Latest Advisories

Live Virus Advisory Feeds
2004-01-28

*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds
National Cyber Alert System (US-Cert)



Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
Windows XP Malicious Folder Automatic Code Execution Vulnerability
http-equiv has reported a vulnerability in Windows XP, which can be exploited by malicious people to compromise a user's system or gain escalated privileges.

Latest 15 Secunia Security Advisories:
2004-01-28
- BlackICE PC Protection Privilege Escalation Vulnerability

- Gentoo update for gaim

- IBM Informix Database Multiple Local Vulnerabilities

- Microsoft Internet Explorer File Download Extension Spoofing

- Gentoo update for mod_python

2004-01-27
- BEA WebLogic Boot Credentials Disclosure Vulnerability

- BEA WebLogic Administrative Password Exposure Vulnerability

- BEA WebLogic Exposure of Password to Operators

- BEA WebLogic HTTP TRACE Response Cross-Site Scripting Issue

- BEA WebLogic May Provide Access to Wrong Identity

- ProxyNow! HTTP Request Buffer Overflow Vulnerabilities

- Mac OS X Security Update Fixes Multiple Vulnerabilities

- Fedora update for slocate

- Red Hat update for gaim

- Red Hat update for slocate

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Windows XP Malicious Folder Automatic Code Execution Vulnerability

- Mac OS X Security Update Fixes Multiple Vulnerabilities

- Microsoft Internet Explorer File Download Extension Spoofing

- Internet Explorer URL Spoofing Vulnerability

- Novell Groupwise Cross Site Scripting Vulnerability


Security Tracker

BEA WebLogic May Disclose Managed Server Password to Local Users

A vulnerability was reported in BEA's WebLogic Server and Express. The system may write the username and password used to start a managed server to a file in clear text.

Impact: Disclosure of authentication information

BEA WebLogic May Write Administrator Password in Clear Text to 'config.xml'

A vulnerability was reported in BEA WebLogic Server and Express version 8.1 (including Service Pack 1). A local user may be able to view the administrator's password.

Impact: Disclosure of authentication information, User access via local system

BEA WebLogic May Disclose MBean Passwords to Operators in Certain Cases

A vulnerability was reported in BEA WebLogic Server and Express. An authenticated Operator may be able to gain access to passwords that can, in turn, allow the user to gain administrative access on the application.

Impact: Disclosure of authentication information, User access via network

WebLogic Server and Express Input Validation Flaw in Processing HTTP TRACE Requests Permits Cross-Site Scripting

A vulnerability was reported in WebLogic Server and Express. A remote user can cross-site scripting attacks using HTTP TRACE requests.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information

ProxyNow! Buffer Overflow Lets Remote Users Gain SYSTEM Privileges

Several vulnerabilities were reported in ProxyNow! A remote user can execute arbitrary code on the target system with SYSTEM privileges.

Impact: Execution of arbitrary code via network, Root access via network

SecurityFocus BugTraq
SecurityFocus Vulnerabilities

01/27/2004 RE: GOOROO CROSSING: File Spoofing Internet Explorer 6 tlarholm pivx com
01/27/2004 Remote exploit in Gallery 1.3.1, 1.3.2, 1.3.3, 1.4 and 1.4.1 Bharat Mediratta
01/27/2004 Re: vulnerabilities of postscript printers Ian Farquhar - Network Security Group
01/27/2004 information and reverse engineering bits of the Mydoom worm Gadi Evron
01/27/2004 RE: GOOROO CROSSING: File Spoofing Internet Explorer 6 Oliver Lavery
01/27/2004 [ GLSA 200401-04 ] GAIM 0.75 Remote overflows Tim Yamin
01/27/2004 GAIM Patch update Stefan Esser
01/27/2004 Elevated scanning: TCP port 135 (RPC) AND 445 (Domain Services) Nicholas Weaver
01/27/2004 CERT Advisory CA-2004-02 Email-borne Viruses CERT Advisory
01/27/2004 GOOROO CROSSING: File Spoofing Internet Explorer 6 http-equiv@excite.com
01/27/2004 [ GLSA 200401-03 ] Apache mod_python Denial of Service vulnerability Tim Yamin
01/27/2004 Re: symlink vul for Antivir / Linux Version 2.0.9-9 (maybe lower) AntiVir Support
01/27/2004 Re: Self-Executing FOLDERS: Windows XP Explorer Part V Liu Die Yu
01/27/2004 Chaosreader: Trace TCP/UDP from snoop/tcpdump logs Brendan Gregg
01/27/2004 [FLSA-2004:1187] Updated screen resolves security vulnerability Jesse Keating
01/27/2004 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code lowhalo hush com
01/27/2004 MDKSA-2004:008 - Updated tcpdump packages fix several vulnerabilities Mandrake Linux Security Team
01/27/2004 MDKSA-2004:007 - Updated mc packages fix buffer overflow vulnerability Mandrake Linux Security Team
01/27/2004 MDKSA-2004:006 - Updated gaim packages fix multiple vulnerabilities Mandrake Linux Security Team
01/27/2004 [SECURITY] [DSA 429-1] New gnupg packages fix cryptographic weakness in ElGamal signing keys Matt Zimmerman
01/27/2004 Re: Self-Executing FOLDERS: Windows XP Explorer Part V Jelmer
01/27/2004 [slackware-security] GAIM security update (SSA:2004-026-01) Slackware Security Team
01/27/2004 New MiMail variant is DDoS'ing SCO.com tlarholm pivx com
01/26/2004 RE: Finjan SurfinGate Vulnerability Menashe Eliezer
01/26/2004 [HUC] Serv-U FTPD 3.x/4.x SITE CHMOD Command remote exploit V1.0 lion
01/26/2004 ProxyNow! 2.x Multiple Overflow Vulnerabilities Peter Winter-Smith
01/26/2004 Re: Windows XP Explorer Executes Arbitrary Code in Folders Stuart Moore
01/26/2004 RE: Self-Executing FOLDERS: Windows XP Explorer Part V Thor Larholm
01/26/2004 Re: Self-Executing FOLDERS: Windows XP Explorer Part V mightye[removethis] mightye[removethis]@mightye.org
01/26/2004 [RHSA-2004:032-01] Updated Gaim packages fix various vulnerabiliies bugzilla redhat com
01/26/2004 Re: QuadComm Q-Shop ASP Shopping Cart Software multiple security vulnerabilities S-Quadra Security Research
01/26/2004 Directory traversal and XSS in BremsServer 1.2.4 Donato Ferrante
01/26/2004 Advisory 01/2004: 12 x Gaim remote overflows Stefan Esser
01/26/2004 Serv-U ftp 4.2 site chmod long_file_name exploit Qianwei Hu
01/25/2004 Self-Executing FOLDERS: Windows XP Explorer Part V http-equiv@excite.com
01/25/2004 Re: Major hack attack on the U.S. Senate Crispin Cowan

Symantec SSR

2004-01-24: Borland Webserver for Corel Paradox Directory Traversal Vulnerability
2004-01-24: TinyServer Multiple Vulnerabilities
2004-01-24: Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
2004-01-23: Jabber Server SSL Handling Denial of Service Vulnerability
2004-01-23: Reptile Web Server Remote Denial Of Service Vulnerability
2004-01-23: QuadComm Q-Shop SQL Injection Vulnerabilities
2004-01-23: Novell Netware Enterprise Web Server Multiple Vulnerabilities
2004-01-23: Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
2004-01-23: ELM frm Command Remote Buffer Overflow Vulnerability
2004-01-23: QMail-SMTPD Long SMTP Session Integer Overflow Denial of Service Vulnerability
2004-01-22: McAfee ePolicy Orchestrator Agent HTTP POST Buffer Mismanagement Vulnerability
2004-01-22: Linux Kernel do_mremap Function Boundary Condition Vulnerability
2004-01-22: Linux Kernel do_brk Function Boundary Condition Vulnerability
2004-01-22: Native Solutions TBE Banner Engine Server Side Script Execution Vulnerability
2004-01-22: Netbus Directory Listings Disclosure and File Upload Vulnerability
2004-01-22: Acme thttpd CGI Test Script Cross-Site Scripting Vulnerability
2004-01-22: Apache mod_perl Module File Descriptor Leakage Vulnerability
2004-01-22: EA Black Box Need For Speed Hot Pursuit 2 Game Client Remote Buffer Overflow Vulnerability
2004-01-22: lftp Try_Squid_Eplf Buffer Overflow Vulnerability
2004-01-22: lftp Try_Netscape_Proxy Buffer Overflow Vulnerability
2004-01-22: OpenSSH Buffer Mismanagement Vulnerabilities
2004-01-22: SuSE Multiple Scripts Insecure Temporary File Handling Symbolic Link Vulnerabilities
2004-01-21: HP-UX UUCP Unspecified Buffer Overflow Vulnerability
2004-01-21: HP-UX UUSUB System Hostname Buffer Overflow Vulnerability
2004-01-21: CDE LibDTHelp DTHelpUserSearchPath Local Buffer Overflow Vulnerability
2004-01-21: Xoops MyLinks Myheader.php Cross-Site Scripting Vulnerability
2004-01-21: Honeyd Remote Virtual Host Detection Vulnerability
2004-01-21: Microsoft Windows Samba File Sharing Resource Exhaustion Vulnerability
2004-01-21: Mephistoles HTTPD Cross-Site Scripting Vulnerability
2004-01-21: Darkwet Network WebcamXP Cross-Site Scripting Vulnerability
2004-01-21: Cisco Voice Product IBM Director Agent Port Scan Denial Of Service Vulnerability
2004-01-21: Cisco Voice Product IBM Director Agent Unauthorized Remote Administrative Access Vulnerability
2004-01-21: OpenSSL ASN.1 Parsing Vulnerabilities
2004-01-21: Ethereal SMB Protocol Dissector Denial of Service Vulnerability
2004-01-21: Ethereal Q.931 Protocol Dissector Denial of Service Vulnerability
2004-01-21: AIPTEK NETCam Webserver Directory Traversal Vulnerability
2004-01-21: 2Wire HomePortal Series Directory Traversal Vulnerability


NAV Daily Definitions (Go)


*Note: The i32 Intelligent Updater package cannot be used to update Symantec AntiVirus Corporate Edition 8.0 servers or Norton AntiVirus Corporate Edition 7.6 servers, but can be used to update Corporate Edition clients. The x86 Intelligent Updater package can be used to update corporate Edition clients and servers.


National Cyber Alert System (US-Cert)
Live Virus Advisory Feed