Latest Advisories

Live Virus Advisory Feeds
2004-01-23

*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
Microsoft ISA Server 2000 H.323 Protocol Filter Vulnerability
Microsoft Internet Security and Acceleration Server 2000 contain a vulnerability in the H.323 protocol implementation, which can be exploited by malicious people to cause a DoS (Denial of Service) or gain system access.
Symantec Automatic LiveUpdate Privilege Escalation Vulnerability
KF has discovered a vulnerability in Symantec LiveUpdate, which can be exploited by malicious, local users to gain escalated privileges on a vulnerable system.

Latest 15 Secunia Security Advisories:
2004-01-23
- Need for Speed Client Buffer Overflow Vulnerability

- Red Hat update for slocate

2004-01-22
- mod_perl File Descriptor Leakage Vulnerability

- Cisco Voice Products Director Agent Insecure Default Installation

- Gentoo update for honeyd

- Honeyd Remote Identification Vulnerability

- Mephistoles Internet Suite httpd Cross-Site Scripting Vulnerability

2004-01-21
- HP-UX update for Mozilla

- Sun Cluster OpenSSL Vulnerabilities

- Sun Solaris update for IKE

- WebTrends Exposure of Installation Path

- NetCam Directory Traversal Vulnerability

- DUware Products Admin Area Authentication Bypass Vulnerability

- Trustix update for slocate

- Red Hat update for mc

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Internet Explorer URL Spoofing Vulnerability

- mod_perl File Descriptor Leakage Vulnerability

- Cisco Voice Products Director Agent Insecure Default Installation

- Honeyd Remote Identification Vulnerability

- qmail Long SMTP Session Handling Vulnerability

Security Tracker

Sun Solaris modload() May Grant Root Access to Local Users

A vulnerability was reported in Sun Solaris. A local user may be able to gain root access on the system.

Impact: Root access via local system

Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server

A vulnerability was reported in Apache mod_python. A remote user can cause the Apache server to crash.

Impact: Denial of service via network

NetWare Enterprise Server PERL Handler Input Validation Flaw Permits Cross-Site Scripting Attacks

Rafel Ivgi (The-Insider) reported an input validation vulnerability in the NetWare Enterprise Server in the CGI2PERL module. A remote user can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information

GeoVision GeoHttpServer Authentication Bypass Grants Access to Remote Users

Rafel Ivgi (The-Insider) reported a vulnerability in the GeoVision GeoHttpServer. A remote user can bypass the authentication mechanism and access the main page on the application.

Impact: User access via network

'Need for Speed Hot Pursuit 2' Buffer Overflow Lets Remote Servers Execute Arbitrary Code

A buffer overflow vulnerability was reported in the 'Need for Speed Hot Pursuit 2' game client. A remote server can cause arbitrary code to be executed on a connected client.

Impact: Execution of arbitrary code via network, User access via network


SecurityFocus BugTraq
SecurityFocus Vulnerabilities

01/22/2004 yet another new phising scam Gadi Evron
01/22/2004 vulnerabilities of postscript printers Bob Kryger
01/22/2004 Re: Hijacking Apache 2 via mod_perl Ben Laurie
01/22/2004 NetBus Pro Web Server Direcory Listing And Remote File Upload Rafel Ivgi, The-Insider
01/22/2004 Re: Paper announcement: Is finding security holes a good idea? Christopher E. Cramer
01/22/2004 Re: Hijacking Apache 2 via mod_perl Steve G
01/22/2004 FREESCO public http server - Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
01/22/2004 Re: Re[2]: Hijacking Apache 2 via mod_perl Steve G
01/22/2004 Re: Hijacking Apache 2 via mod_perl André Malo
01/22/2004 Re[2]: Hijacking Apache 2 via mod_perl 3APA3A
01/22/2004 Major hack attack on the U.S. Senate Richard M. Smith
01/22/2004 GeoHttpServer Authentification Bypass Vulnerability & D.O.S (Denial Of Service) Rafel Ivgi, The-Insider
01/22/2004 Need for Speed Hot pursuit 2 242 client's buffer overflow Luigi Auriemma
01/22/2004 Re: Hijacking Apache 2 via mod_perl Ben Laurie
01/22/2004 RE: Paper announcement: Is finding security holes a good idea? Daniel Whelan
01/22/2004 Re: Paper announcement: Is finding security holes a good idea? Oliver Friedrichs
01/22/2004 Re: Paper announcement: Is finding security holes a good idea? Robert Lemos
01/22/2004 Re: Hijacking Apache 2 via mod_perl lupe lupe-christoph de (Lupe Christoph)
01/22/2004 TBE - the banner engine server-side script execution vulnerability Ed J. Aivazian
01/22/2004 AV products vulnerability [Fwd: [TH-research] Upx hack tool] Gadi Evron
01/22/2004 Re: [SuSE 9.0] possible symlink attacks in some scripts Thomas Biege
01/22/2004 Re: HP printers and currency anti-copying measures Darren Reed
01/22/2004 Re: Paper announcement: Is finding security holes a good idea? Benjamin Franz
01/22/2004 Re: Paper announcement: Is finding security holes a good idea? Kurt Seifried
01/22/2004 [Fwd: [TH-research] Bagle remote uninstall] Gadi Evron
01/21/2004 Paper announcement: Is finding security holes a good idea? Eric Rescorla
01/21/2004 Hijacking Apache 2 via mod_perl Steve Grubb
01/21/2004 [ GLSA 200401-02 ] Honeyd remote detection vulnerability via a probe packet Tim Yamin
01/21/2004 Re: What is the point here? Jason Coombs
01/21/2004 Cisco Security Advisory: Voice Product Vulnerabilities on IBM Servers Cisco Systems Product Security Incident Response Team
01/21/2004 Mephistoles Httpd 0.6.0final XSS Donato Ferrante
01/21/2004 Re: [Full-Disclosure] RE: Internet Explorer - Multiple Vulnerabilities Berend-Jan Wever
01/21/2004 TSLSA-2004-0005 - slocate Trustix Security Advisor
01/21/2004 [RHSA-2004:034-01] Updated mc packages resolve buffer overflow vulnerability bugzilla redhat com
01/21/2004 Honeyd Security Advisory 2004-001: Remote Detection Via Simple Probe Packet Niels Provos
01/21/2004 Re: HP printers and currency anti-copying measures Sasha
01/21/2004 Re: HP printers and currency anti-copying measures Sami Haahtinen
01/21/2004 WebcamXP v1.06.945 Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
01/21/2004 RE: Internet Explorer - Multiple Vulnerabilities Thor Larholm
01/20/2004 [SCSA-026] DUWARE Products Admin Access and Arbitrary File Upload Vulnerability advisory security-corporation com
01/20/2004 WebTrends Reporting Center Path Disclosure vulnerability Oliver Karow
01/20/2004 2Wire-Gateway Cross Site Scripting and Directory Transversal bug in SSL Form Rafel Ivgi, The-Insider
01/20/2004 OwnServer 1.0 Directory Transversal Vulnerability Rafel Ivgi, The-Insider
01/20/2004 Internet Explorer - Multiple Vulnerabilities Rafel Ivgi, The-Insider
01/20/2004 RE: vBulletin Security Vulnerability Ferruh Mavituna
01/20/2004 [SECURITY] [DSA 428-1] New slocate packages fix buffer overflow Matt Zimmerman
01/20/2004 vBulletin Security Vulnerability gcf hush com
01/20/2004 NETCam webserver Directory traversal bug Rafel Ivgi, The-Insider
01/20/2004 Re: What is the point here? Adam Shostack
01/20/2004 [SuSE 9.0] possible symlink attacks in some scripts Rene
01/20/2004 Re: HP printers and currency anti-copying measures mightye[removethis] mightye[removethis]@mightye.org
01/20/2004 Re: What is the point here? Mariusz Woloszyn
01/20/2004 [CLA-2004:810] Conectiva Security Announcement - kdepim Conectiva Updates
01/20/2004 [CLA-2004:809] Conectiva Security Announcement - screen Conectiva Updates
01/20/2004 [CLA-2004:808] Conectiva Security Announcement - cvs Conectiva Updates
01/20/2004 Re: Lame crash in qmail-smtpd and memory overwrite according to gdb, yet still qmail much better than windows Scott Gifford
01/20/2004 Re: a method for bypassing cookie restrictions in web browsers Michal Zalewski
2004-01-20: GNU Screen Escape Sequence Integer Overflow Array Indexing Vulnerability
2004-01-20: Sun Cobalt RaQ XTR Turbo UI Insecure Default File Permissions Vulnerability
2004-01-19: Kroum Grigorov KpyM Telnet Server Remote Denial Of Service Vulnerability
2004-01-19: Multiple Vendor libc DNS Resolver Information Leakage Vulnerability
2004-01-19: WGet NLST Client Side File Overwriting Vulnerability
2004-01-19: Qpopper Remote Memory Corruption Vulnerability
2004-01-19: ISC BIND 8 Invalid Expiry Time Denial Of Service Vulnerability
2004-01-19: ISC BIND OPT Record Large UDP Denial of Service Vulnerability
2004-01-19: ISC BIND SIG Cached Resource Record Buffer Overflow Vulnerability
2004-01-19: GNU Privacy Guard Insecure Trust Path To User ID Weakness
2004-01-19: Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
2004-01-19: ProFTPD ASCII File Transfer Buffer Overrun Vulnerability
2004-01-19: Red Hat Linux tcpdump Privilege Retention Weakness
2004-01-19: ISC BIND Negative Cache Poison Denial Of Service Vulnerability
2004-01-19: Multiple Liquid War Undisclosed Buffer Overflow Vulnerabilities
2004-01-19: KnowledgeBuilder Remote File Include Vulnerability
2004-01-19: Andy's PHP Projects Man Page Lookup Script Information Disclosure Vulnerability
2004-01-19: GetWare Web Server Component Content-Length Value Remote Denial Of Service Vulnerability
2004-01-19: GoAhead WebServer Post Content-Length Remote Resource Consumption Vulnerability
2004-01-19: GoAhead WebServer Directory Management Policy Bypass Vulnerability
2004-01-19: PHPDig Config.PHP Include Remote Command Execution Vulnerability
2004-01-19: YABB SE SSI.PHP ID_MEMBER SQL Injection Vulnerability
2004-01-19: Liquid War HOME Environment Variable Buffer Overflow Vulnerability
2004-01-19: Veritas Net Backup Professional Open Transaction Manager Remote Drive Access Vulnerability
2004-01-19: Invision Power Board Index.php Cross-Site Scripting Vulnerability
2004-01-19: Legato NetWorker NSR_Shutdown Script Temporary File Symlink Attack Vulnerability
2004-01-19: Mambo Open Source mod_mainmenu.php Remote File Include Vulnerability
2004-01-19: Doro PDF Writer Local Privilege Escalation Vulnerability
2004-01-19: MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
2004-01-19: Multiple JDBC Database Insecure Default Policy Vulnerabilities
2004-01-19: Tcpdump L2TP Parser Remote Denial of Service Vulnerability
2004-01-19: Pablos FTP Server Unauthorized File Existence Disclosure Vulnerability
2004-01-18: Netpbm Temporary File Vulnerabilities
2004-01-18: Agnitum Outpost Firewall Local Privilege Escalation Vulnerability
2004-01-17: Ultr@VNC ShellExecute() Local Privilege Escalation Vulnerability
2004-01-16: PHPShop Project Multiple Vulnerabilities
2004-01-16: XtremeASP PhotoGallery Adminlogin.ASP SQL Injection Vulnerability
2004-01-16: OpenBSD 3.4 Crypto Card Handlers File Descriptor Leak Vulnerability
2004-01-16: ISAKMPD Initial Contact Notification SA Deletion Vulnerability
2004-01-16: SuSE 3Ddiag Insecure Temporary File Handling Symbolic Link Vulnerability
2004-01-16: OpenCA Crypto-Utils.Lib Signature Verification Vulnerability
2004-01-16: Xerox MicroServer Web Server Remote Directory Traversal Vulnerability
2004-01-16: Rit Research Labs The Bat! PGP Message Memory Writing Vulnerability
2004-01-16: TCPDump Malformed RADIUS Packet Denial Of Service Vulnerability
2004-01-16: TCPDump Malformed ISAKMP Packet Denial Of Service Vulnerability
2004-01-16: TCPDump Malformed BGP Packet Memory Corruption Vulnerability
2004-01-16: TCPDump Malformed NFS Packet Buffer Overflow Vulnerability


Symantec SSR

W32.HLLW.Sanker January 22, 2004 January 23, 2004
Backdoor.OptixPro.13b
Backdoor.Optix.Pro.13 [Kaspersky] January 21, 2004 January 22, 2004
Backdoor.Tuxder January 20, 2004 January 20, 2004
Trojan.Httpdos
Backdoor.Snart.j[Kaspersky] January 20, 2004 January 20, 2004
Trojan.Mitglieder.C
Mitglieder [F-Secure] January 20, 2004 January 20, 2004
VBS.Zsyang.B@mm
I-Worm.Zsyang [Kaspersky] January 19, 2004 January 19, 2004
W32.Beagle.A@mm
I-Worm.Bagle [Kaspersky], WORM_BAGLE.A [Trend], W32/Bagle-A [Sophos], W32/Bagle@MM [McAfee], Win32.Bagle.A [Computer Associates] January 18, 2004 January 18, 2004
Backdoor.IRC.Aladinz.H January 18, 2004 January 18, 2004
Trojan.Bookmarker.C January 15, 2004 January 16, 2004
W32.Protoride.Worm January 16, 2004 January 16, 2004
W97M.Twopey.E
Macro.Word97.Racaga [Kaspersky] January 15, 2004 January 16, 2004
W32.Stuplo January 15, 2004 January 16, 2004
Backdoor.IRC.Aladinz.G
Worm.Win32.Randon.o [Kaspersky] January 15, 2004 January 15, 2004
Downloader.Mimail.B
Downloader-GN [McAfee], Troj/Mmdload-A [Sophos] January 14, 2004 January 16, 2004
W32.HLLC.Elpmis January 14, 2004 January 15, 2004
W32.HLLW.Nettrash
Backdoor.NetTrash, Backdoor/NetTrash.10.a [Kaspersky] January 12, 2004 January 13, 2004
Trojan.Bookmarker.B January 12, 2004 January 13, 2004
W32.HLLW.Gaobot.FQ
W32/Gaobot.worm.gw [McAfee] January 12, 2004 January 13, 2004
PWSteal.Freemega January 11, 2004 January 12, 2004
PWSteal.Leox January 11, 2004 January 12, 2004
Backdoor.Threadsys January 10, 2004 January 12, 2004
Trojan.Xombe
Xombe [FSecure], Downloader-GJ [McAfee], Troj/Dloader-L [Sophos] January 9, 2004 January 9, 2004
Backdoor.Sdbot.S
Backdoor.SdBot.gen [Kaspersky] January 8, 2004 January 8, 2004
W32.Opaserv.AE.Worm January 7, 2004 January 8, 2004
W32.Mimail.P@mm
W32/Mimail.p@MM [McAfee], Win32.Mimail.P [Computer Associates], WORM_MIMAIL.P [Trend], W32/Mimail-N [Sophos], I-Worm.Mimail.p [Kaspersky] January 7, 2004 January 8, 2004
W32.HLLW.Gaobot.FL January 6, 2004 January 7, 2004
W32.Bizten
Trojan.Win32.Bizten [Kaspersky] January 6, 2004 January 6, 2004
W32.HLLW.Gaobot.FB
Backdoor.Agobot.3.gen [Kaspersky] January 4, 2004 January 5, 2004
Backdoor.Graybird.H January 4, 2004 January 5, 2004
W32.Miroot.Worm
W32/Legemer.worm [McAfee] January 3, 2004 January 5, 2004
W32.Bugbros@mm January 2, 2004 January 5, 2004
Backdoor.IRC.Aladinz.F
Win32.Randon.AC [Kaspersky] January 1, 2004 January 2, 2004
W32.Tupeg January 1, 2004 January 2, 2004
Download.Berbew.dam
Downloader-DI.dam [McAfee], Troj/Antikl-Dam [Sophos] December 31, 2003 January 2, 2004
W32.Jitux.Worm
W32/Jitux.worm [McAfee], WORM_JITUX.A [Trend] December 31, 2003 December 31, 2003
W32.Mumo December 29, 2003 December 30, 2003
Backdoor.Gaster December 29, 2003 December 30, 2003
W32.Torun
W32.Torun.dr, Worm.W32.Torun [Kaspersky], PE_TORUN.A [Trend] December 28, 2003 December 29, 2003
Trojan.Download.Revird December 27, 2003 December 29, 2003
Backdoor.Portless December 26, 2003 December 29, 2003
PWSteal.Bancos.D December 22, 2003 December 23, 2003
W32.Cissi.A@mm December 22, 2003 December 23, 2003






NAV Daily Definitions (Go)


*Note: The i32 Intelligent Updater package cannot be used to update Symantec AntiVirus Corporate Edition 8.0 servers or Norton AntiVirus Corporate Edition 7.6 servers, but can be used to update Corporate Edition clients. The x86 Intelligent Updater package can be used to update corporate Edition clients and servers.


Live Virus Advisory Feed