CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
image Advisories!: Latest Advisories & Live Feeds (12/26/03) image
Cyber Security
Latest Advisories
Live Virus Advisory Feeds
2003-12-26
Secunia
Security Tracker
Security Focus
Symantec
*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
rsync File Handling Integer Overflow Vulnerability
A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.

Latest 15 Secunia Security Advisories:
2003-12-26
- Squirrelmail Address Parsing Execution of Arbitrary Commands

2003-12-24
- Xlight FTP Server Buffer Overflow Vulnerability

- PlatinumFTPServer Format String Vulnerability

- Cesar FTP Denial of Service Vulnerability

2003-12-23
- My Little Forum Cross-Site Scripting Vulnerabilities

- ProjectForum and CourseForum Multiple Vulnerabilities

- Sun Grid Engine OpenSSL Vulnerabilities

- Sun Solaris tcsh Privilege Escalation Vulnerability

- Sun Cobalt update for bash

- DCAM Server Directory Traversal Vulnerability

2003-12-22
- mvdsv Download Function Buffer Overflow Vulnerability

- Dada Mail Non-Random Verification PIN

- Xoops URL Parameter Cross Site Scripting Vulnerability

- Subscribe Me Pro Installation Invocation

- Active WebCam Directory Traversal and Cross-Site Scripting

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Internet Explorer URL Spoofing Vulnerability

- Internet Explorer System Compromise Vulnerabilities

- Xlight FTP Server Buffer Overflow Vulnerability

- Squirrelmail Address Parsing Execution of Arbitrary Commands

- Mac OS X Security Update Fixes Multiple Vulnerabilities


Security Tracker

SquirrelMail May Execute Arbitrary Commands When Encrypting Mail to Specially Crafted Addresses

An input validation vulnerability was reported in SquirrelMail in 'gpg_encrypt.php'. Arbitrary operating system commands may be executed when encrypting mail to specially crafted addresses.

Impact: Execution of arbitrary code via network, User access via network

Sun Solaris tcsh(1) Argument Expansion Flaw Lets Local Users Gain Elevated Privileges

A vulnerability was reported in tcsh(1) on Sun Solaris 8. A local user may be able to obtain elevated privileges.

Impact: Modification of system information, Modification of user information, Root access via local system, User access via local system

QuikStore Shopping Cart Input Validation Flaw Discloses Files to Remote Users

Dr`Ponidi of the Indonesia Security Development Team reported vulnerabilities in the QuikStore shopping cart. A remote user can view files on the system. A remote user can also determine the installation path.

Impact: Disclosure of system information, Disclosure of user information

my little forum Input Validation Flaws Permit Cross-Site Scripting Attacks

David Sopas Ferreira reported an input validation vulnerability in 'my little forum'. A remote user can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information

Xlight FTP Server Buffer Overflow in PASS Command May Let Remote Authenticated Users Execute Arbitrary Code

A buffer overflow vulnerability was reported in Xlight FTP Server. A remote authenticated user may be able to execute arbitrary code.

Impact: Execution of arbitrary code via network, User access via network

SecurityFocus BugTraq
SecurityFocus Vulnerabilities

12/23/2003 Re: phpBB v2.06 search_id sql injection exploit Micheal Cottingham
12/23/2003 QuikStore Shopping Cart Discloses Installation Path & Files to Remote Users Dr`Ponidi Haryanto
12/23/2003 Re: Internet Explorer URL parsing vulnerability nesumin
12/23/2003 [Opera 7] Arbitrary File Delete Vulnerability Operash
2003-12-22: osCommerce manufacturers_id Parameter Cross-Site Scripting Vulnerability
2003-12-22: osCommerce products_id URI Parameter SQL Injection Vulnerability
2003-12-22: PServ Web Server Directory Traversal Vulnerability
2003-12-22: Unix Shell Redirection Race Condition Vulnerability
2003-12-22: RhinoSoft Serv-U FTP Server Insecure INI File Permissions Vulnerability
2003-12-22: ProjectForum HTML Injection Vulnerability
2003-12-22: ProjectForum find Request Denial of Service Vulnerability
2003-12-22: DCAM WebCam Server Personal Web Server Directory Traversal Vulnerability
2003-12-22: Sun One Application Server Request Logging Circumvention Weakness
2003-12-22: Sun ONE Application Server Source Disclosure Vulnerability
2003-12-22: BN Soft BoastMachine Comment Form HTML Injection Vulnerability
2003-12-22: CesarFTP Remote CWD Denial of Service Vulnerability
2003-12-22: Xoops MyLinks Myheader.php Cross-Site Scripting Vulnerability
2003-12-21: DameWare Mini Remote Control Server Pre-Authentication Buffer Overflow Vulnerability
2003-12-21: PHP-Nuke admin.php SQL Injection Vulnerability
2003-12-20: BES-CMS Multiple Module File Include Vulnerability
2003-12-20: Apple MacOS X ASN.1 Decoding Unspecified Remote Denial Of Service Vulnerability
2003-12-20: Apple MacOS X fs_usage Unspecified Local Privilege Escalation Vulnerability
2003-12-20: Apple MacOS X AppleFileServer Unspecified Vulnerability
2003-12-20: Eric S. Raymond Fetchmail Unspecified Denial of Service Vulnerability
2003-12-20: RSync Daemon Mode Undisclosed Remote Heap Overflow Vulnerability
2003-12-20: Apple MacOS X DHCP Response Root Compromise Vulnerability
2003-12-20: Apple Mac OS X Panther Screen Effects Locking Latency Vulnerability
2003-12-20: MacOSX CD9660.Util Probe For Mounting Argument Local Buffer Overflow Vulnerability
2003-12-19: Multiple PlatinumFTPServer Command Argument Format String Vulnerabilities
2003-12-19: PY Software Active Webcam Webserver Directory Traversal Vulnerability
2003-12-19: PY Software Active Webcam Webserver Cross-Site Scripting Vulnerability
2003-12-19: Linux Kernel do_brk Function Boundary Condition Vulnerability
2003-12-19: Openwares.org Internet Explorer Patch Buffer Overflow Vulnerability
2003-12-19: Kerio Personal Firewall Stealth Port Scan Unspecified Firewall Bypassing Vulnerability
2003-12-19: Xerox Xerox_MicroServer/Xerox11 Directory Traversal Vulnerability
2003-12-19: AOL Instant Messenger Buddy Icon Warning Denial Of Service Vulnerability
2003-12-19: Multiple Vendor X Font Server Remote Buffer Overrun Vulnerability

Symantec SSR

PWSteal.Bancos.D December 22, 2003 December 23, 2003
W32.Cissi.A@mm December 22, 2003 December 23, 2003
W32.Gluber.B@mm December 21, 2003 December 22, 2003
Trojan.Bookmarker December 20, 2003 December 22, 2003
Backdoor.Trodal December 20, 2003 December 20, 2003
VBS.Sling December 20, 2003 December 20, 2003
W32.Sober.C@mm December 20, 2003 December 20, 2003
W32.Sober.gen December 20, 2003 December 20, 2003
W32.HLLW.Warpigs.C
Backdoor.Spyboter.gen [KAV] December 19, 2003 December 20, 2003
Trojan.Anymail December 18, 2003 December 19, 2003
W32.Sober.B@mm December 18, 2003 December 18, 2003
W32.Wilsef December 17, 2003 December 18, 2003
Trojan.Gema December 16, 2003 December 17, 2003
W32.HLLW.Cayam@mm December 16, 2003 December 17, 2003
W32.Randex.BE
W32/Sdbot.worm.gen.b [McAfee], Backdoor.SdBot.gen [Kaspersky] December 15, 2003 December 16, 2003
PWSteal.Sagic December 15, 2003 December 15, 2003
Hacktool.Sagic December 15, 2003 December 15, 2003
Trojan.PWS.Qphook December 14, 2003 December 15, 2003
Backdoor.Uprootkit
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Backdoor.Uprootkit.cli
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Trojan.Sysbin December 11, 2003 December 12, 2003
MHTMLRedir.Exploit December 11, 2003 December 12, 2003
W32.HLLW.Gaobot.EE December 11, 2003 December 11, 2003
W32.Mertian.Worm
W32.Mertian@mm December 11, 2003 December 11, 2003
Backdoor.Volac.dr December 10, 2003 December 11, 2003
Backdoor.Volac December 10, 2003 December 11, 2003
Backdoor.Roxy.C December 10, 2003 December 11, 2003
W32.Scold@mm
W32/Scold@MM [McAfee], Win32.Scold.A [Computer Associates], WORM_SCOLD.A [Trend], W32/Scold-A [Sophos], I-Worm.Scold [Kaspersky] December 10, 2003 December 11, 2003
Trojan.Slog December 10, 2003 December 11, 2003
Backdoor.Formador
Backdoor.Trojan.Client, Backdoor.Formador.c [AVP], Downloader-DP [Mcafee] December 10, 2003 December 10, 2003
Trojan.Benuti December 9, 2003 December 10, 2003
W32.Randex.BD
Backdoor.IRCBot.gen [Kaspersky] December 9, 2003 December 9, 2003
W32.HLLW.Bodiru December 8, 2003 December 8, 2003
PHP.Feast December 8, 2003 December 8, 2003
Backdoor.Xibo
Backdoor.XLBH.b [Kaspersky] December 8, 2003 December 8, 2003
Backdoor.Ketch December 5, 2003 December 8, 2003
W32.HLLW.Gaobot.DK
W32.HLLW.Gaobot.gen, W32/Gaobot.worm.gen [McAfee], Backdoor.Agobot.3.gen [Kaspersky] December 5, 2003 December 8, 2003
Trojan.Digits
Download.Trojan December 5, 2003 December 5, 2003
W32.Memas@mm
W32/Memas@mm[McAfee] December 4, 2003 December 5, 2003
W32.HLLW.Slideshow December 4, 2003 December 5, 2003
W32.Randex.AZ
W32.Randex.AX December 4, 2003 December 4, 2003
Trojan.Framar December 3, 2003 December 3, 2003
W32.Mimail.M@mm
W32.Mimail.Gen, W32/Mimail.gen@MM [McAfee] December 3, 2003 December 3, 2003
W32.HLLW.Epon@mm
I-Worm.Epon [Kaspersky] December 2, 2003 December 3, 2003
Backdoor.Freefors December 2, 2003 December 2, 2003
W32.Kwbot.S.Worm@mm
Backdoor.IRCBot.gen [KAV] December 2, 2003 December 2, 2003
JS.Pun.Trojan December 1, 2003 December 2, 2003
W32.Mimail.L@mm
W32.Mimail.Gen, W32/Mimail.l@MM [McAfee] December 1, 2003 December 2, 2003
Backdoor.Dragonqq
PWS-QQDrag [McAfee] December 1, 2003 December 1, 2003
Backdoor.Haxdoor
Backdoor.Haxdoor.i [Kaspersky] November 30, 2003 December 1, 2003
W32.HLLW.Studd
W32/Duster [McAfee] November 28, 2003 December 1, 2003
W32.HLLW.Southghost November 28, 2003 December 1, 2003
W32.Midlak@mm November 27, 2003 December 1, 2003
Backdoor.IRC.Whisper November 26, 2003 November 26, 2003
W32.Spex.B.Worm
Worm.P2P.Specx [Kaspersky] November 26, 2003 November 26, 2003
Backdoor.Asoxy November 26, 2003 November 26, 2003
W32.Randex.AX November 25, 2003 November 26, 2003
Backdoor.Spotcom November 25, 2003 November 25, 2003
Backdoor.Sysbug
BackDoor-CAG [McAfee], Troj/Sysbug-A [Sophos] November 25, 2003 November 25, 2003
W32.Azha.Worm November 24, 2003 November 25, 2003
W32.Randex.AW
Backdoor.SdBot.gen [Kaspersky], W32/Sdbot.worm.gen [McAfee] November 24, 2003 November 25, 2003
W32.HLLW.Bandie November 24, 2003 November 25, 2003
W32.Widare
Bloodhound.W32.2 November 23, 2003 November 24, 2003
Backdoor.Ciadoor.B
Backdoor.Ciadoor.12.b [Kaspersky], Backdoor-ASB [McAfee] November 23, 2003 November 24, 2003
W32.Notime November 22, 2003 November 24, 2003
W32.HLLW.Gaobot.DJ
W32.HLLW.Gaobot.gen November 21, 2003 November 24, 2003
W32.Randex.AT
Backdoor.SdBot.gen [KAV] November 21, 2003 November 21, 2003
Backdoor.Tinydog November 20, 2003 November 21, 2003
W32.Bolgi.Worm November 20, 2003 November 21, 2003
W32.HLLW.Taplak
W32.Klap, W32.HLLW.Taplak November 20, 2003 November 20, 2003
PWSteal.Banpaes.B November 20, 2003 November 20, 2003
W32.Randex.AR November 19, 2003 November 20, 2003
W32.HLLW.Anarch@mm November 19, 2003 November 20, 2003





Live Virus Advisory Feed
Posted on Friday, 26 December 2003 @ 09:54:38 UTC by phoenix22 (6421 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories & Live Feeds (12/26/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Linux.com
· PHP HomePage
· Linux Kernel Archives
· PHP-Nuke
· HotScripts
· Apple
· W3 Consortium
· HTML Standard
· America Online
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
143ppm 0.171s (0.006s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer