CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
image Advisories!: Latest Advisories & Live Feeds (12/31/03) image
Cyber Security
Latest Advisories
Live Virus Advisory Feeds
2003-12-31
Secunia
Security Tracker
Security Focus
Symantec
*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
rsync File Handling Integer Overflow Vulnerability
A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.

Latest 15 Secunia Security Advisories:
2003-12-30
- miniBB Cross-Site Scripting Vulnerability

- PHPCatalog id Parameter SQL Injection Vulnerability

- phpBB SQL Injection Vulnerability

- Debian update for xsok

- Xsok Unspecified Privilege Escalation Vulnerability

- MDaemon Raw Message Handler Buffer Overflow Vulnerability

- NETObserve User Authentication Bypass Vulnerability

- Jordan Windows Telnet Server Username Buffer Overflow Vulnerability

- PHP-Ping count Parameter Arbitrary Command Execution Vulnerability

2003-12-29
- PHP-Nuke pollID Parameter SQL Injection Vulnerability

- PHP / mod_php File Descriptor Leakage Vulnerability

- Microsoft Internet Information Services Track Log Bypass

- ViewCVS Error Page Cross-Site Scripting Vulnerability

- KnowledgeBuilder Arbitrary File Inclusion Vulnerability

- Gentoo update for CVS

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Internet Explorer URL Spoofing Vulnerability

- Macromedia Flash Player Predictable Data Location Weakness

- Microsoft Internet Information Services Track Log Bypass

- Internet Explorer System Compromise Vulnerabilities

- rsync File Handling Integer Overflow Vulnerability


Security Tracker

Xsok Lets Local Users Gain 'games' Group Privileges

A vulnerability was reported in the Xsok game. A local user can execute commands with elevated privileges.

Impact: Execution of arbitrary code via local system, User access via local system

NETObserve Authentication Hole Lets Remote Users Execute OS Commands

Peter Winter-Smith reported a vulnerability in NETObserve. A remote user can execute commands on the target system in certain cases.

Impact: Execution of arbitrary code via network, User access via network

PHPCatalog 'id' Input Validation Flaw Permits Remote SQL Injection

David Sopas Ferreira from SystemSecure.org reported an input validation vulnerability in PHPCatalog. A remote user can inject SQL commands.

Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information

MDaemon FORM2RAW Buffer Overflow Lets Remote Users Execute Arbitrary Code

Hat-Squad Security Team reported a buffer overflow vulnerability in the MDaemon mail server in the Form2Raw component. A remote user can cause arbitrary code to be executed.

Impact: Execution of arbitrary code via network, User access via network

phpBB Input Validation Flaw in 'groupcp.php' Permits Moderators to Inject SQL Commands

An input validation vulnerability was reported in phpBB. A remote authenticated moderator can inject SQL commands.

Impact: Execution of arbitrary code via network


SecurityFocus BugTraq
SecurityFocus Vulnerabilities

12/30/2003 RE: IE 5.22 on Mac Transmitting HTTP Referer from Secure Page tlarholm pivx com
12/30/2003 TOCTOU with NT System Service Hooking Andrey Kolishak
12/30/2003 Re: Gallery v1.3.3 Cross Site Scripting Vulnerabillity Bharat Mediratta
12/30/2003 Gallery v1.3.3 Cross Site Scripting Vulnerabillity The-Insider
12/30/2003 [SECURITY] [DSA 405-1] New xsok packages fix local group games exploit joey infodrom org (Martin Schulze)
12/30/2003 Re: php-ping: Executing arbritary commands ppp-design
12/30/2003 IE 5.x-6.0 allows executing arbitrary programs using showHelp() Arman Nayyeri
12/29/2003 NetObserve Security Bypass Vulnerability Peter Winter-Smith
12/29/2003 RE: php-ping: Executing arbritary commands Golden_Eternity
12/29/2003 [Hat-Squad] Remote buffer overflow in Mdaemon Raw message Handler Hat-Squad Security Team
12/29/2003 RE: DANGER ZONE: Internet Explorer http-equiv@excite.com
12/29/2003 RE: DANGER ZONE: Internet Explorer tlarholm pivx com
12/29/2003 Buffer-overflow in Jordan's telnet server Luigi Auriemma
12/29/2003 php-ping: Executing arbritary commands ppp-design
12/29/2003 SQL Injection in phpBB's groupcp.php Jay Gates
12/29/2003 GLSA: cvs (200312-08) Rajiv Aaron Manglani
12/28/2003 Cross Site Scripting vulnerability in miniBB 1.7 (latest) and earlier Chintan Trivedi
2003-12-27: PHP-Nuke Survey Module SQL Injection Vulnerability
2003-12-27: LANDesk Software LANDesk Management Suite IRCBoot.DLL ActiveX Control Buffer Overrun Vulnerability
2003-12-27: OpenBB Board.PHP Cross-Site Scripting Vulnerability
2003-12-26: Apache mod_php Module File Descriptor Leakage Vulnerability
2003-12-26: Valve Software Half-Life Dedicated Server Information Disclosure/DOS Vulnerability
2003-12-26: Squirrelmail G/PGP Encryption Plugin Remote Command Execution Vulnerability
2003-12-26: Web Merchant Services Storefront Shopping Cart login.asp SQL Injection Vulnerability
2003-12-26: GNU Indent Local Heap Overflow Vulnerability
2003-12-26: OpenBB Index.PHP Remote SQL Injection Vulnerability
2003-12-26: Surfboard httpd Remote Buffer Overflow Vulnerability
2003-12-25: Cyrus IMSP Daemon Remote Buffer Overflow Vulnerability
2003-12-24: phpBB search.php SQL Injection Vulnerability
2003-12-24: SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution Vulnerability
2003-12-24: Psychoblogger Multiple SQL Injection Vulnerabilities
2003-12-24: Psychoblogger Multiple Cross-Site Scripting Vulnerabilities
2003-12-24: OpenBSD Tcpdump Remote Denial of Service Vulnerability
2003-12-24: KnowledgeBuilder Remote File Include Vulnerability
2003-12-24: ViewCVS Viewcvs.py Cross-Site Scripting Vulnerability


Symantec SSR

W32.Mumo December 29, 2003 December 30, 2003
Backdoor.Gaster December 29, 2003 December 30, 2003
W32.Torun
W32.Torun.dr, Worm.W32.Torun [AVP] December 28, 2003 December 29, 2003
Trojan.Download.Revird December 27, 2003 December 29, 2003
Backdoor.Portless December 26, 2003 December 29, 2003
PWSteal.Bancos.D December 22, 2003 December 23, 2003
W32.Cissi.A@mm December 22, 2003 December 23, 2003
W32.Gluber.B@mm December 21, 2003 December 22, 2003
Trojan.Bookmarker December 20, 2003 December 22, 2003
Backdoor.Trodal December 20, 2003 December 20, 2003
VBS.Sling December 20, 2003 December 20, 2003
W32.Sober.C@mm
W32/Sober-C [Sophos], Win32.Sober.C [Computer Associates], W32/Sober.c@MM [McAfee], WORM_SOBER.C [Trend], I-Worm.Sober.c [Kaspersky] December 20, 2003 December 20, 2003
W32.HLLW.Warpigs.C
Backdoor.Spyboter.gen [KAV] December 19, 2003 December 20, 2003
Trojan.Anymail December 18, 2003 December 19, 2003
W32.Sober.B@mm December 18, 2003 December 18, 2003
W32.Wilsef December 17, 2003 December 18, 2003
Trojan.Gema December 16, 2003 December 17, 2003
W32.HLLW.Cayam@mm December 16, 2003 December 17, 2003
W32.Randex.BE
W32/Sdbot.worm.gen.b [McAfee], Backdoor.SdBot.gen [Kaspersky] December 15, 2003 December 16, 2003
PWSteal.Sagic December 15, 2003 December 15, 2003
Hacktool.Sagic December 15, 2003 December 15, 2003
Trojan.PWS.Qphook December 14, 2003 December 15, 2003
Backdoor.Uprootkit
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Backdoor.Uprootkit.cli
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Trojan.Sysbin December 11, 2003 December 12, 2003
MHTMLRedir.Exploit December 11, 2003 December 12, 2003
W32.HLLW.Gaobot.EE December 11, 2003 December 11, 2003
W32.Mertian.Worm
W32.Mertian@mm December 11, 2003 December 11, 2003
Backdoor.Volac.dr December 10, 2003 December 11, 2003
Backdoor.Volac December 10, 2003 December 11, 2003
Backdoor.Roxy.C December 10, 2003 December 11, 2003
W32.Scold@mm
W32/Scold@MM [McAfee], Win32.Scold.A [Computer Associates], WORM_SCOLD.A [Trend], W32/Scold-A [Sophos], I-Worm.Scold [Kaspersky] December 10, 2003 December 11, 2003
Trojan.Slog December 10, 2003 December 11, 2003
Backdoor.Formador
Backdoor.Trojan.Client, Backdoor.Formador.c [AVP], Downloader-DP [Mcafee] December 10, 2003 December 10, 2003
Trojan.Benuti December 9, 2003 December 10, 2003
W32.Randex.BD
Backdoor.IRCBot.gen [Kaspersky] December 9, 2003 December 9, 2003
W32.HLLW.Bodiru December 8, 2003 December 8, 2003
PHP.Feast December 8, 2003 December 8, 2003
Backdoor.Xibo
Backdoor.XLBH.b [Kaspersky] December 8, 2003 December 8, 2003
Backdoor.Ketch December 5, 2003 December 8, 2003
W32.HLLW.Gaobot.DK
W32.HLLW.Gaobot.gen, W32/Gaobot.worm.gen [McAfee], Backdoor.Agobot.3.gen [Kaspersky] December 5, 2003 December 8, 2003
Trojan.Digits
Download.Trojan December 5, 2003 December 5, 2003
W32.Memas@mm
W32/Memas@mm[McAfee] December 4, 2003 December 5, 2003
W32.HLLW.Slideshow December 4, 2003 December 5, 2003
W32.Randex.AZ
W32.Randex.AX December 4, 2003 December 4, 2003
Trojan.Framar December 3, 2003 December 3, 2003
W32.Mimail.M@mm
W32.Mimail.Gen, W32/Mimail.gen@MM [McAfee] December 3, 2003 December 3, 2003
W32.HLLW.Epon@mm
I-Worm.Epon [Kaspersky] December 2, 2003 December 3, 2003
Backdoor.Freefors December 2, 2003 December 2, 2003
W32.Kwbot.S.Worm@mm
Backdoor.IRCBot.gen [KAV] December 2, 2003 December 2, 2003
JS.Pun.Trojan December 1, 2003 December 2, 2003
W32.Mimail.L@mm
W32.Mimail.Gen, W32/Mimail.l@MM [McAfee] December 1, 2003 December 2, 2003
Backdoor.Dragonqq
PWS-QQDrag [McAfee] December 1, 2003 December 1, 2003


Live Virus Advisory Feed
Posted on Wednesday, 31 December 2003 @ 08:32:54 UTC by phoenix22 (1275 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories & Live Feeds (12/31/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· GNU Project
· PHP HomePage
· Debian GNU/Linux
· Linux Games
· Microsoft
· Microsoft
· PHP-Nuke
· HotScripts
· Apache Web Server
· W3 Consortium
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
76ppm 0.179s (0.008s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer