CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
image Advisories!: Latest Advisories & Live Feeds (12/30/03) image
Cyber Security
Latest Advisories
Live Virus Advisory Feeds
2003-12-30
Secunia
Security Tracker
Security Focus
Symantec
*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
rsync File Handling Integer Overflow Vulnerability
A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.

Latest 15 Secunia Security Advisories:
2003-12-30
- Debian update for xsok

- Xsok Unspecified Privilege Escalation Vulnerability

- MDaemon Raw Message Handler Buffer Overflow Vulnerability

- NETObserve User Authentication Bypass Vulnerability

- Jordan Windows Telnet Server Username Buffer Overflow Vulnerability

- PHP-Ping count Parameter Arbitrary Command Execution Vulnerability

2003-12-29
- PHP-Nuke pollID Parameter SQL Injection Vulnerability

- PHP / mod_php File Descriptor Leakage Vulnerability

- Microsoft Internet Information Services Track Log Bypass

- ViewCVS Error Page Cross-Site Scripting Vulnerability

- KnowledgeBuilder Arbitrary File Inclusion Vulnerability

- Gentoo update for CVS

- CVS pserver CVSROOT/passwd Privilege Escalation Vulnerability

- Private Message System Cross-Site Scripting Vulnerability

2003-12-28
- Internet Explorer for Mac Disclosure of Referer Information Weakness

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Internet Explorer URL Spoofing Vulnerability

- Microsoft Internet Information Services Track Log Bypass

- PHP-Nuke pollID Parameter SQL Injection Vulnerability

- Internet Explorer for Mac Disclosure of Referer Information Weakness

- PHP / mod_php File Descriptor Leakage Vulnerability


Security Tracker

PHPCatalog 'id' Input Validation Flaw Permits Remote SQL Injection

David Sopas Ferreira from SystemSecure.org reported an input validation vulnerability in PHPCatalog. A remote user can inject SQL commands.

Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information

MDaemon FORM2RAW Buffer Overflow Lets Remote Users Execute Arbitrary Code

Hat-Squad Security Team reported a buffer overflow vulnerability in the MDaemon mail server in the Form2Raw component. A remote user can cause arbitrary code to be executed.

Impact: Execution of arbitrary code via network, User access via network

phpBB Input Validation Flaw in 'groupcp.php' Permits Moderators to Inject SQL Commands

An input validation vulnerability was reported in phpBB. A remote authenticated moderator can inject SQL commands.

Impact: Execution of arbitrary code via network

Jordan Stojanovski Windows Telnet Server 'username' Buffer Overflow Lets Remote Users Execute Arbitrary Code

A buffer overflow vulnerability was reported in Jordan Stojanovski Windows Telnet Server. A reomte user can execute arbitrary code on the target system.

Impact: Execution of arbitrary code via network, User access via network

CVS pserver 'passwd' File May Let Local Users Run Code with Root Privileges

A vulnerability was reported in the CVS pserver. A local user with write access to the CVS password file may be able to execute arbitrary code with root privileges.

Impact: Execution of arbitrary code via local system, Root access via local system


SecurityFocus BugTraq
SecurityFocus Vulnerabilities

12/29/2003 [Hat-Squad] Remote buffer overflow in Mdaemon Raw message Handler Hat-Squad Security Team
12/29/2003 RE: DANGER ZONE: Internet Explorer http-equiv@excite.com
12/29/2003 RE: DANGER ZONE: Internet Explorer tlarholm pivx com
12/29/2003 Buffer-overflow in Jordan's telnet server Luigi Auriemma
12/29/2003 php-ping: Executing arbritary commands ppp-design
12/29/2003 SQL Injection in phpBB's groupcp.php Jay Gates
12/29/2003 GLSA: cvs (200312-08) Rajiv Aaron Manglani
12/28/2003 Cross Site Scripting vulnerability in miniBB 1.7 (latest) and earlier Chintan Trivedi
12/27/2003 Landesk Management Suite IRCRBOOT.DLL buffer overflow Tri Huynh
12/27/2003 PHP-NUKE 7.0 FINAL (and olders) sql injection r00t rsteam ru
2003-12-26: Apache mod_php Module File Descriptor Leakage Vulnerability
2003-12-26: Valve Software Half-Life Dedicated Server Information Disclosure/DOS Vulnerability
2003-12-26: Squirrelmail G/PGP Encryption Plugin Remote Command Execution Vulnerability
2003-12-26: Web Merchant Services Storefront Shopping Cart login.asp SQL Injection Vulnerability
2003-12-26: GNU Indent Local Heap Overflow Vulnerability
2003-12-26: OpenBB Index.PHP Remote SQL Injection Vulnerability
2003-12-26: Surfboard httpd Remote Buffer Overflow Vulnerability
2003-12-25: Cyrus IMSP Daemon Remote Buffer Overflow Vulnerability
2003-12-24: Microsoft Internet Explorer For Mac HTTP Referer Information Disclosure Vulnerability
2003-12-24: phpBB search.php SQL Injection Vulnerability
2003-12-24: SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution Vulnerability
2003-12-24: Psychoblogger Multiple SQL Injection Vulnerabilities
2003-12-24: Psychoblogger Multiple Cross-Site Scripting Vulnerabilities
2003-12-24: OpenBSD Tcpdump Remote Denial of Service Vulnerability
2003-12-24: KnowledgeBuilder Remote File Include Vulnerability
2003-12-24: ViewCVS Viewcvs.py Cross-Site Scripting Vulnerability
2003-12-23: phpBB Privmsg.PHP Cross-Site Scripting Vulnerability
2003-12-23: Webfroot Shoutbox Viewshoutbox.PHP Cross-Site Scripting Vulnerability
2003-12-23: Microsoft Internet Explorer File Download Warning Bypass Vulnerability
2003-12-23: Multiple Browser URI Display Obfuscation Weakness
2003-12-23: Microsoft Internet Explorer BackToFramedJPU Cross-Domain Policy Vulnerability
2003-12-23: Microsoft Internet Explorer Browser MHTML Redirection Local File Parsing Vulnerability
2003-12-23: Microsoft Internet Explorer MHTML Forced File Execution Vulnerability
2003-12-23: My Little Forum Email.PHP Cross-Site Scripting Vulnerability
2003-12-23: Xlight FTP Server PASS Command Remote Buffer Overflow Vulnerability
2003-12-23: Red Hat Linux 2.4 Kernel Multiple Potential Vulnerabilities
2003-12-23: Apple QuickTime/Darwin Streaming MP3Broadcaster ID3 Tag Handling Vulnerability
2003-12-23: ISC BIND Negative Cache Poison Denial Of Service Vulnerability
2003-12-23: IBM AIX lpd Local Format String Vulnerability
2003-12-23: iSoft-Solutions QuikStore Shopping Cart template Parameter Directory Traversal Vulnerability
2003-12-23: Opera Browser URI Display Obfuscation Weakness
2003-12-23: Sun Solaris tcsh ls-F Builtin Unspecified Privilege Escalation Vulnerability
2003-12-23: Opera Relative Path Directory Traversal File Corruption Vulnerability

Symantec SSR

W32.Mumo December 29, 2003 December 30, 2003
Backdoor.Gaster December 29, 2003 December 30, 2003
W32.Torun
W32.Torun.dr, Worm.W32.Torun [AVP] December 28, 2003 December 29, 2003
Trojan.Download.Revird December 27, 2003 December 29, 2003
Backdoor.Portless December 26, 2003 December 29, 2003
PWSteal.Bancos.D December 22, 2003 December 23, 2003
W32.Cissi.A@mm December 22, 2003 December 23, 2003
W32.Gluber.B@mm December 21, 2003 December 22, 2003
Trojan.Bookmarker December 20, 2003 December 22, 2003
Backdoor.Trodal December 20, 2003 December 20, 2003
VBS.Sling December 20, 2003 December 20, 2003
W32.Sober.C@mm
W32/Sober-C [Sophos], Win32.Sober.C [Computer Associates], W32/Sober.c@MM [McAfee], WORM_SOBER.C [Trend], I-Worm.Sober.c [Kaspersky] December 20, 2003 December 20, 2003
W32.Sober.gen December 20, 2003 December 20, 2003
W32.HLLW.Warpigs.C
Backdoor.Spyboter.gen [KAV] December 19, 2003 December 20, 2003
Trojan.Anymail December 18, 2003 December 19, 2003
W32.Sober.B@mm December 18, 2003 December 18, 2003
W32.Wilsef December 17, 2003 December 18, 2003
Trojan.Gema December 16, 2003 December 17, 2003
W32.HLLW.Cayam@mm December 16, 2003 December 17, 2003
W32.Randex.BE
W32/Sdbot.worm.gen.b [McAfee], Backdoor.SdBot.gen [Kaspersky] December 15, 2003 December 16, 2003
PWSteal.Sagic December 15, 2003 December 15, 2003
Hacktool.Sagic December 15, 2003 December 15, 2003
Trojan.PWS.Qphook December 14, 2003 December 15, 2003
Backdoor.Uprootkit
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Backdoor.Uprootkit.cli
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Trojan.Sysbin December 11, 2003 December 12, 2003
MHTMLRedir.Exploit December 11, 2003 December 12, 2003
W32.HLLW.Gaobot.EE December 11, 2003 December 11, 2003
W32.Mertian.Worm
W32.Mertian@mm December 11, 2003 December 11, 2003
Backdoor.Volac.dr December 10, 2003 December 11, 2003
Backdoor.Volac December 10, 2003 December 11, 2003
Backdoor.Roxy.C December 10, 2003 December 11, 2003
W32.Scold@mm
W32/Scold@MM [McAfee], Win32.Scold.A [Computer Associates], WORM_SCOLD.A [Trend], W32/Scold-A [Sophos], I-Worm.Scold [Kaspersky] December 10, 2003 December 11, 2003
Trojan.Slog December 10, 2003 December 11, 2003
Backdoor.Formador
Backdoor.Trojan.Client, Backdoor.Formador.c [AVP], Downloader-DP [Mcafee] December 10, 2003 December 10, 2003
Trojan.Benuti December 9, 2003 December 10, 2003
W32.Randex.BD
Backdoor.IRCBot.gen [Kaspersky] December 9, 2003 December 9, 2003
W32.HLLW.Bodiru December 8, 2003 December 8, 2003
PHP.Feast December 8, 2003 December 8, 2003
Backdoor.Xibo
Backdoor.XLBH.b [Kaspersky] December 8, 2003 December 8, 2003
Backdoor.Ketch December 5, 2003 December 8, 2003
W32.HLLW.Gaobot.DK
W32.HLLW.Gaobot.gen, W32/Gaobot.worm.gen [McAfee], Backdoor.Agobot.3.gen [Kaspersky] December 5, 2003 December 8, 2003
Trojan.Digits
Download.Trojan December 5, 2003 December 5, 2003
W32.Memas@mm
W32/Memas@mm[McAfee] December 4, 2003 December 5, 2003
W32.HLLW.Slideshow December 4, 2003 December 5, 2003
W32.Randex.AZ
W32.Randex.AX December 4, 2003 December 4, 2003
Trojan.Framar December 3, 2003 December 3, 2003
W32.Mimail.M@mm
W32.Mimail.Gen, W32/Mimail.gen@MM [McAfee] December 3, 2003 December 3, 2003
W32.HLLW.Epon@mm
I-Worm.Epon [Kaspersky] December 2, 2003 December 3, 2003
Backdoor.Freefors December 2, 2003 December 2, 2003
W32.Kwbot.S.Worm@mm
Backdoor.IRCBot.gen [KAV] December 2, 2003 December 2, 2003
JS.Pun.Trojan December 1, 2003 December 2, 2003
W32.Mimail.L@mm
W32.Mimail.Gen, W32/Mimail.l@MM [McAfee] December 1, 2003 December 2, 2003
Backdoor.Dragonqq
PWS-QQDrag [McAfee] December 1, 2003 December 1, 2003
Backdoor.Haxdoor
Backdoor.Haxdoor.i [Kaspersky] November 30, 2003 December 1, 2003



Live Virus Advisory Feed
Posted on Tuesday, 30 December 2003 @ 08:24:51 UTC by phoenix22 (5494 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories & Live Feeds (12/30/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Linux.com
· GNU Project
· IBM
· PHP HomePage
· Red Hat
· Debian GNU/Linux
· Microsoft
· Microsoft
· Linux Kernel Archives
· PHP-Nuke
· HotScripts
· Apple
· Apache Web Server
· W3 Consortium
· MP3.com
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
74ppm 0.235s (0.01s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer