CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

$9736.22 of $21422.68
left sidedonated so farneed $11686.46 donated to reach our goalright side, our goal
Help CastleCops serve the community on new servers, Donate Here to reach our goal.

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
Survey
spacer
Was 2007 a good year?

Yes it was a wonderful year
Yes, but there is always room for improvement
Status quo
It was a challenge
Other (leave comment)



Results
Polls

Votes: 940
Comments: 25
block bottom
spacer spacer
image Advisories!: Latest Advisories (9/26/03) image
Cyber Security
Latest Advisories
2003-09-26
Secunia
Security Tracker
Security Focus
Symantec

Secunia
2003-09-26


Cfengine Remotely Exploitable Buffer Overflow
A vulnerability has been identified in Cfengine allowing malicious people to execute arbitrary code on the master server. [Full Advisory]


sbox Path Disclosure Vulnerability
A vulnerability has been reported in sbox, which can be exploited by malicious people to see path information. [Full Advisory]


MPlayer ASX Streaming Buffer Overflow Vulnerability
A vulnerability has been reported in MPlayer, which can be exploited by malicious people to compromise a user's system. [Full Advisory]


Savant Web Server Infinite Loop Denial of Service
A vulnerability has been reported in Savant Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service). [Full Advisory]


OpenPKG update for ProFTPD
OpenPKG has issued updated packages for ProFTPD. These fix a vulnerability, which can be exploited by some malicious users to compromise a vulnerable system. [Full Advisory]


wzdftpd Login Denial of Service Vulnerability
A vulnerability has been reported in wzdftpd allowing malicious people to cause a Denial of Service. [Full Advisory]


Tcl Web Server Directory Traversal and Cross Site Scripting
Multiple vulnerabilities have been reported in Tcl Web Server, which can be exploited by malicious people to see the contents of directories and conduct Cross Site Scripting. [Full Advisory]


Debian Marbles Privilege Escalation Vulnerability
Debian has issued updated packages for marbles. These fix a vulnerability, which can be exploited by malicious, local users to escalate their privileges on a vulnerable system. [Full Advisory]


BRS WebWeaver IP Logging Bypass
A security issue has been identified in BRS WebWeaver allowing malicious people to make HTTP requests where the IP isn't logged. [Full Advisory]



2003-09-25


Gauntlet Firewall Oracle-Proxy Denial of Service
A vulnerability has been identified in Gauntlet Firewall allowing malicious people to crash the SQL-Gateway / Oracle-Proxy service. [Full Advisory]

Security Tracker
Special Alerts - OpenSSH bugs from last week and this week.
Sendmail potential remote code execution.





602Pro LAN Suite Discloses Files on the System to Remote Authenticated Users

Phuong Nguyen reported several vulnerabilities in 602Pro LAN Suite. A remote authenticated user can view arbitrary files on the target system. A remote authenticated user can also obtain information about WebMail users.

Impact: Disclosure of system information, Disclosure of user information



Comment Board Message Field Input Validation Flaws Permit Remote Cross-Site Scripting Attacks

A vulnerability was reported in Comment Board. A remote user can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information



GNOME Desktop on Solaris May Not Let Root Users Lock the Screen

A vulnerability was reported in the Gnome desktop in XScreenSaver, as distributed on Sun Solaris. Certain users may not be able to lock the screen.

Impact: User access via local system



WebTool-userpass May Disclose SSH User Passphrases to Certain Local Users

A vulnerability was reported in the WebTool-userpass package. The application may disclose a target user's SSH passphrase via a log file entry.

Impact: Disclosure of authentication information



Re-Boot Design ASP Forum SQL Injection Flaw Yields Remote Access to Any User Account

A vulnerability was reported in Re-Boot Design's ASP Forum. A remote user can inject SQL commands to gain access to accounts on the application.

Impact: User access via network




SecurityFocus BugTraq
SecurityFocus Vulnerabilities
09/26/2003 RE: Sanctum AppScan 4 misses potential vulnerabilities in wrapped links Dawes, Rogan (ZA - Johannesburg)
09/26/2003 SMC Router Denial of Service exploit res076cf alltel net
09/26/2003 Re: [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh) Ralf S. Engelschall
09/25/2003 [eft] Remote atphttpd 0.4b Symantec SSR
Backdoor.Semes September 25, 2003 September 26, 2003
Posted on Friday, 26 September 2003 @ 09:30:08 UTC by phoenix22 (727 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories (9/26/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Debian GNU/Linux
· HotScripts
· W3 Consortium
· Oracle
· GNOME
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
155ppm 0.190s (0.014s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer