There is always one moment in childhood
when the door opens and lets the future in.
Graham Greene (1904-1991); English novelist.

- Weekly summary -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, April 24, 2004 - This week, Oxygen3 24h-365d has informed its
subscribers about the news summarized below, which can be accessed at:
http://www.pandasoftware.com/about/press/oxygen3/oxygen.asp.

- Denial of service in RealNetworks Helix Universal Server (04/19/04).
iDEFENSE has reported the existence of a vulnerability that could allow
denial of service (DoS) attacks against the RealNetworks Helix Universal
server, by launching a specially-crafted GET request. This could be
exploited by an attacker to crash the server and, depending on the
configuration, restart it.

- Vulnerabilities in ColdFusion MX (04/20/04).
According to an announcement by SecuriTeam, two vulnerabilities have been
discovered in Macromedia ColdFusion MX Server which could allow an attacker
to launch denial of services. The first of the two security problems affects
ColdFusion 6.0 and is caused when ColdFusion MX Server tries to write an
overlong error message. The second vulnerability affects ColdFusion MX 6.1
and ColdFusion MX 6.1 J2EE. It occurs when a file is uploaded to ColdFusion
MX via an HTML form and the process is interrupted before it is complete.

- Multiple systems affected by a vulnerability in TCP (04/21/04).
US-CERT/CC has published an advisory about a vulnerability in TCP that could
allow a malicious user to carry out denial of service attacks. This is a
serious problem, as multiple implementations of the BGP rely on TCP to
maintain permanent unauthenticated network sessions. The problem could also
affect any other protocol or service that rely on persistent TCP
connections.

- (I) Evolution of computer viruses (04/22/04).
It was in 1949 that Mathematician John Von Neumann described
self-replicating programs which could resemble computer viruses as they are
known today. However, it was not until the 60s that we find the predecessor
of current viruses. In that decade, a group of programmers developed a game
called Core Wars, which could reproduce every time it was run, and even
saturate the memory of other players' computers. The creators of this
peculiar game also created the first antivirus, an application named Reeper,
which could destroy copies created by Core Wars.

- Vulnerability in SNMP request processing in Cisco devices (04/23/04).
Cisco has reported a security flaw in several versions of Cisco Internet
Operation System and has also released the patches that fix it. Under
certain circumstances, this vulnerability can cause devices to reload on
receiving an SNMP request. If it is exploited repeatedly, it could result in
a Denial of Service.

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.