command Execution Privilege Upgrade (03-16-04)


* RHSA-2004:053-01 -- Updated sysstat packages fix security
vulnerabilities (03-15-04)


* RHSA-2004:102-01 -- Updated gdk-pixbuf packages fix denial of
service vulnerability (03-15-04)


* Debian Security Advisory DSA 463-1 -- New samba packages fix
privilege escalation in smbmnt (03-15-04)


* Debian Security Advisory DSA 462-1 -- New xitalk packages fix
local group utmp exploit (03-15-04)


* HP SECURITY BULLETIN HPSBMA01003 -- SSRT4679 - HP Web-enabled
Management Software certificate compromise using HP HTTP Server
(03-15-04)


* Debian Security Advisory DSA 461-1 -- New calife packages fix
buffer overflow (03-12-04)


* US-CERT Technical Cyber Security Alert TA04-070A -- Microsoft
Outlook mailto URL Handling Vulnerability (03-11-04)


* Sun(sm) Alert Notification - Sun Alert ID: 57508 -- Multiple
Buffer Overflows in /usr/bin/uucp May Allow Unauthorized
uucp(1C) User ID Access (03-11-04)


* Sun(sm) Alert Notification - Sun Alert ID: 57498 -- ASN.1 Parsing
Issue May Lead to Denial-of-Service Condition in Sun Java System
Web Server and Sun Java System Application Server (03-11-04)


* RHSA-2004:103-01 -- Updated gdk-pixbuf packages fix crash
(03-11-04)


* RHSA-2004:093-01 -- Updated sysstat packages fix security
vulnerabilities (03-11-04)


* RHSA-2004:075-01 -- Updated kdelibs packages resolve cookie
security issue (03-11-04)


* Debian Security Advisory DSA 460-1 -- New sysstat packages fix
insecure temporary file creation (03-11-04)


* Debian Security Advisory DSA 459-1 -- New kdelibs, kdelibs-crypto
packages fix cookie traversal bug (03-11-04)


* Debian Security Advisory DSA 458-1 -- New python2.2 packages fix
buffer overflow (03-11-04)


* Microsoft Security Bulletin MS04-010 -- Vulnerability in MSN
Messenger Could Allow Information Disclosure (838512) (03-10-04)


* Microsoft Security Bulletin MS03-022 -- Vulnerability in ISAPI
Extension for Windows Media Services Could Cause Code Execution
(822343) (03-10-04)


* Microsoft Security Bulletin MS04-009 -- Vulnerability in Microsoft
Outlook Could Allow Code Execution (828040) (03-10-04)


* Microsoft Security Bulletin MS04-008 -- Vulnerability in Windows
Media Services Could Allow a Denial of Service (03-10-04)


* RHSA-2004:096-01 -- Updated wu-ftpd package fixes security issues
(03-10-04)


* Debian Security Advisory DSA 457-1 -- New wu-ftpd packages fix
multiple vulnerabilities (03-10-04)


* CIAC BULLETIN O-093 -- Oracle9i Database Buffer Overflow
Vulnerabilities (03-09-04)


* NGSSoftware Insight Security Research Advisories -- Buffer
Overflow Vulnerabilities in SLWebMail and SLMail Pro Supervisor
Report Center (03-09-04)


* CIAC BULLETIN O-090 -- Vulnerability in Novell Client Firewall
Tray Icon (03-08-04)


* NetBSD Security Note 20040304-1 -- NetBSD not vulnerable to TCP
reassembly mbuf DoS (03-08-04)


* Debian Security Advisory DSA 456-1 -- New Linux 2.2.19 packages
fix local root exploit (arm) (03-08-04)


* Debian Security Advisory DSA 455-1 -- New libxml packages fix
arbitrary code execution (03-05-04)


* HEWLETT-PACKARD SECURITY BULLETIN HPSBTU00030 -- SSRT3674 Tru64
UNIX IPsec/IKE Potential Remote Unauthorized Access (03-05-04)


* Cisco Security Advisory -- Cisco CSS 11000 Series Content Services
Switches Malformed UDP Packet Vulnerability (03-05-04)


* NGSSoftware Insight Security Research Advisory NISR03022004 --
Adobe Acrobat Reader XML Forms Data Format Buffer Overflow
(03-04-04)


* RHSA-2004:091-02 -- Updated libxml2 packages fix security
vulnerability (03-04-04)


* Debian Security Advisory DSA 454-1 and DSA 453-1 -- New Linux
2.2.22 and 2.2.20 packages fix local root exploit (03-03-04)


* FreeBSD-SA-04:04.tcp -- many out-of-sequence TCP packets
denial-of-service (03-03-04)


F-Secure

* Bagle.C (03-16-04)


* NetSky.N (03-16-04)


* Bagle.N (03-15-04)


* Bagle.P (03-15-04)


* Agobot.FO (03-15-04)


* Bagle.M (03-11-04)


* Java.Classloader (03-11-04)


* NetSky.M (03-11-04)


* NetSky.L (03-10-04)


* Cidra.D (03-10-04)


* Bagle.L (03-10-04)


* PSW-Worm (03-10-04)


* NetSky.K (03-08-04)


* NetSky.J (03-08-04)


* Sober.D (03-08-04)


* NetSky.I (03-08-04)


* NetSky.H (03-05-04)


* Bagle.G (03-04-04)


* NetSky.G (03-04-04)


* NetSky.D (03-04-04)


* NetSky.E (03-04-04)


* NetSky.F (03-04-04)


* Bagle.H (03-04-04)


* MyDoom.H (03-03-04)


* MyDoom.G (03-03-04)


* Bagle.K (03-03-04)


* Bagle.J (03-03-04)


ISS

* AS04-11 (03-15-04)


* AS04-10 (03-08-04)


Network Associates

* Spy-Idwi (03-16-04)


* W32/Netsky.n@MM (03-15-04)


* W32/Bagle.p@MM (03-15-04)


* W32/Polybot.l!irc (03-14-04)


* W32/Bagle.n@MM (03-13-04)


* Adware-Findemnow (03-12-04)


* W32/Netsky.m@MM (03-11-04)


* W32/Netsky.l@MM (03-10-04)


* W32/Bagle.l (03-09-04)


* W32/Netsky.k@MM (03-08-04)


* W32/Netsky.j@MM (03-08-04)


* VBS/Lasku (03-07-04)


* W32/Sober.d@MM (03-07-04)


* W32/Netsky.i@MM (03-07-04)


* W32/NetSky.h@MM (03-05-04)


* W32/Netsky.g@MM (03-04-04)


* W32/Mydoom.h@MM (03-03-04)


* W32/Bagle.k@MM (03-03-04)


* W32/Netsky.f@MM (03-03-04)


SANS

* SANS NewsBites #9 (03-03-04)


* SANS NewsBites #10 (03-10-04)


* @RISK: The Consensus Security Vulnerability Alert #9 (03-03-04)


* @RISK: The Consensus Security Vulnerability Alert #10 (03-10-04)


Sophos

* Troj/Prorat-D (03-16-04)


* W32/Francette-H (03-16-04)


* Troj/Delf-CB (03-16-04)


* Troj/Flood-EF (03-16-04)


* Troj/Coldrage-A (03-16-04)


* Troj/DownLdr-FA (03-16-04)


* W32/Floppy-B (03-16-04)


* Troj/DownLdr-FC (03-16-04)


* W32/Protoride-F (03-16-04)


* W32/Nachi-G (03-16-04)


* W32/Agobot-DZ (03-16-04)


* Troj/LDPinch-K (03-16-04)


* Troj/Psyme-M (03-16-04)


* W32/Agobot-EC (03-16-04)


* W32/SdBot-BB (03-16-04)


* Troj/Apher-M (03-16-04)


* Troj/Sdbot-GQ (03-16-04)


* W32/Agobot-EA (03-16-04)


* W32/Bagle-N (03-16-04)


* Troj/Bdoor-CCK (03-15-04)


* W32/Aidid-A (03-15-04)


* Dial/Ras-B (03-15-04)


* W32/Nackbot-A (03-15-04)


* W32/Nackbot-B (03-15-04)


* W32/Cone-C (03-15-04)


* W32/Marjor-A (03-15-04)


* W32/Randon-AD (03-15-04)


* Dial/RASDial-B (03-15-04)


* W32/Randon-AE (03-15-04)


* W32/Sdbot-GO (03-15-04)


* W32/Sdbot-GP (03-15-04)


* Troj/Lohav-E (03-15-04)


* W32/Agobot-EB (03-15-04)


* W32/Bagle-Zip (03-15-04)


* W32/Bagle-O (03-15-04)


* W32/Bagle-J (03-14-04)


* Troj/LDPinch-H (03-12-04)


* Troj/SdAgent-A (03-12-04)


* JS/Seeker-G (03-12-04)


* W32/Agobot-DY (03-12-04)


* W32/KWBot-G (03-12-04)


* Troj/CBase-A (03-12-04)


* Troj/LdPinch-I (03-12-04)


* Troj/LDPinch-G (03-12-04)


* Troj/LdPinchFam (03-12-04)


* Troj/PAdmin-C (03-12-04)


* W32/Agobot-DV (03-12-04)


* W32/Sdbot-GL (03-12-04)


* Troj/Inor-G (03-12-04)


* W32/Agobot-DU (03-12-04)


* W32/Bereb-B (03-11-04)


* W32/Sdbot-AJ (03-11-04)


* Troj/Ositdoor-A (03-11-04)


* W32/Sdbot-AK (03-11-04)


* Troj/Ovedil-A (03-11-04)


* W32/Cone-A (03-11-04)


* W32/Sdbot-AL (03-11-04)


* Troj/Eyeveg-C (03-11-04)


* Troj/Sdbot-GN (03-11-04)


* Troj/Multidr-S (03-11-04)


* W32/Agobot-DW (03-11-04)


* Troj/Imiserv-C (03-11-04)


* W32/Agobot-DX (03-11-04)


* Troj/Agent-R (03-11-04)


* W32/SdBot-MY (03-11-04)


* W32/Netsky-M (03-11-04)


* W32/Netsky-D (03-10-04)


* W32/Netsky-L (03-10-04)


* Troj/Domwis-A (03-10-04)


* Troj/Sdbot-GM (03-10-04)


* W32/Lamecada-D (03-10-04)


* Troj/Small-AI (03-10-04)


* W32/Cissi-C (03-10-04)


* Troj/Tofger-P (03-10-04)


* Troj/Killproc-C (03-10-04)


* W32/Bar-1236 (03-10-04)


* Troj/Cidra-D (03-10-04)


* W32/Agobot-DQ (03-09-04)


* XM97/Kbase-A (03-09-04)


* W32/Keco-A (03-09-04)


* W32/Nachi-F (03-09-04)


* W32/Sdbot-GK (03-09-04)


* Troj/Stawin-D (03-09-04)


* Troj/StartPa-Y (03-09-04)


* W32/Bagle-K (03-09-04)


* W32/Netsky-F (03-09-04)


* W32/MyDoom-H (03-09-04)


* W32/Netsky-J (03-08-04)


* W32/Netsky-K (03-08-04)


* W32/Randex-AA (03-08-04)


* W32/Agobot-DT (03-08-04)


* Troj/LDPinch-F (03-08-04)


* Troj/Clickslt-A (03-08-04)


* W32/Agobot-DR (03-08-04)


* Troj/Small-DW (03-08-04)


* Troj/Mitglied-N (03-08-04)


* Dial/Freese-B (03-08-04)


* W32/Roca-A (03-08-04)


* W32/Netsky-I (03-07-04)


* W32/Cissi-B (03-05-04)


* W32/Agobot-DS (03-05-04)


* W32/Dumaru-AE (03-05-04)


* VBS/Sling-A (03-05-04)


* Troj/HacDef-100 (03-05-04)


* W32/Doomjuice-C (03-05-04)


* Troj/SdBot-GG (03-05-04)


* W32/Francette-G (03-05-04)


* Troj/Romanat-A (03-05-04)


* Troj/LegMir-J (03-05-04)


* Troj/WindFind-B (03-05-04)


* W32/Netsky-H (03-05-04)


* W32/Hiton-A (03-04-04)


* W32/Netsky-G (03-04-04)


* Troj/Ranck-K (03-04-04)


* Troj/AdClick-Q (03-04-04)


* Troj/Spybot-AW (03-04-04)


* W32/Spybot-BR (03-04-04)


* W32/Agobot-DN (03-04-04)


* W32/Reur-L (03-04-04)


* Troj/Reur-L (03-04-04)


* W32/Reur-M (03-04-04)


* Troj/Reur-M (03-04-04)


* W32/Agobot-DG (03-03-04)


* W32/Agobot-DH (03-03-04)


* W32/Agobot-DI (03-03-04)


* W32/Agobot-DJ (03-03-04)


* W32/Agobot-DK (03-03-04)


* W32/Agobot-DL (03-03-04)


* W32/Agobot-DM (03-03-04)


* W32/MyDoom-G (03-03-04)


Symantec

* W32.Netsky.N@mm (03-16-04)


* W32.HLLW.RedDw@mm (03-15-04)


* W32.Beagle.N@mm (03-15-04)


* W32.Tuoba.Trojan (03-15-04)


* W32.Cone.F@mm (03-14-04)


* Trojan.Mitglieder.E (03-13-04)


* Trojan.Mitglieder.D (03-13-04)


* W32.Beagle.M@mm (03-13-04)


* W32.HLLW.Citor (03-13-04)


* W32.HLLW.Annil@mm (03-12-04)


* W32.Cone.E@mm (03-12-04)


* PWSteal.Irftp (03-12-04)


* Trojan.Etsur (03-12-04)


* Trojan.Noupdate (03-11-04)


* Trojan.Gipma (03-10-04)


* W32.Cone.D@mm (03-10-04)


* W32.Netsky.M@mm (03-10-04)


* Trojan.Simcss.B (03-10-04)


* W97M.Trug.B (03-09-04)


* W32.Netsky.L@mm (03-09-04)


* W32.Cone.C@mm (03-09-04)


* W32.Netsky.K@mm (03-08-04)


* W32.Keco@mm (03-08-04)


* W32.Netsky.J@mm (03-08-04)


* W32.Sober.D@mm (03-07-04)


* W32.Netsky.I@mm (03-07-04)


* Trojan.Reur.B (03-05-04)


* W32.HLLW.Reur.B (03-05-04)


* W32.HLLW.Heycheck (03-05-04)


* PWSteal.Banpaes.C (03-05-04)


* W32.Netsky.H@mm (03-05-04)


* W32.Netsky.G@mm (03-04-04)


* X97M.Kbase (03-03-04)


* W32.Mydoom.H@mm (03-03-04)


* W32.Beagle.K@mm (03-03-04)


* W32.Netsky.F@mm (03-03-03)


Trend Micro

* WORM_NETSKY.N (03-16-04)


* PE_BAGLE.P (03-15-04)


* WORM_AGOBOT.JP (03-14-04)


* WORM_AGOBOT.DU (03-14-04)


* PE_BAGLE.N (03-13-04)


* WORM_NACHI.E (03-13-04)


* WORM_CONE.B (03-12-04)


* WORM_CONE.C (03-12-04)


* WORM_AGOBOT.VP (03-12-04)


* WORM_CONE.D (03-11-04)


* WORM_NETSKY.M (03-10-04)


* WORM_NETSKY.L (03-10-04)


* WORM_BAGLE.L (03-10-04)


* WORM_AGOBOT.PY (03-09-04)


* MS04-010_MICROSOFT_MSN_MESSENGER (03-09-04)


* MS04-009_MICROSOFT_OUTLOOK_2002 (03-09-04)


* MS04-008_WINDOWS_MEDIA_SERVICES (03-09-04)


* WORM_NETSKY.K (03-08-04)


* WORM_SOBER.D (03-08-04)


* WORM_NACHI.F (03-08-04)


* WORM_NETSKY.J (03-08-04)


* WORM_AGOBOT.GA (03-08-04)


* WORM_NETSKY.I (03-07-04)


* WORM_KECO.A (03-07-04)


* WORM_CISSI.B (03-06-04)


* WORM_NETSKY.H (03-05-04)


* WORM_NETSKY.G (03-04-04)


* WORM_MYDOOM.H (03-03-04)


* WORM_BAGLE.K (03-03-04)


* WORM_NETSKY.F (03-03-04)


UNIRAS

* NGSSoftware Security Bulletin: IBM DB2 Remote Command Execution
Privilege Upgrade (03-16-04)


* iDEFENSE Security Bulletin: Microsoft Outlook mailto Parameter
Passing Vulnerability (03-16-04)


* Macromedia Security Bulletins:
1. Security Patch available for
ColdFusion MX and JRun 4.0 Web Services DoS.
2. Potential Security
Risk with Macromedia E-Licensing Client Activation Code (03-16-04)


* HP Web-enabled Management Software certificate compromise using HP
HTTP Server (03-15-04)


* HP Web-enabled Management Software certificate compromise using HP
HTTP Server (03-15-04)


* Two Debian Security Advisories:
1. New xitalk packages fix local group utmp exploit
2. New samba packages fix privilege escalation in smbmnt
(03-15-04)


* Two Red Hat Security Advisories:
1. Updated gdk-pixbuf packages fix denial of service vulnerability
2. Updated sysstat packages fix security vulnerabilities
(03-15-04)


* Debian Security Advisory DSA 461-1:New calife packages fix buffer
overflow (03-12-04)


* Two Sun Microsystems Security Advisories:
1. ASN.1 Parsing Issue May Lead to Denial-of-Service Condition in
Sun Java System Web Server and Sun Java System Application Server
2. Multiple Buffer Overflows in /usr/bin/uucp May Allow
Unauthorized uucp(1C) User ID Access (03-12-04)


* Microsoft Outlook mailto URL Handling Vulnerability (03-11-04)


* Three Red Hat Security Briefings:
1. Updated kdelibs packages resolve cookie security issue
2. Updated sysstat packages that fix various bugs and a minor
security issue are now available
3. Updated gdk-pixbuf packages fix denial of service vulnerability
(03-11-04)


* Three Debian Security Advisories:
1. New python2.2 packages fix buffer overflow
2. New kdelibs, kdelibs-crypto packages fix cookie traversal bug
3. New sysstat packages fix insecure temporary file creation
(03-11-04)


* Four Mandrake Security Advisories:
1. Buffer overflow in python 2.2's getaddrinfo()
2. Updated gdk-pixbuf packages fix BMP-handling vulnerability
3. Updated mozilla packages fix multiple vulnerabilities
4. Updated kdelibs packages fix cookie theft vulnerability
(03-11-04)


* Multiple vendor HTTP user agent cookie path traversal issue
(03-10-04)


* Microsoft Security Bulletins:
1. Vulnerability in Windows Media Services Could Allow a Denial of
Service
2. Vulnerability in Microsoft Outlook Could Allow Code Execution
(828040)
3. Vulnerability in ISAPI Extension for Windows Media Services
Could Cause Code Execution (822343)
4. Vulnerability in MSN Messenger Could Allow Information
Disclosure (838512) (03-10-04)


* Red Hat Security Bulletin: Updated wu-ftpd package fixes security
issues (03-10-04)


* Debian Security Bulletin: New wu-ftpd packages fix multiple
vulnerabilities (03-10-04)


* CIAC Security Bulletin: Oracle9i Database Buffer Overflow
Vulnerabilities (03-09-04)


* NGSSoftware Security Bulletin: Buffer Overflow Vulnerabilities in
SLWebMail and SLMail Pro Supervisor Report Center (03-09-04)


* Malicious Software Report: NetSky variant and W32/Sober.D
(03-08-04)


* New libxml packages fix arbitrary code execution (03-05-04)


* Tru64 UNIX IPsec/IKE Potential Remote Unauthorized Access
(03-05-04)


* Cisco CSS 11000 Series Content Services Switches Malformed UDP
Packet Vulnerability (03-05-04)


* Malicious Software Report concerning variants of Bagle and Netsky
(03-04-04)


* NGSSoftware Insight Security Research Advisory NISR03022004
(03-04-04)


* Updated libxml2 packages fix security vulnerability (03-04-04)


* FreeBSD-SA-04:04.tcp many out-of-sequence TCP packets
denial-of-service (03-04-04)


* Squid-2.5.STABLE5 fixes and features for URL encoding tricks
(03-03-04)


* DSA 451-1: New xboing packages fix buffer overflows. DSA 452-1:
New libapache-mod-python packages fix denial of service (03-03-04)


* New Linux 2.2.22 and 2.2.20 packages fix local root exploit
(03-03-04)

_________________________________________________________________

Copyright 2004 Carnegie Mellon University.

This document is available at


and in PDF format at
Posted on Thursday, 18 March 2004 @ 11:21:53 EST by phoenix22
image

 
Login
Nickname

Password
· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· Linux.com
· IBM
· MandrakeSoft
· Red Hat
· Debian GNU/Linux
· FreeBSD
· Microsoft
· Microsoft
· Linux Kernel Archives
· HotScripts
· Apple
· Apache Web Server
· W3 Consortium
· CSS Standard
· Sun Microsystems
· Oracle
· GNOME
· KDE
· Mozilla
· Hewlett Packard
· Hewlett Packard
· More about Cyber Security
· News by phoenix22
Most read story about Cyber Security:
Booby Trapped software!

image
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent

image
Options

Printer Friendly Page  Printer Friendly Page
image
"Login" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 1216 pages served in previous 5 minutes. Page Rendered: 0.804 seconds.