Latest Advisories

Live Virus Advisory Feeds
2004-01-26

*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
Microsoft ISA Server 2000 H.323 Protocol Filter Vulnerability
Microsoft Internet Security and Acceleration Server 2000 contain a vulnerability in the H.323 protocol implementation, which can be exploited by malicious people to cause a DoS (Denial of Service) or gain system access.
Symantec Automatic LiveUpdate Privilege Escalation Vulnerability
KF has discovered a vulnerability in Symantec LiveUpdate, which can be exploited by malicious, local users to gain escalated privileges on a vulnerable system.

Latest 15 Secunia Security Advisories:
2004-01-26
- Gallery Arbitrary File Inclusion Vulnerability

- Mbedthis AppWeb HTTP Request Denial of Service Vulnerabilities

- IBM Net.Data Error Message Cross-Site Scripting Vulnerability

- TinyServer Multiple Vulnerabilities

- Q-Shop SQL Injection and Cross Site Scripting Vulnerabilities

- Mandrake update for jabber

- Mandrake update for slocate

- Cherokee Error Page Cross-Site Scripting Vulnerability

2004-01-23
- Need for Speed Client Buffer Overflow Vulnerability

- Red Hat update for slocate

2004-01-22
- mod_perl File Descriptor Leakage Vulnerability

- Cisco Voice Products Director Agent Insecure Default Installation

- Gentoo update for honeyd

- Honeyd Remote Identification Vulnerability

- Mephistoles Internet Suite httpd Cross-Site Scripting Vulnerability

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Internet Explorer URL Spoofing Vulnerability

- Microsoft Windows Media Player skin download vulnerability

- Need for Speed Client Buffer Overflow Vulnerability

- Microsoft Internet Explorer Update fixes the Object Data Vulnerability

- Red Hat update for slocate


Security Tracker

Windows XP Explorer Executes Arbitrary Code in Folders

A vulnerability was reported in Microsoft Windows XP in Windows Explorer. A remote user can create a folder that, when viewed by the target user, will execute arbitrary code on the target user's system.

Impact: Execution of arbitrary code via network, User access via network

Reptile Web Server HTTP Request Flaw Lets Remote Users Deny Service

A vulnerability was reported in the Reptile Web Server. A remote user can cause denial of service conditions on the target system.

Impact: Denial of service via network

Serv-U FTP Server 'site chmod' Stack Overflow Lets Remote Users Execute Arbitrary Codee

A stack overflow vulnerability was reported in the Serv-U FTP server. A remote user can gain privileges on the system.

Impact: Execution of arbitrary code via network, Root access via network, User access via network

Borland Web Server Input Validation Flaw Discloses Files to Remote Users

Rafel Ivgi (The-Insider) reported a vulnerability in the Borland Web Server (Corel Paradox web server). A remote user can view files located outside of the web document directory.

Impact: Disclosure of system information, Disclosure of user information

IntraForum Input Validation Flaw Permits Cross-Site Scripting Attacks

Rafel Ivgi (The-Insider) reported a vulnerability in IntraForum. A remote user can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information


SecurityFocus BugTraq
SecurityFocus Vulnerabilities

01/24/2004 Re: vulnerabilities of postscript printers Theo de Raadt
01/24/2004 Re: Major hack attack on the U.S. Senate ed the7thbeer com
01/24/2004 Re: [work] Re: Major hack attack on the U.S. Senate Jonathan A. Zdziarski
01/24/2004 Inrtra Forum Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
01/24/2004 Re: vulnerabilities of postscript printers Bob Beck
01/24/2004 RE: Major hack attack on the U.S. Senate bugtraq anastrophe com
01/24/2004 Re: vulnerabilities of postscript printers Stephen Samuel
01/24/2004 Re: Major hack attack on the U.S. Senate Dinesh Nair
01/24/2004 BWS v1.0b3 Directory Transversal Vulnerability Rafel Ivgi, The-Insider
01/24/2004 Re: [work] Re: Major hack attack on the U.S. Senate opticfiber
01/24/2004 Resources consumption in Reptile webserver daily version Donato Ferrante
01/24/2004 Re: vulnerabilities of postscript printers der Mouse
01/24/2004 Tiny Server 1.1 (1.0.5) Multiple Vulnerabilities Donato Ferrante
01/24/2004 Oracle HTTP Server Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
01/24/2004 Re: vulnerabilities of postscript printers Michael Zimmermann
01/24/2004 [SST]ServU MDTM command remote buffero verflow adv icbm
01/24/2004 Re: Major hack attack on the U.S. Senate rsh idirect com
01/24/2004 Re: vulnerabilities of postscript printers der Mouse
01/24/2004 Re: vulnerabilities of postscript printers Glynn Clements
01/24/2004 Re: vulnerabilities of postscript printers Michael Zimmermann
01/24/2004 Re: vulnerabilities of postscript printers Michael Zimmermann
01/23/2004 Re: vulnerabilities of postscript printers Nate Eldredge
01/23/2004 MDKSA-2004:005 - Updated jabber packages fix DoS vulnerability Mandrake Linux Security Team
01/23/2004 MDKSA-2004:004 - Updated slocate packages fix vulnerability Mandrake Linux Security Team
01/23/2004 RE: Major hack attack on the U.S. Senate B. Kinney
01/23/2004 Re: Hijacking Apache 2 via mod_perl Matthew Wakeling
01/23/2004 Re: Major hack attack on the U.S. Senate Kevin Reardon
01/23/2004 Re: vulnerabilities of postscript printers Darren Reed
01/23/2004 Re: Major hack attack on the U.S. Senate Kirk Spencer
01/23/2004 Re: vulnerabilities of postscript printers Elizabeth Zwicky
01/23/2004 Re: vulnerabilities of postscript printers Thomas M. Payerle
01/23/2004 Re: Major hack attack on the U.S. Senate Daniel Capo tco net br
01/23/2004 Re: vulnerabilities of postscript printers Jim Knoble
01/23/2004 Re: vulnerabilities of postscript printers der Mouse
01/23/2004 Multiple Vulnerabilities in Phorum 3.4.5 Fredrik Björk
01/23/2004 Re: Major hack attack on the U.S. Senate Brian C. Lane
01/23/2004 QuadComm Q-Shop ASP Shopping Cart Software multiple security vulnerabilities S-Quadra Security Research
01/23/2004 Re: vulnerabilities of postscript printers Darren Reed
01/23/2004 Re: vulnerabilities of postscript printers der Mouse
01/23/2004 Re: Hijacking Apache 2 via mod_perl jon schatz
01/23/2004 Re: Major hack attack on the U.S. Senate ~Kevin Davis³
01/23/2004 Finjan SurfinGate Vulnerability David Byrne
01/23/2004 NetWare-Enterprise-Web-Server/5.1/6.0 Multiple Vulnerabilities Rafel Ivgi, The-Insider
2004-01-22: McAfee ePolicy Orchestrator Agent HTTP POST Buffer Mismanagement Vulnerability
2004-01-22: Linux Kernel do_mremap Function Boundary Condition Vulnerability
2004-01-22: Linux Kernel do_brk Function Boundary Condition Vulnerability
2004-01-22: Native Solutions TBE Banner Engine Server Side Script Execution Vulnerability
2004-01-22: Netbus Directory Listings Disclosure and File Upload Vulnerability
2004-01-22: Acme thttpd CGI Test Script Cross-Site Scripting Vulnerability
2004-01-22: Apache mod_perl Module File Descriptor Leakage Vulnerability
2004-01-22: EA Black Box Need For Speed Hot Pursuit 2 Game Client Remote Buffer Overflow Vulnerability
2004-01-22: lftp Try_Squid_Eplf Buffer Overflow Vulnerability
2004-01-22: lftp Try_Netscape_Proxy Buffer Overflow Vulnerability
2004-01-22: TCPDump ISAKMP Decoding Routines Multiple Remote Buffer Overflow Vulnerabilities
2004-01-22: OpenSSH Buffer Mismanagement Vulnerabilities
2004-01-22: SuSE Multiple Scripts Insecure Temporary File Handling Symbolic Link Vulnerabilities
2004-01-21: HP-UX UUCP Unspecified Buffer Overflow Vulnerability
2004-01-21: HP-UX UUSUB System Hostname Buffer Overflow Vulnerability
2004-01-21: CDE LibDTHelp DTHelpUserSearchPath Local Buffer Overflow Vulnerability
2004-01-21: Xoops MyLinks Myheader.php Cross-Site Scripting Vulnerability
2004-01-21: Honeyd Remote Virtual Host Detection Vulnerability
2004-01-21: Microsoft Windows Samba File Sharing Resource Exhaustion Vulnerability
2004-01-21: Mephistoles HTTPD Cross-Site Scripting Vulnerability
2004-01-21: Darkwet Network WebcamXP Cross-Site Scripting Vulnerability
2004-01-21: Cisco Voice Product IBM Director Agent Port Scan Denial Of Service Vulnerability
2004-01-21: Cisco Voice Product IBM Director Agent Unauthorized Remote Administrative Access Vulnerability
2004-01-21: OpenSSL ASN.1 Parsing Vulnerabilities
2004-01-21: Ethereal SMB Protocol Dissector Denial of Service Vulnerability
2004-01-21: Ethereal Q.931 Protocol Dissector Denial of Service Vulnerability
2004-01-21: AIPTEK NETCam Webserver Directory Traversal Vulnerability
2004-01-21: 2Wire HomePortal Series Directory Traversal Vulnerability
2004-01-21: Midnight Commander Virtual File System Symlink Buffer Overflow Vulnerability
2004-01-21: DUware Software Multiple Vulnerabilities
2004-01-20: Anteco Visual Technologies OwnServer Directory Traversal Vulnerability
2004-01-20: WebTrends Reporting Center Management Interface Path Disclosure Vulnerability
2004-01-20: Mozilla Browser Cross Domain Violation Vulnerability
2004-01-20: HP-UX RWrite Buffer Overflow Vulnerability
2004-01-20: Sendmail Ruleset Parsing Buffer Overflow Vulnerability
2004-01-20: Sendmail Prescan() Variant Remote Buffer Overrun Vulnerability
2004-01-20: Multiple Vendor rpc.mountd File Disclosure Vulnerablity
2004-01-20: PHPix Remote Arbitrary Command Execution Vulnerability
2004-01-20: NetScreen Security Manager Insecure Default Remote Communication Vulnerability
2004-01-20: Multiple Vendor H.323 Protocol Implementation Vulnerabilities
2004-01-20: KDE Personal Information Management Suite VCF File Remote Buffer Overflow Vulnerability
2004-01-20: CVS Malformed Request System Root File Creation Vulnerability
2004-01-20: GNU Screen Escape Sequence Integer Overflow Array Indexing Vulnerability
2004-01-20: Sun Cobalt RaQ XTR Turbo UI Insecure Default File Permissions Vulnerability
2004-01-19: Kroum Grigorov KpyM Telnet Server Remote Denial Of Service Vulnerability
2004-01-19: Multiple Vendor libc DNS Resolver Information Leakage Vulnerability
2004-01-19: WGet NLST Client Side File Overwriting Vulnerability
2004-01-19: Qpopper Remote Memory Corruption Vulnerability
2004-01-19: ISC BIND 8 Invalid Expiry Time Denial Of Service Vulnerability
2004-01-19: ISC BIND OPT Record Large UDP Denial of Service Vulnerability
2004-01-19: ISC BIND SIG Cached Resource Record Buffer Overflow Vulnerability
2004-01-19: GNU Privacy Guard Insecure Trust Path To User ID Weakness
2004-01-19: Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
2004-01-19: ProFTPD ASCII File Transfer Buffer Overrun Vulnerability
2004-01-19: Red Hat Linux tcpdump Privilege Retention Weakness
2004-01-19: ISC BIND Negative Cache Poison Denial Of Service Vulnerability
2004-01-19: Multiple Liquid War Undisclosed Buffer Overflow Vulnerabilities
2004-01-19: KnowledgeBuilder Remote File Include Vulnerability
2004-01-19: Andy's PHP Projects Man Page Lookup Script Information Disclosure Vulnerability
2004-01-19: GetWare Web Server Component Content-Length Value Remote Denial Of Service Vulnerability
2004-01-19: GoAhead WebServer Post Content-Length Remote Resource Consumption Vulnerability
2004-01-19: GoAhead WebServer Directory Management Policy Bypass Vulnerability
2004-01-19: PHPDig Config.PHP Include Remote Command Execution Vulnerability
2004-01-19: YABB SE SSI.PHP ID_MEMBER SQL Injection Vulnerability
2004-01-19: Liquid War HOME Environment Variable Buffer Overflow Vulnerability
2004-01-19: Veritas Net Backup Professional Open Transaction Manager Remote Drive Access Vulnerability
2004-01-19: Invision Power Board Index.php Cross-Site Scripting Vulnerability
2004-01-19: Legato NetWorker NSR_Shutdown Script Temporary File Symlink Attack Vulnerability
2004-01-19: Mambo Open Source mod_mainmenu.php Remote File Include Vulnerability
2004-01-19: Doro PDF Writer Local Privilege Escalation Vulnerability
2004-01-19: MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
2004-01-19: Multiple JDBC Database Insecure Default Policy Vulnerabilities
2004-01-19: Tcpdump L2TP Parser Remote Denial of Service Vulnerability

Symantec SSR

W32.Dumaru.Z@mm
W32/Dumaru.z@MM [McAfee] January 25, 2004 January 26, 2004
W32.Dumaru.Y@mm
W32/Dumaru.y@MM [McAfee], I-Worm.Dumaru.j [Kaspersky], Win32.Dumaru.Y [Computer Associates], W32/Dumaru-Y [Sophos], WORM_DUMARU.Y [Trend] January 23, 2004 January 26, 2004
Trojan.Bookmarker.D January 23, 2004 January 26, 2004
W32.HLLW.Sanker January 22, 2004 January 23, 2004
Backdoor.OptixPro.13b
Backdoor.Optix.Pro.13 [Kaspersky] January 21, 2004 January 22, 2004
Backdoor.Tuxder January 20, 2004 January 20, 2004
Trojan.Httpdos
Backdoor.Snart.j[Kaspersky] January 20, 2004 January 20, 2004
Trojan.Mitglieder.C
Mitglieder [F-Secure] January 20, 2004 January 20, 2004
VBS.Zsyang.B@mm
I-Worm.Zsyang [Kaspersky] January 19, 2004 January 19, 2004
W32.Beagle.A@mm
I-Worm.Bagle [Kaspersky], WORM_BAGLE.A [Trend], W32/Bagle-A [Sophos], W32/Bagle@MM [McAfee], Win32.Bagle.A [Computer Associates] January 18, 2004 January 18, 2004
Backdoor.IRC.Aladinz.H January 18, 2004 January 18, 2004
Trojan.Bookmarker.C January 15, 2004 January 16, 2004
W32.Protoride.Worm January 16, 2004 January 16, 2004
W97M.Twopey.E
Macro.Word97.Racaga [Kaspersky] January 15, 2004 January 16, 2004
W32.Stuplo January 15, 2004 January 16, 2004
Backdoor.IRC.Aladinz.G
Worm.Win32.Randon.o [Kaspersky] January 15, 2004 January 15, 2004
Downloader.Mimail.B
Downloader-GN [McAfee], Troj/Mmdload-A [Sophos] January 14, 2004 January 16, 2004
W32.HLLC.Elpmis January 14, 2004 January 15, 2004
W32.HLLW.Nettrash
Backdoor.NetTrash, Backdoor/NetTrash.10.a [Kaspersky] January 12, 2004 January 13, 2004
Trojan.Bookmarker.B January 12, 2004 January 13, 2004
W32.HLLW.Gaobot.FQ
W32/Gaobot.worm.gw [McAfee] January 12, 2004 January 13, 2004
PWSteal.Freemega January 11, 2004 January 12, 2004
PWSteal.Leox January 11, 2004 January 12, 2004
Backdoor.Threadsys January 10, 2004 January 12, 2004
Trojan.Xombe
Xombe [FSecure], Downloader-GJ [McAfee], Troj/Dloader-L [Sophos] January 9, 2004 January 9, 2004
Backdoor.Sdbot.S
Backdoor.SdBot.gen [Kaspersky] January 8, 2004 January 8, 2004
W32.Opaserv.AE.Worm January 7, 2004 January 8, 2004
W32.Mimail.P@mm
W32/Mimail.p@MM [McAfee], Win32.Mimail.P [Computer Associates], WORM_MIMAIL.P [Trend], W32/Mimail-N [Sophos], I-Worm.Mimail.p [Kaspersky] January 7, 2004 January 8, 2004
W32.HLLW.Gaobot.FL January 6, 2004 January 7, 2004
W32.Bizten
Trojan.Win32.Bizten [Kaspersky] January 6, 2004 January 6, 2004
W32.HLLW.Gaobot.FB
Backdoor.Agobot.3.gen [Kaspersky] January 4, 2004 January 5, 2004
Backdoor.Graybird.H January 4, 2004 January 5, 2004
W32.Miroot.Worm
W32/Legemer.worm [McAfee] January 3, 2004 January 5, 2004
W32.Bugbros@mm January 2, 2004 January 5, 2004
Backdoor.IRC.Aladinz.F
Win32.Randon.AC [Kaspersky] January 1, 2004 January 2, 2004
W32.Tupeg January 1, 2004 January 2, 2004
Download.Berbew.dam
Downloader-DI.dam [McAfee], Troj/Antikl-Dam [Sophos] December 31, 2003 January 2, 2004
W32.Jitux.Worm
W32/Jitux.worm [McAfee], WORM_JITUX.A [Trend] December 31, 2003 December 31, 2003
W32.Mumo December 29, 2003 December 30, 2003
Backdoor.Gaster December 29, 2003 December 30, 2003
W32.Torun
W32.Torun.dr, Worm.W32.Torun [Kaspersky], PE_TORUN.A [Trend] December 28, 2003 December 29, 2003
Trojan.Download.Revird December 27, 2003 December 29, 2003
Backdoor.Portless December 26, 2003 December 29, 2003






NAV Daily Definitions (Go)


*Note: The i32 Intelligent Updater package cannot be used to update Symantec AntiVirus Corporate Edition 8.0 servers or Norton AntiVirus Corporate Edition 7.6 servers, but can be used to update Corporate Edition clients. The x86 Intelligent Updater package can be used to update corporate Edition clients and servers.


Live Virus Advisory Feed