CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
image Advisories!: Latest Advisories & Live Feeds (10/28/03) image
Cyber Security
Latest Advisories
Live Feeds
2003-10-28
Secunia
Security Tracker
Security Focus
Symantec
*Live Feeds are from Panda, Trend Micro, and Symantec


Live Feeds

Secunia
Secunia Highlights:
AOL Instant Messenger File Transfer Error Message Buffer Overflow Vulnerability
A vulnerability has been identified in AOL Instant Messenger (AIM), which potentially can be exploited by malicious people to compromise a user's system.
Microsoft Windows Buffer Overflow in Messenger Service
Microsoft has issued patches for Microsoft Windows to fix a buffer overflow vulnerability in Messenger Service, which could lead to execution of arbitrary code.
Microsoft Exchange SMTP Extended Request Buffer Overflow
Microsoft has issued patches for Exchange to fix a buffer overflow vulnerability in the SMTP service.
Latest 15 Secunia Security Advisories:
2003-10-28
- Chi Kien Uong Guestbook Cross Site Scripting Vulnerability

- Les Visiteurs Arbitrary File Inclusion Vulnerability

- WU-FTPD S/KEY Authentication Buffer Overflow Vulnerability

- Libnids TCP Reassembly Buffer Overflow Vulnerability

- Slackware update for gdm

- Slackware update for fetchmail

- Norton Internet Security Blocked Site Cross-Site Scripting Vulnerability
2003-10-27
- Mandrake update for apache2

- SiteKiosk Base URL Restriction Bypass

- HP Tru64 dtprintinfo Unspecified Vulnerability

- Conectiva update for anonftp

- Advanced Poll Execution of Arbitrary Code

- Microsoft HTML Help Control Privilege Escalation Vulnerability
2003-10-24
- CensorNet DENIEDURL Cross-Site Scripting Vulnerability

- Apache Cocoon Directory Traversal Vulnerability
More Advisories
Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- AOL Instant Messenger File Transfer Error Message Buffer Overflow Vulnerability

- Microsoft HTML Help Control Privilege Escalation Vulnerability

- Insight Manager Unspecified Vulnerability in Web Agent

- Mandrake update for apache2

- Advanced Poll Execution of Arbitrary Code

Security Tracker
Advanced Poll Include File Error Lets Remote Users Execute Arbitrary PHP Code and Operating System Commands

An include file vulnerability was reported in Advanced Poll. A remote user can execute arbitrary commands on the target server.

Impact: Execution of arbitrary code via network, User access via network

The Bat! File Permissions Let Local Users Access the Mail of Other Local Users

A vulnerability was reported in The Bat! e-mail client software. A local user can access a target user's e-mail.

Impact: Disclosure of user information

Opera Lets Remote Users Execute Arbitrary Files in the Local Zone Using a Specially Crafted IFRAME Tag

A vulnerability was reported in the Opera web browser. A remote user can create HTML that, when loaded by the target user, will access and execute files in the local computer zone.

Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network

SiteKiosk Domain Billing Mechanism Can Be Bypassed By Local Users

A vulnerability was reported in SiteKiosk. A local user can bypass the billing access control mechanism to avoid billing charges.

Impact: Host/resource access via network

Microsoft Internet Explorer Lets Remote Users Execute Arbitrary Files in the Local Zone Using a Specially Crafted IFRAME/Location Header

A vulnerability was reported in Microsoft Internet Explorer (IE). A remote user can create HTML that, when loaded by the target user, will access and execute files in the local computer zone.

Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network

SecurityFocus BugTraq
SecurityFocus Vulnerabilities
10/28/2003 Re: [LSD] Security vulnerability in SUN's Java Virtual Machine implementation Alla Bezroutchko
10/28/2003 a dangerous fast spreading (yet simple) trojan horse. Gadi Evron
10/27/2003 Re: a dangerous fast spreading (yet simple) trojan horse. Craig Holmes
10/27/2003 Re: Java 1.4.2_02 InsecurityManager JVM crash Marc Schoenefeld
10/27/2003 Nachi/Welchia/LovSan.D version 2 appears to be spreading Young, Keith
10/27/2003 Re: [LSD] Security vulnerability in SUN's Java Virtual Machine implementation Marc Schoenefeld
10/27/2003 Remote overflow in thttpd advisories(-at-)texonet.com
10/27/2003 Re: Internet Explorer and Opera local zone restriction bypass Andreas Sandblad
10/27/2003 [slackware-security] fetchmail security update (SSA:2003-300-02) Slackware Security Team
10/27/2003 [slackware-security] gdm security update (SSA:2003-300-01) Slackware Security Team
10/27/2003 Re: Java 1.4.2_02 InsecurityManager JVM crash Francisco Andrades
10/27/2003 Norton Internet Security 2003 XSS DigitalPranksters
10/27/2003 Re: [LSD] Security vulnerability in SUN's Java Virtual Machineimplementation Michael Earls
10/27/2003 Libnids


Symantec SSR


W32.Sober@mm.enc
W32/Sober@MM [McAfee], I-Worm.Sober [Kaspersky], W32/Sober-A [Sophos], WORM_SOBER.A [Trend]. Sober [F-Secure], W32/Sober.A@mm [Frisk], W32/Sober.A [Norman], Win32/Sober.A [Eset], Win32.Sober.A [Computer Associates] October 28, 2003 October 28, 2003
W32.HLLW.Gaobot.BH October 27, 2003 October 28, 2003
W32.HLLW.Gaobot.BF October 27, 2003 October 28, 2003
Downloader.Tooncom
TrojanDownloader.Win32.Tooncom.c October 27, 2003 October 27, 2003
Trojan.Retsam October 26, 2003 October 27, 2003
IRC.Trojan.Fgt
IRC-Worm.Fagot [Kaspersky], Fagot [F-Secure] October 26, 2003 October 27, 2003
PWSteal.Bancos.C October 25, 2003 October 27, 2003
Backdoor.Kutex October 25, 2003 October 27, 2003
W32.Adclicker.G.Trojan October 24, 2003 October 27, 2003
W32.Randex.R
W32/Sdbot.worm.gen [McAfee], Backdoor.SdBot.gen [Kaspersky] October 24, 2003 October 27, 2003
W32.HLLW.Reckus
Worm.P2P.Delf.k [Kaspersky] October 24, 2003 October 27, 2003
W32.HLLW.Gaobot.BE
W32.HLLW.Gaobot.BD, W32/Gaobot.worm [McAfee], Backdoor.Agobot.3.h [Kaspersky] October 24, 2003 October 27, 2003

Live Feeds
Posted on Tuesday, 28 October 2003 @ 09:24:35 UTC by phoenix22 (1713 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories & Live Feeds (10/28/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· PHP HomePage
· MandrakeSoft
· Slackware
· Microsoft
· Microsoft
· HotScripts
· Apache Web Server
· W3 Consortium
· HTML Standard
· Hewlett Packard
· America Online
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
101ppm 0.197s (0.009s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer